cfec1a
diff -up openssl-1.0.2i/crypto/conf/conf_api.c.secure-getenv openssl-1.0.2i/crypto/conf/conf_api.c
cfec1a
--- openssl-1.0.2i/crypto/conf/conf_api.c.secure-getenv	2016-09-22 12:23:06.000000000 +0200
cfec1a
+++ openssl-1.0.2i/crypto/conf/conf_api.c	2016-09-22 13:51:29.847742209 +0200
cfec1a
@@ -63,6 +63,8 @@
cfec1a
 # define NDEBUG
cfec1a
 #endif
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <assert.h>
cfec1a
 #include <stdlib.h>
cfec1a
 #include <string.h>
cfec1a
@@ -141,7 +143,7 @@ char *_CONF_get_string(const CONF *conf,
cfec1a
             if (v != NULL)
cfec1a
                 return (v->value);
cfec1a
             if (strcmp(section, "ENV") == 0) {
cfec1a
-                p = getenv(name);
cfec1a
+                p = secure_getenv(name);
cfec1a
                 if (p != NULL)
cfec1a
                     return (p);
cfec1a
             }
cfec1a
@@ -154,7 +156,7 @@ char *_CONF_get_string(const CONF *conf,
cfec1a
         else
cfec1a
             return (NULL);
cfec1a
     } else
cfec1a
-        return (getenv(name));
cfec1a
+        return (secure_getenv(name));
cfec1a
 }
cfec1a
 
cfec1a
 #if 0                           /* There's no way to provide error checking
cfec1a
diff -up openssl-1.0.2i/crypto/conf/conf_mod.c.secure-getenv openssl-1.0.2i/crypto/conf/conf_mod.c
cfec1a
--- openssl-1.0.2i/crypto/conf/conf_mod.c.secure-getenv	2016-09-22 12:23:06.000000000 +0200
cfec1a
+++ openssl-1.0.2i/crypto/conf/conf_mod.c	2016-09-22 13:51:29.847742209 +0200
cfec1a
@@ -57,6 +57,8 @@
cfec1a
  *
cfec1a
  */
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <stdio.h>
cfec1a
 #include <ctype.h>
cfec1a
 #include <openssl/crypto.h>
cfec1a
@@ -530,7 +532,7 @@ char *CONF_get1_default_config_file(void
cfec1a
     char *file;
cfec1a
     int len;
cfec1a
 
cfec1a
-    file = getenv("OPENSSL_CONF");
cfec1a
+    file = secure_getenv("OPENSSL_CONF");
cfec1a
     if (file)
cfec1a
         return BUF_strdup(file);
cfec1a
 
cfec1a
diff -up openssl-1.0.2i/crypto/engine/eng_list.c.secure-getenv openssl-1.0.2i/crypto/engine/eng_list.c
cfec1a
--- openssl-1.0.2i/crypto/engine/eng_list.c.secure-getenv	2016-09-22 12:23:06.000000000 +0200
cfec1a
+++ openssl-1.0.2i/crypto/engine/eng_list.c	2016-09-22 13:51:29.847742209 +0200
cfec1a
@@ -62,6 +62,8 @@
cfec1a
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
cfec1a
  */
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include "eng_int.h"
cfec1a
 
