PSARC/2015/144 Kerberos 1.13 Delivery to Userland
19153034 Add MIT Kerberos to the Userland Consolidation
#
# Modifies calls to fopen() to add 'F' flag so 32bit binaries can open > 256
# file descriptors at once.
#
# MIT said they would take this patch however there has been talk of modifying
# fopen() for 32bit apps to extend the number of fds so this patch will not be
# submitted to MIT until this is resolved in ON.
# Patch source: in-house
#
diff -ur krb5-1.13.2/src/appl/gss-sample/gss-server.c krb5-1.13.2.fopen/src/appl/gss-sample/gss-server.c
--- krb5-1.13.2/src/appl/gss-sample/gss-server.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/appl/gss-sample/gss-server.c 2015-08-11 13:52:42.455625831 -0500
@@ -699,7 +699,7 @@
if (!strcmp(*argv, "/dev/null")) {
logfile = display_file = NULL;
} else {
- logfile = fopen(*argv, "a");
+ logfile = fopen(*argv, "aF");
display_file = logfile;
if (!logfile) {
perror(*argv);
diff -ur krb5-1.13.2/src/clients/ksu/authorization.c krb5-1.13.2.fopen/src/clients/ksu/authorization.c
--- krb5-1.13.2/src/clients/ksu/authorization.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/clients/ksu/authorization.c 2015-08-11 13:46:50.985382622 -0500
@@ -100,7 +100,7 @@
/* k5login and k5users must be owned by target user or root */
if (!k5login_flag){
- if ((login_fp = fopen(k5login_path, "r")) == NULL)
+ if ((login_fp = fopen(k5login_path, "rF")) == NULL)
return 0;
if ( fowner(login_fp, pwd->pw_uid) == FALSE) {
fclose(login_fp);
@@ -109,7 +109,7 @@
}
if (!k5users_flag){
- if ((users_fp = fopen(k5users_path, "r")) == NULL) {
+ if ((users_fp = fopen(k5users_path, "rF")) == NULL) {
return 0;
}
if ( fowner(users_fp, pwd->pw_uid) == FALSE){
diff -ur krb5-1.13.2/src/clients/ksu/ccache.c krb5-1.13.2.fopen/src/clients/ksu/ccache.c
--- krb5-1.13.2/src/clients/ksu/ccache.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/clients/ksu/ccache.c 2015-08-11 13:27:17.131920647 -0500
@@ -375,7 +375,7 @@
/* open ~/.k5login */
- if ((fp = fopen(pbuf, "r")) == NULL) {
+ if ((fp = fopen(pbuf, "rF")) == NULL) {
return 0;
}
/*
diff -ur krb5-1.13.2/src/clients/ksu/heuristic.c krb5-1.13.2.fopen/src/clients/ksu/heuristic.c
--- krb5-1.13.2/src/clients/ksu/heuristic.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/clients/ksu/heuristic.c 2015-08-11 13:53:18.318187882 -0500
@@ -222,7 +222,7 @@
k5users_flag = stat(k5users_path, &tb);
if (!k5login_flag){
- if ((login_fp = fopen(k5login_path, "r")) == NULL)
+ if ((login_fp = fopen(k5login_path, "rF")) == NULL)
return 0;
if ( fowner(login_fp, pwd->pw_uid) == FALSE){
close_time(1 /*k5users_flag*/, (FILE *) 0 /*users_fp*/,
@@ -231,7 +231,7 @@
}
}
if (!k5users_flag){
- if ((users_fp = fopen(k5users_path, "r")) == NULL)
+ if ((users_fp = fopen(k5users_path, "rF")) == NULL)
return 0;
if ( fowner(users_fp, pwd->pw_uid) == FALSE){
diff -ur krb5-1.13.2/src/kadmin/dbutil/dump.c krb5-1.13.2.fopen/src/kadmin/dbutil/dump.c
--- krb5-1.13.2/src/kadmin/dbutil/dump.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/kadmin/dbutil/dump.c 2015-08-11 13:41:07.987791713 -0500
@@ -1195,7 +1195,7 @@
char buf[BUFSIZ];
FILE *f;
- f = fopen(ifile, "r");
+ f = fopen(ifile, "rF");
if (f == NULL)
return 0; /* aliasing other errors to ENOENT here is OK */
