Shutdown down the write side of the socket and wait for the client to close the connection (0 byte read) before closing the server side (Closes: #777349)
Ondřej Surý
9 years ago
| 0 | Description: it is possible for the client side of the socket to miss data | |
| 1 | when the server uses close() immediately after the last write(). To avoid | |
| 2 | this, shutdown down the write side of the socket and wait for the client | |
| 3 | to close the connection (0 byte read) before closing the server side. | |
| 4 | Author: Kees Cook <kees@debian.org> | |
| 5 | ||
| 6 | --- cyrus-sasl2.orig/saslauthd/ipc_unix.c | |
| 7 | +++ cyrus-sasl2/saslauthd/ipc_unix.c | |
| 8 | @@ -217,6 +217,7 @@ void ipc_loop() { | |
| 9 | ||
| 10 | int rc; | |
| 11 | int conn_fd; | |
| 12 | + unsigned char dummy; | |
| 13 | ||
| 14 | ||
| 15 | while(1) { | |
| 16 | @@ -261,6 +262,8 @@ void ipc_loop() { | |
| 17 | } | |
| 18 | ||
| 19 | do_request(conn_fd); | |
| 20 | + shutdown(conn_fd, SHUT_WR); | |
| 21 | + while (read(conn_fd, &dummy, 1) > 0) { } | |
| 22 | close(conn_fd); | |
| 23 | ||
| 24 | if(flags & DETACH_TTY) { | |
| 25 | @@ -275,6 +278,8 @@ void ipc_loop() { | |
| 26 | * Normal prefork mode. | |
| 27 | *************************************************************/ | |
| 28 | do_request(conn_fd); | |
| 29 | + shutdown(conn_fd, SHUT_WR); | |
| 30 | + while (read(conn_fd, &dummy, 1) > 0) { } | |
| 31 | close(conn_fd); | |
| 32 | } | |
| 33 |