diff --git a/dhcp-4.0.0-CLOEXEC.patch b/dhcp-4.0.0-CLOEXEC.patch new file mode 100644 index 0000000..5a7bc69 --- /dev/null +++ b/dhcp-4.0.0-CLOEXEC.patch @@ -0,0 +1,455 @@ +diff -up dhcp-4.0.0/client/clparse.c.cloexec dhcp-4.0.0/client/clparse.c +--- dhcp-4.0.0/client/clparse.c.cloexec 2008-10-29 12:59:29.000000000 -1000 ++++ dhcp-4.0.0/client/clparse.c 2008-10-29 13:11:34.000000000 -1000 +@@ -221,7 +221,7 @@ int read_client_conf_file (const char *n + int token; + isc_result_t status; + +- if ((file = open (name, O_RDONLY)) < 0) ++ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0) + return uerr2isc (errno); + + cfile = (struct parse *)0; +@@ -258,7 +258,7 @@ void read_client_leases () + + /* Open the lease file. If we can't open it, just return - + we can safely trust the server to remember our state. */ +- if ((file = open (path_dhclient_db, O_RDONLY)) < 0) ++ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0) + return; + cfile = (struct parse *)0; + /* new_parse() may fail if the file is of zero length. */ +diff -up dhcp-4.0.0/client/dhclient.c.cloexec dhcp-4.0.0/client/dhclient.c +--- dhcp-4.0.0/client/dhclient.c.cloexec 2008-10-29 12:59:29.000000000 -1000 ++++ dhcp-4.0.0/client/dhclient.c 2008-10-29 13:26:16.000000000 -1000 +@@ -125,11 +125,11 @@ main(int argc, char **argv) { + /* Make sure that file descriptors 0 (stdin), 1, (stdout), and + 2 (stderr) are open. To do this, we assume that when we + open a file the lowest available file descriptor is used. */ +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 0) +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 1) +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 2) + log_perror = 0; /* No sense logging to /dev/null. */ + else if (fd != -1) +@@ -403,7 +403,7 @@ main(int argc, char **argv) { + int e; + + oldpid = 0; +- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) { ++ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) { + e = fscanf(pidfd, "%ld\n", &temp); + oldpid = (pid_t)temp; + +@@ -445,7 +445,7 @@ main(int argc, char **argv) { + strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx); + sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name); + +- if ((pidfd = fopen(new_path_dhclient_pid, "r")) != NULL) { ++ if ((pidfd = fopen(new_path_dhclient_pid, "re")) != NULL) { + e = fscanf(pidfd, "%ld\n", &temp); + oldpid = (pid_t)temp; + +@@ -470,7 +470,7 @@ main(int argc, char **argv) { + int dhc_running = 0; + char procfn[256] = ""; + +- if ((pidfp = fopen(path_dhclient_pid, "r")) != NULL) { ++ if ((pidfp = fopen(path_dhclient_pid, "re")) != NULL) { + if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) { + snprintf(procfn,256,"/proc/%u",dhcpid); + dhc_running = (access(procfn, F_OK) == 0); +@@ -2702,7 +2702,7 @@ void rewrite_client_leases () + + if (leaseFile != NULL) + fclose (leaseFile); +- leaseFile = fopen (path_dhclient_db, "w"); ++ leaseFile = fopen (path_dhclient_db, "we"); + if (leaseFile == NULL) { + log_error ("can't create %s: %m", path_dhclient_db); + return; +@@ -2806,7 +2806,7 @@ write_duid(struct data_string *duid) + return ISC_R_INVALIDARG; + + if (leaseFile == NULL) { /* XXX? */ +- leaseFile = fopen(path_dhclient_db, "w"); ++ leaseFile = fopen(path_dhclient_db, "we"); + if (leaseFile == NULL) { + log_error("can't create %s: %m", path_dhclient_db); + return ISC_R_IOERROR; +@@ -2853,7 +2853,7 @@ write_client6_lease(struct client_state + return ISC_R_INVALIDARG; + + if (leaseFile == NULL) { /* XXX? */ +- leaseFile = fopen(path_dhclient_db, "w"); ++ leaseFile = fopen(path_dhclient_db, "we"); + if (leaseFile == NULL) { + log_error("can't create %s: %m", path_dhclient_db); + return ISC_R_IOERROR; +@@ -2956,7 +2956,7 @@ int write_client_lease (client, lease, r + return 1; + + if (leaseFile == NULL) { /* XXX */ +- leaseFile = fopen (path_dhclient_db, "w"); ++ leaseFile = fopen (path_dhclient_db, "we"); + if (leaseFile == NULL) { + log_error ("can't create %s: %m", path_dhclient_db); + return 0; +@@ -3402,9 +3402,9 @@ void go_daemon () + close(2); + + /* Reopen them on /dev/null. */ +- open("/dev/null", O_RDWR); +- open("/dev/null", O_RDWR); +- open("/dev/null", O_RDWR); ++ open("/dev/null", O_RDWR | O_CLOEXEC); ++ open("/dev/null", O_RDWR | O_CLOEXEC); ++ open("/dev/null", O_RDWR | O_CLOEXEC); + + write_client_pid_file (); + +@@ -3416,14 +3416,14 @@ void write_client_pid_file () + FILE *pf; + int pfdesc; + +- pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, 0644); ++ pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644); + + if (pfdesc < 0) { + log_error ("Can't create %s: %m", path_dhclient_pid); + return; + } + +- pf = fdopen (pfdesc, "w"); ++ pf = fdopen (pfdesc, "we"); + if (!pf) + log_error ("Can't fdopen %s: %m", path_dhclient_pid); + else { +diff -up dhcp-4.0.0/common/bpf.c.cloexec dhcp-4.0.0/common/bpf.c +--- dhcp-4.0.0/common/bpf.c.cloexec 2008-10-29 12:59:29.000000000 -1000 ++++ dhcp-4.0.0/common/bpf.c 2008-10-29 13:03:48.000000000 -1000 +@@ -94,7 +94,7 @@ int if_register_bpf (info) + for (b = 0; 1; b++) { + /* %Audit% 31 bytes max. %2004.06.17,Safe% */ + sprintf(filename, BPF_FORMAT, b); +- sock = open (filename, O_RDWR, 0); ++ sock = open (filename, O_RDWR | O_CLOEXEC, 0); + if (sock < 0) { + if (errno == EBUSY) { + continue; +diff -up dhcp-4.0.0/common/discover.c.cloexec dhcp-4.0.0/common/discover.c +--- dhcp-4.0.0/common/discover.c.cloexec 2007-10-05 12:29:51.000000000 -1000 ++++ dhcp-4.0.0/common/discover.c 2008-10-29 13:04:07.000000000 -1000 +@@ -388,7 +388,7 @@ begin_iface_scan(struct iface_conf_list + int len; + int i; + +- ifaces->fp = fopen("/proc/net/dev", "r"); ++ ifaces->fp = fopen("/proc/net/dev", "re"); + if (ifaces->fp == NULL) { + log_error("Error opening '/proc/net/dev' to list interfaces"); + return 0; +@@ -422,7 +422,7 @@ begin_iface_scan(struct iface_conf_list + } + + #ifdef DHCPv6 +- ifaces->fp6 = fopen("/proc/net/if_inet6", "r"); ++ ifaces->fp6 = fopen("/proc/net/if_inet6", "re"); + if (ifaces->fp6 == NULL) { + log_error("Error opening '/proc/net/if_inet6' to " + "list IPv6 interfaces; %m"); +diff -up dhcp-4.0.0/common/dlpi.c.cloexec dhcp-4.0.0/common/dlpi.c +--- dhcp-4.0.0/common/dlpi.c.cloexec 2008-10-29 12:59:29.000000000 -1000 ++++ dhcp-4.0.0/common/dlpi.c 2008-10-29 13:04:35.000000000 -1000 +@@ -795,7 +795,7 @@ dlpiopen(const char *ifname) { + } + *dp = '\0'; + +- return open (devname, O_RDWR, 0); ++ return open (devname, O_RDWR | O_CLOEXEC, 0); + } + + /* +diff -up dhcp-4.0.0/common/nit.c.cloexec dhcp-4.0.0/common/nit.c +--- dhcp-4.0.0/common/nit.c.cloexec 