Search
j0ke.net Open Build Service
>
Projects
>
home:netmax
:
monitoring
>
openssl1
> openssl-ocloexec.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File openssl-ocloexec.patch of Package openssl1
--- crypto/bio/b_sock.c.orig +++ crypto/bio/b_sock.c @@ -735,7 +735,7 @@ int BIO_get_accept_socket(char *host, in } again: - s=socket(server.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL); + s=socket(server.sa.sa_family,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL); if (s == INVALID_SOCKET) { SYSerr(SYS_F_SOCKET,get_last_socket_error()); @@ -784,7 +784,7 @@ again: } else goto err; } - cs=socket(client.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL); + cs=socket(client.sa.sa_family,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL); if (cs != INVALID_SOCKET) { int ii; --- crypto/bio/bss_conn.c.orig +++ crypto/bio/bss_conn.c @@ -209,7 +209,7 @@ static int conn_state(BIO *b, BIO_CONNEC c->them.sin_addr.s_addr=htonl(l); c->state=BIO_CONN_S_CREATE_SOCKET; - ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); + ret=socket(AF_INET,SOCK_STREAM|SOCK_CLOEXEC,SOCKET_PROTOCOL); if (ret == INVALID_SOCKET) { SYSerr(SYS_F_SOCKET,get_last_socket_error()); --- crypto/bio/bss_dgram.c.orig +++ crypto/bio/bss_dgram.c @@ -999,7 +999,7 @@ static int dgram_sctp_read(BIO *b, char msg.msg_control = cmsgbuf; msg.msg_controllen = 512; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, 0); + n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC); if (msg.msg_controllen > 0) { @@ -1560,7 +1560,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b) msg.msg_controllen = 0; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, MSG_PEEK); + n = recvmsg(b->num, &msg, MSG_PEEK| MSG_CMSG_CLOEXEC); if (n <= 0) { if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK)) @@ -1583,7 +1583,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b) msg.msg_controllen = 0; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, 0); + n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC); if (n <= 0) { if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK)) @@ -1644,7 +1644,7 @@ int BIO_dgram_sctp_wait_for_dry(BIO *b) fcntl(b->num, F_SETFL, O_NONBLOCK); } - n = recvmsg(b->num, &msg, MSG_PEEK); + n = recvmsg(b->num, &msg, MSG_PEEK | MSG_CMSG_CLOEXEC); if (is_dry) { @@ -1688,7 +1688,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b) sockflags = fcntl(b->num, F_GETFL, 0); fcntl(b->num, F_SETFL, O_NONBLOCK); - n = recvmsg(b->num, &msg, MSG_PEEK); + n = recvmsg(b->num, &msg, MSG_PEEK | MSG_CMSG_CLOEXEC); fcntl(b->num, F_SETFL, sockflags); /* if notification, process and try again */ @@ -1709,7 +1709,7 @@ int BIO_dgram_sctp_msg_waiting(BIO *b) msg.msg_control = NULL; msg.msg_controllen = 0; msg.msg_flags = 0; - n = recvmsg(b->num, &msg, 0); + n = recvmsg(b->num, &msg, MSG_CMSG_CLOEXEC); if (data->handle_notifications != NULL) data->handle_notifications(b, data->notification_context, (void*) &snp); --- crypto/bio/bss_file.c.orig +++ crypto/bio/bss_file.c @@ -120,6 +120,10 @@ BIO *BIO_new_file(const char *filename, { BIO *ret; FILE *file=NULL; + size_t modelen = strlen (mode); + char newmode[modelen + 2]; + + memcpy (mempcpy (newmode, mode, modelen), "e", 2); #if defined(_WIN32) && defined(CP_UTF8) int sz, len_0 = (int)strlen(filename)+1; @@ -162,7 +166,7 @@ BIO *BIO_new_file(const char *filename, file = fopen(filename,mode); } #else - file=fopen(filename,mode); + file=fopen(filename,newmode); #endif if (file == NULL) { @@ -275,7 +279,7 @@ static long MS_CALLBACK file_ctrl(BIO *b long ret=1; FILE *fp=(FILE *)b->ptr; FILE **fpp; - char p[4]; + char p[5]; switch (cmd) { @@ -392,6 +396,8 @@ static long MS_CALLBACK file_ctrl(BIO *b else strcat(p,"t"); #endif + strcat(p, "e"); + fp=fopen(ptr,p); if (fp == NULL) { --- crypto/rand/rand_unix.c.orig +++ crypto/rand/rand_unix.c @@ -262,7 +262,7 @@ int RAND_poll(void) for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) && (n < ENTROPY_NEEDED); i++) { - if ((fd = open(randomfiles[i], O_RDONLY + if ((fd = open(randomfiles[i], O_RDONLY | O_CLOEXEC #ifdef O_NONBLOCK |O_NONBLOCK #endif --- crypto/rand/randfile.c.orig +++ crypto/rand/randfile.c @@ -134,7 +134,7 @@ int RAND_load_file(const char *file, lon #ifdef OPENSSL_SYS_VMS in=vms_fopen(file,"rb",VMS_OPEN_ATTRS); #else - in=fopen(file,"rb"); + in=fopen(file,"rbe"); #endif if (in == NULL) goto err; #if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO) @@ -207,7 +207,7 @@ int RAND_write_file(const char *file) #endif /* chmod(..., 0600) is too late to protect the file, * permissions should be restrictive from the start */ - int fd = open(file, O_WRONLY|O_CREAT|O_BINARY, 0600); + int fd = open(file, O_WRONLY|O_CREAT|O_BINARY|O_CLOEXEC, 0600); if (fd != -1) out = fdopen(fd, "wb"); } @@ -238,7 +238,7 @@ int RAND_write_file(const char *file) out = vms_fopen(file,"wb",VMS_OPEN_ATTRS); #else if (out == NULL) - out = fopen(file,"wb"); + out = fopen(file,"wbe"); #endif if (out == NULL) goto err;