tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

prenv.h (6209B)

      1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* This Source Code Form is subject to the terms of the Mozilla Public
      3 * License, v. 2.0. If a copy of the MPL was not distributed with this
      4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      5 
      6 #ifndef prenv_h___
      7 #define prenv_h___
      8 
      9 #include "prtypes.h"
     10 
     11 /*******************************************************************************/
     12 /*******************************************************************************/
     13 /****************** THESE FUNCTIONS MAY NOT BE THREAD SAFE *********************/
     14 /*******************************************************************************/
     15 /*******************************************************************************/
     16 
     17 PR_BEGIN_EXTERN_C
     18 
     19 /*
     20 ** PR_GetEnv() -- Retrieve value of environment variable
     21 **
     22 ** Description:
     23 ** PR_GetEnv() is modeled on Unix getenv().
     24 **
     25 **
     26 ** Inputs:
     27 **   var -- The name of the environment variable
     28 **
     29 ** Returns:
     30 **   The value of the environment variable 'var' or NULL if
     31 ** the variable is undefined.
     32 **
     33 ** Restrictions:
     34 **   You'd think that a POSIX getenv(), putenv() would be
     35 **   consistently implemented everywhere. Surprise! It is not. On
     36 **   some platforms, a putenv() where the argument is of
     37 **   the form "name"  causes the named environment variable to
     38 **   be un-set; that is: a subsequent getenv() returns NULL. On
     39 **   other platforms, the putenv() fails, on others, it is a
     40 **   no-op. Similarly, a putenv() where the argument is of the
     41 **   form "name=" causes the named environment variable to be
     42 **   un-set; a subsequent call to getenv() returns NULL. On
     43 **   other platforms, a subsequent call to getenv() returns a
     44 **   pointer to a null-string (a byte of zero).
     45 **
     46 **   PR_GetEnv(), PR_SetEnv() provide a consistent behavior
     47 **   across all supported platforms. There are, however, some
     48 **   restrictions and some practices you must use to achieve
     49 **   consistent results everywhere.
     50 **
     51 **   When manipulating the environment there is no way to un-set
     52 **   an environment variable across all platforms. We suggest
     53 **   you interpret the return of a pointer to null-string to
     54 **   mean the same as a return of NULL from PR_GetEnv().
     55 **
     56 **   A call to PR_SetEnv() where the parameter is of the form
     57 **   "name" will return PR_FAILURE; the environment remains
     58 **   unchanged. A call to PR_SetEnv() where the parameter is
     59 **   of the form "name=" may un-set the envrionment variable on
     60 **   some platforms; on others it may set the value of the
     61 **   environment variable to the null-string.
     62 **
     63 **   For example, to test for NULL return or return of the
     64 **   null-string from PR_GetEnv(), use the following code
     65 **   fragment:
     66 **
     67 **      char *val = PR_GetEnv("foo");
     68 **      if ((NULL == val) || ('\0' == *val)) {
     69 **          ... interpret this as un-set ...
     70 **      }
     71 **
     72 **   The caller must ensure that the string passed
     73 **   to PR_SetEnv() is persistent. That is: The string should
     74 **   not be on the stack, where it can be overwritten
     75 **   on return from the function calling PR_SetEnv().
     76 **   Similarly, the string passed to PR_SetEnv() must not be
     77 **   overwritten by other actions of the process. ... Some
     78 **   platforms use the string by reference rather than copying
     79 **   it into the environment space. ... You have been warned!
     80 **
     81 **   Use of platform-native functions that manipulate the
     82 **   environment (getenv(), putenv(),
     83 **   SetEnvironmentVariable(), etc.) must not be used with
     84 **   NSPR's similar functions. The platform-native functions
     85 **   may not be thread safe and/or may operate on different
     86 **   conceptual environment space than that operated upon by
     87 **   NSPR's functions or other environment manipulating
     88 **   functions on the same platform. (!)
     89 **
     90 */
     91 NSPR_API(char*) PR_GetEnv(const char *var);
     92 
     93 /*
     94 ** PR_GetEnvSecure() -- get a security-sensitive environment variable
     95 **
     96 ** Description:
     97 **
     98 ** PR_GetEnvSecure() is similar to PR_GetEnv(), but it returns NULL if
     99 ** the program was run with elevated privilege (e.g., setuid or setgid
    100 ** on Unix).  This can be used for cases like log file paths which
    101 ** could otherwise be used for privilege escalation.  Note that some
    102 ** platforms may have platform-specific privilege elevation mechanisms
    103 ** not recognized by this function; see the implementation for details.
    104 */
    105 NSPR_API(char*) PR_GetEnvSecure(const char *var);
    106 
    107 /*
    108 ** PR_SetEnv() -- set, unset or change an environment variable
    109 **
    110 ** Description:
    111 ** PR_SetEnv() is modeled on the Unix putenv() function.
    112 **
    113 ** Inputs:
    114 **   string -- pointer to a caller supplied
    115 **   constant, persistent string of the form name=value. Where
    116 **   name is the name of the environment variable to be set or
    117 **   changed; value is the value assigned to the variable.
    118 **
    119 ** Returns:
    120 **   PRStatus.
    121 **
    122 ** Restrictions:
    123 **   See the Restrictions documented in the description of
    124 **   PR_GetEnv() in this header file.
    125 **
    126 **
    127 */
    128 NSPR_API(PRStatus) PR_SetEnv(const char *string);
    129 
    130 /*
    131 ** PR_DuplicateEnvironment() -- Obtain a copy of the environment.
    132 **
    133 ** Description:
    134 ** PR_DuplicateEnvironment() copies the environment so that it can be
    135 ** modified without changing the current process's environment, and
    136 ** then passed to interfaces such as POSIX execve().  In particular,
    137 ** this avoids needing to allocate memory or take locks in the child
    138 ** after a fork(); neither of these is allowed by POSIX after a
    139 ** multithreaded process calls fork(), and PR_SetEnv does both.
    140 **
    141 ** Inputs:
    142 **   none
    143 **
    144 ** Returns:
    145 **   A pointer to a null-terminated array of null-terminated strings,
    146 **   like the traditional global variable "environ".  The array and
    147 **   the strings are allocated with PR_Malloc(), and it is the
    148 **   caller's responsibility to free them.
    149 **
    150 **   In case of memory allocation failure, or if the operating system
    151 **   doesn't support reading the entire environment through the global
    152 **   variable "environ" or similar, returns NULL instead.
    153 **
    154 ** Restrictions:
    155 **   Similarly to PR_GetEnv(), this function may not interoperate as
    156 **   expected with the operating system's native environment accessors.
    157 */
    158 NSPR_API(char **) PR_DuplicateEnvironment(void);
    159 
    160 PR_END_EXTERN_C
    161 
    162 #endif /* prenv_h___ */