diff options
| author |   deraadt <deraadt@openbsd.org> | 2014-06-20 21:00:46 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2014-06-20 21:00:46 +0000 |
| commit | 88c8d06f301782393435bf2f98bd0867611fc1f1 (patch) | |
| tree | 9e62dbdcb28b35dbabeee52374030ad06c5e253b /lib/libssl/src | |
| parent | wrap getenv OPENSSL_ALLOW_PROXY_CERTS in an issetugid check, to protect (diff) | |
| download | wireguard-openbsd-88c8d06f301782393435bf2f98bd0867611fc1f1.tar.xz wireguard-openbsd-88c8d06f301782393435bf2f98bd0867611fc1f1.zip | |
Remove the OPENSSL_*cap getenv's. A program should not be able to
change the behaviour of the library in such a complicated fashion.
ok miod
Diffstat (limited to 'lib/libssl/src')
| -rw-r--r-- | lib/libssl/src/crypto/armcap.c | 9 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/cryptlib.c | 14 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/sparcv9cap.c | 7 |
3 files changed, 5 insertions, 25 deletions
diff --git a/lib/libssl/src/crypto/armcap.c b/lib/libssl/src/crypto/armcap.c index 330fea25a7e..7ee94d48b12 100644 --- a/lib/libssl/src/crypto/armcap.c +++ b/lib/libssl/src/crypto/armcap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: armcap.c,v 1.5 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: armcap.c,v 1.6 2014/06/20 21:00:46 deraadt Exp $ */ #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -44,13 +44,6 @@ OPENSSL_cpuid_setup(void) return; trigger = 1; -#ifndef __OpenBSD__ - if ((e = getenv("OPENSSL_armcap"))) { - OPENSSL_armcap_P = strtoul(e, NULL, 0); - return; - } -#endif - OPENSSL_armcap_P = 0; #if __ARM_ARCH__ >= 7 diff --git a/lib/libssl/src/crypto/cryptlib.c b/lib/libssl/src/crypto/cryptlib.c index 2cb6e643ce0..bae59e28260 100644 --- a/lib/libssl/src/crypto/cryptlib.c +++ b/lib/libssl/src/crypto/cryptlib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptlib.c,v 1.26 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: cryptlib.c,v 1.27 2014/06/20 21:00:46 deraadt Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -653,20 +653,12 @@ OPENSSL_cpuid_setup(void) static int trigger = 0; IA32CAP OPENSSL_ia32_cpuid(void); IA32CAP vec; - char *env; if (trigger) return; - trigger = 1; - if ((env = getenv("OPENSSL_ia32cap"))) { - int off = (env[0] == '~') ? 1 : 0; - if (!sscanf(env+off, "%lli",(long long *)&vec)) - vec = strtoul(env + off, NULL, 0); - if (off) - vec = OPENSSL_ia32_cpuid() & ~vec; - } else - vec = OPENSSL_ia32_cpuid(); + + vec = OPENSSL_ia32_cpuid(); /* * |(1<<10) sets a reserved bit to signal that variable diff --git a/lib/libssl/src/crypto/sparcv9cap.c b/lib/libssl/src/crypto/sparcv9cap.c index 7b1b7ed0a6f..cc39c1bf453 100644 --- a/lib/libssl/src/crypto/sparcv9cap.c +++ b/lib/libssl/src/crypto/sparcv9cap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sparcv9cap.c,v 1.6 2014/06/12 15:49:27 deraadt Exp $ */ +/* $OpenBSD: sparcv9cap.c,v 1.7 2014/06/20 21:00:46 deraadt Exp $ */ #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -53,11 +53,6 @@ OPENSSL_cpuid_setup(void) return; trigger = 1; - if ((e = getenv("OPENSSL_sparcv9cap"))) { - OPENSSL_sparcv9cap_P = strtoul(e, NULL, 0); - return; - } - /* Initial value, fits UltraSPARC-I&II... */ OPENSSL_sparcv9cap_P = SPARCV9_PREFER_FPU; |