From: Kevin Day Date: Sat, 9 Jul 2022 22:02:15 +0000 (-0500) Subject: Update: Make environment variable handling design consistent between fake and control... X-Git-Tag: 0.6.0~79 X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=a05b14284deda99275fe086fc18842993c0ca9e1;p=fll Update: Make environment variable handling design consistent between fake and controller programs. The Featureless Make system does not have a way of passing all environment variables. Add a flag to designate whether or not environments is empty because it is not defined or is empty because it is defined as empty just like the controller program does. This then allows for more flexible control over whether or not the environment variable security. Update the example setting files and fakefiles to expose PATH and LD_LIBRARY_PATH by default. --- diff --git a/level_3/fake/c/private-build-load.c b/level_3/fake/c/private-build-load.c index ccfa4f2..7c9aa5b 100644 --- a/level_3/fake/c/private-build-load.c +++ b/level_3/fake/c/private-build-load.c @@ -17,6 +17,7 @@ extern "C" { // Reset the environment. for (f_array_length_t i = 0; i < environment->used; ++i) { + environment->array[i].name.used = 0; environment->array[i].value.used = 0; } // for diff --git a/level_3/fake/c/private-common.h b/level_3/fake/c/private-common.h index 4b6de68..6e252be 100644 --- a/level_3/fake/c/private-common.h +++ b/level_3/fake/c/private-common.h @@ -24,10 +24,10 @@ extern "C" { * process: The process data. * settings: The settings data. * - * path_build The build path. - * path_build_documents The build documents path. - * path_build_includes The build includes path. - * path_build_libraries The build libraries path. + * path_build: The build path. + * path_build_documents: The build documents path. + * path_build_includes: The build includes path. + * path_build_libraries: The build libraries path. * path_build_libraries_script: The build libraries_script path. * path_build_libraries_shared: The build libraries_shared path. * path_build_libraries_static: The build libraries_static path. @@ -46,32 +46,32 @@ extern "C" { * path_data_build: The data_build path. * path_data_build_settings: The data_build_settings path. * - * path_documents The documents path. - * path_licenses The licenses path. - * path_sources The sources path. + * path_documents: The documents path. + * path_licenses: The licenses path. + * path_sources: The sources path. * - * path_work The work path. - * path_work_includes The includes work path. - * path_work_libraries The libraries work path. - * path_work_libraries_script The libraries_script work path. - * path_work_libraries_shared The libraries_shared work path. - * path_work_libraries_static The libraries_static work path. - * path_work_programs The programs work path. - * path_work_programs_script The programs_script work path. - * path_work_programs_shared The programs_shared work path. - * path_work_programs_static The programs_static work path. + * path_work: The work path. + * path_work_includes: The includes work path. + * path_work_libraries: The libraries work path. + * path_work_libraries_script: The libraries_script work path. + * path_work_libraries_shared: The libraries_shared work path. + * path_work_libraries_static: The libraries_static work path. + * path_work_programs: The programs work path. + * path_work_programs_script: The programs_script work path. + * path_work_programs_shared: The programs_shared work path. + * path_work_programs_static: The programs_static work path. * - * file_data_build_defines The defines build file data. - * file_data_build_dependencies The dependencies build file data. - * file_data_build_fakefile The fakefile build file data. - * file_data_build_process_post_s The process_post_s build file data. - * file_data_build_process_pre_s The process_pre_s build file data. - * file_data_build_settings The settings build file data. + * file_data_build_defines: The defines build file data. + * file_data_build_dependencies: The dependencies build file data. + * file_data_build_fakefile: The fakefile build file data. + * file_data_build_process_post_s: The process_post_s build file data. + * file_data_build_process_pre_s: The process_pre_s build file data. + * file_data_build_settings: The settings build file data. * - * file_documents_readme The documents readme file data. + * file_documents_readme: The documents readme file data. - * define The define data. - * mode The mode data. + * define: The define data. + * mode: The mode data. */ #ifndef _di_fake_data_t_ typedef struct { @@ -189,8 +189,117 @@ extern "C" { } #endif // _di_fake_main_t_ +/** + * Build settings data. + * + * data_build_setting_flag_*: + * - has_environment: Designate that the "environment" is specified in the "setting" Section of the Fakefile. + * + * flag: Flags from data_build_setting_flag_* (Not strictly part of the build settings file). + * + * build_language: The build_language setting. + * + * version_file: The version_file setting. + * version_target: The version_target setting. + * + * build_script: The build_script setting. + * build_shared: The build_shared setting. + * build_static: The build_static setting. + * + * has_path_standard: The has_path_standard setting. + * preserve_path_headers: The preserve_path_headers setting. + * + * search_exclusive: The search_exclusive setting. + * search_shared: The search_shared setting. + * search_static: The search_static setting. + * + * build_compiler: The build_compiler setting. + * build_indexer: The build_indexer setting. + * build_name: The build_name setting. + * build_sources_object: The build_sources_object setting. + * build_sources_object_shared: The build_sources_object_shared setting. + * build_sources_object_static: The build_sources_object_static setting. + * path_headers: The path_headers setting. + * path_language: The path_language setting. + * path_library_script: The path_library_script setting. + * path_library_shared: The path_library_shared setting. + * path_library_static: The path_library_static setting. + * path_object_script: The path_object_script setting. + * path_object_shared: The path_object_shared setting. + * path_object_static: The path_object_static setting. + * path_program_script: The path_program_script setting. + * path_program_shared: The path_program_shared setting. + * path_program_static: The path_program_static setting. + * path_sources: The path_sources setting. + * path_sources_object: The path_sources_object setting. + * process_post: The process_post setting. + * process_pre: The process_pre setting. + * version_major: The version_major setting. + * version_major_prefix: The version_major_prefix setting. + * version_micro: The version_micro setting. + * version_micro_prefix: The version_micro_prefix setting. + * version_minor: The version_minor setting. + * version_minor_prefix: The version_minor_prefix setting. + * version_nano: The version_nano setting. + * version_nano_prefix: The version_nano_prefix setting. + * + * build_indexer_arguments: The build_indexer_arguments setting. + * build_libraries: The build_libraries setting. + * build_libraries_shared: The build_libraries_shared setting. + * build_libraries_static: The build_libraries_static setting. + * build_objects_library: The build_objects_library setting. + * build_objects_library_shared: The build_objects_library_shared setting. + * build_objects_library_static: The build_objects_library_static setting. + * build_objects_program: The build_objects_program setting. + * build_objects_program_shared: The build_objects_program_shared setting. + * build_objects_program_static: The build_objects_program_static setting. + * build_sources_headers: The build_sources_headers setting. + * build_sources_headers_shared: The build_sources_headers_shared setting. + * build_sources_headers_static: The build_sources_headers_static setting. + * build_sources_library: The build_sources_library setting. + * build_sources_library_shared: The build_sources_library_shared setting. + * build_sources_library_static: The build_sources_library_static setting. + * build_sources_program: The build_sources_program setting. + * build_sources_program_shared: The build_sources_program_shared setting. + * build_sources_program_static: The build_sources_program_static setting. + * build_sources_script: The build_sources_script setting. + * build_sources_setting: The build_sources_setting setting. + * defines: The defines setting. + * defines_library: The defines_library setting. + * defines_library_shared: The defines_library_shared setting. + * defines_library_static: The defines_library_static setting. + * defines_object: The defines_object setting. + * defines_object_shared: The defines_object_shared setting. + * defines_object_static: The defines_object_static setting. + * defines_program: The defines_program setting. + * defines_program_shared: The defines_program_shared setting. + * defines_program_static: The defines_program_static setting. + * defines_shared: The defines_shared setting. + * defines_static: The defines_static setting. + * environment: The environment setting. + * flags: The flags setting. + * flags_library: The flags_library setting. + * flags_library_shared: The