Skip to content

Commit 76bbe89

Browse files
embhornembhorn
committed
Fix from review
1 parent 44dcbf0 commit 76bbe89

11 files changed

Lines changed: 96 additions & 258 deletions

File tree

src/crl.c

Lines changed: 2 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1667,10 +1667,6 @@ static int SwapLists(WOLFSSL_CRL* crl)
16671667
#define XEVENT_MODE O_RDONLY
16681668
#endif
16691669

1670-
/* Fall back to no-op if O_CLOEXEC is unavailable on this platform. */
1671-
#ifndef O_CLOEXEC
1672-
#define O_CLOEXEC 0
1673-
#endif
16741670

16751671

16761672
/* we need a unique kqueue user filter fd for crl in case user is doing custom
@@ -1737,17 +1733,7 @@ static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
17371733
fDER = -1;
17381734

17391735
if (crl->monitors[0].path) {
1740-
fPEM = open(crl->monitors[0].path, XEVENT_MODE | O_CLOEXEC);
1741-
#ifdef FD_CLOEXEC
1742-
if (fPEM == -1 && errno == EINVAL) {
1743-
fPEM = open(crl->monitors[0].path, XEVENT_MODE);
1744-
if (fPEM >= 0) {
1745-
int fdFlags = fcntl(fPEM, F_GETFD);
1746-
if (fdFlags >= 0)
1747-
(void)fcntl(fPEM, F_SETFD, fdFlags | FD_CLOEXEC);
1748-
}
1749-
}
1750-
#endif
1736+
fPEM = wc_open_cloexec(crl->monitors[0].path, XEVENT_MODE);
17511737
if (fPEM == -1) {
17521738
WOLFSSL_MSG("PEM event dir open failed");
17531739
SignalSetup(crl, MONITOR_SETUP_E);
@@ -1757,17 +1743,7 @@ static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
17571743
}
17581744

17591745
if (crl->monitors[1].path) {
1760-
fDER = open(crl->monitors[1].path, XEVENT_MODE | O_CLOEXEC);
1761-
#ifdef FD_CLOEXEC
1762-
if (fDER == -1 && errno == EINVAL) {
1763-
fDER = open(crl->monitors[1].path, XEVENT_MODE);
1764-
if (fDER >= 0) {
1765-
int fdFlags = fcntl(fDER, F_GETFD);
1766-
if (fdFlags >= 0)
1767-
(void)fcntl(fDER, F_SETFD, fdFlags | FD_CLOEXEC);
1768-
}
1769-
}
1770-
#endif
1746+
fDER = wc_open_cloexec(crl->monitors[1].path, XEVENT_MODE);
17711747
if (fDER == -1) {
17721748
WOLFSSL_MSG("DER event dir open failed");
17731749
if (fPEM != -1)

src/ssl.c

Lines changed: 1 addition & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -19568,11 +19568,6 @@ int wolfSSL_RAND_write_file(const char* fname)
1956819568
defined(HAVE_SYS_UN_H)
1956919569
#define WOLFSSL_EGD_NBLOCK 0x01
1957019570
#include <sys/un.h>
19571-
#include <errno.h>
19572-
#include <fcntl.h>
19573-
#ifndef SOCK_CLOEXEC
19574-
#define SOCK_CLOEXEC 0
19575-
#endif
1957619571
#endif
1957719572

1957819573
/* This collects entropy from the path nm and seeds the global PRNG with it.
@@ -19606,17 +19601,7 @@ int wolfSSL_RAND_egd(const char* nm)
1960619601
return WOLFSSL_FATAL_ERROR;
1960719602
}
1960819603