@@ -1517,7 +1517,7 @@
/* Open the dumpfile. */
if (dumpfile != NULL) {
- f = fopen(dumpfile, "r");
+ f = fopen(dumpfile, "rF");
if (f == NULL) {
com_err(progname, errno, _("while opening %s"), dumpfile);
goto error;
diff -ur krb5-1.13.2/src/kadmin/server/ovsec_kadmd.c krb5-1.13.2.fopen/src/kadmin/server/ovsec_kadmd.c
--- krb5-1.13.2/src/kadmin/server/ovsec_kadmd.c 2015-08-11 14:09:05.551255648 -0500
+++ krb5-1.13.2.fopen/src/kadmin/server/ovsec_kadmd.c 2015-08-11 13:45:04.700855296 -0500
@@ -126,7 +126,7 @@
unsigned long pid;
int st1, st2;
- file = fopen(pid_file, "w");
+ file = fopen(pid_file, "wF");
if (file == NULL)
return errno;
pid = (unsigned long)getpid();
diff -ur krb5-1.13.2/src/kdc/main.c krb5-1.13.2.fopen/src/kdc/main.c
--- krb5-1.13.2/src/kdc/main.c 2015-08-11 14:09:05.788213288 -0500
+++ krb5-1.13.2.fopen/src/kdc/main.c 2015-08-11 13:40:50.652078819 -0500
@@ -859,7 +859,7 @@
FILE *file;
unsigned long pid;
- file = fopen(path, "w");
+ file = fopen(path, "wF");
if (file == NULL)
return errno;
pid = (unsigned long) getpid();
diff -ur krb5-1.13.2/src/lib/gssapi/generic/util_errmap.c krb5-1.13.2.fopen/src/lib/gssapi/generic/util_errmap.c
--- krb5-1.13.2/src/lib/gssapi/generic/util_errmap.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/gssapi/generic/util_errmap.c 2015-08-11 13:44:48.732993167 -0500
@@ -176,7 +176,7 @@
#ifdef DEBUG
FILE *f;
- f = fopen("/dev/pts/9", "w+");
+ f = fopen("/dev/pts/9", "w+F");
if (f == NULL)
f = stderr;
#endif
diff -ur krb5-1.13.2/src/lib/gssapi/mechglue/g_initialize.c krb5-1.13.2.fopen/src/lib/gssapi/mechglue/g_initialize.c
--- krb5-1.13.2/src/lib/gssapi/mechglue/g_initialize.c 2015-08-11 14:09:05.250949351 -0500
+++ krb5-1.13.2.fopen/src/lib/gssapi/mechglue/g_initialize.c 2015-08-11 13:38:16.832678845 -0500
@@ -1357,7 +1357,7 @@
char buffer[BUFSIZ], *oidStr;
FILE *confFile;
- if ((confFile = fopen(fileName, "r")) == NULL) {
+ if ((confFile = fopen(fileName, "rF")) == NULL) {
return;
}
diff -ur krb5-1.13.2/src/lib/kadm5/logger.c krb5-1.13.2.fopen/src/lib/kadm5/logger.c
--- krb5-1.13.2/src/lib/kadm5/logger.c 2015-08-11 14:09:05.365604955 -0500
+++ krb5-1.13.2.fopen/src/lib/kadm5/logger.c 2015-08-11 13:50:11.011871109 -0500
@@ -567,7 +567,7 @@
if (cp[4] == ':' || cp[4] == '=') {
/* Solaris Kerberos */
log_control.log_entries[i].lfu_fopen_mode =
- (cp[4] == ':') ? "a" : "w";
+ (cp[4] == ':') ? "aF" : "wF";
old_umask = umask(077);
f = fopen(&cp[5],
log_control.log_entries[i].lfu_fopen_mode);
@@ -802,7 +802,7 @@
*/
else if (!strcasecmp(cp, "CONSOLE")) {
log_control.log_entries[i].ldu_filep =
- CONSOLE_OPEN("a+");
+ CONSOLE_OPEN("a+F");
if (log_control.log_entries[i].ldu_filep) {
set_cloexec_file(log_control.log_entries[i].ldu_filep);
log_control.log_entries[i].log_type = K_LOG_CONSOLE;
@@ -818,7 +818,7 @@
*/
if (cp[6] == '=') {
log_control.log_entries[i].ldu_filep =
- DEVICE_OPEN(&cp[7], "w");
+ DEVICE_OPEN(&cp[7], "wF");
if (log_control.log_entries[i].ldu_filep) {
set_cloexec_file(log_control.log_entries[i].ldu_filep);
log_control.log_entries[i].log_type = K_LOG_DEVICE;
@@ -1157,7 +1157,7 @@
* In case the old logfile did not get moved out of the
* way, open for append to prevent squashing the old logs.
