oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Minor refactoring in fcache of common open flags

Browse Source
This commit is contained in:
Nicolas Williams
2013-08-16 23:59:13 -05:00
parent 8feed14fd0
commit be816fadd4
1 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
lib/krb5/fcache.c
View File

@@ -261,7 +261,7 @@ _krb5_erase_file(krb5_context context, const char *filename)
if (ret < 0) if (ret < 0)
return errno; return errno;
fd = open(filename, O_RDWR | O_BINARY); fd = open(filename, O_RDWR | O_BINARY | O_CLOEXEC | O_NOFOLLOW);
if(fd < 0) { if(fd < 0) {
if(errno == ENOENT) if(errno == ENOENT)
return 0; return 0;
@@ -404,6 +404,8 @@ fcc_open(krb5_context context,
int strict_checking; int strict_checking;
int fd; int fd;
flags |= O_BINARY | O_CLOEXEC | O_NOFOLLOW;
*fd_ret = -1; *fd_ret = -1;
if (FCACHE(id) == NULL) if (FCACHE(id) == NULL)
@@ -459,8 +461,8 @@ again:
* Perhaps we raced with a rename(). To complain about * Perhaps we raced with a rename(). To complain about
* symlinks in that case would cause unnecessary concern, so * symlinks in that case would cause unnecessary concern, so
* we check for that possibility and loop. This has no * we check for that possibility and loop. This has no
* TOCTOU problems because we redo the open() (and if we * TOCTOU problems because we redo the open(). We could also
* have O_NOFOLLOW we could even avoid that too). * not do any of this checking if O_NOFOLLOW != 0...
*/ */
close(fd); close(fd);
ret = lstat(filename, &sb3); ret = lstat(filename, &sb3);
@@ -531,7 +533,7 @@ fcc_initialize(krb5_context context,
unlink (f->filename); unlink (f->filename);
ret = fcc_open(context, id, "initialize", &fd, O_RDWR | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC | O_NOFOLLOW, 0600); ret = fcc_open(context, id, "initialize", &fd, O_RDWR | O_CREAT | O_EXCL, 0600);
if(ret) if(ret)
return ret; return ret;
{ {
@@ -606,7 +608,7 @@ fcc_store_cred(krb5_context context,
int ret; int ret;
int fd; int fd;
ret = fcc_open(context, id, "store", &fd, O_WRONLY | O_APPEND | O_BINARY | O_CLOEXEC | O_NOFOLLOW, 0); ret = fcc_open(context, id, "store", &fd, O_WRONLY | O_APPEND, 0);
if(ret) if(ret)
return ret; return ret;
{ {
@@ -654,7 +656,7 @@ init_fcc(krb5_context context,
if (kdc_offset) if (kdc_offset)
*kdc_offset = 0; *kdc_offset = 0;
ret = fcc_open(context, id, operation, &fd, O_RDONLY | O_BINARY | O_CLOEXEC | O_NOFOLLOW, 0); ret = fcc_open(context, id, operation, &fd, O_RDONLY, 0);
if(ret) if(ret)
return ret; return ret;
@@ -987,8 +989,7 @@ cred_delete(krb5_context context,
goto out; goto out;
} }
ret = fcc_open(context, id, "remove_cred", &fd, ret = fcc_open(context, id, "remove_cred", &fd, O_RDWR, 0);
O_RDWR | O_BINARY | O_CLOEXEC | O_NOFOLLOW, 0);
if (ret) if (ret)
goto out; goto out;
@@ -1193,14 +1194,14 @@ fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to)
int fd1, fd2; int fd1, fd2;
char buf[BUFSIZ]; char buf[BUFSIZ];
ret = fcc_open(context, from, "move/from", &fd1, O_RDONLY | O_BINARY | O_CLOEXEC | O_NOFOLLOW, 0); ret = fcc_open(context, from, "move/from", &fd1, O_RDONLY, 0);
if(ret) if(ret)
return ret; return ret;
unlink(FILENAME(to)); unlink(FILENAME(to));
ret = fcc_open(context, to, "move/to", &fd2, ret = fcc_open(context, to, "move/to", &fd2,
O_WRONLY | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC | O_NOFOLLOW, 0600); O_WRONLY | O_CREAT | O_EXCL, 0600);
if(ret) if(ret)
goto out1; goto out1;
@@ -1269,7 +1270,7 @@ fcc_lastchange(krb5_context context, krb5_ccache id, krb5_timestamp *mtime)
struct stat sb; struct stat sb;
int fd; int fd;
ret = fcc_open(context, id, "lastchange", &fd, O_RDONLY | O_BINARY | O_CLOEXEC | O_NOFOLLOW, 0); ret = fcc_open(context, id, "lastchange", &fd, O_RDONLY, 0);
if(ret) if(ret)
return ret; return ret;
ret = fstat(fd, &sb); ret = fstat(fd, &sb);