Do not let sockets be inherited by sub-processes

Set FD_CLOEXEC flag on tunnel and UDP file descriptors. Fixes ticket #99, "should not allow UDP socket to be inherited by ifconfig"
2014-06-04 17:40:36 +09:00 · 2014-06-04 17:40:36 +09:00 · 3fadbfb580
parent a23899513d
commit 3fadbfb580
4 changed files with 25 additions and 0 deletions
--- a/1
+++ b/1
@ -23,6 +23,7 @@ master:
 	- A number of minor patches from Frank Denis, Gregor Herrmann and
 		Barak A. Pearlmutter.
 	- Testcase compilation fixes for OS X and FreeBSD
+	- Do not let sockets be inherited by sub-processes, fixes #99.

 2010-02-06: 0.6.0-rc1 "Hotspotify"
 	- Fixed tunnel not working on Windows.
--- a/src/common.c
+++ b/src/common.c
@ -189,6 +189,8 @@ open_dns(struct sockaddr_storage *sockaddr, size_t sockaddr_len)
 #ifndef WINDOWS32
 	/* To get destination address from each UDP datagram, see iodined.c:read_dns() */
 	setsockopt(fd, IPPROTO_IP, DSTADDR_SOCKOPT, (const void*) &flag, sizeof(flag));
+
+	fd_set_close_on_exec(fd);
 #endif

 #ifdef IP_OPT_DONT_FRAG
@ -461,3 +463,19 @@ int recent_seqno(int ourseqno, int gotseqno)
 	}
 	return 0;
 }
+
+/* Set FD_CLOEXEC flag on file descriptor.
+ * This stops it from being inherited by system() calls.
+ */
+void
+fd_set_close_on_exec(int fd)
+{
+	int flags;
+
+	flags = fcntl(fd, F_GETFD);
+	if (flags == -1)
+		err(4, "Failed to get fd flags");
+	flags |= FD_CLOEXEC;
+	if (fcntl(fd, F_SETFD, flags) == -1)
+		err(4, "Failed to set fd flags");
+}
--- a/src/common.h
+++ b/src/common.h
@ -136,4 +136,6 @@ void warnx(const char *fmt, ...);

 int recent_seqno(int , int);

+void fd_set_close_on_exec(int fd);
+
 #endif
--- a/src/tun.c
+++ b/src/tun.c
@ -98,6 +98,7 @@ open_tun(const char *tun_device)

 		if (ioctl(tun_fd, TUNSETIFF, (void *) &ifreq) != -1) {
 			fprintf(stderr, "Opened %s\n", ifreq.ifr_name);
+			fd_set_close_on_exec(tun_fd);
 			return tun_fd;
 		}

@ -112,6 +113,7 @@ open_tun(const char *tun_device)
 			if (ioctl(tun_fd, TUNSETIFF, (void *) &ifreq) != -1) {
 				fprintf(stderr, "Opened %s\n", ifreq.ifr_name);
 				snprintf(if_name, sizeof(if_name), "dns%d", i);
+				fd_set_close_on_exec(tun_fd);
 				return tun_fd;
 			}

@ -147,6 +149,7 @@ open_tun(const char *tun_device)
 		}

 		fprintf(stderr, "Opened %s\n", tun_name);
+		fd_set_close_on_exec(tun_fd);
 		return tun_fd;
 	} else {
 		for (i = 0; i < TUN_MAX_TRY; i++) {
@ -155,6 +158,7 @@ open_tun(const char *tun_device)
 			if ((tun_fd = open(tun_name, O_RDWR)) >= 0) {
 				fprintf(stderr, "Opened %s\n", tun_name);
 				snprintf(if_name, sizeof(if_name), "tun%d", i);
+				fd_set_close_on_exec(tun_fd);
 				return tun_fd;
 			}