key zeroisation fix for p12

[openssl.git] / crypto / uid.c

diff --git a/crypto/uid.c b/crypto/uid.c
index 12df8a4e87c0c4954c039cd29a5cba8541ff0f19..b2bfee32b562ec5ef5942356dd43a15d095f0c23 100644 (file)
--- a/crypto/uid.c
+++ b/crypto/uid.c
@@ -10,7 +10,7 @@
 #include <openssl/crypto.h>
 #include <openssl/opensslconf.h>
 
-#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2)
+#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2) || defined(__DragonFly__)
 
 # include OPENSSL_UNISTD
 
@@ -19,7 +19,7 @@ int OPENSSL_issetugid(void)
     return issetugid();
 }
 
-#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS)
+#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
 
 int OPENSSL_issetugid(void)
 {
@@ -31,12 +31,18 @@ int OPENSSL_issetugid(void)
 # include OPENSSL_UNISTD
 # include <sys/types.h>
 
+# if defined(__GLIBC__) && defined(__GLIBC_PREREQ)
+#  if __GLIBC_PREREQ(2, 16)
+#   include <sys/auxv.h>
+#  endif
+# endif
+
 int OPENSSL_issetugid(void)
 {
-    if (getuid() != geteuid())
-        return 1;
-    if (getgid() != getegid())
-        return 1;
-    return 0;
+# ifdef AT_SECURE
+    return getauxval(AT_SECURE) != 0;
+# else
+    return getuid() != geteuid() || getgid() != getegid();
+# endif
 }
 #endif