77 lines
2.2 KiB
Diff
77 lines
2.2 KiB
Diff
diff --git a/libmilter/listener.c b/libmilter/listener.c
|
|
index cd3f6e8..c45683c 100644
|
|
--- a/libmilter/listener.c
|
|
+++ b/libmilter/listener.c
|
|
@@ -728,6 +728,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
|
|
int acnt = 0; /* error count for accept() failures */
|
|
int scnt = 0; /* error count for select() failures */
|
|
int save_errno = 0;
|
|
+ int fdflags;
|
|
#if !_FFR_WORKERS_POOL
|
|
sthread_t thread_id;
|
|
#endif /* !_FFR_WORKERS_POOL */
|
|
@@ -808,6 +809,19 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
|
|
(void) smutex_unlock(&L_Mutex);
|
|
|
|
/*
|
|
+ ** Need to set close-on-exec for connfd in case a user's
|
|
+ ** filter starts other applications
|
|
+ */
|
|
+ if ((fdflags = fcntl(connfd, F_GETFD, 0)) == -1 ||
|
|
+ fcntl(connfd, F_SETFD, fdflags | FD_CLOEXEC) == -1)
|
|
+ {
|
|
+ smi_log(SMI_LOG_WARN,
|
|
+ "%s: Unable to set close-on-exec on connfd (%s)",
|
|
+ smfi->xxfi_name, sm_errstring(errno));
|
|
+ /* XXX: continue? */
|
|
+ }
|
|
+
|
|
+ /*
|
|
** If remote side closes before accept() finishes,
|
|
** sockaddr might not be fully filled in.
|
|
*/
|
|
diff --git a/sendmail/milter.c b/sendmail/milter.c
|
|
index 88f8b60..f9de6b1 100644
|
|
--- a/sendmail/milter.c
|
|
+++ b/sendmail/milter.c
|
|
@@ -30,6 +30,9 @@ SM_RCSID("@(#)$Id: milter.c,v 8.281 2013/11/22 20:51:56 ca Exp $")
|
|
|
|
# include <sm/fdset.h>
|
|
|
|
+# include <unistd.h>
|
|
+# include <fcntl.h>
|
|
+
|
|
static void milter_connect_timeout __P((int));
|
|
static void milter_error __P((struct milter *, ENVELOPE *));
|
|
static int milter_open __P((struct milter *, bool, ENVELOPE *));
|
|
@@ -655,6 +658,7 @@ milter_open(m, parseonly, e)
|
|
SOCKADDR_LEN_T addrlen = 0;
|
|
int addrno = 0;
|
|
int save_errno;
|
|
+ int fdflags;
|
|
char *p;
|
|
char *colon;
|
|
char *at;
|
|
@@ -1191,6 +1195,21 @@ milter_open(m, parseonly, e)
|
|
(char *)&nodelay, sizeof(nodelay));
|
|
}
|
|
# endif /* MILTER_NO_NAGLE && !defined(TCP_CORK) */
|
|
+
|
|
+ /*
|
|
+ ** Need to set close-on-exec for sock to prevent it
|
|
+ ** leaking to the local delivery process
|
|
+ */
|
|
+ if ((fdflags = fcntl(sock, F_GETFD, 0)) == -1 ||
|
|
+ fcntl(sock, F_SETFD, fdflags | FD_CLOEXEC) == -1)
|
|
+ {
|
|
+ save_errno = errno;
|
|
+ if (MilterLogLevel > 0)
|
|
+ sm_syslog(LOG_WARNING, e->e_id,
|
|
+ "Milter (%s): Unable to set close-on-exec on sock (%s)",
|
|
+ m->mf_name, sm_errstring(save_errno = errno));
|
|
+ }
|
|
+
|
|
return sock;
|
|
}
|
|
|