src/patches/ppp/ppp-2.5.0-1-we-don-t-want-to-accidentally-leak-fds.patch

   1 diff -Naur pppd.orig/auth.c pppd/auth.c
   2 --- pppd.orig/auth.c    2023-03-25 05:38:30.000000000 +0100
   3 +++ pppd/auth.c 2023-06-30 12:38:13.748482796 +0200
   4 @@ -518,7 +518,7 @@
   5          free(fname);
   6         return 0;
   7      }
   8 -    ufile = fopen(fname, "r");
   9 +    ufile = fopen(fname, "re");
  10      if (seteuid(euid) == -1)
  11         fatal("unable to regain privileges: %m");
  12      if (ufile == NULL) {
  13 @@ -1535,7 +1535,7 @@
  14      filename = PPP_PATH_UPAPFILE;
  15      addrs = opts = NULL;
  16      ret = UPAP_AUTHNAK;
  17 -    f = fopen(filename, "r");
  18 +    f = fopen(filename, "re");
  19      if (f == NULL) {
  20         error("Can't open PAP password file %s: %m", filename);
  21
  22 @@ -1635,7 +1635,7 @@
  23      if (ret <= 0) {
  24         filename = PPP_PATH_UPAPFILE;
  25         addrs = NULL;
  26 -       f = fopen(filename, "r");
  27 +       f = fopen(filename, "re");
  28         if (f == NULL)
  29             return 0;
  30         check_access(f, filename);
  31 @@ -1681,7 +1681,7 @@
  32      }
  33
  34      filename = PPP_PATH_UPAPFILE;
  35 -    f = fopen(filename, "r");
  36 +    f = fopen(filename, "re");
  37      if (f == NULL)
  38         return 0;
  39      check_access(f, filename);
  40 @@ -1718,7 +1718,7 @@
  41      }
  42
  43      filename = PPP_PATH_UPAPFILE;
  44 -    f = fopen(filename, "r");
  45 +    f = fopen(filename, "re");
  46      if (f == NULL)
  47         return 0;
  48
  49 @@ -1760,7 +1760,7 @@
  50      }
  51
  52      filename = PPP_PATH_CHAPFILE;
  53 -    f = fopen(filename, "r");
  54 +    f = fopen(filename, "re");
  55      if (f == NULL)
  56         return 0;
  57
  58 @@ -1798,7 +1798,7 @@
  59      struct wordlist *addrs;
  60
  61      filename = PPP_PATH_SRPFILE;
  62 -    f = fopen(filename, "r");
  63 +    f = fopen(filename, "re");
  64      if (f == NULL)
  65         return 0;
  66
  67 @@ -1849,7 +1849,7 @@
  68         addrs = NULL;
  69         secbuf[0] = 0;
  70
  71 -       f = fopen(filename, "r");
  72 +       f = fopen(filename, "re");
  73         if (f == NULL) {
  74             error("Can't open chap secret file %s: %m", filename);
  75             return 0;
  76 @@ -1902,7 +1902,7 @@
  77         filename = PPP_PATH_SRPFILE;
  78         addrs = NULL;
  79
  80 -       fp = fopen(filename, "r");
  81 +       fp = fopen(filename, "re");
  82         if (fp == NULL) {
  83             error("Can't open srp secret file %s: %m", filename);
  84             return 0;
  85 @@ -2291,7 +2291,7 @@
  86              */
  87             if (word[0] == '@' && word[1] == '/') {
  88                 strlcpy(atfile, word+1, sizeof(atfile));
  89 -               if ((sf = fopen(atfile, "r")) == NULL) {
  90 +               if ((sf = fopen(atfile, "re")) == NULL) {
  91                     warn("can't open indirect secret file %s", atfile);
  92                     continue;
  93                 }
  94 @@ -2461,7 +2461,7 @@
  95      char pkfile[MAXWORDLEN];
  96
  97      filename = PPP_PATH_EAPTLSSERVFILE;
  98 -    f = fopen(filename, "r");
  99 +    f = fopen(filename, "re");
 100      if (f == NULL)
 101                 return 0;
 102
 103 @@ -2518,7 +2518,7 @@
 104                 return 1;
 105
 106      filename = PPP_PATH_EAPTLSCLIFILE;
 107 -    f = fopen(filename, "r");
 108 +    f = fopen(filename, "re");
 109      if (f == NULL)
 110                 return 0;
 111
 112 @@ -2738,7 +2738,7 @@
 113                 filename = (am_server ? PPP_PATH_EAPTLSSERVFILE : PPP_PATH_EAPTLSCLIFILE);
 114                 addrs = NULL;
 115
 116 -               fp = fopen(filename, "r");
 117 +               fp = fopen(filename, "re");
 118                 if (fp == NULL)
 119                 {
 120                         error("Can't open eap-tls secret file %s: %m", filename);
 121 diff -Naur pppd.orig/options.c pppd/options.c
 122 --- pppd.orig/options.c 2023-03-25 05:38:30.000000000 +0100
 123 +++ pppd/options.c      2023-06-30 12:42:19.262593140 +0200
 124 @@ -555,7 +555,7 @@
 125         ppp_option_error("unable to drop privileges to open %s: %m", filename);
 126         return 0;
 127      }
 128 -    f = fopen(filename, "r");
 129 +    f = fopen(filename, "re");
 130      err = errno;
 131      if (check_prot && seteuid(euid) == -1)
 132         fatal("unable to regain privileges");
 133 diff -Naur pppd.orig/sys-linux.c pppd/sys-linux.c
 134 --- pppd.orig/sys-linux.c       2023-03-10 02:50:41.000000000 +0100
 135 +++ pppd/sys-linux.c    2023-06-30 12:43:20.634453475 +0200
 136 @@ -1978,7 +1978,7 @@
 137         /* Default the mount location of /proc */
 138         strlcpy (proc_path, "/proc", sizeof(proc_path));
 139         proc_path_len = 5;
 140 -       fp = fopen(MOUNTED, "r");
 141 +       fp = fopen(MOUNTED, "re");
 142         if (fp != NULL) {
 143             while ((mntent = getmntent(fp)) != NULL) {
 144                 if (strcmp(mntent->mnt_type, MNTTYPE_IGNORE) == 0)
 145 @@ -2038,7 +2038,7 @@
 146      close_route_table();
 147
 148      path = path_to_procfs("/net/route");
 149 -    route_fd = fopen (path, "r");
 150 +    route_fd = fopen (path, "re");
 151      if (route_fd == NULL) {
 152         error("can't open routing table %s: %m", path);
 153         return 0;
 154 @@ -2322,7 +2322,7 @@
 155      close_route_table();
 156
 157      path = path_to_procfs("/net/ipv6_route");
 158 -    route_fd = fopen (path, "r");
 159 +    route_fd = fopen (path, "re");
 160      if (route_fd == NULL) {
 161         error("can't open routing table %s: %m", path);
 162         return 0;