*/
- f = fopen(log_control.log_entries[lindex].lfu_fname, "a+");
+ f = fopen(log_control.log_entries[lindex].lfu_fname, "a+F");
if (f) {
set_cloexec_file(f);
log_control.log_entries[lindex].lfu_filep = f;
diff -ur krb5-1.13.2/src/lib/kadm5/srv/server_acl.c krb5-1.13.2.fopen/src/lib/kadm5/srv/server_acl.c
--- krb5-1.13.2/src/lib/kadm5/srv/server_acl.c 2015-08-11 14:09:05.702364340 -0500
+++ krb5-1.13.2.fopen/src/lib/kadm5/srv/server_acl.c 2015-08-11 13:38:00.105075682 -0500
@@ -496,7 +496,7 @@
DPRINT(DEBUG_CALLS, acl_debug_level, ("* kadm5int_acl_load_acl_file()\n"));
/* Open the ACL file for read */
- afp = fopen(acl_acl_file, "r");
+ afp = fopen(acl_acl_file, "rF");
if (afp) {
set_cloexec_file(afp);
alineno = 1;
diff -ur krb5-1.13.2/src/lib/kdb/kdb_default.c krb5-1.13.2.fopen/src/lib/kdb/kdb_default.c
--- krb5-1.13.2/src/lib/kdb/kdb_default.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/kdb/kdb_default.c 2015-08-11 13:39:37.134237942 -0500
@@ -251,9 +251,9 @@
FILE *kf = NULL;
#ifdef ANSI_STDIO
- if (!(kf = fopen(keyfile, "rb")))
+ if (!(kf = fopen(keyfile, "rbF")))
#else
- if (!(kf = fopen(keyfile, "r")))
+ if (!(kf = fopen(keyfile, "rF")))
#endif
return KRB5_KDB_CANTREAD_STORED;
set_cloexec_file(kf);
diff -ur krb5-1.13.2/src/lib/krb5/ccache/cc_dir.c krb5-1.13.2.fopen/src/lib/krb5/ccache/cc_dir.c
--- krb5-1.13.2/src/lib/krb5/ccache/cc_dir.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/ccache/cc_dir.c 2015-08-11 13:41:24.435225067 -0500
@@ -153,7 +153,7 @@
*residual_out = NULL;
/* Open the file and read its first line. */
- fp = fopen(primary_path, "r");
+ fp = fopen(primary_path, "rF");
if (fp == NULL)
return ENOENT;
ret = fgets(buf, sizeof(buf), fp);
diff -ur krb5-1.13.2/src/lib/krb5/ccache/ccselect_k5identity.c krb5-1.13.2.fopen/src/lib/krb5/ccache/ccselect_k5identity.c
--- krb5-1.13.2/src/lib/krb5/ccache/ccselect_k5identity.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/ccache/ccselect_k5identity.c 2015-08-11 13:26:23.773323178 -0500
@@ -168,7 +168,7 @@
free(homedir);
if (ret)
return ret;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "rF");
free(filename);
if (fp == NULL)
return KRB5_PLUGIN_NO_HANDLE;
diff -ur krb5-1.13.2/src/lib/krb5/keytab/kt_file.c krb5-1.13.2.fopen/src/lib/krb5/keytab/kt_file.c
--- krb5-1.13.2/src/lib/krb5/keytab/kt_file.c 2015-08-11 14:09:05.422898949 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/keytab/kt_file.c 2015-08-11 13:39:18.503152692 -0500
@@ -1022,11 +1022,11 @@
#define krb5_kt_default_vno ((krb5_kt_vno)KRB5_KT_DEFAULT_VNO)
#ifdef ANSI_STDIO
-static char *const fopen_mode_rbplus= "rb+";
-static char *const fopen_mode_rb = "rb";
+static char *const fopen_mode_rbplus= "rb+F";
+static char *const fopen_mode_rb = "rbF";
#else
-static char *const fopen_mode_rbplus= "r+";
-static char *const fopen_mode_rb = "r";
+static char *const fopen_mode_rbplus= "r+F";
+static char *const fopen_mode_rb = "rF";
#endif
static krb5_error_code
diff -ur krb5-1.13.2/src/lib/krb5/keytab/kt_srvtab.c krb5-1.13.2.fopen/src/lib/krb5/keytab/kt_srvtab.c
--- krb5-1.13.2/src/lib/krb5/keytab/kt_srvtab.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/keytab/kt_srvtab.c 2015-08-11 13:36:28.107510825 -0500
@@ -342,9 +342,9 @@
#include <stdio.h>
#ifdef ANSI_STDIO
-#define READ_MODE "rb"
