1
0
mirror of https://github.com/openbsd/src.git synced 2024-12-22 16:42:56 -08:00

Use closefrom(4) in privsep parent and avoid some global file

descriptor variables in syslogd(8) this way.
OK rzalamena@
This commit is contained in:
bluhm 2016-10-16 22:00:14 +00:00
parent b895f220d3
commit f379a153d3
3 changed files with 10 additions and 31 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: privsep.c,v 1.62 2016/10/06 13:03:47 bluhm Exp $ */
/* $OpenBSD: privsep.c,v 1.63 2016/10/16 22:00:14 bluhm Exp $ */
/*
* Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org>
@ -139,31 +139,11 @@ priv_init(int lockfd, int nullfd, int argc, char *argv[])
if (nullfd > 2)
close(nullfd);
/* Close descriptors that only the unpriv child needs */
if (fd_ctlconn != -1)
close(fd_ctlconn);
if (fd_ctlsock != -1)
close(fd_ctlsock);
if (fd_klog != -1)
close(fd_klog);
if (fd_sendsys != -1)
close(fd_sendsys);
if (fd_udp != -1)
close(fd_udp);
if (fd_udp6 != -1)
close(fd_udp6);
if (fd_bind != -1)
close(fd_bind);
if (fd_listen != -1)
close(fd_listen);
if (fd_tls != -1)
close(fd_tls);
for (i = 0; i < nunix; i++)
if (fd_unix[i] != -1)
close(fd_unix[i]);
if (dup3(socks[0], 3, 0) == -1)
err(1, "dup3 priv sock failed");
if (closefrom(4) == -1)
err(1, "closefrom 4 failed");
snprintf(childnum, sizeof(childnum), "%d", child_pid);
if ((privargv = reallocarray(NULL, argc + 3, sizeof(char *))) == NULL)
err(1, "alloc priv argv failed");

View File

@ -1,4 +1,4 @@
/* $OpenBSD: syslogd.c,v 1.218 2016/10/06 13:03:47 bluhm Exp $ */
/* $OpenBSD: syslogd.c,v 1.219 2016/10/16 22:00:14 bluhm Exp $ */
/*
* Copyright (c) 1983, 1988, 1993, 1994
@ -279,9 +279,8 @@ size_t ctl_reply_offset = 0; /* Number of bytes of reply written so far */
char *linebuf;
int linesize;
int fd_ctlsock, fd_ctlconn, fd_klog, fd_sendsys, fd_udp, fd_udp6,
fd_bind, fd_listen, fd_tls, fd_unix[MAXUNIX];
struct event *ev_ctlaccept, *ev_ctlread, *ev_ctlwrite;
int fd_ctlconn, fd_udp, fd_udp6, fd_tls;
struct event *ev_ctlaccept, *ev_ctlread, *ev_ctlwrite;
struct peer {
struct buffertls p_buftls;
@ -359,6 +358,8 @@ main(int argc, char *argv[])
char *p;
int ch, i;
int lockpipe[2] = { -1, -1}, pair[2], nullfd, fd;
int fd_ctlsock, fd_klog, fd_sendsys, fd_bind, fd_listen;
int fd_unix[MAXUNIX];
while ((ch = getopt(argc, argv, "46a:C:c:dFf:hK:k:m:nP:p:S:s:T:U:uVZ"))
!= -1)

View File

@ -1,4 +1,4 @@
/* $OpenBSD: syslogd.h,v 1.24 2016/10/06 13:03:47 bluhm Exp $ */
/* $OpenBSD: syslogd.h,v 1.25 2016/10/16 22:00:14 bluhm Exp $ */
/*
* Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org>
@ -46,8 +46,6 @@ int receive_fd(int);
extern int nunix;
extern char *path_unix[MAXUNIX];
extern char *path_ctlsock;
extern int fd_ctlsock, fd_ctlconn, fd_klog, fd_sendsys;
extern int fd_udp, fd_udp6, fd_bind, fd_listen, fd_tls, fd_unix[MAXUNIX];
#define MAXLINE 8192 /* maximum line length */
#define ERRBUFSIZE 256