rpms/vpnc/devel vpnc-0.3.3-cloexec.patch, NONE, 1.1 vpnc.spec, 1.17, 1.18
Tomas Mraz (tmraz)
fedora-extras-commits at redhat.com
Tue Nov 7 17:28:05 UTC 2006
Author: tmraz
Update of /cvs/extras/rpms/vpnc/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24383
Modified Files:
vpnc.spec
Added Files:
vpnc-0.3.3-cloexec.patch
Log Message:
* Tue Nov 7 2006 Tomas Mraz <tmraz at redhat.com> - 0.3.3-13
- don't leak socket fds
vpnc-0.3.3-cloexec.patch:
--- NEW FILE vpnc-0.3.3-cloexec.patch ---
--- vpnc-0.3.3/vpnc.c.cloexec 2006-11-07 18:00:52.000000000 +0100
+++ vpnc-0.3.3/vpnc.c 2006-11-07 18:06:29.000000000 +0100
@@ -221,6 +221,8 @@
if (sock < 0)
error(1, errno, "making socket");
+ fcntl(sock, F_SETFD, FD_CLOEXEC);
+
/* Give the socket a name. */
name.sin_family = AF_INET;
name.sin_port = port;
@@ -2216,6 +2218,7 @@
if (tunnelfd == -1) {
error(1, errno, "socket(SOCK_RAW) failed");
}
+ fcntl(tunnelfd, F_SETFD, FD_CLOEXEC);
}
}
if (dh_grp)
Index: vpnc.spec
===================================================================
RCS file: /cvs/extras/rpms/vpnc/devel/vpnc.spec,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- vpnc.spec 12 Sep 2006 16:38:12 -0000 1.17
+++ vpnc.spec 7 Nov 2006 17:27:35 -0000 1.18
@@ -1,6 +1,6 @@
Name: vpnc
Version: 0.3.3
-Release: 12
+Release: 13%{?dist}
Summary: IPSec VPN client compatible with Cisco equipment
@@ -14,6 +14,7 @@
Patch2: vpnc-0.3.3-ip-output.patch
Patch3: vpnc-0.3.3-no-srcport.patch
Patch4: vpnc-0.3.3-rekeying.patch
+Patch5: vpnc-0.3.3-cloexec.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -33,6 +34,7 @@
%patch2 -p1 -b .ip-output
%patch3 -p1 -b .no-srcport
%patch4 -p1 -b .rekeying
+%patch5 -p1 -b .cloexec
%build
make PREFIX=/usr
@@ -65,6 +67,9 @@
%ghost %verify(not md5 size mtime) %{_var}/run/vpnc/resolv.conf-backup
%changelog
+* Tue Nov 7 2006 Tomas Mraz <tmraz at redhat.com> - 0.3.3-13
+- don't leak socket fds
+
* Tue Sep 12 2006 Tomas Mraz <tmraz at redhat.com> - 0.3.3-12
- drop hoplimit from ip route output (#205923)
- let's try enabling -fstack-protector again, seems to work now
More information about the fedora-extras-commits
mailing list