+#define READ_MODE "rbF"
#else
-#define READ_MODE "r"
+#define READ_MODE "rF"
#endif
/* The maximum sizes for V4 aname, realm, sname, and instance +1 */
diff -ur krb5-1.13.2/src/lib/krb5/os/localaddr.c krb5-1.13.2.fopen/src/lib/krb5/os/localaddr.c
--- krb5-1.13.2/src/lib/krb5/os/localaddr.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/os/localaddr.c 2015-08-11 13:40:00.997639967 -0500
@@ -368,7 +368,7 @@
FILE *f;
/* _PATH_PROCNET_IFINET6 */
- f = fopen("/proc/net/if_inet6", "r");
+ f = fopen("/proc/net/if_inet6", "rF");
if (f) {
char ifname[21];
unsigned int idx, pfxlen, scope, dadstat;
diff -ur krb5-1.13.2/src/lib/krb5/os/localauth_k5login.c krb5-1.13.2.fopen/src/lib/krb5/os/localauth_k5login.c
--- krb5-1.13.2/src/lib/krb5/os/localauth_k5login.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/os/localauth_k5login.c 2015-08-11 13:45:18.115959001 -0500
@@ -116,7 +116,7 @@
if (ret)
goto cleanup;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "rF");
if (fp == NULL) {
ret = errno;
goto cleanup;
diff -ur krb5-1.13.2/src/lib/krb5/rcache/t_replay.c krb5-1.13.2.fopen/src/lib/krb5/rcache/t_replay.c
--- krb5-1.13.2/src/lib/krb5/rcache/t_replay.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/rcache/t_replay.c 2015-08-11 13:45:29.971685638 -0500
@@ -66,7 +66,7 @@
krb5_int32 usec;
krb5_timestamp timestamp;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "rF");
if (!fp) {
fprintf(stderr, "Can't open filename: %s\n", strerror(errno));
return;
diff -ur krb5-1.13.2/src/lib/krb5/unicode/ucdata/ucdata.c krb5-1.13.2.fopen/src/lib/krb5/unicode/ucdata/ucdata.c
--- krb5-1.13.2/src/lib/krb5/unicode/ucdata/ucdata.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/unicode/ucdata/ucdata.c 2015-08-11 13:43:57.692003927 -0500
@@ -156,7 +156,7 @@
_ucprop_size = 0;
}
- if ((in = _ucopenfile(paths, "ctype.dat", "rb")) == 0)
+ if ((in = _ucopenfile(paths, "ctype.dat", "rbF")) == 0)
return -1;
/*
@@ -337,7 +337,7 @@
_uccase_size = 0;
}
- if ((in = _ucopenfile(paths, "case.dat", "rb")) == 0)
+ if ((in = _ucopenfile(paths, "case.dat", "rbF")) == 0)
return -1;
/*
@@ -532,7 +532,7 @@
_uccomp_size = 0;
}
- if ((in = _ucopenfile(paths, "comp.dat", "rb")) == 0)
+ if ((in = _ucopenfile(paths, "comp.dat", "rbF")) == 0)
return -1;
/*
@@ -730,7 +730,7 @@
_ucdcmp_size = 0;
}
- if ((in = _ucopenfile(paths, "decomp.dat", "rb")) == 0)
+ if ((in = _ucopenfile(paths, "decomp.dat", "rbF")) == 0)
return -1;
/*
@@ -785,7 +785,7 @@
_uckdcmp_size = 0;
}
- if ((in = _ucopenfile(paths, "kdecomp.dat", "rb")) == 0)
+ if ((in = _ucopenfile(paths, "kdecomp.dat", "rbF")) == 0)
return -1;
/*
@@ -1042,7 +1042,7 @@
_uccmcl_size = 0;
}
- if ((in = _ucopenfile(paths, "cmbcl.dat", "rb")) == 0)
+ if ((in = _ucopenfile(paths, "cmbcl.dat", "rbF")) == 0)
return -1;
/*
@@ -1138,7 +1138,7 @@
_ucnum_size = 0;
}
- if ((in = _ucopenfile(paths, "num.dat", "rb")) == 0)
+ if ((in = _ucopenfile(paths, "num.dat", "rbF")) == 0)
return -1;
/*
diff -ur krb5-1.13.2/src/lib/krb5/unicode/ucdata/ucgendat.c krb5-1.13.2.fopen/src/lib/krb5/unicode/ucdata/ucgendat.c
--- krb5-1.13.2/src/lib/krb5/unicode/ucdata/ucgendat.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/krb5/unicode/ucdata/ucgendat.c 2015-08-11 13:51:21.938013410 -0500
@@ -1296,14 +1296,14 @@