flags_library_shared setting. + * flags_library_static: The flags_library_static setting. + * flags_object: The flags_object setting. + * flags_object_shared: The flags_object_shared setting. + * flags_object_static: The flags_object_static setting. + * flags_program: The flags_program setting. + * flags_program_shared: The flags_program_shared setting. + * flags_program_static: The flags_program_static setting. + * flags_shared: The flags_shared setting. + * flags_static: The flags_static setting. + * modes: The modes setting. + * modes_default: The modes_default setting. + */ #ifndef _di_fake_build_setting_t_ + enum { + data_build_setting_flag_has_environment_e = 0x1, + }; + typedef struct { + uint8_t flag; + uint8_t build_language; uint8_t version_file; @@ -291,6 +400,7 @@ extern "C" { 0, \ 0, \ 0, \ + 0, \ F_true, \ F_true, \ F_true, \ @@ -862,6 +972,12 @@ extern "C" { extern const f_string_static_t fake_build_stage_sources_settings_s; #endif // _di_fake_build_stage_t_ +/** + * The build data. + * + * setting: The build settings. + * environment: The environment variables. + */ #ifndef _di_fake_build_data_t_ typedef struct { fake_build_setting_t setting; @@ -1525,6 +1641,26 @@ extern "C" { macro_f_string_dynamics_t_delete_simple(path.stack); #endif // _di_fake_make_path_t_ +/** + * The control data. + * + * setting_build: The build settings. + * setting_make: The make settings. + * environment: All environment variables allowed to be exposed to the when processing. + * parameter: A set of parameters available for IKI substitution. + * parameter_option: A set of parameters available for IKI option substitution. + * parameter_value: A set of parameters available for IKI value substitution. + * path: The path to the Fakefile. + * error: The error output print structure. + * fakefile: The loaded Fakefile. + * buffer: A buffer used during processing. + * cache_1: An additional buffer for caching purposes. + * cache_2: An additional buffer for caching purposes. + * path_cache: A buffer for path-specific caching. + * id_main: Index of the "main" Section. + * main: The main program data. + * data: The Fake make program data. + */ #ifndef _di_fake_make_data_t_ typedef struct { fake_build_setting_t setting_build; diff --git a/level_3/fake/c/private-make-load_fakefile.c b/level_3/fake/c/private-make-load_fakefile.c index 5518b41..01d24d8 100644 --- a/level_3/fake/c/private-make-load_fakefile.c +++ b/level_3/fake/c/private-make-load_fakefile.c @@ -478,6 +478,8 @@ extern "C" { f_array_length_t i = 0; f_array_length_t j = 0; + data_make->setting_build.flag |= data_build_setting_flag_has_environment_e; + for (; i < content->used; ++i) { status = f_string_dynamic_partial_append_nulless(data_make->buffer, content->array[i], &name_define); diff --git a/level_3/fake/c/private-make-operate.c b/level_3/fake/c/private-make-operate.c index 10e6d73..5ced65c 100644 --- a/level_3/fake/c/private-make-operate.c +++ b/level_3/fake/c/private-make-operate.c @@ -812,6 +812,44 @@ extern "C" { data_make->setting_build.modes_default, }; + const uint8_t dynamics_flag[] = { + 0, // build_libraries + 0, // build_libraries_shared + 0, // build_libraries_static + 0, // build_sources_headers + 0, // build_sources_headers_shared + 0, // build_sources_headers_static + 0, // build_sources_library + 0, // build_sources_library_shared + 0, // build_sources_library_static + 0, // build_sources_program + 0, // build_sources_program_shared + 0, // build_sources_program_static + 0, // build_sources_setting + 0, // build_sources_script + 0, // defines + 0, // defines_library + 0, // defines_library_shared + 0, // defines_library_static + 0, // defines_program + 0, // defines_program_shared + 0, // defines_program_static + 0, // defines_shared + 0, // defines_static + data_build_setting_flag_has_environment_e, // environment + 0, // flags + 0, // flags_library + 0, // flags_library_shared + 0, // flags_library_static + 0, // flags_program + 0, // flags_program_shared + 0, // flags_program_static + 0, // flags_shared + 0, // flags_static + 0, // modes + 0, // modes_default + }; + for (uint8_t i = 0; i < 35; ++i) { status = fl_string_dynamic_partial_compare_string(dynamics_name[i].string, data_make->buffer, dynamics_name[i].used, range_name); @@ -825,6 +863,10 @@ extern "C" { if (F_status_is_error(status)) break; } // for + if (dynamics_flag[i]) { + data_make->setting_build.flag |= dynamics_flag[i]; + } + break; } } // for diff --git a/level_3/fake/c/private-make-operate_process.c b/level_3/fake/c/private-make-operate_process.c index 71cdd7e..ba1f3f8 100644 --- a/level_3/fake/c/private-make-operate_process.c +++ b/level_3/fake/c/private-make-operate_process.c @@ -478,12 +478,23 @@ extern "C" { data_make->environment.used = 0; - status = fl_environment_load_names(data_make->setting_build.environment, &data_make->environment); + if (data_make->setting_build.flag & data_build_setting_flag_has_environment_e) { + status = fl_environment_load_names(data_make->setting_build.environment, &data_make->environment); - if (F_status_is_error(status)) { - fll_error_print(data_make->error, F_status_set_fine(status), "fl_environment_load_names", F_true); + if (F_status_is_error(status)) { + fll_error_print(data_make->error, F_status_set_fine(status), "fl_environment_load_names", F_true); - return status; + return status; + } + } + else { + status = f_environment_get_all(&data_make->environment); + + if (F_status_is_error(status)) { + fll_error_print(data_make->error, F_status_set_fine(status), "f_environment_get_all", F_true); + + return status; + } } if (data_make->main->error.verbosity >= f_console_verbosity_verbose_e) { diff --git a/level_3/fake/data/projects/bzip2/1.0.8/fakefile b/level_3/fake/data/projects/bzip2/1.0.8/fakefile index fd8104b..edde3da 100644 --- a/level_3/fake/data/projects/bzip2/1.0.8/fakefile +++ b/level_3/fake/data/projects/bzip2/1.0.8/fakefile @@ -17,6 +17,8 @@ settings: indexer ar indexer_arguments rcs + environment PATH LD_LIBRARY_PATH + main: operate bzip2 operate bzip2recover diff --git a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2 b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2 index 78bd98a..efd1d93 100644 --- a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2 +++ b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2 @@ -34,6 +34,8 @@ path_sources has_path_standard no preserve_path_headers no +environment PATH LD_LIBRARY_PATH + defines -D_FILE_OFFSET_BITS=64 flags -z now -g -fdiagnostics-color=always -Wall -Winline -O2 diff --git a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover index 22a23a7..d7ef29c 100644 --- a/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover +++ b/level_3/fake/data/projects/bzip2/1.0.8/settings-bzip2recover @@ -33,6 +33,8 @@ path_sources has_path_standard no preserve_path_headers no +environment PATH LD_LIBRARY_PATH + defines -D_FILE_OFFSET_BITS=64 flags -z now -g -fdiagnostics-color=always -Wall -Winline -O2 diff --git a/level_3/fake/data/projects/cmocka/1.1.5/settings b/level_3/fake/data/projects/cmocka/1.1.5/settings index 9302d6a..3d5efd6 100644 --- a/level_3/fake/data/projects/cmocka/1.1.5/settings +++ b/level_3/fake/data/projects/cmocka/1.1.5/settings @@ -41,6 +41,8 @@ path_sources has_path_standard no preserve_path_headers no +environment PATH LD_LIBRARY_PATH + defines -DHAVE_MALLOC_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_SIGNAL_H=1 -DHAVE_STRINGS_H=1 -DHAVE_GCC_THREAD_LOCAL_STORAGE=1 -DHAVE_CLOCK_REALTIME=1 -DHAVE_SIGLONGJMP=1 -DHAVE_STRSIGNAL=1 flags -z now -g -fdiagnostics-color=always -Wall -Winline -O2 -Iinclude/ -std=gnu99 diff --git a/level_3/fake/documents/fakefile.txt b/level_3/fake/documents/fakefile.txt index d1577fb..88ab1ff 100644 --- a/level_3/fake/documents/fakefile.txt +++ b/level_3/fake/documents/fakefile.txt @@ -35,6 +35,7 @@ Fakefile Documentation: This is not auto-populated for environment variables defined in the "define" setting. When defined with no Content, then this means that no environment variables are exposed. + When not defined at all, then all environment variables are exposed. Environment variables may still be exposed if "load_build" is "true" and the build setting file defines any environment variable names. - fail\: diff --git a/level_3/fake/documents/settings.txt b/level_3/fake/documents/settings.txt index 16ca254..1eea16f 100644 --- a/level_3/fake/documents/settings.txt +++ b/level_3/fake/documents/settings.txt @@ -269,9 +269,9 @@ Settings Documentation: - environment\: A collection of environment names to pass from the callers environment into the executed programs environment. - For security and integrity reasons, all environment variables are removed when calling user-space programs, such as "gcc". - There are times when someone desires that an environment variable be exposed to the user-space programs. - Add them here and they will be available in the environment of all user-space programs executed. + When provided, all environment variables are removed when calling user-space programs, such as "gcc". + To remove all environment variables define this with no Content. + When not provided, all environment variables are loaded. - flags\: A collection of any flag supported by the "build_compiler", such as gcc.