+2013-02-04 Paul Eggert <eggert@cs.ucla.edu>
+
+ secure_getenv: new module
+ * MODULES.html.sh (Extra functions based on ANSI C 89):
+ Add secure_getenv.
+ * doc/glibc-functions/secure_getenv.texi: New file.
+ * doc/gnulib.texi: Include it.
+ * lib/secure_getenv.c, m4/secure_getenv.m4, modules/secure_getenv:
+ New files.
+ * lib/stdlib.in.h (secure_getenv): New decl.
+ * m4/stdlib_h.m4 (gl_STDLIB_H, gl_STDLIB_H_DEFAULTS):
+ * modules/stdlib (stdlib.h):
+ Add secure_getenv checks.
+
2013-02-03 Paul Eggert <eggert@cs.ucla.edu>
getcwd: break fdopendir + save_cwd recursive loop (Bug#13516)
func_begin_table
func_module putenv
+ func_module secure_getenv
func_module setenv
func_module unsetenv
func_module xsetenv
--- /dev/null
+@node secure_getenv
+@subsection @code{secure_getenv}
+@findex secure_getenv
+
+Gnulib module: secure_getenv
+
+Portability problems fixed by Gnulib:
+@itemize
+@item
+This function is missing on some platforms:
+glibc 2.16, OS X 10.8, FreeBSD 9.1, NetBSD 6.0.1, OpenBSD 5.2, Minix 3.2.0,
+AIX 7.1, HP-UX 11, IRIX 6.5, Solaris 11, Cygwin, mingw, MSVC 9,
+Interix 6.1, BeOS.
+@end itemize
+
+Portability problems not fixed by Gnulib:
+@itemize
+@item
+On platforms other than glibc 2.0 and later, the Gnulib replacement
+function always returns a null pointer, even when invoked in a
+non-setuid program.
+@end itemize
* qsort_r::
* random_r::
* rpmatch::
+* secure_getenv::
* seed48_r::
* setstate_r::
* srand48_r::
@include glibc-functions/qsort_r.texi
@include glibc-functions/random_r.texi
@include glibc-functions/rpmatch.texi
+@include glibc-functions/secure_getenv.texi
@include glibc-functions/seed48_r.texi
@include glibc-functions/setstate_r.texi
@include glibc-functions/srand48_r.texi
--- /dev/null
+/* Look up an environment variable more securely.
+
+ Copyright 2013 Free Software Foundation, Inc.
+
+ This program is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published
+ by the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
+
+#include <stdlib.h>
+
+char *
+secure_getenv (char const *name)
+{
+#if HAVE___SECURE_GETENV
+ return __secure_getenv (name);
+#else
+ return 0;
+#endif
+}
# endif
#endif
+#if @GNULIB_SECURE_GETENV@
+/* Look up NAME in the environment, returning 0 in insecure situations. */
+# if !@HAVE_SECURE_GETENV@
+_GL_FUNCDECL_SYS (secure_getenv, char *,
+ (char const *name) _GL_ARG_NONNULL ((1)));
+# endif
+_GL_CXXALIAS_SYS (secure_getenv, int, (char const *name));
+_GL_CXXALIASWARN (secure_getenv);
+#elif defined GNULIB_POSIXCHECK
+# undef secure_getenv
+# if HAVE_RAW_DECL_SECURE_GETENV
+_GL_WARN_ON_USE (secure_getenv, "secure_getenv is unportable - "
+ "use gnulib module secure_getenv for portability");
+# endif
+#endif
+
#if @GNULIB_SETENV@
/* Set NAME to VALUE in the environment.
If REPLACE is nonzero, overwrite an existing value. */
--- /dev/null
+# Look up an environment variable more securely.
+dnl Copyright 2013 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+AC_DEFUN([gl_FUNC_SECURE_GETENV],
+[
+ dnl Persuade glibc <stdlib.h> to declare secure_getenv().
+ AC_REQUIRE([AC_USE_SYSTEM_EXTENSIONS])
+
+ AC_REQUIRE([gl_STDLIB_H_DEFAULTS])
+ AC_CHECK_FUNCS_ONCE([secure_getenv])
+ if test $ac_cv_func_secure_getenv = no; then
+ HAVE_SECURE_GETENV=0
+ fi
+])
+
+# Prerequisites of lib/secure_getenv.c.
