Bugzilla – Attachment 1690 Details for
Bug 1643
Set FD_CLOEXEC on client socket
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch solving the problem
cloexec.patch (text/plain), 2.12 KB, created by
jchadima
on 2009-09-01 21:11:13 AEST
(
hide
)
Description:
Patch solving the problem
Filename:
MIME Type:
Creator:
jchadima
Created:
2009-09-01 21:11:13 AEST
Size:
2.12 KB
patch
obsolete
>diff -up openssh-5.2p1/channels.c.cloexec openssh-5.2p1/channels.c >--- openssh-5.2p1/channels.c.cloexec 2009-02-14 06:28:21.000000000 +0100 >+++ openssh-5.2p1/channels.c 2009-08-12 20:39:43.042606007 +0200 >@@ -60,6 +60,7 @@ > #include <termios.h> > #include <unistd.h> > #include <stdarg.h> >+#include <fcntl.h> > > #include "openbsd-compat/sys-queue.h" > #include "xmalloc.h" >@@ -230,6 +231,18 @@ channel_register_fds(Channel *c, int rfd > > /* XXX set close-on-exec -markus */ > >+ if (rfd != -1) { >+ fcntl(rfd, F_SETFD, FD_CLOEXEC); >+ } >+ >+ if (wfd != -1 && wfd != rfd) { >+ fcntl(wfd, F_SETFD, FD_CLOEXEC); >+ } >+ >+ if (efd != -1 && efd != rfd && efd != wfd) { >+ fcntl(efd, F_SETFD, FD_CLOEXEC); >+ } >+ > c->rfd = rfd; > c->wfd = wfd; > c->sock = (rfd == wfd) ? rfd : -1; >diff -up openssh-5.2p1/sshconnect2.c.cloexec openssh-5.2p1/sshconnect2.c >--- openssh-5.2p1/sshconnect2.c.cloexec 2008-11-05 06:20:47.000000000 +0100 >+++ openssh-5.2p1/sshconnect2.c 2009-08-12 20:39:43.045385295 +0200 >@@ -39,6 +39,7 @@ > #include <stdio.h> > #include <string.h> > #include <unistd.h> >+#include <fcntl.h> > #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) > #include <vis.h> > #endif >@@ -1505,6 +1506,7 @@ ssh_keysign(Key *key, u_char **sigp, u_i > return -1; > } > if (pid == 0) { >+ fcntl(packet_get_connection_in(), F_SETFD, 0); /* keep the socket on exec */ > permanently_drop_suid(getuid()); > close(from[0]); > if (dup2(from[1], STDOUT_FILENO) < 0) >diff -up openssh-5.2p1/sshconnect.c.cloexec openssh-5.2p1/sshconnect.c >--- openssh-5.2p1/sshconnect.c.cloexec 2009-02-01 12:19:54.000000000 +0100 >+++ openssh-5.2p1/sshconnect.c 2009-08-12 20:39:43.047132940 +0200 >@@ -38,6 +38,7 @@ > #include <stdlib.h> > #include <string.h> > #include <unistd.h> >+#include <fcntl.h> > > #include "xmalloc.h" > #include "key.h" >@@ -190,8 +191,11 @@ ssh_create_socket(int privileged, struct > return sock; > } > sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); >- if (sock < 0) >+ if (sock < 0) { > error("socket: %.100s", strerror(errno)); >+ return -1; >+ } >+ fcntl(sock, F_SETFD, FD_CLOEXEC); > > /* Bind the socket to an alternative local IP address */ > if (options.bind_address == NULL)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1690">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1643
: 1690