src/patches/ppp/0012-pppd-we-don-t-want-to-accidentally-leak-fds.patch

   1 From 82cd789df0f022eb6f3d28646e7a61d1d0715805 Mon Sep 17 00:00:00 2001
   2 From: Michal Sekletar <msekleta@redhat.com>
   3 Date: Mon, 7 Apr 2014 12:23:36 +0200
   4 Subject: [PATCH 12/25] pppd: we don't want to accidentally leak fds
   5
   6 ---
   7  pppd/auth.c      | 20 ++++++++++----------
   8  pppd/options.c   |  2 +-
   9  pppd/sys-linux.c |  4 ++--
  10  3 files changed, 13 insertions(+), 13 deletions(-)
  11
  12 diff --git a/pppd/auth.c b/pppd/auth.c
  13 index 4271af6..9e957fa 100644
  14 --- a/pppd/auth.c
  15 +++ b/pppd/auth.c
  16 @@ -428,7 +428,7 @@ setupapfile(argv)
  17         option_error("unable to reset uid before opening %s: %m", fname);
  18         return 0;
  19      }
  20 -    ufile = fopen(fname, "r");
  21 +    ufile = fopen(fname, "re");
  22      if (seteuid(euid) == -1)
  23         fatal("unable to regain privileges: %m");
  24      if (ufile == NULL) {
  25 @@ -1413,7 +1413,7 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg)
  26      filename = _PATH_UPAPFILE;
  27      addrs = opts = NULL;
  28      ret = UPAP_AUTHNAK;
  29 -    f = fopen(filename, "r");
  30 +    f = fopen(filename, "re");
  31      if (f == NULL) {
  32         error("Can't open PAP password file %s: %m", filename);
  33
  34 @@ -1512,7 +1512,7 @@ null_login(unit)
  35      if (ret <= 0) {
  36         filename = _PATH_UPAPFILE;
  37         addrs = NULL;
  38 -       f = fopen(filename, "r");
  39 +       f = fopen(filename, "re");
  40         if (f == NULL)
  41             return 0;
  42         check_access(f, filename);
  43 @@ -1559,7 +1559,7 @@ get_pap_passwd(passwd)
  44      }
  45
  46      filename = _PATH_UPAPFILE;
  47 -    f = fopen(filename, "r");
  48 +    f = fopen(filename, "re");
  49      if (f == NULL)
  50         return 0;
  51      check_access(f, filename);
  52 @@ -1597,7 +1597,7 @@ have_pap_secret(lacks_ipp)
  53      }
  54
  55      filename = _PATH_UPAPFILE;
  56 -    f = fopen(filename, "r");
  57 +    f = fopen(filename, "re");
  58      if (f == NULL)
  59         return 0;
  60
  61 @@ -1642,7 +1642,7 @@ have_chap_secret(client, server, need_ip, lacks_ipp)
  62      }
  63
  64      filename = _PATH_CHAPFILE;
  65 -    f = fopen(filename, "r");
  66 +    f = fopen(filename, "re");
  67      if (f == NULL)
  68         return 0;
  69
  70 @@ -1684,7 +1684,7 @@ have_srp_secret(client, server, need_ip, lacks_ipp)
  71      struct wordlist *addrs;
  72
  73      filename = _PATH_SRPFILE;
  74 -    f = fopen(filename, "r");
  75 +    f = fopen(filename, "re");
  76      if (f == NULL)
  77         return 0;
  78
  79 @@ -1740,7 +1740,7 @@ get_secret(unit, client, server, secret, secret_len, am_server)
  80         addrs = NULL;
  81         secbuf[0] = 0;
  82
  83 -       f = fopen(filename, "r");
  84 +       f = fopen(filename, "re");
  85         if (f == NULL) {
  86             error("Can't open chap secret file %s: %m", filename);
  87             return 0;
  88 @@ -1797,7 +1797,7 @@ get_srp_secret(unit, client, server, secret, am_server)
  89         filename = _PATH_SRPFILE;
  90         addrs = NULL;
  91
  92 -       fp = fopen(filename, "r");
  93 +       fp = fopen(filename, "re");
  94         if (fp == NULL) {
  95             error("Can't open srp secret file %s: %m", filename);
  96             return 0;
  97 @@ -2203,7 +2203,7 @@ scan_authfile(f, client, server, secret, addrs, opts, filename, flags)
  98              */
  99             if (word[0] == '@' && word[1] == '/') {
 100                 strlcpy(atfile, word+1, sizeof(atfile));
 101 -               if ((sf = fopen(atfile, "r")) == NULL) {
 102 +               if ((sf = fopen(atfile, "re")) == NULL) {
 103                     warn("can't open indirect secret file %s", atfile);
 104                     continue;
 105                 }
 106 diff --git a/pppd/options.c b/pppd/options.c
 107 index 45fa742..1d754ae 100644
 108 --- a/pppd/options.c
 109 +++ b/pppd/options.c
 110 @@ -427,7 +427,7 @@ options_from_file(filename, must_exist, check_prot, priv)
 111         option_error("unable to drop privileges to open %s: %m", filename);
 112         return 0;
 113      }
 114 -    f = fopen(filename, "r");
 115 +    f = fopen(filename, "re");
 116      err = errno;
 117      if (check_prot && seteuid(euid) == -1)
 118         fatal("unable to regain privileges");
 119 diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
 120 index 72a7727..8a12fa0 100644
 121 --- a/pppd/sys-linux.c
 122 +++ b/pppd/sys-linux.c
 123 @@ -1412,7 +1412,7 @@ static char *path_to_procfs(const char *tail)
 124         /* Default the mount location of /proc */
 125         strlcpy (proc_path, "/proc", sizeof(proc_path));
 126         proc_path_len = 5;
 127 -       fp = fopen(MOUNTED, "r");
 128 +       fp = fopen(MOUNTED, "re");
 129         if (fp != NULL) {
 130             while ((mntent = getmntent(fp)) != NULL) {
 131                 if (strcmp(mntent->mnt_type, MNTTYPE_IGNORE) == 0)
 132 @@ -1472,7 +1472,7 @@ static int open_route_table (void)
 133      close_route_table();
 134
 135      path = path_to_procfs("/net/route");
 136 -    route_fd = fopen (path, "r");
 137 +    route_fd = fopen (path, "re");
 138      if (route_fd == NULL) {
 139         error("can't open routing table %s: %m", path);
 140         return 0;
 141 --
 142 1.8.3.1
 143