+AC_DEFUN([gl_PREREQ_SECURE_GETENV], [
+ AC_CHECK_FUNCS([__secure_getenv])
+])
-# stdlib_h.m4 serial 41
+# stdlib_h.m4 serial 42
dnl Copyright (C) 2007-2013 Free Software Foundation, Inc.
dnl This file is free software; the Free Software Foundation
dnl gives unlimited permission to copy and/or distribute it,
]], [_Exit atoll canonicalize_file_name getloadavg getsubopt grantpt
initstate initstate_r mkdtemp mkostemp mkostemps mkstemp mkstemps
posix_openpt ptsname ptsname_r random random_r realpath rpmatch
- setenv setstate setstate_r srandom srandom_r
+ secure_getenv setenv setstate setstate_r srandom srandom_r
strtod strtoll strtoull unlockpt unsetenv])
])
GNULIB_REALLOC_POSIX=0; AC_SUBST([GNULIB_REALLOC_POSIX])
GNULIB_REALPATH=0; AC_SUBST([GNULIB_REALPATH])
GNULIB_RPMATCH=0; AC_SUBST([GNULIB_RPMATCH])
+ GNULIB_SECURE_GETENV=0; AC_SUBST([GNULIB_SECURE_GETENV])
GNULIB_SETENV=0; AC_SUBST([GNULIB_SETENV])
GNULIB_STRTOD=0; AC_SUBST([GNULIB_STRTOD])
GNULIB_STRTOLL=0; AC_SUBST([GNULIB_STRTOLL])
HAVE_RANDOM_R=1; AC_SUBST([HAVE_RANDOM_R])
HAVE_REALPATH=1; AC_SUBST([HAVE_REALPATH])
HAVE_RPMATCH=1; AC_SUBST([HAVE_RPMATCH])
+ HAVE_SECURE_GETENV=1; AC_SUBST([HAVE_SECURE_GETENV])
HAVE_SETENV=1; AC_SUBST([HAVE_SETENV])
HAVE_DECL_SETENV=1; AC_SUBST([HAVE_DECL_SETENV])
HAVE_STRTOD=1; AC_SUBST([HAVE_STRTOD])
--- /dev/null
+Description:
+Look up an environment variable, returning 0 in insecure situations.
+
+Files:
+lib/secure_getenv.c
+m4/secure_getenv.m4
+
+Depends-on:
+stdlib
+extensions
+
+configure.ac:
+gl_FUNC_SECURE_GETENV
+if test $HAVE_SECURE_GETENV = 0; then
+ AC_LIBOBJ([secure_getenv])
+ gl_PREREQ_SECURE_GETENV
+fi
+gl_STDLIB_MODULE_INDICATOR([secure_getenv])
+
+Makefile.am:
+
+Include:
+<stdlib.h>
+
+Link:
+
+License:
+LGPLv2+
+
+Maintainer:
+all
-e 's/@''GNULIB_REALLOC_POSIX''@/$(GNULIB_REALLOC_POSIX)/g' \
-e 's/@''GNULIB_REALPATH''@/$(GNULIB_REALPATH)/g' \
-e 's/@''GNULIB_RPMATCH''@/$(GNULIB_RPMATCH)/g' \
+ -e 's/@''GNULIB_SECURE_GETENV''@/$(GNULIB_SECURE_GETENV)/g' \
-e 's/@''GNULIB_SETENV''@/$(GNULIB_SETENV)/g' \
-e 's/@''GNULIB_STRTOD''@/$(GNULIB_STRTOD)/g' \
-e 's/@''GNULIB_STRTOLL''@/$(GNULIB_STRTOLL)/g' \
-e 's|@''HAVE_RANDOM_R''@|$(HAVE_RANDOM_R)|g' \
-e 's|@''HAVE_REALPATH''@|$(HAVE_REALPATH)|g' \
-e 's|@''HAVE_RPMATCH''@|$(HAVE_RPMATCH)|g' \
+ -e 's|@''HAVE_SECURE_GETENV''@|$(HAVE_SECURE_GETENV)|g' \
-e 's|@''HAVE_DECL_SETENV''@|$(HAVE_DECL_SETENV)|g' \
-e 's|@''HAVE_STRTOD''@|$(HAVE_STRTOD)|g' \
-e 's|@''HAVE_STRTOLL''@|$(HAVE_STRTOLL)|g' \