* Open the output file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "uctable.h", opath);
- if ((out = fopen(path, "w")) == 0)
+ if ((out = fopen(path, "wF")) == 0)
return;
#else
/*
* Open the ctype.dat file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "ctype.dat", opath);
- if ((out = fopen(path, "wb")) == 0)
+ if ((out = fopen(path, "wbF")) == 0)
return;
#endif
@@ -1436,7 +1436,7 @@
* Open the case.dat file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "case.dat", opath);
- if ((out = fopen(path, "wb")) == 0)
+ if ((out = fopen(path, "wbF")) == 0)
return;
/*
@@ -1513,7 +1513,7 @@
* Open the comp.dat file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "comp.dat", opath);
- if ((out = fopen(path, "wb")) == 0)
+ if ((out = fopen(path, "wbF")) == 0)
return;
/*
@@ -1589,7 +1589,7 @@
* Open the decomp.dat file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "decomp.dat", opath);
- if ((out = fopen(path, "wb")) == 0)
+ if ((out = fopen(path, "wbF")) == 0)
return;
hdr[1] = decomps_used;
@@ -1682,7 +1682,7 @@
* Open the kdecomp.dat file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "kdecomp.dat", opath);
- if ((out = fopen(path, "wb")) == 0)
+ if ((out = fopen(path, "wbF")) == 0)
return;
hdr[1] = kdecomps_used;
@@ -1762,7 +1762,7 @@
* Open the cmbcl.dat file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "cmbcl.dat", opath);
- if ((out = fopen(path, "wb")) == 0)
+ if ((out = fopen(path, "wbF")) == 0)
return;
/*
@@ -1836,7 +1836,7 @@
* Open the num.dat file.
*/
snprintf(path, sizeof path, "%s" LDAP_DIRSEP "num.dat", opath);
- if ((out = fopen(path, "wb")) == 0)
+ if ((out = fopen(path, "wbF")) == 0)
return;
/*
@@ -1908,7 +1908,7 @@
case 'x':
argc--;
argv++;
- if ((in = fopen(argv[0], "r")) == 0)
+ if ((in = fopen(argv[0], "rF")) == 0)
fprintf(stderr,
"%s: unable to open composition exclusion file %s\n",
prog, argv[0]);
@@ -1924,7 +1924,7 @@
} else {
if (in != stdin && in != NULL)
fclose(in);
- if ((in = fopen(argv[0], "r")) == 0)
+ if ((in = fopen(argv[0], "rF")) == 0)
fprintf(stderr, "%s: unable to open ctype file %s\n",
prog, argv[0]);
else {
diff -ur krb5-1.13.2/src/lib/rpc/getrpcent.c krb5-1.13.2.fopen/src/lib/rpc/getrpcent.c
--- krb5-1.13.2/src/lib/rpc/getrpcent.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/rpc/getrpcent.c 2015-08-11 13:25:58.125779542 -0500
@@ -121,7 +121,7 @@
if (d == 0)
return;
if (d->rpcf == NULL) {
- d->rpcf = fopen(RPCDB, "r");
+ d->rpcf = fopen(RPCDB, "rF");
if (d->rpcf)
set_cloexec_file(d->rpcf);
} else
@@ -160,7 +160,7 @@
if (d == 0)
return(NULL);
if (d->rpcf == NULL) {
- if ((d->rpcf = fopen(RPCDB, "r")) == NULL)
+ if ((d->rpcf = fopen(RPCDB, "rF")) == NULL)
return (NULL);
set_cloexec_file(d->rpcf);
}
diff -ur krb5-1.13.2/src/lib/rpc/svc_auth_gssapi.c krb5-1.13.2.fopen/src/lib/rpc/svc_auth_gssapi.c
--- krb5-1.13.2/src/lib/rpc/svc_auth_gssapi.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/lib/rpc/svc_auth_gssapi.c 2015-08-11 13:52:59.222895641 -0500
@@ -57,7 +57,7 @@
{
static FILE *f;
if (f == NULL)
- f = fopen("/dev/pts/4", "a");
+ f = fopen("/dev/pts/4", "aF");
if (f) {
vfprintf(f, format, ap);
fflush(f);
diff -ur krb5-1.13.2/src/plugins/audit/test/au_test.c krb5-1.13.2.fopen/src/plugins/audit/test/au_test.c
--- krb5-1.13.2/src/plugins/audit/test/au_test.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/audit/test/au_test.c 2015-08-11 13:41:56.337778968 -0500
