blob: 011a8e7cba640eadd27d060eeabab3a344e27a4c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
Description: Set socket's FD_CLOEXEC flag before calling up script
Moving the set_cloexec() call from link_socket_init_phase2() to
link_socket_init_phase1().
Author: Julien Cristau <jcristau@debian.org>
Bug-Debian: http://bugs.debian.org/367716
Index: openvpn-2.2.0/socket.c
===================================================================
--- openvpn-2.2.0.orig/socket.c 2011-04-21 21:13:34.000000000 +0200
+++ openvpn-2.2.0/socket.c 2011-05-10 16:18:35.300018716 +0200
@@ -1327,6 +1327,10 @@
resolve_bind_local (sock);
resolve_remote (sock, 1, NULL, NULL);
}
+
+ /* set socket file descriptor to not pass across execs, so that
+ scripts don't have access to it */
+ set_cloexec (sock->sd);
}
/* finalize socket initialization */
@@ -1532,10 +1536,6 @@
/* set socket to non-blocking mode */
set_nonblock (sock->sd);
- /* set socket file descriptor to not pass across execs, so that
- scripts don't have access to it */
- set_cloexec (sock->sd);
-
#ifdef ENABLE_SOCKS
if (socket_defined (sock->ctrl_sd))
set_cloexec (sock->ctrl_sd);
|
