4bf24c8243
- Had to rename the -T option to -timeout as ISC is now using -T - Allow package rebuilders to easily enable DHCPv6 support with: rpmbuild --with DHCPv6 dhcp.spec Note that Fedora is still using the 'dhcpv6' package, but some users may want to experiment with the ISC DHCPv6 implementation locally.
447 lines
18 KiB
Diff
447 lines
18 KiB
Diff
diff -up dhcp-4.1.0/client/clparse.c.cloexec dhcp-4.1.0/client/clparse.c
|
|
--- dhcp-4.1.0/client/clparse.c.cloexec 2009-01-06 11:56:11.000000000 -1000
|
|
+++ dhcp-4.1.0/client/clparse.c 2009-01-06 12:04:48.000000000 -1000
|
|
@@ -226,7 +226,7 @@ int read_client_conf_file (const char *n
|
|
int token;
|
|
isc_result_t status;
|
|
|
|
- if ((file = open (name, O_RDONLY)) < 0)
|
|
+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
|
|
return uerr2isc (errno);
|
|
|
|
cfile = NULL;
|
|
@@ -263,7 +263,7 @@ void read_client_leases ()
|
|
|
|
/* Open the lease file. If we can't open it, just return -
|
|
we can safely trust the server to remember our state. */
|
|
- if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
|
|
+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
|
|
return;
|
|
|
|
cfile = NULL;
|
|
diff -up dhcp-4.1.0/client/dhclient.c.cloexec dhcp-4.1.0/client/dhclient.c
|
|
--- dhcp-4.1.0/client/dhclient.c.cloexec 2009-01-06 11:56:10.000000000 -1000
|
|
+++ dhcp-4.1.0/client/dhclient.c 2009-01-06 12:04:01.000000000 -1000
|
|
@@ -135,11 +135,11 @@ main(int argc, char **argv) {
|
|
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
|
|
2 (stderr) are open. To do this, we assume that when we
|
|
open a file the lowest available file descriptor is used. */
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 0)
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 1)
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 2)
|
|
log_perror = 0; /* No sense logging to /dev/null. */
|
|
else if (fd != -1)
|
|
@@ -465,7 +465,7 @@ main(int argc, char **argv) {
|
|
int e;
|
|
|
|
oldpid = 0;
|
|
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
|
|
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
|
|
e = fscanf(pidfd, "%ld\n", &temp);
|
|
oldpid = (pid_t)temp;
|
|
|
|
@@ -507,7 +507,7 @@ main(int argc, char **argv) {
|
|
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
|
|
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
|
|
|
|
- if ((pidfd = fopen(new_path_dhclient_pid, "r")) != NULL) {
|
|
+ if ((pidfd = fopen(new_path_dhclient_pid, "re")) != NULL) {
|
|
e = fscanf(pidfd, "%ld\n", &temp);
|
|
oldpid = (pid_t)temp;
|
|
|
|
@@ -532,7 +532,7 @@ main(int argc, char **argv) {
|
|
int dhc_running = 0;
|
|
char procfn[256] = "";
|
|
|
|
- if ((pidfp = fopen(path_dhclient_pid, "r")) != NULL) {
|
|
+ if ((pidfp = fopen(path_dhclient_pid, "re")) != NULL) {
|
|
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
|
|
snprintf(procfn,256,"/proc/%u",dhcpid);
|
|
dhc_running = (access(procfn, F_OK) == 0);
|
|
@@ -2908,7 +2908,7 @@ void rewrite_client_leases ()
|
|
|
|
if (leaseFile != NULL)
|
|
