Update: Make environment variable handling design consistent between fake and control...

The Featureless Make system does not have a way of passing all environment variables.
Add a flag to designate whether or not environments is empty because it is not defined or is empty because it is defined as empty just like the controller program does.

This then allows for more flexible control over whether or not the environment variable security.

Update the example setting files and fakefiles to expose PATH and LD_LIBRARY_PATH by default.

diff --git a/level_3/fake/c/private-build-load.c b/level_3/fake/c/private-build-load.c
index ccfa4f2d5b443e8129cf761ef840307cc83112c4..7c9aa5b02b4652810211924f03f2387ba0fc6cdc 100644 (file)
--- a/level_3/fake/c/private-build-load.c
+++ b/level_3/fake/c/private-build-load.c
@@ -17,6 +17,7 @@ extern "C" {
 
     // Reset the environment.
     for (f_array_length_t i = 0; i < environment->used; ++i) {
+
       environment->array[i].name.used = 0;
       environment->array[i].value.used = 0;
     } // for

diff --git a/level_3/fake/c/private-common.h b/level_3/fake/c/private-common.h
index 4b6de683355504ac85d6fc5232386a3a6b8492ef..6e252be1e37e39a072a2b049d57da0ed551128f7 100644 (file)
--- a/level_3/fake/c/private-common.h
+++ b/level_3/fake/c/private-common.h
@@ -24,10 +24,10 @@ extern "C" {
  * process:  The process data.
  * settings: The settings data.
  *
- * path_build                   The build path.
- * path_build_documents         The build documents path.
- * path_build_includes          The build includes path.
- * path_build_libraries         The build libraries path.
+ * path_build:                  The build path.
+ * path_build_documents:        The build documents path.
+ * path_build_includes:         The build includes path.
+ * path_build_libraries:        The build libraries path.
  * path_build_libraries_script: The build libraries_script path.
  * path_build_libraries_shared: The build libraries_shared path.
  * path_build_libraries_static: The build libraries_static path.
@@ -46,32 +46,32 @@ extern "C" {
  * path_data_build:          The data_build path.
  * path_data_build_settings: The data_build_settings path.
  *
- * path_documents The documents path.
- * path_licenses  The licenses path.
- * path_sources   The sources path.
+ * path_documents: The documents path.
+ * path_licenses:  The licenses path.
+ * path_sources:   The sources path.
  *
- * path_work                  The work path.
- * path_work_includes         The includes work path.
- * path_work_libraries        The libraries work path.
- * path_work_libraries_script The libraries_script work path.
- * path_work_libraries_shared The libraries_shared work path.
- * path_work_libraries_static The libraries_static work path.
- * path_work_programs         The programs work path.
- * path_work_programs_script  The programs_script work path.
- * path_work_programs_shared  The programs_shared work path.
- * path_work_programs_static  The programs_static work path.
+ * path_work:                  The work path.
+ * path_work_includes:         The includes work path.
+ * path_work_libraries:        The libraries work path.
+ * path_work_libraries_script: The libraries_script work path.
+ * path_work_libraries_shared: The libraries_shared work path.
+ * path_work_libraries_static: The libraries_static work path.
+ * path_work_programs:         The programs work path.
+ * path_work_programs_script:  The programs_script work path.
+ * path_work_programs_shared:  The programs_shared work path.
+ * path_work_programs_static:  The programs_static work path.
  *
- * file_data_build_defines        The defines build file data.
- * file_data_build_dependencies   The dependencies build file data.
- * file_data_build_fakefile       The fakefile build file data.
- * file_data_build_process_post_s The process_post_s build file data.
- * file_data_build_process_pre_s  The process_pre_s build file data.
- * file_data_build_settings       The settings build file data.
+ * file_data_build_defines:        The defines build file data.
+ * file_data_build_dependencies:   The dependencies build file data.
+ * file_data_build_fakefile:       The fakefile build file data.
+ * file_data_build_process_post_s: The process_post_s build file data.
+ * file_data_build_process_pre_s:  The process_pre_s build file data.
+ * file_data_build_settings:       The settings build file data.
  *
- * file_documents_readme The documents readme file data.
+ * file_documents_readme: The documents readme file data.
 
