diff options
| -rw-r--r-- | monitor.c | 11 |
1 files changed, 10 insertions, 1 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor.c,v 1.170 2017/05/31 08:09:45 markus Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.171 2017/05/31 10:04:29 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -1655,9 +1655,18 @@ static void | |||
| 1655 | monitor_openfds(struct monitor *mon, int do_logfds) | 1655 | monitor_openfds(struct monitor *mon, int do_logfds) |
| 1656 | { | 1656 | { |
| 1657 | int pair[2]; | 1657 | int pair[2]; |
| 1658 | #ifdef SO_ZEROIZE | ||
| 1659 | int on = 1; | ||
| 1660 | #endif | ||
| 1658 | 1661 | ||
| 1659 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) | 1662 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) |
| 1660 | fatal("%s: socketpair: %s", __func__, strerror(errno)); | 1663 | fatal("%s: socketpair: %s", __func__, strerror(errno)); |
| 1664 | #ifdef SO_ZEROIZE | ||
| 1665 | if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0) | ||
| 1666 | error("setsockopt SO_ZEROIZE(0): %.100s", strerror(errno)); | ||
| 1667 | if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0) | ||
| 1668 | error("setsockopt SO_ZEROIZE(1): %.100s", strerror(errno)); | ||
| 1669 | #endif | ||
| 1661 | FD_CLOSEONEXEC(pair[0]); | 1670 | FD_CLOSEONEXEC(pair[0]); |
| 1662 | FD_CLOSEONEXEC(pair[1]); | 1671 | FD_CLOSEONEXEC(pair[1]); |
| 1663 | mon->m_recvfd = pair[0]; | 1672 | mon->m_recvfd = pair[0]; |