From owner-svn-src-all@FreeBSD.ORG Mon Oct 27 05:28:08 2008 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 96697106566B; Mon, 27 Oct 2008 05:28:08 +0000 (UTC) (envelope-from ed@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 84A9D8FC0A; Mon, 27 Oct 2008 05:28:08 +0000 (UTC) (envelope-from ed@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id m9R5S8l6026613; Mon, 27 Oct 2008 05:28:08 GMT (envelope-from ed@svn.freebsd.org) Received: (from ed@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id m9R5S8RR026610; Mon, 27 Oct 2008 05:28:08 GMT (envelope-from ed@svn.freebsd.org) Message-Id: <200810270528.m9R5S8RR026610@svn.freebsd.org> From: Ed Schouten Date: Mon, 27 Oct 2008 05:28:08 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r184322 - in releng/6.4/lib: libc libc/stdlib libc/sys libutil X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Oct 2008 05:28:08 -0000 Author: ed Date: Mon Oct 27 05:28:08 2008 New Revision: 184322 URL: http://svn.freebsd.org/changeset/base/184322 Log: MFC r183565: Small cleanups to openpty(). - Pass O_NOCTTY to posix_openpt(2). This makes the implementation work consistently on implementations that make the PTY the controlling TTY by default. - Call unlockpt() before opening the slave device. POSIX mentions that de slave device should only be opened after grantpt() and unlockpt() have been called. - Replace some redundant code by a label. As a safety net, add a call to revoke() to unlockpt(). All applications out there use openpty(), explicitly call revoke() or implement their own PTY allocation routines. Adding the call to unlockpt() won't hurt, but will prevent foot-shooting. Reviewed by: jhb, kib Approved by: re Modified: releng/6.4/lib/libc/ (props changed) releng/6.4/lib/libc/stdlib/grantpt.3 releng/6.4/lib/libc/stdlib/grantpt.c releng/6.4/lib/libc/sys/ (props changed) releng/6.4/lib/libutil/ (props changed) releng/6.4/lib/libutil/pty.c Modified: releng/6.4/lib/libc/stdlib/grantpt.3 ============================================================================== --- releng/6.4/lib/libc/stdlib/grantpt.3 Mon Oct 27 05:23:40 2008 (r184321) +++ releng/6.4/lib/libc/stdlib/grantpt.3 Mon Oct 27 05:28:08 2008 (r184322) @@ -212,11 +212,6 @@ and functions appeared in .Fx 5.0 . .Sh NOTES -The purpose of the -.Fn unlockpt -function has no meaning in -.Fx . -.Pp The flag .Dv O_NOCTTY is included for compatibility; in Modified: releng/6.4/lib/libc/stdlib/grantpt.c ============================================================================== --- releng/6.4/lib/libc/stdlib/grantpt.c Mon Oct 27 05:23:40 2008 (r184321) +++ releng/6.4/lib/libc/stdlib/grantpt.c Mon Oct 27 05:28:08 2008 (r184322) @@ -237,14 +237,20 @@ invalid: int unlockpt(int fildes) { + const char *slave; /* - * Unlocking a master/slave pseudo-terminal pair has no meaning in a - * non-streams PTY environment. However, we do ensure fildes is a - * valid master pseudo-terminal device. + * Even though unlocking a PTY has no meaning in a non-streams + * PTY environment, make this function call revoke() to ensure + * the PTY slave device is not being evesdropped. */ - if (ptsname(fildes) == NULL) + if ((slave = ptsname(fildes)) == NULL) return (-1); + if (revoke(slave) == -1) { + errno = EINVAL; + return (-1); + } + return (0); } Modified: releng/6.4/lib/libutil/pty.c ============================================================================== --- releng/6.4/lib/libutil/pty.c Mon Oct 27 05:23:40 2008 (r184321) +++ releng/6.4/lib/libutil/pty.c Mon Oct 27 05:28:08 2008 (r184322) @@ -60,37 +60,26 @@ openpty(int *amaster, int *aslave, char const char *slavename; int master, slave; - master = posix_openpt(O_RDWR); + master = posix_openpt(O_RDWR|O_NOCTTY); if (master == -1) return (-1); - if (grantpt(master) == -1) { - close(master); - return (-1); - } + if (grantpt(master) == -1) + goto bad; + + if (unlockpt(master) == -1) + goto bad; slavename = ptsname(master); - if (slavename == NULL) { - close(master); - return (-1); - } + if (slavename == NULL) + goto bad; - if (revoke(slavename) == -1) { - close(master); - return (-1); - } + if (revoke(slavename) == -1) + goto bad; slave = open(slavename, O_RDWR); - if (slave == -1) { - close(master); - return (-1); - } - - if (unlockpt(master) == -1) { - close(master); - close(slave); - return (-1); - } + if (slave == -1) + goto bad; *amaster = master; *aslave = slave; @@ -103,6 +92,9 @@ openpty(int *amaster, int *aslave, char ioctl(slave, TIOCSWINSZ, (char *)winp); return (0); + +bad: close(master); + return (-1); } int