cfec1a
 /*
cfec1a
@@ -369,10 +371,10 @@ ENGINE *ENGINE_by_id(const char *id)
cfec1a
      */
cfec1a
     if (strcmp(id, "dynamic")) {
cfec1a
 # ifdef OPENSSL_SYS_VMS
cfec1a
-        if ((load_dir = getenv("OPENSSL_ENGINES")) == 0)
cfec1a
+        if (OPENSSL_issetugid() || (load_dir = getenv("OPENSSL_ENGINES")) == 0)
cfec1a
             load_dir = "SSLROOT:[ENGINES]";
cfec1a
 # else
cfec1a
-        if ((load_dir = getenv("OPENSSL_ENGINES")) == 0)
cfec1a
+        if ((load_dir = secure_getenv("OPENSSL_ENGINES")) == 0)
cfec1a
             load_dir = ENGINESDIR;
cfec1a
 # endif
cfec1a
         iterator = ENGINE_by_id("dynamic");
cfec1a
diff -up openssl-1.0.2i/crypto/md5/md5_dgst.c.secure-getenv openssl-1.0.2i/crypto/md5/md5_dgst.c
cfec1a
--- openssl-1.0.2i/crypto/md5/md5_dgst.c.secure-getenv	2016-09-22 13:51:29.840742047 +0200
cfec1a
+++ openssl-1.0.2i/crypto/md5/md5_dgst.c	2016-09-22 13:51:29.847742209 +0200
cfec1a
@@ -56,6 +56,8 @@
cfec1a
  * [including the GNU Public Licence.]
cfec1a
  */
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <stdio.h>
cfec1a
 #include "md5_locl.h"
cfec1a
 #include <openssl/opensslv.h>
cfec1a
@@ -75,7 +77,8 @@ const char MD5_version[] = "MD5" OPENSSL
cfec1a
 int MD5_Init(MD5_CTX *c)
cfec1a
 #ifdef OPENSSL_FIPS
cfec1a
 {
cfec1a
-    if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
cfec1a
+    if (FIPS_mode()
cfec1a
+        && secure_getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
cfec1a
         OpenSSLDie(__FILE__, __LINE__, "Digest MD5 forbidden in FIPS mode!");
cfec1a
     return private_MD5_Init(c);
cfec1a
 }
cfec1a
diff -up openssl-1.0.2i/crypto/o_init.c.secure-getenv openssl-1.0.2i/crypto/o_init.c
cfec1a
--- openssl-1.0.2i/crypto/o_init.c.secure-getenv	2016-09-22 13:51:29.830741814 +0200
cfec1a
+++ openssl-1.0.2i/crypto/o_init.c	2016-09-22 13:51:30.046746834 +0200
cfec1a
@@ -53,6 +53,8 @@
cfec1a
  *
cfec1a
  */
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <e_os.h>
cfec1a
 #include <openssl/err.h>
cfec1a
 #ifdef OPENSSL_FIPS
cfec1a
@@ -72,7 +74,7 @@ static void init_fips_mode(void)
cfec1a
     char buf[2] = "0";
cfec1a
     int fd;
cfec1a
 
cfec1a
-    if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) {
cfec1a
+    if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) {
cfec1a
         buf[0] = '1';
cfec1a
     } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) {
cfec1a
         while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ;
cfec1a
diff -up openssl-1.0.2i/crypto/rand/randfile.c.secure-getenv openssl-1.0.2i/crypto/rand/randfile.c
cfec1a
--- openssl-1.0.2i/crypto/rand/randfile.c.secure-getenv	2016-09-22 12:23:06.000000000 +0200
cfec1a
+++ openssl-1.0.2i/crypto/rand/randfile.c	2016-09-22 13:53:17.222237626 +0200
cfec1a
@@ -55,6 +55,8 @@
cfec1a
  * copied and put under another distribution licence
cfec1a
  * [including the GNU Public Licence.]
cfec1a
  */
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 
cfec1a
 #include <errno.h>
cfec1a
 #include <stdio.h>
cfec1a
@@ -327,14 +329,12 @@ const char *RAND_file_name(char *buf, si
cfec1a
     struct stat sb;
cfec1a
 #endif
cfec1a
 
