[Openswan dev] [PATCH] Set CLOEXEC on all pluto file descriptors
Herbert Xu
herbert at gondor.apana.org.au
Wed Sep 7 17:23:43 CEST 2005
Hi Ken:
This patch sets CLOEXEC on all file descriptors. Without this things
like the adns file descriptors are leaked to the updown script. If the
updown script then spawns a long-living child, this could prevent the
shutting down of pluto.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-------------- next part --------------
Index: programs/pluto/dnskey.c
===================================================================
RCS file: /var/cvs/snwb/packages/openswan/programs/pluto/dnskey.c,v
retrieving revision 1.1.1.2
diff -u -r1.1.1.2 dnskey.c
--- programs/pluto/dnskey.c 30 Nov 2004 16:34:08 -0000 1.1.1.2
+++ programs/pluto/dnskey.c 7 Sep 2005 06:21:35 -0000
@@ -190,6 +190,8 @@
adns_qfd = qfds[1];
adns_afd = afds[0];
close(afds[1]);
+ fcntl(adns_qfd, F_SETFD, FD_CLOEXEC);
+ fcntl(adns_afd, F_SETFD, FD_CLOEXEC);
fcntl(adns_qfd, F_SETFL, O_NONBLOCK);
break;
}
Index: programs/pluto/rnd.c
===================================================================
RCS file: /var/cvs/snwb/packages/openswan/programs/pluto/rnd.c,v
retrieving revision 1.1.1.2
diff -u -r1.1.1.2 rnd.c
--- programs/pluto/rnd.c 18 Jan 2005 02:49:40 -0000 1.1.1.2
+++ programs/pluto/rnd.c 7 Sep 2005 06:21:35 -0000
@@ -236,6 +236,7 @@
}
# endif
+ fcntl(random_fd, F_SETFD, FD_CLOEXEC);
get_rnd_bytes(random_pool, RANDOM_POOL_SIZE);
mix_pool();
More information about the Dev
mailing list