xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

libsec: open internal file-descriptors with OCEXEC flag

Browse source
This commit is contained in:
cinap_lenrek 2020-12-07 17:14:34 +01:00
parent d5928fb515
commit 383a2ca79b
3 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sys/src/libsec/port/readcert.c
View file

@ -8,7 +8,7 @@ readfile(char *name)
char *s;
Dir *d;
fd = open(name, OREAD);
fd = open(name, OREAD|OCEXEC);
if(fd < 0)
return nil;
if((d = dirfstat(fd)) == nil) {

2
sys/src/libsec/port/thumb.c
View file

@ -95,7 +95,7 @@ loadThumbprints(char *file, char *tag, Thumbprint *table, Thumbprint *crltab, in
}
if(access(file, AEXIST) < 0)
return 0; /* not an error */
if((bin = Bopen(file, OREAD)) == nil)
if((bin = Bopen(file, OREAD|OCEXEC)) == nil)
return -1;
for(; (line = Brdstr(bin, '\n', 1)) != nil; free(line)){
if(tokenize(line, field, nelem(field)) < 2)

14
sys/src/libsec/port/tlshand.c
View file

@ -459,7 +459,7 @@ tlsServer(int fd, TLSconn *conn)
if(conn == nil)
return -1;
ctl = open("#a/tls/clone", ORDWR);
ctl = open("#a/tls/clone", ORDWR|OCEXEC);
if(ctl < 0)
return -1;
n = read(ctl, buf, sizeof(buf)-1);
@ -470,7 +470,7 @@ tlsServer(int fd, TLSconn *conn)
buf[n] = 0;
snprint(conn->dir, sizeof(conn->dir), "#a/tls/%s", buf);
snprint(dname, sizeof(dname), "#a/tls/%s/hand", buf);
hand = open(dname, ORDWR);
hand = open(dname, ORDWR|OCEXEC);
if(hand < 0){
close(ctl);
return -1;
@ -592,7 +592,7 @@ tlsClient(int fd, TLSconn *conn)
if(conn == nil)
return -1;
ctl = open("#a/tls/clone", ORDWR);
ctl = open("#a/tls/clone", ORDWR|OCEXEC);
if(ctl < 0)
return -1;
n = read(ctl, buf, sizeof(buf)-1);
@ -603,7 +603,7 @@ tlsClient(int fd, TLSconn *conn)
buf[n] = 0;
snprint(conn->dir, sizeof(conn->dir), "#a/tls/%s", buf);
snprint(dname, sizeof(dname), "#a/tls/%s/hand", buf);
hand = open(dname, ORDWR);
hand = open(dname, ORDWR|OCEXEC);
if(hand < 0){
close(ctl);
return -1;
@ -2178,7 +2178,7 @@ initCiphers(void)
unlock(&ciphLock);
return nciphers;
}
j = open("#a/tls/encalgs", OREAD);
j = open("#a/tls/encalgs", OREAD|OCEXEC);
if(j < 0){
werrstr("can't open #a/tls/encalgs: %r");
goto out;
@ -2202,7 +2202,7 @@ initCiphers(void)
cipherAlgs[i].ok = ok;
}
j = open("#a/tls/hashalgs", OREAD);
j = open("#a/tls/hashalgs", OREAD|OCEXEC);
if(j < 0){
werrstr("can't open #a/tls/hashalgs: %r");
goto out;
@ -2261,7 +2261,7 @@ factotum_rsa_open(RSApub *rsapub)
AuthRpc *rpc;
// start talking to factotum
if((afd = open("/mnt/factotum/rpc", ORDWR)) < 0)
if((afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC)) < 0)
return nil;
if((rpc = auth_allocrpc(afd)) == nil){
close(afd);