From 7a4e51344423ee3309c258087a69dac29bf30b51 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sat, 1 Jul 2017 19:36:46 +0200
Subject: Ensure fdopen is called with an integer.

---
 Changelog      | 3 +++
 client         | 4 ++--
 lacme-accountd | 2 +-
 webserver      | 2 +-
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/Changelog b/Changelog
index 0674c4a..27e1dfd 100644
--- a/Changelog
+++ b/Changelog
@@ -30,6 +30,9 @@ lacme (0.3) upstream;
     --version.
   - client: remove potential race when creating ACME challenge response
     files.
+  - When using open with mode "<&=" or ">&=", ensure the expression
+    (fileno) is interpreted as an integer.  (This failed in Perl v5.14.2
+    from Debian Jessie.)
 
  -- Guilhem Moulin <guilhem@guilhem.org>  Sun, 19 Feb 2017 13:08:41 +0100
 
diff --git a/client b/client
index 333ae3b..f0778d5 100755
--- a/client
+++ b/client
@@ -62,9 +62,9 @@ my $COMMAND = shift @ARGV // die;
 
 # Untaint and fdopen(3) the configuration file and listening socket
 (shift @ARGV // die) =~ /\A(\d+)\z/ or die;
-open my $CONFFILE, '<&=', $1 or die "fdopen $1: $!";
+open (my $CONFFILE, '<&=', $1+0) or die "fdopen $1: $!";
 (shift @ARGV // die) =~ /\A(\d+)\z/ or die;
-open my $S, '+<&=', $1 or die "fdopen $1: $!";
+open (my $S, '+<&=', $1+0) or die "fdopen $1: $!";
 
 
 #############################################################################
diff --git a/lacme-accountd b/lacme-accountd
index 547af59..f0d7d51 100755
--- a/lacme-accountd
+++ b/lacme-accountd
@@ -140,7 +140,7 @@ $JWK = JSON::->new->encode($JWK);
 if (defined $OPTS{'conn-fd'}) {
     die "Invalid file descriptor" unless $OPTS{'conn-fd'} =~ /\A(\d+)\z/;
     # untaint and fdopen(3) our end of the socket pair
-    open $S, '+<&=', $1 or die "fdopen $1: $!";
+    open ($S, '+<&=', $1+0) or die "fdopen $1: $!";
 } else {
     my $sockname = $OPTS{socket} // (defined $ENV{XDG_RUNTIME_DIR} ? "$ENV{XDG_RUNTIME_DIR}/S.lacme" : undef);
     die "Missing socket option\n" unless defined $sockname;
diff --git a/webserver b/webserver
index 90be70c..dad3d9d 100755
--- a/webserver
+++ b/webserver
@@ -43,7 +43,7 @@ use Socket qw/AF_UNIX AF_INET AF_INET6/;
 
 # Untaint and fdopen(3) the listening socket
 (shift @ARGV // die) =~ /\A(\d+)\z/ or die;
-open my $S, '+<&=', $1 or die "fdopen $1: $!";
+open (my $S, '+<&=', $1+0) or die "fdopen $1: $!";
 my $ROOT = '/.well-known/acme-challenge';
 
 close STDIN  or die "close: $!";
-- 
cgit v1.2.3