- * define The define data.
- * mode   The mode data.
+ * define: The define data.
+ * mode:   The mode data.
  */
 #ifndef _di_fake_data_t_
   typedef struct {
@@ -189,8 +189,117 @@ extern "C" {
     }
 #endif // _di_fake_main_t_
 
+/**
+ * Build settings data.
+ *
+ * data_build_setting_flag_*:
+ *   - has_environment: Designate that the "environment" is specified in the "setting" Section of the Fakefile.
+ *
+ * flag: Flags from data_build_setting_flag_* (Not strictly part of the build settings file).
+ *
+ * build_language: The build_language setting.
+ *
+ * version_file:   The version_file setting.
+ * version_target: The version_target setting.
+ *
+ * build_script: The build_script setting.
+ * build_shared: The build_shared setting.
+ * build_static: The build_static setting.
+ *
+ * has_path_standard:     The has_path_standard setting.
+ * preserve_path_headers: The preserve_path_headers setting.
+ *
+ * search_exclusive: The search_exclusive setting.
+ * search_shared:    The search_shared setting.
+ * search_static:    The search_static setting.
+ *
+ * build_compiler:              The build_compiler setting.
+ * build_indexer:               The build_indexer setting.
+ * build_name:                  The build_name setting.
+ * build_sources_object:        The build_sources_object setting.
+ * build_sources_object_shared: The build_sources_object_shared setting.
+ * build_sources_object_static: The build_sources_object_static setting.
+ * path_headers:                The path_headers setting.
+ * path_language:               The path_language setting.
+ * path_library_script:         The path_library_script setting.
+ * path_library_shared:         The path_library_shared setting.
+ * path_library_static:         The path_library_static setting.
+ * path_object_script:          The path_object_script setting.
+ * path_object_shared:          The path_object_shared setting.
+ * path_object_static:          The path_object_static setting.
+ * path_program_script:         The path_program_script setting.
+ * path_program_shared:         The path_program_shared setting.
+ * path_program_static:         The path_program_static setting.
+ * path_sources:                The path_sources setting.
+ * path_sources_object:         The path_sources_object setting.
+ * process_post:                The process_post setting.
+ * process_pre:                 The process_pre setting.
+ * version_major:               The version_major setting.
+ * version_major_prefix:        The version_major_prefix setting.
+ * version_micro:               The version_micro setting.
+ * version_micro_prefix:        The version_micro_prefix setting.
+ * version_minor:               The version_minor setting.
+ * version_minor_prefix:        The version_minor_prefix setting.
+ * version_nano:                The version_nano setting.
+ * version_nano_prefix:         The version_nano_prefix setting.
+ *
+ * build_indexer_arguments:      The build_indexer_arguments setting.
+ * build_libraries:              The build_libraries setting.
+ * build_libraries_shared:       The build_libraries_shared setting.
+ * build_libraries_static:       The build_libraries_static setting.
+ * build_objects_library:        The build_objects_library setting.
+ * build_objects_library_shared: The build_objects_library_shared setting.
+ * build_objects_library_static: The build_objects_library_static setting.
+ * build_objects_program:        The build_objects_program setting.
+ * build_objects_program_shared: The build_objects_program_shared setting.
+ * build_objects_program_static: The build_objects_program_static setting.
+ * build_sources_headers:        The build_sources_headers setting.
+ * build_sources_headers_shared: The build_sources_headers_shared setting.
+ * build_sources_headers_static: The build_sources_headers_static setting.
+ * build_sources_library:        The build_sources_library setting.
+ * build_sources_library_shared: The build_sources_library_shared setting.
+ * build_sources_library_static: The build_sources_library_static setting.
+ * build_sources_program:        The build_sources_program setting.
+ * build_sources_program_shared: The build_sources_program_shared setting.
+ * build_sources_program_static: The build_sources_program_static setting.
+ * build_sources_script:         The build_sources_script setting.
+ * build_sources_setting:        The build_sources_setting setting.
+ * defines:                      The defines setting.
+ * defines_library:              The defines_library setting.
+ * defines_library_shared:       The defines_library_shared setting.
+ * defines_library_static:       The defines_library_static setting.
+ * defines_object:               The defines_object setting.
+ * defines_object_shared:        The defines_object_shared setting.
+ * defines_object_static:        The defines_object_static setting.
+ * defines_program:              The defines_program setting.
+ * defines_program_shared:       The defines_program_shared setting.
+ * defines_program_static:       The defines_program_static setting.
+ * defines_shared:               The defines_shared setting.
+ * defines_static:               The defines_static setting.
+ * environment:                  The environment setting.
+ * flags:                        The flags setting.
+ * flags_library:                The flags_library setting.
+ * flags_library_shared:         The flags_library_shared setting.
+ * flags_library_static:         The flags_library_static setting.
+ * flags_object:                 The flags_object setting.
+ * flags_object_shared:          The flags_object_shared setting.
+ * flags_object_static:          The flags_object_static setting.
+ * flags_program:                The flags_program setting.
+ * flags_program_shared:         The flags_program_shared setting.
+ * flags_program_static:         The flags_program_static setting.
+ * flags_shared:                 The flags_shared setting.
+ * flags_static:                 The flags_static setting.
+ * modes:                        The modes setting.
+ * modes_default:                The modes_default setting.
+ */
 #ifndef _di_fake_build_setting_t_
+  enum {
+    data_build_setting_flag_has_environment_e = 0x1,
+  };
+
   typedef struct {
+    uint8_t flag;
+
     uint8_t build_language;
 