2008-10-29 12:59:29.000000000 -1000 ++++ dhcp-4.0.0/common/nit.c 2008-10-29 13:04:53.000000000 -1000 +@@ -81,7 +81,7 @@ int if_register_nit (info) + struct strioctl sio; + + /* Open a NIT device */ +- sock = open ("/dev/nit", O_RDWR); ++ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC); + if (sock < 0) + log_fatal ("Can't open NIT device for %s: %m", info -> name); + +diff -up dhcp-4.0.0/common/resolv.c.cloexec dhcp-4.0.0/common/resolv.c +--- dhcp-4.0.0/common/resolv.c.cloexec 2007-11-30 11:51:43.000000000 -1000 ++++ dhcp-4.0.0/common/resolv.c 2008-10-29 13:05:08.000000000 -1000 +@@ -48,7 +48,7 @@ void read_resolv_conf (parse_time) + struct name_server *sp, *sl, *ns; + struct domain_search_list *dp, *dl, *nd; + +- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) { ++ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) { + log_error ("Can't open %s: %m", path_resolv_conf); + return; + } +diff -up dhcp-4.0.0/common/upf.c.cloexec dhcp-4.0.0/common/upf.c +--- dhcp-4.0.0/common/upf.c.cloexec 2008-10-29 12:59:29.000000000 -1000 ++++ dhcp-4.0.0/common/upf.c 2008-10-29 13:05:27.000000000 -1000 +@@ -77,7 +77,7 @@ int if_register_upf (info) + /* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */ + sprintf(filename, "/dev/pf/pfilt%d", b); + +- sock = open (filename, O_RDWR, 0); ++ sock = open (filename, O_RDWR | O_CLOEXEC, 0); + if (sock < 0) { + if (errno == EBUSY) { + continue; +diff -up dhcp-4.0.0/dst/dst_api.c.cloexec dhcp-4.0.0/dst/dst_api.c +--- dhcp-4.0.0/dst/dst_api.c.cloexec 2007-11-30 11:51:43.000000000 -1000 ++++ dhcp-4.0.0/dst/dst_api.c 2008-10-29 13:06:22.000000000 -1000 +@@ -436,7 +436,7 @@ dst_s_write_private_key(const DST_KEY *k + PRIVATE_KEY, PATH_MAX); + + /* Do not overwrite an existing file */ +- if ((fp = dst_s_fopen(file, "w", 0600)) != NULL) { ++ if ((fp = dst_s_fopen(file, "we", 0600)) != NULL) { + int nn; + if ((nn = fwrite(encoded_block, 1, len, fp)) != len) { + EREPORT(("dst_write_private_key(): Write failure on %s %d != %d errno=%d\n", +@@ -493,7 +493,7 @@ dst_s_read_public_key(const char *in_nam + * flags, proto, alg stored as decimal (or hex numbers FIXME). + * (FIXME: handle parentheses for line continuation.) + */ +- if ((fp = dst_s_fopen(name, "r", 0)) == NULL) { ++ if ((fp = dst_s_fopen(name, "re", 0)) == NULL) { + EREPORT(("dst_read_public_key(): Public Key not found %s\n", + name)); + return (NULL); +@@ -615,7 +615,7 @@ dst_s_write_public_key(const DST_KEY *ke + return (0); + } + /* create public key file */ +- if ((fp = dst_s_fopen(filename, "w+", 0644)) == NULL) { ++ if ((fp = dst_s_fopen(filename, "w+e", 0644)) == NULL) { + EREPORT(("DST_write_public_key: open of file:%s failed (errno=%d)\n", + filename, errno)); + return (0); +@@ -849,7 +849,7 @@ dst_s_read_private_key_file(char *name, + return (0); + } + /* first check if we can find the key file */ +- if ((fp = dst_s_fopen(filename, "r", 0)) == NULL) { ++ if ((fp = dst_s_fopen(filename, "re", 0)) == NULL) { + EREPORT(("dst_s_read_private_key_file: Could not open file %s in directory %s\n", + filename, dst_path[0] ? dst_path : + (char *) getcwd(NULL, PATH_MAX - 1))); +diff -up dhcp-4.0.0/dst/prandom.c.cloexec dhcp-4.0.0/dst/prandom.c +--- dhcp-4.0.0/dst/prandom.c.cloexec 2007-11-30 11:51:43.000000000 -1000 ++++ dhcp-4.0.0/dst/prandom.c 2008-10-29 13:06:50.000000000 -1000 +@@ -267,7 +267,7 @@ get_dev_random(u_char *output, unsigned + + s = stat("/dev/random", &st); + if (s == 0 && S_ISCHR(st.st_mode)) { +- if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK)) != -1) { ++ if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK | O_CLOEXEC)) != -1) { + if ((n = read(fd, output, size)) < 0) + n = 0; + close(fd); +@@ -478,7 +478,7 @@ digest_file(dst_work *work) + work->file_digest = dst_free_key(work->file_digest); + return (0); + } +- if ((fp = fopen(name, "r")) == NULL) ++ if ((fp = fopen(name, "re")) == NULL) + return (0); + for (no = 0; (i = fread(buf, sizeof(*buf), sizeof(buf), fp)) > 0; + no += i) +diff -up dhcp-4.0.0/minires/res_init.c.cloexec dhcp-4.0.0/minires/res_init.c +--- dhcp-4.0.0/minires/res_init.c.cloexec 2007-10-01 04:47:35.000000000 -1000 ++++ dhcp-4.0.0/minires/res_init.c 2008-10-29 13:07:12.000000000 -1000 +@@ -234,7 +234,7 @@ minires_vinit(res_state statp, int prein + (line[sizeof(name) - 1] == ' ' || \ + line[sizeof(name) - 1] == '\t')) + +- if ((fp = fopen(_PATH_RESCONF, "r")) != NULL) { ++ if ((fp = fopen(_PATH_RESCONF, "re")) != NULL) { + /* read the config file */ + while (fgets(buf, sizeof(buf), fp) != NULL) { + /* skip comments */ +diff -up dhcp-4.0.0/minires/res_query.c.cloexec dhcp-4.0.0/minires/res_query.c +--- dhcp-4.0.0/minires/res_query.c.cloexec 2007-09-05 07:32:10.000000000 -1000 ++++ dhcp-4.0.0/minires/res_query.c 2008-10-29 13:07:30.000000000 -1000 +@@ -391,7 +391,7 @@ res_hostalias(const res_state statp, con + if (statp->options & RES_NOALIASES) + return (NULL); + file = getenv("HOSTALIASES"); +- if (file == NULL || (fp = fopen(file, "r")) == NULL) ++ if (file == NULL || (fp = fopen(file, "re")) == NULL) + return (NULL); + setbuf(fp, NULL); + buf[sizeof(buf) - 1] = '\0'; +diff -up dhcp-4.0.0/omapip/trace.c.cloexec dhcp-4.0.0/omapip/trace.c +--- dhcp-4.0.0/omapip/trace.c.cloexec 2007-07-12 20:43:42.000000000 -1000 ++++ dhcp-4.0.0/omapip/trace.c 2008-10-29 13:08:04.000000000 -1000 +@@ -140,10 +140,10 @@ isc_result_t trace_begin (const char *fi + return ISC_R_INVALIDARG; + } + +- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600); ++ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600); + if (traceoutfile < 0 && errno == EEXIST) { + log_error ("WARNING: Overwriting trace file \"%s\"", filename); +- traceoutfile = open (filename, O_WRONLY | O_EXCL, 0600); ++ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_CLOEXEC, 0600); + } + + if (traceoutfile < 0) { +@@ -429,7 +429,7 @@ void trace_file_replay (const char *file + isc_result_t result; + int len; + +- traceinfile = fopen (filename, "r"); ++ traceinfile = fopen (filename, "re"); + if (!traceinfile) { + log_error ("Can't open tracefile %s: %m", filename); + return; +diff -up dhcp-4.0.0/relay/dhcrelay.c.cloexec dhcp-4.0.0/relay/dhcrelay.c +--- dhcp-4.0.0/relay/dhcrelay.c.cloexec 2007-11-30 11:51:43.000000000 -1000 ++++ dhcp-4.0.0/relay/dhcrelay.c 2008-10-29 13:08:49.000000000 -1000 +@@ -112,11 +112,11 @@ main(int argc, char **argv) { + /* Make sure that file descriptors 0 (stdin), 1, (stdout), and + 2 (stderr) are open. To do this, we assume that when we + open a file the lowest available file descriptor is used. */ +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 0) +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 1) +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 2) + log_perror = 0; /* No sense logging to /dev/null. */ + else if (fd != -1) +@@ -288,12 +288,12 @@ main(int argc, char **argv) { + exit (0); + + pfdesc = open (path_dhcrelay_pid, +- O_CREAT | O_TRUNC | O_WRONLY, 0644); ++ O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644); + + if (pfdesc < 0) { + log_error ("Can't create %s: %m", path_dhcrelay_pid); + } else { +- pf = fdopen (pfdesc, "w"); ++ pf = fdopen (pfdesc, "we"); + if (!pf) + log_error ("Can't fdopen %s: %m", + path_dhcrelay_pid); +diff -up dhcp-4.0.0/server/confpars.c.cloexec dhcp-4.0.0/server/confpars.c +--- dhcp-4.0.0/server/confpars.c.cloexec 2008-10-29 12:59:28.000000000 -1000 ++++ dhcp-4.0.0/server/confpars.c 2008-10-29 13:09:17.000000000 -1000 +@@ -115,7 +115,7 @@ isc_result_t read_conf_file (const char + } + #endif + +- if ((file = open (filename, O_RDONLY)) < 0) { ++ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) { + if (leasep) { + log_error ("Can't open lease database %s: %m --", + path_dhcpd_db); +diff -up dhcp-4.0.0/server/db.c.cloexec dhcp-4.0.0/server/db.c +--- dhcp-4.0.0/server/db.c.cloexec 2007-10-05 12:29:51.000000000 -1000 ++++ dhcp-4.0.0/server/db.c 2008-10-29 13:09:39.000000000 -1000 +@@ -974,7 +974,7 @@ void db_startup (testp) + } + #endif + if (!testp) { +- db_file = fopen (path_dhcpd_db, "a"); ++ db_file = fopen (path_dhcpd_db, "ae"); + if (!db_file) + log_fatal ("Can't open %s for append.", path_dhcpd_db); + expire_all_pools (); +@@ -1022,12 +1022,12 @@ int new_lease_file () + path_dhcpd_db, (int)t) >= sizeof newfname) + log_fatal("new_lease_file: lease file path too long"); + +- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664); ++ db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0664); + if (db_fd < 0) { + log_error ("Can't create new lease file: %m"); + return 0; + } +- if ((new_db_file = fdopen(db_fd, "w")) == NULL) { ++ if ((new_db_file = fdopen(db_fd, "we")) == NULL) { + log_error("Can't fdopen new lease file: %m"); + close(db_fd); + goto fdfail; +diff -up dhcp-4.0.0/server/dhcpd.c.cloexec dhcp-4.0.0/server/dhcpd.c +--- dhcp-4.0.0/server/dhcpd.c.cloexec 2008-10-29 12:59:28.000000000 -1000 ++++ dhcp-4.0.0/server/dhcpd.c 2008-10-29 13:10:42.000000000 -1000 +@@ -225,11 +225,11 @@ main(int argc, char **argv) { + /* Make sure that file descriptors 0 (stdin), 1, (stdout), and + 2 (stderr) are open. To do this, we assume that when we + open a file the lowest available file descriptor is used. */ +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 0) +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 1) +- fd = open("/dev/null", O_RDWR); ++ fd = open("/dev/null", O_RDWR | O_CLOEXEC); + if (fd == 2) + log_perror = 0; /* No sense logging to /dev/null. */ + else if (fd != -1) +@@ -658,7 +658,7 @@ main(int argc, char **argv) { + } + + /* Read previous pid file. */ +- if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) { ++ if ((i = open (path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >= 0) { + status = read(i, pbuf, (sizeof pbuf) - 1); + close (i); + if (status > 0) { +@@ -676,7 +676,7 @@ main(int argc, char **argv) { + } + + /* Write new pid file. */ +- if ((i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644)) >= 0) { ++ if ((i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644)) >= 0) { + sprintf(pbuf, "%d\n", (int) getpid()); + write(i, pbuf, strlen(pbuf)); + close(i); +@@ -702,9 +702,9 @@ main(int argc, char **argv) { + close(2); + + /* Reopen them on /dev/null. */ +- open("/dev/null", O_RDWR); +- open("/dev/null", O_RDWR); +- open("/dev/null", O_RDWR); ++ open("/dev/null", O_RDWR | O_CLOEXEC); ++ open("/dev/null", O_RDWR | O_CLOEXEC); ++ open("/dev/null", O_RDWR | O_CLOEXEC); + log_perror = 0; /* No sense logging to /dev/null. */ + + chdir("/"); +diff -up dhcp-4.0.0/server/ldap.c.cloexec dhcp-4.0.0/server/ldap.c +--- dhcp-4.0.0/server/ldap.c.cloexec 2008-10-29 12:59:28.000000000 -1000 ++++ dhcp-4.0.0/server/ldap.c 2008-10-29 13:11:10.000000000 -1000 +@@ -685,7 +685,7 @@ ldap_start (void) + + if (ldap_debug_file != NULL && ldap_debug_fd == -1) + { +- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY, ++ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, + S_IRUSR | S_IWUSR)) < 0) + log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file, + strerror (errno)); diff --git a/dhcp-4.0.0-FD_CLOEXEC.patch b/dhcp-4.0.0-FD_CLOEXEC.patch deleted file mode 100644 index 9ad9190..0000000 --- a/dhcp-4.0.0-FD_CLOEXEC.patch +++ /dev/null @@ -1,133 +0,0 @@ -diff -up dhcp-4.0.0/client/dhclient.c.FD_CLOEXEC dhcp-4.0.0/client/dhclient.c ---- dhcp-4.0.0/client/dhclient.c.FD_CLOEXEC 2008-08-01 11:02:35.000000000 -1000 -+++ dhcp-4.0.0/client/dhclient.c 2008-08-01 11:14:01.000000000 -1000 -@@ -2696,6 +2696,7 @@ int leases_written = 0; - - void rewrite_client_leases () - { -+ int fd, flags; - struct interface_info *ip; - struct client_state *client; - struct client_lease *lp; -@@ -2708,6 +2709,23 @@ void rewrite_client_leases () - return; - } - -+ if ((fd = fileno(leaseFile)) == -1) { -+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno)); -+ return; -+ } -+ -+ if ((flags = fcntl(fd, F_GETFD)) == -1) { -+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno)); -+ return; -+ } -+ -+ flags |= FD_CLOEXEC; -+ -+ if (fcntl(fd, F_SETFD, flags) == -1) { -+ log_error ("failed to set close-on-exec for %s", path_dhclient_db); -+ return; -+ } -+ - /* If there is a default duid, write it out. */ - if (default_duid.len != 0) - write_duid(&default_duid); -@@ -2800,7 +2818,7 @@ static isc_result_t - write_duid(struct data_string *duid) - { - char *str; -- int stat; -+ int stat, flags, fd; - - if ((duid == NULL) || (duid->len <= 2)) - return ISC_R_INVALIDARG; -@@ -2811,6 +2829,23 @@ write_duid(struct data_string *duid) - log_error("can't create %s: %m", path_dhclient_db); - return ISC_R_IOERROR; - } -+ -+ if ((fd = fileno(leaseFile)) == -1) { -+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno)); -+ return ISC_R_IOERROR; -+ } -+ -+ if ((flags = fcntl(fd, F_GETFD)) == -1) { -+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno)); -+ return ISC_R_IOERROR; -+ } -+ -+ flags |= FD_CLOEXEC; -+ -+ if (fcntl(fd, F_SETFD, flags) == -1) { -+ log_error ("failed to set close-on-exec for %s", path_dhclient_db); -+ return ISC_R_IOERROR; -+ } - } - - /* It would make more sense to write this as a hex string, -@@ -2840,7 +2875,7 @@ write_client6_lease(struct client_state - { - struct dhc6_ia *ia; - struct dhc6_addr *addr; -- int stat; -+ int stat, flags, fd; - - /* This should include the current lease. */ - if (!rewrite && (leases_written++ > 20)) { -@@ -2858,6 +2893,23 @@ write_client6_lease(struct client_state - log_error("can't create %s: %m", path_dhclient_db); - return ISC_R_IOERROR; - } -+ -+ if ((fd = fileno(leaseFile)) == -1) { -+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno)); -+ return ISC_R_IOERROR; -+ } -+ -+ if ((flags = fcntl(fd, F_GETFD)) == -1) { -+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno)); -+ return ISC_R_IOERROR; -+ } -+ -+ flags |= FD_CLOEXEC; -+ -+ if (fcntl(fd, F_SETFD, flags) == -1) { -+ log_error ("failed to set close-on-exec for %s", path_dhclient_db); -+ return ISC_R_IOERROR; -+ } - } - - stat = fprintf(leaseFile, "lease6 {\n"); -@@ -2940,6 +2992,7 @@ int write_client_lease (client, lease, r - { - struct data_string ds; - int errors = 0; -+ int flags, fd; - char *s; - const char *tval; - -@@ -2961,6 +3014,23 @@ int write_client_lease (client, lease, r - log_error ("can't create %s: %m", path_dhclient_db); - return 0; - } -+ -+ if ((fd = fileno(leaseFile)) == -1) { -+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno)); -+ return ISC_R_IOERROR; -+ } -+ -+ if ((flags = fcntl(fd, F_GETFD)) == -1) { -+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno)); -+ return ISC_R_IOERROR; -+ } -+ -+ flags |= FD_CLOEXEC; -+ -+ if (fcntl(fd, F_SETFD, flags) == -1) { -+ log_error ("failed to set close-on-exec for %s", path_dhclient_db); -+ return ISC_R_IOERROR; -+ } - } - - errno = 0; diff --git a/dhcp.spec b/dhcp.spec index 1cb324b..f07bdea 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -4,7 +4,7 @@ Summary: DHCP (Dynamic Host Configuration Protocol) server and relay agent Name: dhcp Version: 4.0.0 -Release: 20%{?dist} +Release: 21%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -43,7 +43,7 @@ Patch13: %{name}-4.0.0-dhclient-anycast.patch Patch14: %{name}-4.0.0-manpages.patch Patch15: %{name}-4.0.0-paths.patch Patch16: %{name}-4.0.0-NetworkManager-crash.patch -Patch17: %{name}-4.0.0-FD_CLOEXEC.patch +Patch17: %{name}-4.0.0-CLOEXEC.patch Patch18: %{name}-4.0.0-libdhcp4client.patch Patch19: %{name}-4.0.0-inherit-leases.patch Patch20: %{name}-4.0.0-garbage-chars.patch @@ -259,7 +259,7 @@ autoheader automake --foreign --add-missing --copy %build -CFLAGS="%{optflags} -fPIC" \ +CFLAGS="%{optflags} -fPIC -D_GNU_SOURCE" \ %configure \ --disable-dhcpv6 \ --with-srv-lease-file=%{_localstatedir}/lib/dhcpd/dhcpd.leases \ @@ -430,6 +430,10 @@ fi %{_libdir}/libdhcp4client.so %changelog +* Wed Oct 29 2008 David Cantrell - 12:4.0.0-21 +- Use O_CLOEXEC in open(2) calls and "e" mode in fopen(3) calls, build + with -D_GNU_SOURCE so we pick up O_CLOEXEC (#468938) + * Wed Oct 01 2008 David Cantrell - 12:4.0.0-20 - Make sure /etc/resolv.conf has restorecon run on it (#451560) diff --git a/linux b/linux index 5784f50..2c4e879 100755 --- a/linux +++ b/linux @@ -73,7 +73,9 @@ make_resolv_conf() { rm -f $rscf if [ -x /sbin/restorecon ]; then - /sbin/restorecon /etc/resolv.conf >/dev/null 2>&1 + for resolvfile in /etc/resolv.conf* ; do + /sbin/restorecon $resolvfile >/dev/null 2>&1 + done fi fi }