Fix from review

embhorn · embhorn · commit 44dcbf0c3d83 · 2026-04-14T08:07:41.000-05:00
diff --git a/src/ssl.c b/src/ssl.c
@@ -19568,6 +19568,8 @@ int wolfSSL_RAND_write_file(const char* fname)
     defined(HAVE_SYS_UN_H)
     #define WOLFSSL_EGD_NBLOCK 0x01
     #include <sys/un.h>
+    #include <errno.h>
+    #include <fcntl.h>
     #ifndef SOCK_CLOEXEC
         #define SOCK_CLOEXEC 0
     #endif
diff --git a/src/wolfio.c b/src/wolfio.c
@@ -1598,7 +1598,7 @@ int wolfIO_TcpBind(SOCKET_T* sockfd, word16 port)
     sin->sin6_addr = in6addr_any;
     sin->sin6_port = XHTONS(port);
     *sockfd = (SOCKET_T)socket(AF_INET6, SOCK_STREAM | SOCK_CLOEXEC, 0);
-#if defined(FD_CLOEXEC)
+#if !defined(USE_WINDOWS_API) && defined(FD_CLOEXEC)
     if (*sockfd <= SOCKET_INVALID && errno == EINVAL) {
         *sockfd = (SOCKET_T)socket(AF_INET6, SOCK_STREAM, 0);
         if (*sockfd > SOCKET_INVALID) {
@@ -1613,7 +1613,7 @@ int wolfIO_TcpBind(SOCKET_T* sockfd, word16 port)
     sin->sin_addr.s_addr = INADDR_ANY;
     sin->sin_port = XHTONS(port);
     *sockfd = (SOCKET_T)socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
-#if defined(FD_CLOEXEC)
+#if !defined(USE_WINDOWS_API) && defined(FD_CLOEXEC)
     if (*sockfd <= SOCKET_INVALID && errno == EINVAL) {
         *sockfd = (SOCKET_T)socket(AF_INET, SOCK_STREAM, 0);
         if (*sockfd > SOCKET_INVALID) {
diff --git a/wolfcrypt/src/port/caam/wolfcaam_qnx.c b/wolfcrypt/src/port/caam/wolfcaam_qnx.c
@@ -53,6 +53,16 @@ int wc_CAAMInitInterface()
     }
 
     caamFd = open("/dev/wolfCrypt", O_RDWR | O_CLOEXEC);
+#ifdef FD_CLOEXEC
+    if (caamFd < 0 && errno == EINVAL) {
+        caamFd = open("/dev/wolfCrypt", O_RDWR);
+        if (caamFd >= 0) {
+            int fdFlags = fcntl(caamFd, F_GETFD);
+            if (fdFlags >= 0)
+                (void)fcntl(caamFd, F_SETFD, fdFlags | FD_CLOEXEC);
+        }
+    }
+#endif
     if (caamFd < 0) {
         WOLFSSL_MSG("Could not open /dev/wolfCrypt");
         return -1;
