set FD_CLOEXEC in NSS and PAM modules to ensure that nslcd file descriptor is not leaked to child processes (r1821 from 0.8)

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.7@1860 ef36b2f9-881f-0410-afb5-c4e39611909c
author: Arthur de Jong <arthur@arthurdejong.org> 2012-12-14 17:36:54 +0100
committer: Arthur de Jong <arthur@arthurdejong.org> 2012-12-14 17:36:54 +0100
commit: 388969bb2f9478766f3d4cecc722d205e5fc2279 (patch)
tree: f13223e38dda147e9902b07de3ae5b6e3723e7da
parent: abf03bc54032beeff95b1b8634cc005137e11f32 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/common/nslcd-prot.c b/common/nslcd-prot.c
index 102a6df..5f52552 100644
--- a/common/nslcd-prot.c
+++ b/common/nslcd-prot.c
@@ -33,6 +33,7 @@
 #include <sys/stat.h>
 #include <errno.h>
 #include <string.h>
+#include <fcntl.h>
 
 #include "nslcd.h"
 #include "nslcd-prot.h"
@@ -57,6 +58,7 @@ TFILE *nslcd_client_open()
   struct sockaddr_un addr;
   struct timeval readtimeout,writetimeout;
   TFILE *fp;
+  int flags;
   /* create a socket */
   if ( (sock=socket(PF_UNIX,SOCK_STREAM,0))<0 )
     return NULL;
@@ -65,6 +67,10 @@ TFILE *nslcd_client_open()
   addr.sun_family=AF_UNIX;
   strncpy(addr.sun_path,NSLCD_SOCKET,sizeof(addr.sun_path));
   addr.sun_path[sizeof(addr.sun_path)-1]='\0';
+  /* close the file descriptor on exec (ignore errors) */
+  flags=fcntl(sock,F_GETFL);
+  if (flags>=0)
+    (void)fcntl(sock,F_SETFD,flags|FD_CLOEXEC);
   /* connect to the socket */
   if (connect(sock,(struct sockaddr *)&addr,(socklen_t)sizeof(struct sockaddr_un))<0)
   {
author	Arthur de Jong <arthur@arthurdejong.org>	2012-12-14 17:36:54 +0100
committer	Arthur de Jong <arthur@arthurdejong.org>	2012-12-14 17:36:54 +0100
commit	388969bb2f9478766f3d4cecc722d205e5fc2279 (patch)
tree	f13223e38dda147e9902b07de3ae5b6e3723e7da
parent	abf03bc54032beeff95b1b8634cc005137e11f32 (diff)