fclose (leaseFile);
|
|
- leaseFile = fopen (path_dhclient_db, "w");
|
|
+ leaseFile = fopen (path_dhclient_db, "we");
|
|
if (leaseFile == NULL) {
|
|
log_error ("can't create %s: %m", path_dhclient_db);
|
|
return;
|
|
@@ -3012,7 +3012,7 @@ write_duid(struct data_string *duid)
|
|
return ISC_R_INVALIDARG;
|
|
|
|
if (leaseFile == NULL) { /* XXX? */
|
|
- leaseFile = fopen(path_dhclient_db, "w");
|
|
+ leaseFile = fopen(path_dhclient_db, "we");
|
|
if (leaseFile == NULL) {
|
|
log_error("can't create %s: %m", path_dhclient_db);
|
|
return ISC_R_IOERROR;
|
|
@@ -3192,7 +3192,7 @@ int write_client_lease (client, lease, r
|
|
return 1;
|
|
|
|
if (leaseFile == NULL) { /* XXX */
|
|
- leaseFile = fopen (path_dhclient_db, "w");
|
|
+ leaseFile = fopen (path_dhclient_db, "we");
|
|
if (leaseFile == NULL) {
|
|
log_error ("can't create %s: %m", path_dhclient_db);
|
|
return 0;
|
|
@@ -3638,9 +3638,9 @@ void go_daemon ()
|
|
close(2);
|
|
|
|
/* Reopen them on /dev/null. */
|
|
- open("/dev/null", O_RDWR);
|
|
- open("/dev/null", O_RDWR);
|
|
- open("/dev/null", O_RDWR);
|
|
+ open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
+ open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
+ open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
|
|
write_client_pid_file ();
|
|
|
|
@@ -3652,14 +3652,14 @@ void write_client_pid_file ()
|
|
FILE *pf;
|
|
int pfdesc;
|
|
|
|
- pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, 0644);
|
|
+ pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
|
|
|
|
if (pfdesc < 0) {
|
|
log_error ("Can't create %s: %m", path_dhclient_pid);
|
|
return;
|
|
}
|
|
|
|
- pf = fdopen (pfdesc, "w");
|
|
+ pf = fdopen (pfdesc, "we");
|
|
if (!pf)
|
|
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
|
|
else {
|
|
diff -up dhcp-4.1.0/common/bpf.c.cloexec dhcp-4.1.0/common/bpf.c
|
|
--- dhcp-4.1.0/common/bpf.c.cloexec 2009-01-06 11:56:11.000000000 -1000
|
|
+++ dhcp-4.1.0/common/bpf.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -94,7 +94,7 @@ int if_register_bpf (info)
|
|
for (b = 0; 1; b++) {
|
|
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
|
|
sprintf(filename, BPF_FORMAT, b);
|
|
- sock = open (filename, O_RDWR, 0);
|
|
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
|
|
if (sock < 0) {
|
|
if (errno == EBUSY) {
|
|
continue;
|
|
diff -up dhcp-4.1.0/common/discover.c.cloexec dhcp-4.1.0/common/discover.c
|
|
--- dhcp-4.1.0/common/discover.c.cloexec 2008-08-29 07:48:57.000000000 -1000
|
|
+++ dhcp-4.1.0/common/discover.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -409,7 +409,7 @@ begin_iface_scan(struct iface_conf_list
|
|
int len;
|
|
int i;
|
|
|
|
- ifaces->fp = fopen("/proc/net/dev", "r");
|
|
+ ifaces->fp = fopen("/proc/net/dev", "re");
|
|
if (ifaces->fp == NULL) {
|
|
log_error("Error opening '/proc/net/dev' to list interfaces");
|
|
return 0;
|
|
@@ -443,7 +443,7 @@ begin_iface_scan(struct iface_conf_list
|
|
}
|
|
|
|
#ifdef DHCPv6
|
|
- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
