aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ssh-agent-filter.C15
1 files changed, 13 insertions, 2 deletions
diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C
index 733e12d..8d87d0b 100644
--- a/ssh-agent-filter.C
+++ b/ssh-agent-filter.C
@@ -49,6 +49,9 @@ namespace fs = boost::filesystem;
#include "ssh-agent.h"
#include "version.h"
+#ifndef SOCK_CLOEXEC
+#define SOCK_CLOEXEC 0
+#endif
std::vector<std::string> allowed_b64;
std::vector<std::string> allowed_md5;
@@ -88,10 +91,14 @@ int make_upstream_agent_conn () {
exit(EX_UNAVAILABLE);
}
- if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
+ if ((sock = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) == -1) {
perror("socket");
exit(EX_UNAVAILABLE);
}
+ if (fcntl(sock, F_SETFD, fcntl(sock, F_GETFD) | FD_CLOEXEC)) {
+ perror("fcntl");
+ exit(EX_UNAVAILABLE);
+ }
addr.sun_family = AF_UNIX;
@@ -114,10 +121,14 @@ int make_listen_sock () {
int sock;
struct sockaddr_un addr;
- if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
+ if ((sock = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0)) == -1) {
perror("socket");
exit(EX_UNAVAILABLE);
}
+ if (fcntl(sock, F_SETFD, fcntl(sock, F_GETFD) | FD_CLOEXEC)) {
+ perror("fcntl");
+ exit(EX_UNAVAILABLE);
+ }
addr.sun_family = AF_UNIX;