From f4abd03a2414eb088f27acb3e5050d646651aa71 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Sun, 29 Jun 2014 00:52:18 +0000
Subject: correct issetugid sense as spotted by Stijn van Drongelen.
 Substantially expand the conditional to reduce potential for error.

---
 src/lib/libcrypto/engine/eng_list.c         | 10 +++++++---
 src/lib/libssl/src/crypto/engine/eng_list.c | 10 +++++++---
 2 files changed, 14 insertions(+), 6 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c
index 22e2abb01d..dddbaf0cc0 100644
--- a/src/lib/libcrypto/engine/eng_list.c
+++ b/src/lib/libcrypto/engine/eng_list.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_list.c,v 1.11 2014/06/23 22:19:02 deraadt Exp $ */
+/* $OpenBSD: eng_list.c,v 1.12 2014/06/29 00:52:18 deraadt Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -385,9 +385,13 @@ ENGINE_by_id(const char *id)
 		return iterator;
 	/* Prevent infinite recusrion if we're looking for the dynamic engine. */
 	if (strcmp(id, "dynamic")) {
-		if (issetugid() == 0 ||
-		    (load_dir = getenv("OPENSSL_ENGINES")) == 0)
+		if (issetugid() == 0) {
+			load_dir = getenv("OPENSSL_ENGINES");
+			if (load_dir == NULL)
+				load_dir = ENGINESDIR;
+		} else
 			load_dir = ENGINESDIR;
+
 		iterator = ENGINE_by_id("dynamic");
 		if (!iterator ||
 		    !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
diff --git a/src/lib/libssl/src/crypto/engine/eng_list.c b/src/lib/libssl/src/crypto/engine/eng_list.c
index 22e2abb01d..dddbaf0cc0 100644
--- a/src/lib/libssl/src/crypto/engine/eng_list.c
+++ b/src/lib/libssl/src/crypto/engine/eng_list.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_list.c,v 1.11 2014/06/23 22:19:02 deraadt Exp $ */
+/* $OpenBSD: eng_list.c,v 1.12 2014/06/29 00:52:18 deraadt Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -385,9 +385,13 @@ ENGINE_by_id(const char *id)
 		return iterator;
 	/* Prevent infinite recusrion if we're looking for the dynamic engine. */
 	if (strcmp(id, "dynamic")) {
-		if (issetugid() == 0 ||
-		    (load_dir = getenv("OPENSSL_ENGINES")) == 0)
+		if (issetugid() == 0) {
+			load_dir = getenv("OPENSSL_ENGINES");
+			if (load_dir == NULL)
+				load_dir = ENGINESDIR;
+		} else
 			load_dir = ENGINESDIR;
+
 		iterator = ENGINE_by_id("dynamic");
 		if (!iterator ||
 		    !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
-- 
cgit v1.2.3-55-g6feb