New function OPENSSL_issetugid(). Needs more work.

[openssl.git] / crypto / rand / randfile.c

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 02f16aa810329d28ee698dc51a05130f37645c9a..0a4005bd4e3f5b1308d13e64bfccb360e0dd1023 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -196,10 +196,11 @@ err:
 
 const char *RAND_file_name(char *buf, int size)
        {
-       char *s;
+       char *s=NULL;
        char *ret=NULL;
 
-       s=getenv("RANDFILE");
+       if (OPENSSL_issetugid() == 0)
+               s=getenv("RANDFILE");
        if (s != NULL)
                {
                strncpy(buf,s,size-1);
@@ -208,16 +209,19 @@ const char *RAND_file_name(char *buf, int size)
                }
        else
                {
-               s=getenv("HOME");
-               if (s == NULL) return(RFILE);
-               if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
-                       return(RFILE);
-               strcpy(buf,s);
+               if (OPENSSL_issetugid() == 0)
+                       s=getenv("HOME");
+               if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size))
+                       {
+                       strcpy(buf,s);
 #ifndef VMS
-               strcat(buf,"/");
+                       strcat(buf,"/");
 #endif
-               strcat(buf,RFILE);
-               ret=buf;
+                       strcat(buf,RFILE);
+                       ret=buf;
+                       }
+                 else
+                       buf[0] = '\0'; /* no file name */
                }
        return(ret);
        }