1 diff -Naur pppd.orig/plugins/pppoatm/pppoatm.c pppd/plugins/pppoatm/pppoatm.c
2 --- pppd.orig/plugins/pppoatm/pppoatm.c 2023-03-25 05:38:30.000000000 +0100
3 +++ pppd/plugins/pppoatm/pppoatm.c 2023-06-30 13:21:33.397378347 +0200
7 no_device_given_pppoatm();
8 - fd = socket(AF_ATMPVC, SOCK_DGRAM, 0);
9 + fd = socket(AF_ATMPVC, SOCK_DGRAM | SOCK_CLOEXEC, 0);
11 fatal("failed to create socket: %m");
12 memset(&qos, 0, sizeof qos);
13 diff -Naur pppd.orig/plugins/pppoe/if.c pppd/plugins/pppoe/if.c
14 --- pppd.orig/plugins/pppoe/if.c 2022-12-30 02:12:39.000000000 +0100
15 +++ pppd/plugins/pppoe/if.c 2023-06-30 13:24:11.372183452 +0200
20 - if ((fd = socket(domain, stype, htons(type))) < 0) {
21 + if ((fd = socket(domain, stype | SOCK_CLOEXEC, htons(type))) < 0) {
22 /* Give a more helpful message for the common error case */
24 fatal("Cannot create raw socket -- pppoe must be run as root.");
25 diff -Naur pppd.orig/plugins/pppoe/plugin.c pppd/plugins/pppoe/plugin.c
26 --- pppd.orig/plugins/pppoe/plugin.c 2023-03-25 05:38:30.000000000 +0100
27 +++ pppd/plugins/pppoe/plugin.c 2023-06-30 13:25:58.798782323 +0200
29 /* server equipment). */
30 /* Opening this socket just before waitForPADS in the discovery() */
31 /* function would be more appropriate, but it would mess-up the code */
32 - conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM, PX_PROTO_OE);
33 + conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM | SOCK_CLOEXEC, PX_PROTO_OE);
34 if (conn->sessionSocket < 0) {
35 error("Failed to create PPPoE socket: %m");
38 lcp_wantoptions[0].mru = conn->mru = conn->storedmru;
40 /* Update maximum MRU */
41 - s = socket(AF_INET, SOCK_DGRAM, 0);
42 + s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
44 error("Can't get MTU for %s: %m", conn->ifName);
50 - if ((fd = socket(PF_PACKET, SOCK_RAW, 0)) < 0) {
51 + if ((fd = socket(PF_PACKET, SOCK_RAW | SOCK_CLOEXEC, 0)) < 0) {
55 diff -Naur pppd.orig/plugins/pppol2tp/openl2tp.c pppd/plugins/pppol2tp/openl2tp.c
56 --- pppd.orig/plugins/pppol2tp/openl2tp.c 2023-03-10 02:50:41.000000000 +0100
57 +++ pppd/plugins/pppol2tp/openl2tp.c 2023-06-30 13:22:30.055768865 +0200
61 if (openl2tp_fd < 0) {
62 - openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM, 0);
63 + openl2tp_fd = socket(PF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 0);
64 if (openl2tp_fd < 0) {
65 error("openl2tp connection create: %m");
67 diff -Naur pppd.orig/plugins/pppol2tp/pppol2tp.c pppd/plugins/pppol2tp/pppol2tp.c
68 --- pppd.orig/plugins/pppol2tp/pppol2tp.c 2022-12-30 02:12:39.000000000 +0100
69 +++ pppd/plugins/pppol2tp/pppol2tp.c 2023-06-30 13:23:13.493756755 +0200
74 - fd = socket(AF_INET, SOCK_DGRAM, 0);
75 + fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
77 memset (&ifr, '\0', sizeof (ifr));
78 ppp_get_ifname(ifr.ifr_name, sizeof(ifr.ifr_name));
79 diff -Naur pppd.orig/sys-linux.c pppd/sys-linux.c
80 --- pppd.orig/sys-linux.c 2023-06-30 13:11:25.715511251 +0200
81 +++ pppd/sys-linux.c 2023-06-30 13:32:50.021272249 +0200
85 /* Get an internet socket for doing socket ioctls. */
86 - sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
87 + sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
89 fatal("Couldn't create IP socket: %m(%d)", errno);
91 #ifdef PPP_WITH_IPV6CP
92 - sock6_fd = socket(AF_INET6, SOCK_DGRAM, 0);
93 + sock6_fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
95 sock6_fd = -errno; /* save errno for later */
101 - sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
102 + sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
105 memset(&ifreq.ifr_hwaddr, 0, sizeof(struct sockaddr));
106 @@ -2698,7 +2698,7 @@
110 - sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
111 + sock_fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
115 @@ -2915,7 +2915,7 @@
117 * Open a socket for doing the ioctl operations.
119 - s = socket(AF_INET, SOCK_DGRAM, 0);
120 + s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
124 diff -Naur pppd.orig/tty.c pppd/tty.c
125 --- pppd.orig/tty.c 2023-06-30 13:14:06.450418113 +0200
126 +++ pppd/tty.c 2023-06-30 13:33:31.285858278 +0200
130 /* get a socket and connect it to the other end */
131 - sock = socket(PF_INET, SOCK_STREAM, 0);
132 + sock = socket(PF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
134 error("Can't create socket: %m");