From bbbd329e9a1274d0a7bfb7b741894f5417b43538 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 19 Feb 2017 13:23:51 +0100
Subject: Ensure lacme's config file descriptor has the FD_CLOEXEC bit set.

---
 Changelog | 2 ++
 lacme     | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/Changelog b/Changelog
index 0336e5b..d9aacd0 100644
--- a/Changelog
+++ b/Changelog
@@ -2,6 +2,8 @@ lacme (0.3) upstream;
 
   - When parsing config-cert files and directories (default "lacme-certs.conf
     lacme-certs.conf.d"), import the default section of files read earlier.
+  - Ensure lacme's config file descriptor is not passed to the accountd
+    or webserver components.
 
  -- Guilhem Moulin <guilhem@guilhem.org>  Sun, 19 Feb 2017 13:08:41 +0100
 
diff --git a/lacme b/lacme
index 6c7f48d..8cbed17 100755
--- a/lacme
+++ b/lacme
@@ -68,6 +68,7 @@ $COMMAND = $COMMAND =~ /\A(new-reg|reg=\p{Print}*|new-cert|revoke-cert)\z/ ? $1
          : usage(1, "Invalid command: $COMMAND"); # validate and untaint $COMMAND
 @ARGV = map { /\A(\p{Print}*)\z/ ? $1 : die } @ARGV; # untaint @ARGV
 
+sub set_FD_CLOEXEC($$);
 my $CONFFILENAME = $OPTS{config} // first { -f $_ }
    ( "./$NAME.conf"
    , ($ENV{XDG_CONFIG_HOME} // "$ENV{HOME}/.config")."/lacme/$NAME.conf"
@@ -79,6 +80,7 @@ do {
     open $CONFFILE, '<', $CONFFILENAME or die "Can't open $CONFFILENAME: $!\n";
     my $conf = do { local $/ = undef; <$CONFFILE> };
     # don't close $CONFFILE so we can pass it to the client
+    set_FD_CLOEXEC($CONFFILE, 1);
 
     my $h = Config::Tiny::->read_string($conf) or die Config::Tiny::->errstr()."\n";
     my $defaults = delete $h->{_} // {};
-- 
cgit v1.2.3