[dovecot-cvs] dovecot/src/master auth-process.c,1.14,1.15 auth-process.h,1.3,1.4 login-process.c,1.15,1.16 login-process.h,1.3,1.4 main.c,1.14,1.15

Sun Dec 1 17:39:23 EET 2002

Update of /home/cvs/dovecot/src/master
In directory danu:/tmp/cvs-serv1500/src/master

Modified Files:
	auth-process.c auth-process.h login-process.c login-process.h 
	main.c 
Log Message:
We use close-on-exec flag now to make sure that master process closes the
fds when executing other processes.



Index: auth-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/auth-process.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15

--- auth-process.c	1 Dec 2002 13:50:45 -0000	1.14
+++ auth-process.c	1 Dec 2002 15:39:21 -0000	1.15
@@ -3,6 +3,7 @@
 #include "common.h"
 #include "ioloop.h"
 #include "env-util.h"
+#include "fd-close-on-exec.h"
 #include "network.h"
 #include "obuffer.h"
 #include "restrict-access.h"
@@ -171,13 +172,12 @@
 	const char *path;
 	struct passwd *pwd;
 	pid_t pid;
-	int fd[2], listen_fd;
+	int fd[2], listen_fd, i;
 
 	if ((pwd = getpwnam(config->user)) == NULL)
 		i_fatal("Auth user doesn't exist: %s", config->user);
 
-	/* create communication to process with a socket pair
-	   FIXME: pipe() would work as well, would it be better? */
+	/* create communication to process with a socket pair */
 	if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) == -1) {
 		i_error("socketpair() failed: %m");
 		return -1;
@@ -193,6 +193,7 @@
 
 	if (pid != 0) {
 		/* master */
+		fd_close_on_exec(fd[0], TRUE);
 		auth_process_new(pid, fd[0], config->name);
 		(void)close(fd[1]);
 		return pid;
@@ -235,6 +236,9 @@
 		(void)close(listen_fd);
 	}
 
+	for (i = 0; i <= 2; i++)
+		fd_close_on_exec(i, FALSE);
+
 	/* setup access environment - needs to be done after
 	   clean_child_process() since it clears environment */
 	restrict_access_set_env(config->user, pwd->pw_uid, pwd->pw_gid,
@@ -298,14 +302,6 @@
 	}
 
 	return count;
-}
-
-void auth_processes_cleanup(void)
-{
-	AuthProcess *p;
-
-	for (p = processes; p != NULL; p = p->next)
-		(void)close(p->fd);
 }
 
 void auth_processes_destroy_all(void)

Index: auth-process.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/auth-process.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- auth-process.h	20 Nov 2002 19:20:23 -0000	1.3
+++ auth-process.h	1 Dec 2002 15:39:21 -0000	1.4
@@ -16,7 +16,6 @@
 			  AuthCallback callback, void *context);
 
 /* Close any fds used by auth processes */
-void auth_processes_cleanup(void);
 void auth_processes_destroy_all(void);
 
 void auth_processes_init(void);

Index: login-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/login-process.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- login-process.c	1 Dec 2002 13:48:50 -0000	1.15
+++ login-process.c	1 Dec 2002 15:39:21 -0000	1.16
@@ -5,6 +5,7 @@
 #include "network.h"
 #include "obuffer.h"
 #include "fdpass.h"
+#include "fd-close-on-exec.h"
 #include "env-util.h"
 #include "restrict-access.h"
 #include "restrict-process-size.h"
@@ -266,6 +267,7 @@
 
 	if (pid != 0) {
 		/* master */
+		fd_close_on_exec(fd[0], TRUE);
 		login_process_new(pid, fd[0]);
 		(void)close(fd[1]);
 		return pid;
@@ -274,14 +276,17 @@
 	/* move communication handle */
 	if (dup2(fd[1], LOGIN_MASTER_SOCKET_FD) < 0)
 		i_fatal("login: dup2() failed: %m");
+	fd_close_on_exec(LOGIN_MASTER_SOCKET_FD, FALSE);
 
 	/* move the listen handle */
 	if (dup2(imap_fd, LOGIN_IMAP_LISTEN_FD) < 0)
 		i_fatal("login: dup2() failed: %m");
+	fd_close_on_exec(LOGIN_IMAP_LISTEN_FD, FALSE);
 
 	/* move the SSL listen handle */
 	if (dup2(imaps_fd, LOGIN_IMAPS_LISTEN_FD) < 0)
 		i_fatal("login: dup2() failed: %m");
+	fd_close_on_exec(LOGIN_IMAPS_LISTEN_FD, FALSE);
 
 	/* imap_fd and imaps_fd are closed by clean_child_process() */
 
@@ -338,19 +343,6 @@
 	/* don't start raising the process count if they're dying all
 	   the time */
 	wanted_processes_count = 0;
-}
-
-static void login_hash_cleanup(void *key __attr_unused__, void *value,
-			       void *context __attr_unused__)
-{
-	LoginProcess *p = value;
-
-	(void)close(p->fd);
-}
-
-void login_processes_cleanup(void)
-{
-	hash_foreach(processes, login_hash_cleanup, NULL);
 }
 
 static void login_hash_destroy(void *key __attr_unused__, void *value,

Index: login-process.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/login-process.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- login-process.h	20 Nov 2002 19:20:23 -0000	1.3
+++ login-process.h	1 Dec 2002 15:39:21 -0000	1.4
@@ -2,7 +2,6 @@
 #define __CHILD_LOGIN_H
 
 void login_process_abormal_exit(pid_t pid);
-void login_processes_cleanup(void);
 void login_processes_destroy_all(void);
 
 void login_processes_init(void);

Index: main.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/main.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- main.c	26 Nov 2002 19:49:06 -0000	1.14
+++ main.c	1 Dec 2002 15:39:21 -0000	1.15
@@ -5,6 +5,7 @@
 #include "lib-signals.h"
 #include "network.h"
 #include "env-util.h"
+#include "fd-close-on-exec.h"
 
 #include "auth-process.h"
 #include "login-process.h"
@@ -56,14 +57,6 @@
 	if (set_log_timestamp != NULL)
 		env_put(t_strconcat("IMAP_LOGSTAMP=", set_log_timestamp, NULL));
 
-	(void)close(null_fd);
-	(void)close(imap_fd);
-	(void)close(imaps_fd);
-
-	/* close fds for auth/login processes */
-	login_processes_cleanup();
-        auth_processes_cleanup();
-
 	closelog();
 }
 
@@ -156,11 +149,13 @@
 	null_fd = open("/dev/null", O_RDONLY);
 	if (null_fd == -1)
 		i_fatal("Can't open /dev/null: %m");
+	fd_close_on_exec(null_fd, TRUE);
 
 	imap_fd = set_imap_port == 0 ? dup(null_fd) :
 		net_listen(imap_ip, &set_imap_port);
 	if (imap_fd == -1)
 		i_fatal("listen(%d) failed: %m", set_imap_port);
+	fd_close_on_exec(imap_fd, TRUE);
 
 #ifdef HAVE_SSL
 	imaps_fd = set_ssl_cert_file == NULL || *set_ssl_cert_file == '\0' ||
@@ -172,6 +167,7 @@
 #endif
 	if (imaps_fd == -1)
 		i_fatal("listen(%d) failed: %m", set_imaps_port);
+	fd_close_on_exec(imaps_fd, TRUE);
 }
 
 static void main_init(void)


