welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

cli: Fix missing closing file descriptors

Browse source
This commit is contained in:
Samuel Thibault 2024-02-04 04:36:09 +01:00
parent 32799f196a
commit fdf19f5467
4 changed files with 42 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

31
cli.c
View file

@ -18,6 +18,7 @@
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h> #include <sys/types.h>
#include <signal.h> #include <signal.h>
#include <dirent.h>
#include <dlfcn.h> #include <dlfcn.h>
#include <netdb.h> #include <netdb.h>
#include <libcli.h> #include <libcli.h>
@ -316,6 +317,36 @@ void cli_do(int sockfd)
socklen_t l = sizeof(addr); socklen_t l = sizeof(addr);
if (fork_and_close()) return; if (fork_and_close()) return;
/* Check that fork_and_close has closed everything but std* and the socket */
int fdfd = open("/dev/fd", O_RDONLY|O_DIRECTORY);
if (fdfd >= 0)
{
DIR *fds = fdopendir(fdfd);
if (fds)
{
struct dirent *ent;
while ((ent = readdir(fds)))
{
if (!strcmp(ent->d_name, ".")
|| !strcmp(ent->d_name, ".."))
continue;
int fd = atoi(ent->d_name);
if (fd <= STDERR_FILENO)
continue;
if (fd == fdfd || fd == sockfd)
continue;
if (log_stream && fd == fileno(log_stream))
continue;
LOG(0, 0, 0, "Warning: fd %d is still open within cli. This may interfere with operations.\n", fd);
}
closedir(fds);
}
close(fdfd);
}
if (getpeername(sockfd, (struct sockaddr *) &addr, &l) == 0) if (getpeername(sockfd, (struct sockaddr *) &addr, &l) == 0)
{ {
require_auth = addr.sin_addr.s_addr != inet_addr("127.0.0.1"); require_auth = addr.sin_addr.s_addr != inet_addr("127.0.0.1");

2
l2tpns.c
View file

@ -81,7 +81,7 @@ static int tunidx; // ifr_ifindex of tun device
int nlseqnum = 0; // netlink sequence number int nlseqnum = 0; // netlink sequence number
int min_initok_nlseqnum = 0; // minimun seq number for messages after init is ok int min_initok_nlseqnum = 0; // minimun seq number for messages after init is ok
static int syslog_log = 0; // are we logging to syslog static int syslog_log = 0; // are we logging to syslog
static FILE *log_stream = 0; // file handle for direct logging (i.e. direct into file, not via syslog). FILE *log_stream = 0; // file handle for direct logging (i.e. direct into file, not via syslog).
uint32_t last_id = 0; // Unique ID for radius accounting uint32_t last_id = 0; // Unique ID for radius accounting
// Guest change // Guest change
char guest_users[10][32]; // Array of guest users char guest_users[10][32]; // Array of guest users

2
l2tpns.h
View file

@ -1037,7 +1037,9 @@ extern uint32_t last_id;
extern struct Tstats *_statistics; extern struct Tstats *_statistics;
extern in_addr_t my_address; extern in_addr_t my_address;
extern int clifd; extern int clifd;
extern int nlfd;
extern int epollfd; extern int epollfd;
extern FILE *log_stream;
struct event_data { struct event_data {
enum { enum {

12
util.c
View file

@ -108,12 +108,8 @@ pid_t fork_and_close()
if (udpfd[i] != -1) close(udpfd[i]); if (udpfd[i] != -1) close(udpfd[i]);
} }
if (pppoediscfd != -1) close(pppoediscfd);
if (controlfd != -1) close(controlfd); if (controlfd != -1) close(controlfd);
if (daefd != -1) close(daefd); if (daefd != -1) close(daefd);
if (snoopfd != -1) close(snoopfd);
if (rand_fd != -1) close(rand_fd);
if (epollfd != -1) close(epollfd);
for (i = 0; radfds && i < RADIUS_FDS; i++) for (i = 0; radfds && i < RADIUS_FDS; i++)
close(radfds[i]); close(radfds[i]);
@ -124,6 +120,14 @@ pid_t fork_and_close()
close(bgp_peers[i].sock); close(bgp_peers[i].sock);
#endif /* BGP */ #endif /* BGP */
if (nlfd != -1) close(nlfd);
if (pppoediscfd != -1) close(pppoediscfd);
if (pppoesessfd != -1) close(pppoesessfd);
if (snoopfd != -1) close(snoopfd);
if (rand_fd != -1) close(rand_fd);
if (epollfd != -1) close(epollfd);
return pid; return pid;
} }