     uint8_t version_file;
@@ -291,6 +400,7 @@ extern "C" {
     0, \
     0, \
     0, \
+    0, \
     F_true, \
     F_true, \
     F_true, \
@@ -862,6 +972,12 @@ extern "C" {
   extern const f_string_static_t fake_build_stage_sources_settings_s;
 #endif // _di_fake_build_stage_t_
 
+/**
+ * The build data.
+ *
+ * setting:     The build settings.
+ * environment: The environment variables.
+ */
 #ifndef _di_fake_build_data_t_
   typedef struct {
     fake_build_setting_t setting;
@@ -1525,6 +1641,26 @@ extern "C" {
     macro_f_string_dynamics_t_delete_simple(path.stack);
 #endif // _di_fake_make_path_t_
 
+/**
+ * The control data.
+ *
+ * setting_build:    The build settings.
+ * setting_make:     The make settings.
+ * environment:      All environment variables allowed to be exposed to the when processing.
+ * parameter:        A set of parameters available for IKI substitution.
+ * parameter_option: A set of parameters available for IKI option substitution.
+ * parameter_value:  A set of parameters available for IKI value substitution.
+ * path:             The path to the Fakefile.
+ * error:            The error output print structure.
+ * fakefile:         The loaded Fakefile.
+ * buffer:           A buffer used during processing.
+ * cache_1:          An additional buffer for caching purposes.
+ * cache_2:          An additional buffer for caching purposes.
+ * path_cache:       A buffer for path-specific caching.
+ * id_main:          Index of the "main" Section.
+ * main:             The main program data.
+ * data:             The Fake make program data.
+ */
 #ifndef _di_fake_make_data_t_
   typedef struct {
     fake_build_setting_t setting_build;

diff --git a/level_3/fake/c/private-make-load_fakefile.c b/level_3/fake/c/private-make-load_fakefile.c
index 5518b416f236a01bbe9d279d36ca0f9282e74f51..01d24d8756be2426134c40a8a4e4d4ee899a78ad 100644 (file)
--- a/level_3/fake/c/private-make-load_fakefile.c
+++ b/level_3/fake/c/private-make-load_fakefile.c
@@ -478,6 +478,8 @@ extern "C" {
     f_array_length_t i = 0;
     f_array_length_t j = 0;
 
+    data_make->setting_build.flag |= data_build_setting_flag_has_environment_e;
+
     for (; i < content->used; ++i) {
 
       status = f_string_dynamic_partial_append_nulless(data_make->buffer, content->array[i], &name_define);

diff --git a/level_3/fake/c/private-make-operate.c b/level_3/fake/c/private-make-operate.c
index 10e6d735b57c1baafa83557837f968357522b27c..5ced65cb24c7aa5c56fd4d338c053300ebd3cb22 100644 (file)
--- a/level_3/fake/c/private-make-operate.c
+++ b/level_3/fake/c/private-make-operate.c
@@ -812,6 +812,44 @@ extern "C" {
         data_make->setting_build.modes_default,
       };
 