|
|
+ ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
|
|
if (ifaces->fp6 == NULL) {
|
|
log_error("Error opening '/proc/net/if_inet6' to "
|
|
"list IPv6 interfaces; %m");
|
|
diff -up dhcp-4.1.0/common/dlpi.c.cloexec dhcp-4.1.0/common/dlpi.c
|
|
--- dhcp-4.1.0/common/dlpi.c.cloexec 2009-01-06 11:56:11.000000000 -1000
|
|
+++ dhcp-4.1.0/common/dlpi.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -795,7 +795,7 @@ dlpiopen(const char *ifname) {
|
|
}
|
|
*dp = '\0';
|
|
|
|
- return open (devname, O_RDWR, 0);
|
|
+ return open (devname, O_RDWR | O_CLOEXEC, 0);
|
|
}
|
|
|
|
/*
|
|
diff -up dhcp-4.1.0/common/nit.c.cloexec dhcp-4.1.0/common/nit.c
|
|
--- dhcp-4.1.0/common/nit.c.cloexec 2009-01-06 11:56:11.000000000 -1000
|
|
+++ dhcp-4.1.0/common/nit.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -81,7 +81,7 @@ int if_register_nit (info)
|
|
struct strioctl sio;
|
|
|
|
/* Open a NIT device */
|
|
- sock = open ("/dev/nit", O_RDWR);
|
|
+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
|
|
if (sock < 0)
|
|
log_fatal ("Can't open NIT device for %s: %m", info -> name);
|
|
|
|
diff -up dhcp-4.1.0/common/resolv.c.cloexec dhcp-4.1.0/common/resolv.c
|
|
--- dhcp-4.1.0/common/resolv.c.cloexec 2008-03-07 10:12:44.000000000 -1000
|
|
+++ dhcp-4.1.0/common/resolv.c 2009-01-06 12:05:17.000000000 -1000
|
|
@@ -49,7 +49,7 @@ void read_resolv_conf (parse_time)
|
|
struct domain_search_list *dp, *dl, *nd;
|
|
isc_result_t status;
|
|
|
|
- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {
|
|
+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) {
|
|
log_error ("Can't open %s: %m", path_resolv_conf);
|
|
return;
|
|
}
|
|
diff -up dhcp-4.1.0/common/upf.c.cloexec dhcp-4.1.0/common/upf.c
|
|
--- dhcp-4.1.0/common/upf.c.cloexec 2009-01-06 11:56:11.000000000 -1000
|
|
+++ dhcp-4.1.0/common/upf.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -77,7 +77,7 @@ int if_register_upf (info)
|
|
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
|
|
sprintf(filename, "/dev/pf/pfilt%d", b);
|
|
|
|
- sock = open (filename, O_RDWR, 0);
|
|
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
|
|
if (sock < 0) {
|
|
if (errno == EBUSY) {
|
|
continue;
|
|
diff -up dhcp-4.1.0/dst/dst_api.c.cloexec dhcp-4.1.0/dst/dst_api.c
|
|
--- dhcp-4.1.0/dst/dst_api.c.cloexec 2007-11-30 11:51:43.000000000 -1000
|
|
+++ dhcp-4.1.0/dst/dst_api.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -436,7 +436,7 @@ dst_s_write_private_key(const DST_KEY *k
|
|
PRIVATE_KEY, PATH_MAX);
|
|
|
|
/* Do not overwrite an existing file */
|
|
- if ((fp = dst_s_fopen(file, "w", 0600)) != NULL) {
|
|
+ if ((fp = dst_s_fopen(file, "we", 0600)) != NULL) {
|
|
int nn;
|
|
if ((nn = fwrite(encoded_block, 1, len, fp)) != len) {
|
|
EREPORT(("dst_write_private_key(): Write failure on %s %d != %d errno=%d\n",
|
|
@@ -493,7 +493,7 @@ dst_s_read_public_key(const char *in_nam
|
|
* flags, proto, alg stored as decimal (or hex numbers FIXME).
|
|
* (FIXME: handle parentheses for line continuation.)