cfec1a
-    if (OPENSSL_issetugid() == 0)
cfec1a
-        s = getenv("RANDFILE");
cfec1a
+    s = secure_getenv("RANDFILE");
cfec1a
     if (s != NULL && *s && strlen(s) + 1 < size) {
cfec1a
         if (BUF_strlcpy(buf, s, size) >= size)
cfec1a
             return NULL;
cfec1a
     } else {
cfec1a
-        if (OPENSSL_issetugid() == 0)
cfec1a
-            s = getenv("HOME");
cfec1a
+        s = secure_getenv("HOME");
cfec1a
 #ifdef DEFAULT_HOME
cfec1a
         if (s == NULL) {
cfec1a
             s = DEFAULT_HOME;
cfec1a
diff -up openssl-1.0.2i/crypto/x509/by_dir.c.secure-getenv openssl-1.0.2i/crypto/x509/by_dir.c
cfec1a
--- openssl-1.0.2i/crypto/x509/by_dir.c.secure-getenv	2016-09-22 12:23:06.000000000 +0200
cfec1a
+++ openssl-1.0.2i/crypto/x509/by_dir.c	2016-09-22 13:51:30.047746858 +0200
cfec1a
@@ -56,6 +56,8 @@
cfec1a
  * [including the GNU Public Licence.]
cfec1a
  */
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <stdio.h>
cfec1a
 #include <time.h>
cfec1a
 #include <errno.h>
cfec1a
@@ -128,7 +130,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, in
cfec1a
     switch (cmd) {
cfec1a
     case X509_L_ADD_DIR:
cfec1a
         if (argl == X509_FILETYPE_DEFAULT) {
cfec1a
-            dir = (char *)getenv(X509_get_default_cert_dir_env());
cfec1a
+            dir = (char *)secure_getenv(X509_get_default_cert_dir_env());
cfec1a
             if (dir)
cfec1a
                 ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM);
cfec1a
             else
cfec1a
diff -up openssl-1.0.2i/crypto/x509/by_file.c.secure-getenv openssl-1.0.2i/crypto/x509/by_file.c
cfec1a
--- openssl-1.0.2i/crypto/x509/by_file.c.secure-getenv	2016-09-22 13:51:29.812741396 +0200
cfec1a
+++ openssl-1.0.2i/crypto/x509/by_file.c	2016-09-22 13:51:30.047746858 +0200
cfec1a
@@ -56,6 +56,8 @@
cfec1a
  * [including the GNU Public Licence.]
cfec1a
  */
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <stdio.h>
cfec1a
 #include <time.h>
cfec1a
 #include <errno.h>
cfec1a
@@ -97,7 +99,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx
cfec1a
     switch (cmd) {
cfec1a
     case X509_L_FILE_LOAD:
cfec1a
         if (argl == X509_FILETYPE_DEFAULT) {
cfec1a
-            file = (char *)getenv(X509_get_default_cert_file_env());
cfec1a
+            file = (char *)secure_getenv(X509_get_default_cert_file_env());
cfec1a
             if (file)
cfec1a
                 ok = (X509_load_cert_crl_file(ctx, file,
cfec1a
                                               X509_FILETYPE_PEM) != 0);
cfec1a
diff -up openssl-1.0.2i/crypto/x509/x509_vfy.c.secure-getenv openssl-1.0.2i/crypto/x509/x509_vfy.c
cfec1a
--- openssl-1.0.2i/crypto/x509/x509_vfy.c.secure-getenv	2016-09-22 12:23:06.000000000 +0200
cfec1a
+++ openssl-1.0.2i/crypto/x509/x509_vfy.c	2016-09-22 13:51:30.048746881 +0200
cfec1a
@@ -56,6 +56,8 @@
cfec1a
  * [including the GNU Public Licence.]
cfec1a
  */
cfec1a
 
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <stdio.h>
cfec1a
 #include <time.h>
cfec1a
 #include <errno.h>
cfec1a
@@ -620,7 +622,7 @@ static int check_chain_extensions(X509_S
cfec1a
          * A hack to keep people who don't want to modify their software
cfec1a
          * happy
cfec1a
          */
cfec1a
-        if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
cfec1a
+        if (secure_getenv("OPENSSL_ALLOW_PROXY_CERTS"))
cfec1a
             allow_proxy_certs = 1;
cfec1a
         purpose = ctx->param->purpose;
cfec1a
     }
cfec1a
diff -up openssl-1.0.2i/engines/ccgost/gost_ctl.c.secure-getenv openssl-1.0.2i/engines/ccgost/gost_ctl.c
cfec1a
--- openssl-1.0.2i/engines/ccgost/gost_ctl.c.secure-getenv	2016-09-22 12:23:06.000000000 +0200
cfec1a
+++ openssl-1.0.2i/engines/ccgost/gost_ctl.c	2016-09-22 13:51:30.048746881 +0200
cfec1a
@@ -6,6 +6,8 @@
cfec1a
  *        Implementation of control commands for GOST engine          *
cfec1a
  *            OpenSSL 0.9.9 libraries required                        *
cfec1a
  **********************************************************************/
cfec1a
+/* for secure_getenv */
cfec1a
+#define _GNU_SOURCE
cfec1a
 #include <stdlib.h>
cfec1a
 #include <string.h>
cfec1a
 #include <openssl/crypto.h>
cfec1a
@@ -64,7 +66,7 @@ const char *get_gost_engine_param(int pa
cfec1a
     if (gost_params[param] != NULL) {
cfec1a
         return gost_params[param];
cfec1a
     }
cfec1a
-    tmp = getenv(gost_envnames[param]);
cfec1a
+    tmp = secure_getenv(gost_envnames[param]);
cfec1a
     if (tmp) {
cfec1a
         if (gost_params[param])
cfec1a
             OPENSSL_free(gost_params[param]);
cfec1a
@@ -79,7 +81,7 @@ int gost_set_default_param(int param, co
cfec1a
     const char *tmp;
cfec1a
     if (param < 0 || param > GOST_PARAM_MAX)
cfec1a
         return 0;
cfec1a
-    tmp = getenv(gost_envnames[param]);
cfec1a
+    tmp = secure_getenv(gost_envnames[param]);
cfec1a
     /*
cfec1a
      * if there is value in the environment, use it, else -passed string *
cfec1a
      */