19609-
fd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
19610-
#ifdef FD_CLOEXEC
19611-
if (fd < 0 && errno == EINVAL) {
19612-
fd = socket(AF_UNIX, SOCK_STREAM, 0);
19613-
if (fd >= 0) {
19614-
int fdFlags = fcntl(fd, F_GETFD);
19615-
if (fdFlags >= 0)
19616-
(void)fcntl(fd, F_SETFD, fdFlags | FD_CLOEXEC);
19617-
}
19618-
}
19619-
#endif
19604+
fd = wc_socket_cloexec(AF_UNIX, SOCK_STREAM, 0);
1962019605
if (fd < 0) {
1962119606
WOLFSSL_MSG("Error creating socket");
1962219607
WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);

src/wolfio.c

Lines changed: 4 additions & 72 deletions
Original file line numberDiff line numberDiff line change
@@ -24,15 +24,6 @@
2424
#define WOLFSSL_STRERROR_BUFFER_SIZE 256
2525
#endif
2626

27-
/* Enable GNU extensions for accept4() on Linux/glibc. Must be defined
28-
* before any system headers are included. Excluded for Zephyr and other
29-
* embedded RTOSes whose libc layers conflict with glibc-style definitions
30-
* (e.g., Zephyr's socket_select.h vs. glibc's fd_set). */
31-
#if (defined(__linux__) || defined(__ANDROID__)) && \
32-
!defined(WOLFSSL_ZEPHYR) && !defined(_GNU_SOURCE)
33-
#define _GNU_SOURCE 1
34-
#endif
35-
3627
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
3728

3829
#ifndef WOLFCRYPT_ONLY
@@ -51,11 +42,6 @@
5142
#include <wolfssl/wolfio.h>
5243
#include <wolfssl/wolfcrypt/logging.h>
5344

54-
/* SOCK_CLOEXEC sets close-on-exec atomically when the socket is created;
55-
* fall back to a no-op flag value where it isn't supported. */
56-
#ifndef SOCK_CLOEXEC
57-
#define SOCK_CLOEXEC 0
58-
#endif
5945

6046
#ifdef NUCLEUS_PLUS_2_3
6147
/* Holds last Nucleus networking error number */
@@ -1509,17 +1495,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
15091495
}
15101496
#endif
15111497

1512-
*sockfd = (SOCKET_T)socket(addr.ss_family, SOCK_STREAM | SOCK_CLOEXEC, 0);
1513-
#if !defined(USE_WINDOWS_API) && defined(FD_CLOEXEC)
1514-
if (*sockfd <= SOCKET_INVALID && errno == EINVAL) {
1515-
*sockfd = (SOCKET_T)socket(addr.ss_family, SOCK_STREAM, 0);
1516-
if (*sockfd > SOCKET_INVALID) {
1517-
int fdFlags = fcntl(*sockfd, F_GETFD);
1518-
if (fdFlags >= 0)
1519-
(void)fcntl(*sockfd, F_SETFD, fdFlags | FD_CLOEXEC);
1520-
}
1521-
}
1522-
#endif
1498+
*sockfd = (SOCKET_T)wc_socket_cloexec(addr.ss_family, SOCK_STREAM, 0);
15231499
#ifdef USE_WINDOWS_API
15241500
if (*sockfd == SOCKET_INVALID)
15251501
#else
@@ -1597,32 +1573,12 @@ int wolfIO_TcpBind(SOCKET_T* sockfd, word16 port)
15971573
sin->sin6_family = AF_INET6;
15981574
sin->sin6_addr = in6addr_any;
15991575
sin->sin6_port = XHTONS(port);
1600-
*sockfd = (SOCKET_T)socket(AF_INET6, SOCK_STREAM | SOCK_CLOEXEC, 0);
1601-
#if !defined(USE_WINDOWS_API) && defined(FD_CLOEXEC)
1602-
if (*sockfd <= SOCKET_INVALID && errno == EINVAL) {
1603-
*sockfd = (SOCKET_T)socket(AF_INET6, SOCK_STREAM, 0);
1604-
if (*sockfd > SOCKET_INVALID) {
1605-
int fdFlags = fcntl(*sockfd, F_GETFD);
1606-
if (fdFlags >= 0)
1607-
(void)fcntl(*sockfd, F_SETFD, fdFlags | FD_CLOEXEC);
1608-
}
1609-
}
1610-
#endif
1576+
*sockfd = (SOCKET_T)wc_socket_cloexec(AF_INET6, SOCK_STREAM, 0);
16111577
#else
16121578
sin->sin_family = AF_INET;
16131579
sin->sin_addr.s_addr = INADDR_ANY;
16141580
sin->sin_port = XHTONS(port);
1615-
*sockfd = (SOCKET_T)socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
1616-
#if !defined(USE_WINDOWS_API) && defined(FD_CLOEXEC)
1617-
if (*sockfd <= SOCKET_INVALID && errno == EINVAL) {
1618-
*sockfd = (SOCKET_T)socket(AF_INET, SOCK_STREAM, 0);
1619-
if (*sockfd > SOCKET_INVALID) {
1620-
int fdFlags = fcntl(*sockfd, F_GETFD);
1621-
if (fdFlags >= 0)
1622-
(void)fcntl(*sockfd, F_SETFD, fdFlags | FD_CLOEXEC);
1623-
}
1624-
}
1625-
#endif
1581+
*sockfd = (SOCKET_T)wc_socket_cloexec(AF_INET, SOCK_STREAM, 0);
16261582
#endif
16271583