|
|
*/
|
|
- if ((fp = dst_s_fopen(name, "r", 0)) == NULL) {
|
|
+ if ((fp = dst_s_fopen(name, "re", 0)) == NULL) {
|
|
EREPORT(("dst_read_public_key(): Public Key not found %s\n",
|
|
name));
|
|
return (NULL);
|
|
@@ -615,7 +615,7 @@ dst_s_write_public_key(const DST_KEY *ke
|
|
return (0);
|
|
}
|
|
/* create public key file */
|
|
- if ((fp = dst_s_fopen(filename, "w+", 0644)) == NULL) {
|
|
+ if ((fp = dst_s_fopen(filename, "w+e", 0644)) == NULL) {
|
|
EREPORT(("DST_write_public_key: open of file:%s failed (errno=%d)\n",
|
|
filename, errno));
|
|
return (0);
|
|
@@ -849,7 +849,7 @@ dst_s_read_private_key_file(char *name,
|
|
return (0);
|
|
}
|
|
/* first check if we can find the key file */
|
|
- if ((fp = dst_s_fopen(filename, "r", 0)) == NULL) {
|
|
+ if ((fp = dst_s_fopen(filename, "re", 0)) == NULL) {
|
|
EREPORT(("dst_s_read_private_key_file: Could not open file %s in directory %s\n",
|
|
filename, dst_path[0] ? dst_path :
|
|
(char *) getcwd(NULL, PATH_MAX - 1)));
|
|
diff -up dhcp-4.1.0/dst/prandom.c.cloexec dhcp-4.1.0/dst/prandom.c
|
|
--- dhcp-4.1.0/dst/prandom.c.cloexec 2007-11-30 11:51:43.000000000 -1000
|
|
+++ dhcp-4.1.0/dst/prandom.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -267,7 +267,7 @@ get_dev_random(u_char *output, unsigned
|
|
|
|
s = stat("/dev/random", &st);
|
|
if (s == 0 && S_ISCHR(st.st_mode)) {
|
|
- if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK)) != -1) {
|
|
+ if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK | O_CLOEXEC)) != -1) {
|
|
if ((n = read(fd, output, size)) < 0)
|
|
n = 0;
|
|
close(fd);
|
|
@@ -478,7 +478,7 @@ digest_file(dst_work *work)
|
|
work->file_digest = dst_free_key(work->file_digest);
|
|
return (0);
|
|
}
|
|
- if ((fp = fopen(name, "r")) == NULL)
|
|
+ if ((fp = fopen(name, "re")) == NULL)
|
|
return (0);
|
|
for (no = 0; (i = fread(buf, sizeof(*buf), sizeof(buf), fp)) > 0;
|
|
no += i)
|
|
diff -up dhcp-4.1.0/minires/res_init.c.cloexec dhcp-4.1.0/minires/res_init.c
|
|
--- dhcp-4.1.0/minires/res_init.c.cloexec 2008-02-28 11:21:56.000000000 -1000
|
|
+++ dhcp-4.1.0/minires/res_init.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -233,7 +233,7 @@ minires_vinit(res_state statp, int prein
|
|
(line[sizeof(name) - 1] == ' ' || \
|
|
line[sizeof(name) - 1] == '\t'))
|
|
|
|
- if ((fp = fopen(_PATH_RESCONF, "r")) != NULL) {
|
|
+ if ((fp = fopen(_PATH_RESCONF, "re")) != NULL) {
|
|
/* read the config file */
|
|
while (fgets(buf, sizeof(buf), fp) != NULL) {
|
|
/* skip comments */
|
|
diff -up dhcp-4.1.0/minires/res_query.c.cloexec dhcp-4.1.0/minires/res_query.c
|
|
--- dhcp-4.1.0/minires/res_query.c.cloexec 2008-02-28 11:21:56.000000000 -1000
|
|
+++ dhcp-4.1.0/minires/res_query.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -379,7 +379,7 @@ res_hostalias(const res_state statp, con
|
|
if (statp->options & RES_NOALIASES)
|
|
return (NULL);
|
|
file = getenv("HOSTALIASES");
|
|
- if (file == NULL || (fp = fopen(file, "r")) == NULL)
|
|
+ if (file == NULL || (fp = fopen(file, "re")) == NULL)
|
|
return (NULL);
|
|
setbuf(fp, NULL);
|
|
buf[sizeof(buf) - 1] = '\0';
|
|
