dhcp/0009-dhcp-4.2.6-close-on-exec.patch

From ecb183516cf0b51ebf0a02f3b46248479fa51e43 Mon Sep 17 00:00:00 2001
From: Marius Tomaschewski <mt@suse.de>
Date: Thu, 18 Aug 2011 14:09:06 +0200
Subject: [PATCH] dhcp-4.2.6-close-on-exec

Merged fixed close-on-exec patch (bnc#732910)

References: bnc#732910
Signed-off-by: Marius Tomaschewski <mt@suse.de>

--- client/clparse.c.orig
+++ client/clparse.c
@@ -262,7 +262,7 @@ int read_client_conf_file (const char *n
 	int token;
 	isc_result_t status;
 
-	if ((file = open (name, O_RDONLY)) < 0)
+	if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
 		return uerr2isc (errno);
 
 	cfile = NULL;
@@ -338,7 +338,7 @@ void read_client_leases ()
 
 	/* Open the lease file.   If we can't open it, just return -
 	   we can safely trust the server to remember our state. */
-	if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
+	if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
 		return;
 
 	cfile = NULL;
--- client/dhclient.c.orig
+++ client/dhclient.c
@@ -565,7 +565,7 @@ main(int argc, char **argv) {
 		long temp;
 		int e;
 
-		if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+		if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
 			e = fscanf(pidfd, "%ld\n", &temp);
 			oldpid = (pid_t)temp;
 
@@ -3403,7 +3403,7 @@ void rewrite_client_leases ()
 
 	if (leaseFile != NULL)
 		fclose (leaseFile);
-	leaseFile = fopen (path_dhclient_db, "w");
+	leaseFile = fopen (path_dhclient_db, "we");
 	if (leaseFile == NULL) {
 		log_error ("can't create %s: %m", path_dhclient_db);
 		return;
@@ -3598,7 +3598,7 @@ write_duid(struct data_string *duid)
 		return DHCP_R_INVALIDARG;
 
 	if (leaseFile == NULL) {	/* XXX? */
-		leaseFile = fopen(path_dhclient_db, "w");
+		leaseFile = fopen(path_dhclient_db, "we");
 		if (leaseFile == NULL) {
 			log_error("can't create %s: %m", path_dhclient_db);
 			return ISC_R_IOERROR;
@@ -3643,7 +3643,7 @@ write_client6_lease(struct client_state
 		return DHCP_R_INVALIDARG;
 
 	if (leaseFile == NULL) {	/* XXX? */
-		leaseFile = fopen(path_dhclient_db, "w");
+		leaseFile = fopen(path_dhclient_db, "we");
 		if (leaseFile == NULL) {
 			log_error("can't create %s: %m", path_dhclient_db);
 			return ISC_R_IOERROR;
@@ -3802,7 +3802,7 @@ int write_client_lease (client, lease, r
 		return 1;
 
 	if (leaseFile == NULL) {	/* XXX */
-		leaseFile = fopen (path_dhclient_db, "w");
+		leaseFile = fopen (path_dhclient_db, "we");
 		if (leaseFile == NULL) {
 			log_error ("can't create %s: %m", path_dhclient_db);
 			return 0;
--- common/bpf.c.orig
+++ common/bpf.c
@@ -94,7 +94,7 @@ int if_register_bpf (info)
 	for (b = 0; 1; b++) {
 		/* %Audit% 31 bytes max. %2004.06.17,Safe% */
 		sprintf(filename, BPF_FORMAT, b);
-		sock = open (filename, O_RDWR, 0);
+		sock = open (filename, O_RDWR | O_CLOEXEC, 0);
 		if (sock < 0) {
 			if (errno == EBUSY) {
 				continue;
--- common/dlpi.c.orig
+++ common/dlpi.c
@@ -813,7 +813,7 @@ dlpiopen(const char *ifname) {
 	}
 	*dp = '\0';
 	
-	return open (devname, O_RDWR, 0);
+	return open (devname, O_RDWR | O_CLOEXEC, 0);
 }
 
 /*
--- common/nit.c.orig
+++ common/nit.c
@@ -75,7 +75,7 @@ int if_register_nit (info)
 	struct strioctl sio;
 
 	/* Open a NIT device */
-	sock = open ("/dev/nit", O_RDWR);
+	sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
 	if (sock < 0)
 		log_fatal ("Can't open NIT device for %s: %m", info -> name);
 
--- common/resolv.c.orig
+++ common/resolv.c
@@ -44,7 +44,7 @@ void read_resolv_conf (parse_time)
 	struct domain_search_list *dp, *dl, *nd;
 	isc_result_t status;
 