16281584
#ifdef USE_WINDOWS_API
@@ -1668,31 +1624,7 @@ int wolfIO_TcpBind(SOCKET_T* sockfd, word16 port)
16681624
#ifdef HAVE_SOCKADDR
16691625
int wolfIO_TcpAccept(SOCKET_T sockfd, SOCKADDR* peer_addr, XSOCKLENT* peer_len)
16701626
{
1671-
int fd;
1672-
#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_ZEPHYR) && \
1673-
(defined(__linux__) || defined(__ANDROID__))
1674-
fd = (int)accept4(sockfd, peer_addr, peer_len, SOCK_CLOEXEC);
1675-
if (fd < 0 && (errno == ENOSYS || errno == EINVAL)) {
1676-
fd = (int)accept(sockfd, peer_addr, peer_len);
1677-
#ifdef FD_CLOEXEC
1678-
if (fd >= 0) {
1679-
int fdFlags = fcntl(fd, F_GETFD);
1680-
if (fdFlags >= 0)
1681-
(void)fcntl(fd, F_SETFD, fdFlags | FD_CLOEXEC);
1682-
}
1683-
#endif
1684-
}
1685-
#else
1686-
fd = (int)accept(sockfd, peer_addr, peer_len);
1687-
#if defined(FD_CLOEXEC) && !defined(USE_WINDOWS_API)
1688-
if (fd >= 0) {
1689-
int fdFlags = fcntl(fd, F_GETFD);
1690-
if (fdFlags >= 0)
1691-
(void)fcntl(fd, F_SETFD, fdFlags | FD_CLOEXEC);
1692-
}
1693-
#endif
1694-
#endif
1695-
return fd;
1627+
return wc_accept_cloexec((int)sockfd, peer_addr, peer_len);
16961628
}
16971629
#endif /* HAVE_SOCKADDR */
16981630

wolfcrypt/src/port/af_alg/afalg_hash.c

Lines changed: 2 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -229,33 +229,8 @@ static int AfalgHashCopy(wolfssl_AFALG_Hash* src, wolfssl_AFALG_Hash* dst)
229229
}
230230
#endif
231231