diff -up dhcp-4.1.0/omapip/trace.c.cloexec dhcp-4.1.0/omapip/trace.c
|
|
--- dhcp-4.1.0/omapip/trace.c.cloexec 2007-07-12 20:43:42.000000000 -1000
|
|
+++ dhcp-4.1.0/omapip/trace.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -140,10 +140,10 @@ isc_result_t trace_begin (const char *fi
|
|
return ISC_R_INVALIDARG;
|
|
}
|
|
|
|
- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
|
|
+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
|
|
if (traceoutfile < 0 && errno == EEXIST) {
|
|
log_error ("WARNING: Overwriting trace file \"%s\"", filename);
|
|
- traceoutfile = open (filename, O_WRONLY | O_EXCL, 0600);
|
|
+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
|
|
}
|
|
|
|
if (traceoutfile < 0) {
|
|
@@ -429,7 +429,7 @@ void trace_file_replay (const char *file
|
|
isc_result_t result;
|
|
int len;
|
|
|
|
- traceinfile = fopen (filename, "r");
|
|
+ traceinfile = fopen (filename, "re");
|
|
if (!traceinfile) {
|
|
log_error ("Can't open tracefile %s: %m", filename);
|
|
return;
|
|
diff -up dhcp-4.1.0/relay/dhcrelay.c.cloexec dhcp-4.1.0/relay/dhcrelay.c
|
|
--- dhcp-4.1.0/relay/dhcrelay.c.cloexec 2008-11-12 13:22:14.000000000 -1000
|
|
+++ dhcp-4.1.0/relay/dhcrelay.c 2009-01-06 12:06:23.000000000 -1000
|
|
@@ -174,11 +174,11 @@ main(int argc, char **argv) {
|
|
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
|
|
2(stderr) are open. To do this, we assume that when we
|
|
open a file the lowest available file descriptor is used. */
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 0)
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 1)
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 2)
|
|
log_perror = 0; /* No sense logging to /dev/null. */
|
|
else if (fd != -1)
|
|
@@ -511,12 +511,12 @@ main(int argc, char **argv) {
|
|
exit(0);
|
|
|
|
pfdesc = open(path_dhcrelay_pid,
|
|
- O_CREAT | O_TRUNC | O_WRONLY, 0644);
|
|
+ O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
|
|
|
|
if (pfdesc < 0) {
|
|
log_error("Can't create %s: %m", path_dhcrelay_pid);
|
|
} else {
|
|
- pf = fdopen(pfdesc, "w");
|
|
+ pf = fdopen(pfdesc, "we");
|
|
if (!pf)
|
|
log_error("Can't fdopen %s: %m",
|
|
path_dhcrelay_pid);
|
|
diff -up dhcp-4.1.0/server/confpars.c.cloexec dhcp-4.1.0/server/confpars.c
|
|
--- dhcp-4.1.0/server/confpars.c.cloexec 2009-01-06 11:56:10.000000000 -1000
|
|
+++ dhcp-4.1.0/server/confpars.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -116,7 +116,7 @@ isc_result_t read_conf_file (const char
|
|
}
|
|
#endif
|
|
|
|
- if ((file = open (filename, O_RDONLY)) < 0) {
|
|
+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) {
|
|
if (leasep) {
|
|
log_error ("Can't open lease database %s: %m --",
|
|
path_dhcpd_db);
|
|
diff -up dhcp-4.1.0/server/db.c.cloexec dhcp-4.1.0/server/db.c
|
|
--- dhcp-4.1.0/server/db.c.cloexec 2008-03-31 03:49:45.000000000 -1000
|
|
+++ dhcp-4.1.0/server/db.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -1021,7 +1021,7 @@ void db_startup (testp)
|
|
}
|
|
#endif
|
|
if (!testp) {
|
|
- db_file = fopen (path_dhcpd_db, "a");
|
|
+ db_file = fopen (path_dhcpd_db, "ae");
|
|
if (!db_file)
|
|
