src: make copies of startup environment variables

[bnoordhuis]

Mutations of the environment can invalidate pointers to environment
variables, so make secure_getenv() copy them out instead of returning
pointers.

cc @sam-github

CI: https://ci.nodejs.org/job/node-test-pull-request/6087/

[addaleax]

LGTM with two suggestions

[addaleax]

We may want to rename this if it no longer matches the secure_getenv(3) signature

[sam-github]

node::SecureGetEnv()?

[sam-github]

If you expose it in node_internal.h, I can drop 7c6a26e

[bnoordhuis]

Renamed to SafeGetenv() cuz less chars.

[addaleax]

nit: text[0] == '1'

[sam-github]

(text.length() == 1 && text[0] == '1')? Right now, it appears a value of ``10or100` would also be accepted, in violation of the docs. Though maybe that's a bug for another PR?

[bnoordhuis]

I'll update to text[0] == '1'. I wrote it like this to keep it as close as possible to the logic it replaces.

Though maybe that's a bug for another PR?

Yes, I would say so. FWIW, it doesn't bother me personally.

[sam-github]

This is reasonable to avoid unintended changes in the env.

[sam-github]

node::SecureGetEnv()?

[sam-github]

(text.length() == 1 && text[0] == '1')? Right now, it appears a value of ``10or100` would also be accepted, in violation of the docs. Though maybe that's a bug for another PR?

[sam-github]

can no longer be nullptr

[bnoordhuis]

Good point, updated.

[sam-github]

If you expose it in node_internal.h, I can drop 7c6a26e

[gibfahn]

ping @bnoordhuis

[bnoordhuis]

Updated, PTAL. CI: https://ci.nodejs.org/job/node-test-pull-request/6256/

[bnoordhuis]

Renamed to SafeGetenv() cuz less chars.

[bnoordhuis]

I'll update to text[0] == '1'. I wrote it like this to keep it as close as possible to the logic it replaces.

Though maybe that's a bug for another PR?

Yes, I would say so. FWIW, it doesn't bother me personally.

[bnoordhuis]

Good point, updated.

[bnoordhuis]

If you expose it in node_internal.h, I can drop 7c6a26e

@sam-github I'll let you do that in your PR, it would look incongruous (unnecessary) in this one.

Aside: if the use of std::string bothers anyone, I can replace it with a version that copies out to a plain char array (possibly with some mid-level template magic to infer array bounds - never do any work the compiler can do for you.)

[jasnell]

ping @sam-github

[sam-github]

Landed in a8734af

[bnoordhuis]

Zu schade, the commit log still mentions secure_getenv().

[sam-github]

When converting openssl_config to std::string, I discovered this copies the first 15 chars of arg into target, it needs to be icu_data_dir.assign(arg + 15); or something of the like. @srl295 Since tests pass, this means that this command line option has no test coverage.

[bnoordhuis]

Ai, obvious bug in retrospect. #11255

[sam-github]

Sorry, @bnoordhuis, I thought it would be helpful to land it since it was approved and had been waiting on me for several days, I won't do that again.

I found a problem while rebasing #11006 onto master, PTAL.

[italoacasas]

This is having conflicts when landing on v7.x-staging, any plan to backport this?

[sam-github]

Yes, I will create a backport branch for #11006, this, and #11255 since they all build on each other.

[sam-github]

@nodejs/ctc we need labels like backport-to-v#.#, IMO. For this PR, I would label it dont-land-on-v7.x to remove it from the branch-diff results for 7.x candidates, but then include the backport-to label to make clear that it is intended to land on 7.x, it just needs to be backported to hop over the semver-major PR that is blocking it (#10116, fwiw).

[srl295]

LGTM after the fact

[jasnell]

Needs a backport PR to land on v4 or v6