+      const uint8_t dynamics_flag[] = {
+        0,                                         // build_libraries
+        0,                                         // build_libraries_shared
+        0,                                         // build_libraries_static
+        0,                                         // build_sources_headers
+        0,                                         // build_sources_headers_shared
+        0,                                         // build_sources_headers_static
+        0,                                         // build_sources_library
+        0,                                         // build_sources_library_shared
+        0,                                         // build_sources_library_static
+        0,                                         // build_sources_program
+        0,                                         // build_sources_program_shared
+        0,                                         // build_sources_program_static
+        0,                                         // build_sources_setting
+        0,                                         // build_sources_script
+        0,                                         // defines
+        0,                                         // defines_library
+        0,                                         // defines_library_shared
+        0,                                         // defines_library_static
+        0,                                         // defines_program
+        0,                                         // defines_program_shared
+        0,                                         // defines_program_static
+        0,                                         // defines_shared
+        0,                                         // defines_static
+        data_build_setting_flag_has_environment_e, // environment
+        0,                                         // flags
+        0,                                         // flags_library
+        0,                                         // flags_library_shared
+        0,                                         // flags_library_static
+        0,                                         // flags_program
+        0,                                         // flags_program_shared
+        0,                                         // flags_program_static
+        0,                                         // flags_shared
+        0,                                         // flags_static
+        0,                                         // modes
+        0,                                         // modes_default
+      };
+
       for (uint8_t i = 0; i < 35; ++i) {
 
         status = fl_string_dynamic_partial_compare_string(dynamics_name[i].string, data_make->buffer, dynamics_name[i].used, range_name);
@@ -825,6 +863,10 @@ extern "C" {
             if (F_status_is_error(status)) break;
           } // for
 
+          if (dynamics_flag[i]) {
+            data_make->setting_build.flag |= dynamics_flag[i];
+          }
+
           break;
         }
       } // for

diff --git a/level_3/fake/c/private-make-operate_process.c b/level_3/fake/c/private-make-operate_process.c
index 71cdd7e5b91e05482f670eba8de7955c5dc576d3..ba1f3f8c9c8b4adc40e9a059c50cd38f4cec85cf 100644 (file)
--- a/level_3/fake/c/private-make-operate_process.c
+++ b/level_3/fake/c/private-make-operate_process.c
@@ -478,12 +478,23 @@ extern "C" {
 
     data_make->environment.used = 0;
 
-    status = fl_environment_load_names(data_make->setting_build.environment, &data_make->environment);
+    if (data_make->setting_build.flag & data_build_setting_flag_has_environment_e) {
+      status = fl_environment_load_names(data_make->setting_build.environment, &data_make->environment);
 
-    if (F_status_is_error(status)) {
-      fll_error_print(data_make->error, F_status_set_fine(status), "fl_environment_load_names", F_true);
+      if (F_status_is_error(status)) {
+        fll_error_print(data_make->error, F_status_set_fine(status), "fl_environment_load_names", F_true);
 
-      return status;
+        return status;
+      }
+    }
+    else {
+      status = f_environment_get_all(&data_make->environment);
+
+      if (F_status_is_error(status)) {
+        fll_error_print(data_make->error, F_status_set_fine(status), "f_environment_get_all", F_true);
+
+        return status;
+      }
     }
 
     if (data_make->main->error.verbosity >= f_console_verbosity_verbose_e) {

diff --git a/level_3/fake/data/projects/bzip2/1.0.8/fakefile b/level_3/fake/data/projects/bzip2/1.0.8/fakefile
index fd8104b7a9a75408d4d820502cc2567cc6c3db8b..edde3da64119ed85b1742b62e6422f3a98f0bf52 100644 (file)
--- a/level_3/fake/data/projects/bzip2/1.0.8/fakefile
+++ b/level_3/fake/data/projects/bzip2/1.0.8/fakefile
@@ -17,6 +17,8 @@ settings:
   indexer ar
   indexer_arguments rcs
 
