From: Fredrik Tolf <fredrik@dolda2000.com>
Date: Tue, 8 Mar 2011 23:49:28 +0000 (+0100)
Subject: Try to use FD_CLOEXEC instead of mass-closing everywhere.
X-Git-Tag: 0.7~1^2~3
X-Git-Url: http://www.dolda2000.com/gitweb/?p=ashd.git;a=commitdiff_plain;h=470938bdc9149ae9c7befd0cd983f46fcc056192

Try to use FD_CLOEXEC instead of mass-closing everywhere.
---

diff --git a/lib/mtio.c b/lib/mtio.c
index b594f0d..e4166f5 100644
--- a/lib/mtio.c
+++ b/lib/mtio.c
@@ -180,6 +180,7 @@ void ioloop(void)
     time_t now, timeout;
     
     epfd = epoll_create(128);
+    fcntl(epfd, F_SETFD, FD_CLOEXEC);
     for(bl = blockers; bl; bl = nbl) {
 	nbl = bl->n;
 	if(regfd(bl))
diff --git a/lib/proc.c b/lib/proc.c
index 8646434..2c05608 100644
--- a/lib/proc.c
+++ b/lib/proc.c
@@ -22,6 +22,7 @@
 #include <sys/socket.h>
 #include <errno.h>
 #include <ctype.h>
+#include <fcntl.h>
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
@@ -33,7 +34,6 @@
 
 int stdmkchild(char **argv, void (*chinit)(void *), void *idata)
 {
-    int i;
     pid_t pid;
     int fd[2];
     
@@ -44,17 +44,15 @@ int stdmkchild(char **argv, void (*chinit)(void *), void *idata)
     if(pid == 0) {
 	if(chinit != NULL)
 	    chinit(idata);
-	for(i = 3; i < FD_SETSIZE; i++) {
-	    if(i != fd[0])
-		close(i);
-	}
 	dup2(fd[0], 0);
 	close(fd[0]);
+	close(fd[1]);
 	execvp(argv[0], argv);
 	flog(LOG_WARNING, "could not exec child program %s: %s", argv[0], strerror(errno));
 	exit(127);
     }
     close(fd[0]);
+    fcntl(fd[1], F_SETFD, FD_CLOEXEC);
     return(fd[1]);
 }
 
@@ -141,8 +139,7 @@ pid_t stdforkserve(char **argv, struct hthead *req, int fd, void (*chinit)(void
 	
 	dup2(fd, 0);
 	dup2(fd, 1);
-	for(i = 3; i < FD_SETSIZE; i++)
-	    close(i);
+	close(fd);
 	
 	bufinit(args);
 	for(i = 0; argv[i]; i++)
diff --git a/lib/req.c b/lib/req.c
index 64944bf..a3e7273 100644
--- a/lib/req.c
+++ b/lib/req.c
@@ -23,6 +23,7 @@
 #include <errno.h>
 #include <ctype.h>
 #include <stdio.h>
+#include <fcntl.h>
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
@@ -254,6 +255,7 @@ int recvreq(int sock, struct hthead **reqp)
     if((fd = recvfd(sock, &buf.b, &buf.d)) < 0) {
 	return(-1);
     }
+    fcntl(fd, F_SETFD, FD_CLOEXEC);
     buf.s = buf.d;
     p = buf.b;
     l = buf.d;
diff --git a/src/accesslog.c b/src/accesslog.c
index 5aa2574..02e5f1a 100644
--- a/src/accesslog.c
+++ b/src/accesslog.c
@@ -342,6 +342,7 @@ int main(int argc, char **argv)
 	    }
 	}
     }
+    fcntl(fileno(out), F_SETFD, FD_CLOEXEC);
     if((ch = stdmkchild(argv + optind + 1, NULL, NULL)) < 0) {
 	flog(LOG_ERR, "accesslog: could not fork child: %s", strerror(errno));
 	exit(1);
diff --git a/src/plaintcp.c b/src/plaintcp.c
index cf46b29..321be41 100644
--- a/src/plaintcp.c
+++ b/src/plaintcp.c
@@ -22,6 +22,7 @@
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
+#include <fcntl.h>
 #include <errno.h>
 #include <string.h>
 
@@ -68,6 +69,7 @@ int listensock4(int port)
 	close(fd);
 	return(-1);
     }
+    fcntl(fd, F_SETFD, FD_CLOEXEC);
     return(fd);
 }
 
@@ -92,6 +94,7 @@ int listensock6(int port)
 	close(fd);
 	return(-1);
     }
+    fcntl(fd, F_SETFD, FD_CLOEXEC);
     return(fd);
 }
 
diff --git a/src/userplex.c b/src/userplex.c
index 3a2da87..b66490f 100644
--- a/src/userplex.c
+++ b/src/userplex.c
@@ -112,7 +112,7 @@ static int forkchild(char *usrnm)
 {
     struct passwd *pwd;
     pid_t pid;
-    int i, fd[2];
+    int fd[2];
     
     /* XXX: There should be a way for the child to report errors (like
      * 404 when htpub doesn't exist), but for now I don't bother with
@@ -126,17 +126,15 @@ static int forkchild(char *usrnm)
     if((pid = fork()) < 0)
 	return(-1);
     if(pid == 0) {
-	for(i = 3; i < FD_SETSIZE; i++) {
-	    if(i != fd[0])
-		close(i);
-	}
 	dup2(fd[0], 0);
 	close(fd[0]);
+	close(fd[1]);
 	login(pwd);
 	execchild(pwd);
 	exit(127);
     }
     close(fd[0]);
+    fcntl(fd[1], F_SETFD, FD_CLOEXEC);
     return(fd[1]);
 }