fds: Provide cloexec() and use it in udp.c and tun.c

[secnet.git] / tun.c

diff --git a/tun.c b/tun.c
index d4070f2ef405d7e8316bf23a84837189a05eddef..ffc195ca5a4f3c777db13b5ebe77de94f2f5d5a9 100644 (file)
--- a/tun.c
+++ b/tun.c
@@ -340,6 +340,8 @@ static void tun_phase_hook(void *sst, uint32_t newphase)
        st->interface_name=safe_malloc(10,"tun_apply");
        sprintf(st->interface_name,"tun%d",ppa);
        st->fd=tun_fd;
+       setcloexec(if_ifd);
+       setcloexec(ip_ifd);
 #else
        fatal("tun_phase_hook: TUN_FLAVOUR_STREAMS unexpected");
 #endif /* HAVE_TUN_STREAMS */
@@ -350,6 +352,8 @@ static void tun_phase_hook(void *sst, uint32_t newphase)
        to set the TUN device's address, and route to add routes to all
        our networks. */
 
+    setcloexec(st->fd);
+
     hostaddr=ipaddr_to_string(st->nl.local_address);
     secnetaddr=ipaddr_to_string(st->nl.secnet_address);
     snprintf(mtu,sizeof(mtu),"%d",st->nl.mtu);