-	if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {
+	if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) {
 		log_error ("Can't open %s: %m", path_resolv_conf);
 		return;
 	}
--- common/upf.c.orig
+++ common/upf.c
@@ -71,7 +71,7 @@ int if_register_upf (info)
 		/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
 		sprintf(filename, "/dev/pf/pfilt%d", b);
 
-		sock = open (filename, O_RDWR, 0);
+		sock = open (filename, O_RDWR | O_CLOEXEC, 0);
 		if (sock < 0) {
 			if (errno == EBUSY) {
 				continue;
--- omapip/trace.c.orig
+++ omapip/trace.c
@@ -138,10 +138,10 @@ isc_result_t trace_begin (const char *fi
 		return DHCP_R_INVALIDARG;
 	}
 
-	traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
+	traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
 	if (traceoutfile < 0 && errno == EEXIST) {
 		log_error ("WARNING: Overwriting trace file \"%s\"", filename);
-		traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC,
+		traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | O_CLOEXEC,
 				     0600);
 	}
 
@@ -429,7 +429,7 @@ void trace_file_replay (const char *file
 	isc_result_t result;
 	int len;
 
-	traceinfile = fopen (filename, "r");
+	traceinfile = fopen (filename, "re");
 	if (!traceinfile) {
 		log_error("Can't open tracefile %s: %m", filename);
 		return;
--- relay/dhcrelay.c.orig
+++ relay/dhcrelay.c
@@ -659,13 +659,14 @@ main(int argc, char **argv) {
 
 		if (no_pid_file == ISC_FALSE) {
 			pfdesc = open(path_dhcrelay_pid,
-				      O_CREAT | O_TRUNC | O_WRONLY, 0644);
+				      O_CREAT | O_TRUNC | O_WRONLY |
+				      O_CLOEXEC, 0644);
 
 			if (pfdesc < 0) {
 				log_error("Can't create %s: %m",
 					  path_dhcrelay_pid);
 			} else {
-				pf = fdopen(pfdesc, "w");
+				pf = fdopen(pfdesc, "we");
 				if (!pf)
 					log_error("Can't fdopen %s: %m",
 						  path_dhcrelay_pid);
--- server/confpars.c.orig
+++ server/confpars.c
@@ -118,7 +118,7 @@ isc_result_t read_conf_file (const char
 	}
 #endif
 
-	if ((file = open (filename, O_RDONLY)) < 0) {
+	if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) {
 		if (leasep) {
 			log_error ("Can't open lease database %s: %m --",
 				   path_dhcpd_db);
--- server/db.c.orig
+++ server/db.c
@@ -1081,7 +1081,7 @@ void db_startup (testp)
 	}
 #endif
 	if (!testp) {
-		db_file = fopen (path_dhcpd_db, "a");
+		db_file = fopen (path_dhcpd_db, "ae");
 		if (!db_file)
 			log_fatal ("Can't open %s for append.", path_dhcpd_db);
 		expire_all_pools ();
@@ -1129,7 +1129,7 @@ int new_lease_file ()
 		     path_dhcpd_db) >= sizeof newfname)
 		log_fatal("new_lease_file: lease file path too long");
 
-	db_fd = mkstemp (newfname);
+	db_fd = mkostemp (newfname, O_CLOEXEC);
 	if (db_fd < 0) {
 		log_error ("Can't create new lease file: %m");
 		return 0;
@@ -1154,7 +1154,7 @@ int new_lease_file ()
 	}
 #endif /* PARANOIA */
 
-	if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
+	if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
 		log_error("Can't fdopen new lease file: %m");
 		close(db_fd);
 		goto fdfail;
--- server/dhcpd.c.orig
+++ server/dhcpd.c
@@ -760,7 +760,7 @@ main(int argc, char **argv) {
 	 */
 	if ((lftest == 0) && (no_pid_file == ISC_FALSE)) {
 		/*Read previous pid file. */
-		if ((i = open(path_dhcpd_pid, O_RDONLY)) >= 0) {
+		if ((i = open(path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >= 0) {
 			status = read(i, pbuf, (sizeof pbuf) - 1);
 			close(i);
 			if (status > 0) {
@@ -878,7 +878,7 @@ main(int argc, char **argv) {
 	 * appropriate.
 	 */
 	if (no_pid_file == ISC_FALSE) {
-		i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644);
+		i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644);
 		if (i >= 0) {
 			sprintf(pbuf, "%d\n", (int) getpid());
 			IGNORE_RET(write(i, pbuf, strlen(pbuf)));
--- server/ldap.c.orig
+++ server/ldap.c
@@ -1446,7 +1446,7 @@ ldap_start (void)
 
   if (ldap_debug_file != NULL && ldap_debug_fd == -1)
     {
-      if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
+      if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
                                  S_IRUSR | S_IWUSR)) < 0)
         log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,
                    strerror (errno));