+  environment PATH LD_LIBRARY_PATH
+
 main:
   operate bzip2
   operate bzip2recover

diff --git a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2 b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2
index 78bd98a7313ec2d36d656149c618e09e6a8708b5..efd1d93fcd521808834fec836ca53b06bb151b97 100644 (file)
--- a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2
+++ b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2
@@ -34,6 +34,8 @@ path_sources
 has_path_standard no
 preserve_path_headers no
 
+environment PATH LD_LIBRARY_PATH
+
 defines -D_FILE_OFFSET_BITS=64
 
 flags -z now -g -fdiagnostics-color=always -Wall -Winline -O2

diff --git a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover
index 22a23a7f96219a0f6262cdfd84040dea66788b31..d7ef29c0907dc7be3c64f038020ce0c6f4d228fe 100644 (file)
--- a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover
+++ b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover
@@ -33,6 +33,8 @@ path_sources
 has_path_standard no
 preserve_path_headers no
 
+environment PATH LD_LIBRARY_PATH
+
 defines -D_FILE_OFFSET_BITS=64
 
 flags -z now -g -fdiagnostics-color=always -Wall -Winline -O2

diff --git a/level_3/fake/data/projects/cmocka/1.1.5/settings b/level_3/fake/data/projects/cmocka/1.1.5/settings
index 9302d6a66bd61fbe0f541a53c66d7bad507100c4..3d5efd616c832a295b10f3d02572ea4b349b87c1 100644 (file)
--- a/level_3/fake/data/projects/cmocka/1.1.5/settings
+++ b/level_3/fake/data/projects/cmocka/1.1.5/settings
@@ -41,6 +41,8 @@ path_sources
 has_path_standard no
 preserve_path_headers no
 
+environment PATH LD_LIBRARY_PATH
+
 defines -DHAVE_MALLOC_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_SIGNAL_H=1 -DHAVE_STRINGS_H=1 -DHAVE_GCC_THREAD_LOCAL_STORAGE=1 -DHAVE_CLOCK_REALTIME=1 -DHAVE_SIGLONGJMP=1 -DHAVE_STRSIGNAL=1
 
 flags -z now -g -fdiagnostics-color=always -Wall -Winline -O2 -Iinclude/ -std=gnu99

diff --git a/level_3/fake/documents/fakefile.txt b/level_3/fake/documents/fakefile.txt
index d1577fbe13e47b4b64747ddd67a6fe189e6d21bb..88ab1ffdede4b573abcdb12f3f28627523da8ce9 100644 (file)
--- a/level_3/fake/documents/fakefile.txt
+++ b/level_3/fake/documents/fakefile.txt
@@ -35,6 +35,7 @@ Fakefile Documentation:
       This is not auto-populated for environment variables defined in the "define" setting.
 
       When defined with no Content, then this means that no environment variables are exposed.
+      When not defined at all, then all environment variables are exposed.
       Environment variables may still be exposed if "load_build" is "true" and the build setting file defines any environment variable names.
 
     - fail\:

diff --git a/level_3/fake/documents/settings.txt b/level_3/fake/documents/settings.txt
index 16ca254b1da17154fbad2e58bbd574b86b8c95e4..1eea16fe741885686129e7657600ea6c98b65178 100644 (file)
--- a/level_3/fake/documents/settings.txt
+++ b/level_3/fake/documents/settings.txt
@@ -269,9 +269,9 @@ Settings Documentation:
 
   - environment\:
     A collection of environment names to pass from the callers environment into the executed programs environment.
-    For security and integrity reasons, all environment variables are removed when calling user-space programs, such as "gcc".
-    There are times when someone desires that an environment variable be exposed to the user-space programs.
-    Add them here and they will be available in the environment of all user-space programs executed.
+    When provided, all environment variables are removed when calling user-space programs, such as "gcc".
+    To remove all environment variables define this with no Content.
+    When not provided, all environment variables are loaded.
 
   - flags\:
     A collection of any flag supported by the "build_compiler", such as gcc.