232-
#if defined(__linux__) && defined(SOCK_CLOEXEC)
233-
dst->rdFd = accept4(src->rdFd, NULL, NULL, SOCK_CLOEXEC);
234-
if (dst->rdFd < 0 && (errno == ENOSYS || errno == EINVAL)) {
235-
dst->rdFd = accept(src->rdFd, NULL, NULL);
236-
#ifdef FD_CLOEXEC
237-
if (dst->rdFd >= 0) {
238-
int fdFlags = fcntl(dst->rdFd, F_GETFD);
239-
if (fdFlags >= 0)
240-
(void)fcntl(dst->rdFd, F_SETFD, fdFlags | FD_CLOEXEC);
241-
}
242-
#endif
243-
}
244-
dst->alFd = accept4(src->alFd, NULL, NULL, SOCK_CLOEXEC);
245-
if (dst->alFd < 0 && (errno == ENOSYS || errno == EINVAL)) {
246-
dst->alFd = accept(src->alFd, NULL, NULL);
247-
#ifdef FD_CLOEXEC
248-
if (dst->alFd >= 0) {
249-
int fdFlags = fcntl(dst->alFd, F_GETFD);
250-
if (fdFlags >= 0)
251-
(void)fcntl(dst->alFd, F_SETFD, fdFlags | FD_CLOEXEC);
252-
}
253-
#endif
254-
}
255-
#else
256-
dst->rdFd = accept(src->rdFd, NULL, NULL);
257-
dst->alFd = accept(src->alFd, NULL, NULL);
258-
#endif
232+
dst->rdFd = wc_accept_cloexec(src->rdFd, NULL, NULL);
233+
dst->alFd = wc_accept_cloexec(src->alFd, NULL, NULL);
259234

260235
if (dst->rdFd == WC_SOCK_NOTSET || dst->alFd == WC_SOCK_NOTSET) {
261236
AfalgHashFree(dst);

wolfcrypt/src/port/af_alg/wc_afalg.c

Lines changed: 2 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -33,9 +33,6 @@
3333
#include <errno.h>
3434
#include <fcntl.h>
3535

36-
#ifndef SOCK_CLOEXEC
37-
#define SOCK_CLOEXEC 0
38-
#endif
3936

4037

4138
/* Sets the type of socket address to use */
@@ -67,24 +64,7 @@ int wc_Afalg_Accept(struct sockaddr_alg* in, int inSz, int sock)
6764
return WC_AFALG_SOCK_E;
6865
}
6966

70-
#if defined(__linux__)
71-
{
72-
int fd = accept4(sock, NULL, NULL, SOCK_CLOEXEC);
73-
if (fd < 0 && (errno == ENOSYS || errno == EINVAL)) {
74-
fd = accept(sock, NULL, NULL);
75-
#ifdef FD_CLOEXEC
76-
if (fd >= 0) {
77-
int fdFlags = fcntl(fd, F_GETFD);
78-
if (fdFlags >= 0)
79-
(void)fcntl(fd, F_SETFD, fdFlags | FD_CLOEXEC);
80-
}
81-
#endif
82-
}
83-
return fd;
84-
}
85-
#else
86-
return accept(sock, NULL, NULL);
87-
#endif
67+
return wc_accept_cloexec(sock, NULL, NULL);
8868
}
8969

9070

@@ -94,17 +74,7 @@ int wc_Afalg_Socket(void)
9474
{
9575
int sock;
9676

97-
sock = socket(AF_ALG, SOCK_SEQPACKET | SOCK_CLOEXEC, 0);
98-
#ifdef FD_CLOEXEC
99-
if (sock < 0 && errno == EINVAL) {
100-
sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
101-
if (sock >= 0) {
102-
int fdFlags = fcntl(sock, F_GETFD);
103-
if (fdFlags >= 0)
104-
(void)fcntl(sock, F_SETFD, fdFlags | FD_CLOEXEC);
105-
}
106-
}
107-
#endif
77+
sock = wc_socket_cloexec(AF_ALG, SOCK_SEQPACKET, 0);
10878
if (sock < 0) {
10979
WOLFSSL_MSG("Failed to get AF_ALG socket");
11080
return WC_AFALG_SOCK_E;

wolfcrypt/src/port/caam/wolfcaam_qnx.c

Lines changed: 1 addition & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -34,11 +34,6 @@
3434
#include <sys/ioctl.h>
3535
#include <devctl.h>
3636