log_fatal ("Can't open %s for append.", path_dhcpd_db);
|
|
expire_all_pools ();
|
|
@@ -1069,12 +1069,12 @@ int new_lease_file ()
|
|
path_dhcpd_db, (int)t) >= sizeof newfname)
|
|
log_fatal("new_lease_file: lease file path too long");
|
|
|
|
- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664);
|
|
+ db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0664);
|
|
if (db_fd < 0) {
|
|
log_error ("Can't create new lease file: %m");
|
|
return 0;
|
|
}
|
|
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
|
|
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
|
|
log_error("Can't fdopen new lease file: %m");
|
|
close(db_fd);
|
|
goto fdfail;
|
|
diff -up dhcp-4.1.0/server/dhcpd.c.cloexec dhcp-4.1.0/server/dhcpd.c
|
|
--- dhcp-4.1.0/server/dhcpd.c.cloexec 2009-01-06 11:56:09.000000000 -1000
|
|
+++ dhcp-4.1.0/server/dhcpd.c 2009-01-06 12:06:49.000000000 -1000
|
|
@@ -266,11 +266,11 @@ main(int argc, char **argv) {
|
|
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
|
|
2 (stderr) are open. To do this, we assume that when we
|
|
open a file the lowest available file descriptor is used. */
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 0)
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 1)
|
|
- fd = open("/dev/null", O_RDWR);
|
|
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
if (fd == 2)
|
|
log_perror = 0; /* No sense logging to /dev/null. */
|
|
else if (fd != -1)
|
|
@@ -779,7 +779,7 @@ main(int argc, char **argv) {
|
|
#endif /* PARANOIA */
|
|
|
|
/* Read previous pid file. */
|
|
- if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) {
|
|
+ if ((i = open (path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >= 0) {
|
|
status = read(i, pbuf, (sizeof pbuf) - 1);
|
|
close (i);
|
|
if (status > 0) {
|
|
@@ -797,7 +797,7 @@ main(int argc, char **argv) {
|
|
}
|
|
|
|
/* Write new pid file. */
|
|
- if ((i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644)) >= 0) {
|
|
+ if ((i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644)) >= 0) {
|
|
sprintf(pbuf, "%d\n", (int) getpid());
|
|
write(i, pbuf, strlen(pbuf));
|
|
close(i);
|
|
@@ -823,9 +823,9 @@ main(int argc, char **argv) {
|
|
close(2);
|
|
|
|
/* Reopen them on /dev/null. */
|
|
- open("/dev/null", O_RDWR);
|
|
- open("/dev/null", O_RDWR);
|
|
- open("/dev/null", O_RDWR);
|
|
+ open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
+ open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
+ open("/dev/null", O_RDWR | O_CLOEXEC);
|
|
log_perror = 0; /* No sense logging to /dev/null. */
|
|
|
|
chdir("/");
|
|
diff -up dhcp-4.1.0/server/ldap.c.cloexec dhcp-4.1.0/server/ldap.c
|
|
--- dhcp-4.1.0/server/ldap.c.cloexec 2009-01-06 11:56:09.000000000 -1000
|
|
+++ dhcp-4.1.0/server/ldap.c 2009-01-06 11:56:11.000000000 -1000
|
|
@@ -685,7 +685,7 @@ ldap_start (void)
|
|
|
|
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
|
|
{
|
|
- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
|
|
+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
|
|
S_IRUSR | S_IWUSR)) < 0)
|
|
log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,
|
|
strerror (errno));
|