Use secure_getenv(3) when available.

[openssl.git] / crypto / conf / conf_mod.c

diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index df53609cc47e41f699444d38783ec58346afc6e4..51f262e774dd60db355b0c8ea93b7c287842ee0f 100644 (file)
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void)
     char *file, *sep = "";
     int len;
 
-    if (!OPENSSL_issetugid()) {
-        file = getenv("OPENSSL_CONF");
-        if (file)
-            return OPENSSL_strdup(file);
-    }
+    if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL)
+        return OPENSSL_strdup(file);
 
     len = strlen(X509_get_default_cert_area());
 #ifndef OPENSSL_SYS_VMS