37-
#include <errno.h>
38-
39-
#ifndef O_CLOEXEC
40-
#define O_CLOEXEC 0
41-
#endif
4237

4338
/* for devctl use */
4439
int caamFd = -1;
@@ -52,17 +47,7 @@ int wc_CAAMInitInterface()
5247
return -1;
5348
}
5449

55-
caamFd = open("/dev/wolfCrypt", O_RDWR | O_CLOEXEC);
56-
#ifdef FD_CLOEXEC
57-
if (caamFd < 0 && errno == EINVAL) {
58-
caamFd = open("/dev/wolfCrypt", O_RDWR);
59-
if (caamFd >= 0) {
60-
int fdFlags = fcntl(caamFd, F_GETFD);
61-
if (fdFlags >= 0)
62-
(void)fcntl(caamFd, F_SETFD, fdFlags | FD_CLOEXEC);
63-
}
64-
}
65-
#endif
50+
caamFd = wc_open_cloexec("/dev/wolfCrypt", O_RDWR);
6651
if (caamFd < 0) {
6752
WOLFSSL_MSG("Could not open /dev/wolfCrypt");
6853
return -1;

wolfcrypt/src/port/devcrypto/wc_devcrypto.c

Lines changed: 2 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -26,26 +26,12 @@
2626
static volatile int fd;
2727

2828
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
29-
#include <errno.h>
30-
31-
#ifndef O_CLOEXEC
32-
#define O_CLOEXEC 0
33-
#endif
29+
#include <fcntl.h>
3430

3531
int wc_DevCryptoInit(void)
3632
{
3733
/* create descriptor */
38-
fd = open("/dev/crypto", O_RDWR | O_CLOEXEC, 0);
39-
#ifdef FD_CLOEXEC
40-
if (fd < 0 && errno == EINVAL) {
41-
fd = open("/dev/crypto", O_RDWR, 0);
42-
if (fd >= 0) {
43-
int fdFlags = fcntl(fd, F_GETFD);
44-
if (fdFlags >= 0)
45-
(void)fcntl(fd, F_SETFD, fdFlags | FD_CLOEXEC);
46-
}
47-
}
48-
#endif
34+
fd = wc_open_cloexec("/dev/crypto", O_RDWR);
4935
if (fd < 0) {
5036
WOLFSSL_MSG("Error opening /dev/crypto is cryptodev module loaded?");
5137
return WC_DEVCRYPTO_E;

wolfcrypt/src/port/intel/quickassist_mem.c

Lines changed: 1 addition & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -59,9 +59,6 @@
5959
#include <sys/mman.h>
6060
#include <errno.h>
6161

62-
#ifndef O_CLOEXEC
63-
#define O_CLOEXEC 0
64-
#endif
6562

6663
#ifdef SAL_IOMMU_CODE
6764
#include <icp_sal_iommu.h>
@@ -719,17 +716,7 @@ CpaStatus qaeMemInit(void)
719716
{
720717
if (g_qaeMemFd < 0) {
721718
#ifndef QAT_V2
722-
g_qaeMemFd = open(QAE_MEM, O_RDWR | O_CLOEXEC);
723-
#ifdef FD_CLOEXEC
724-
if (g_qaeMemFd < 0 && errno == EINVAL) {
725-
g_qaeMemFd = open(QAE_MEM, O_RDWR);
726-
if (g_qaeMemFd >= 0) {
727-
int fdFlags = fcntl(g_qaeMemFd, F_GETFD);
728-
if (fdFlags >= 0)
729-
(void)fcntl(g_qaeMemFd, F_SETFD, fdFlags | FD_CLOEXEC);
730-
}
731-
}
732-
#endif
719+
g_qaeMemFd = wc_open_cloexec(QAE_MEM, O_RDWR);
733720
if (g_qaeMemFd < 0) {
734721
printf("unable to open %s %d\n", QAE_MEM, g_qaeMemFd);
735722
return CPA_STATUS_FAIL;

0 commit comments

Comments
 (0)