From 4d8a5e4160918f72eacec659fd26091587a94ea6 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Sun, 23 Dec 2012 22:18:25 +0100
Subject: Set FD_CLOEXEC on all file descriptors, use non-blocking IO for
 sockets and TUN

---
 src/fastd.c | 26 +++++++++++++++++++++++++-
 src/fastd.h |  3 +++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/src/fastd.c b/src/fastd.c
index f9d22ad..18a0c91 100644
--- a/src/fastd.c
+++ b/src/fastd.c
@@ -86,6 +86,9 @@ static void init_pipes(fastd_context_t *ctx) {
 	if (pipe(pipefd))
 		exit_errno(ctx, "pipe");
 
+	fastd_setfd(ctx, pipefd[0], FD_CLOEXEC, 0);
+	fastd_setfd(ctx, pipefd[1], FD_CLOEXEC, 0);
+
 	ctx->resolverfd = pipefd[0];
 	ctx->resolvewfd = pipefd[1];
 }
@@ -194,6 +197,9 @@ static int bind_socket(fastd_context_t *ctx, const fastd_bind_address_t *addr, b
 	if (fd < 0)
 		goto error;
 
+	fastd_setfd(ctx, fd, FD_CLOEXEC, 0);
+	fastd_setfl(ctx, fd, O_NONBLOCK, 0);
+
 	if (addr->bindtodev) {
 		if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, addr->bindtodev, strlen(addr->bindtodev))) {
 			if (warn)
@@ -272,12 +278,30 @@ fastd_socket_t* fastd_socket_open(fastd_context_t *ctx, fastd_peer_t *peer, int
 	return sock;
 }
 
+void fastd_setfd(const fastd_context_t *ctx, int fd, int set, int unset) {
+	int flags = fcntl(fd, F_GETFD);
+	if (flags < 0)
+		exit_errno(ctx, "Getting file descriptor flags failed: fcntl");
+
+	if (fcntl(fd, F_SETFD, (flags|set) & (~unset)) < 0)
+		exit_errno(ctx, "Setting file descriptor flags failed: fcntl");
+}
+
+void fastd_setfl(const fastd_context_t *ctx, int fd, int set, int unset) {
+	int flags = fcntl(fd, F_GETFL);
+	if (flags < 0)
+		exit_errno(ctx, "Getting file status flags failed: fcntl");
+
+	if (fcntl(fd, F_SETFL, (flags|set) & (~unset)) < 0)
+		exit_errno(ctx, "Setting file status flags failed: fcntl");
+}
+
 static void init_tuntap(fastd_context_t *ctx) {
 	struct ifreq ifr;
 
 	pr_debug(ctx, "initializing tun/tap device...");
 
-	if ((ctx->tunfd = open("/dev/net/tun", O_RDWR)) < 0)
+	if ((ctx->tunfd = open("/dev/net/tun", O_RDWR|O_CLOEXEC|O_NONBLOCK)) < 0)
 		exit_errno(ctx, "could not open tun/tap device file");
 
 	memset(&ifr, 0, sizeof(ifr));
diff --git a/src/fastd.h b/src/fastd.h
index 0b29797..fd2a668 100644
--- a/src/fastd.h
+++ b/src/fastd.h
@@ -294,6 +294,9 @@ void fastd_handle_receive(fastd_context_t *ctx, fastd_peer_t *peer, fastd_buffer
 
 fastd_socket_t* fastd_socket_open(fastd_context_t *ctx, fastd_peer_t *peer, int af);
 
+void fastd_setfd(const fastd_context_t *ctx, int fd, int set, int unset);
+void fastd_setfl(const fastd_context_t *ctx, int fd, int set, int unset);
+
 void fastd_resolve_peer(fastd_context_t *ctx, fastd_peer_t *peer);
 
 int fastd_vsnprintf(const fastd_context_t *ctx, char *buffer, size_t size, const char *format, va_list ap);
-- 
cgit v1.2.3