@@ -54,7 +54,7 @@
static krb5_error_code
open_au(krb5_audit_moddata *auctx)
{
- au_fd = fopen("au.log", "a+");
+ au_fd = fopen("au.log", "a+F");
if (au_fd == NULL)
return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */
k5_mutex_init(&lock);
diff -ur krb5-1.13.2/src/plugins/kdb/db2/adb_openclose.c krb5-1.13.2.fopen/src/plugins/kdb/db2/adb_openclose.c
--- krb5-1.13.2/src/plugins/kdb/db2/adb_openclose.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/db2/adb_openclose.c 2015-08-11 13:51:43.944888036 -0500
@@ -147,12 +147,12 @@
* POSIX systems
*/
lockp->lockinfo.filename = strdup(lockfilename);
- if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r+")) == NULL) {
+ if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r+F")) == NULL) {
/*
* maybe someone took away write permission so we could only
* get shared locks?
*/
- if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r"))
+ if ((lockp->lockinfo.lockfile = fopen(lockfilename, "rF"))
== NULL) {
free(db);
return OSA_ADB_NOLOCKFILE;
diff -ur krb5-1.13.2/src/plugins/kdb/db2/libdb2/btree/bt_debug.c krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/btree/bt_debug.c
--- krb5-1.13.2/src/plugins/kdb/db2/libdb2/btree/bt_debug.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/btree/bt_debug.c 2015-08-11 13:57:58.472374191 -0500
@@ -66,7 +66,7 @@
first = 0;
#ifndef TRACE_TO_STDERR
- if ((tracefp = fopen("/tmp/__bt_debug", "w")) != NULL)
+ if ((tracefp = fopen("/tmp/__bt_debug", "wF")) != NULL)
return;
#endif
tracefp = stderr;
diff -ur krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/btree.tests/main.c krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/btree.tests/main.c
--- krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/btree.tests/main.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/btree.tests/main.c 2015-08-11 13:52:17.919976635 -0500
@@ -224,7 +224,7 @@
int argc, i, last;
char *lbuf, *argv[4], buf[512];
- if ((ifp = fopen("/dev/tty", "r")) == NULL) {
+ if ((ifp = fopen("/dev/tty", "rF")) == NULL) {
(void)fprintf(stderr,
"/dev/tty: %s\n", strerror(errno));
exit(1);
@@ -624,7 +624,7 @@
FILE *fp;
int status;
- if ((fp = fopen(argv[1], "w")) == NULL) {
+ if ((fp = fopen(argv[1], "wF")) == NULL) {
(void)fprintf(stderr, "%s: %s\n", argv[1], strerror(errno));
return;
}
@@ -649,7 +649,7 @@
void *cookie;
cookie = NULL;
- if ((fp = fopen(argv[1], "w")) == NULL) {
+ if ((fp = fopen(argv[1], "wF")) == NULL) {
(void)fprintf(stderr, "%s: %s\n", argv[1], strerror(errno));
return;
}
@@ -679,7 +679,7 @@
char *lp, buf[16 * 1024];
BUGdb = db;
- if ((fp = fopen(argv[1], "r")) == NULL) {
+ if ((fp = fopen(argv[1], "rF")) == NULL) {
(void)fprintf(stderr, "%s: %s\n", argv[1], strerror(errno));
return;
}
diff -ur krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/hash1.tests/tdel.c krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/hash1.tests/tdel.c
--- krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/hash1.tests/tdel.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/hash1.tests/tdel.c 2015-08-11 13:58:10.679774122 -0500
@@ -103,7 +103,7 @@
}
if ( --argc ) {
- fp = fopen ( argv[0], "r");
+ fp = fopen ( argv[0], "rF");
i = 0;
while ( fgets(wp1, 8192, fp) &&
fgets(wp2, 8192, fp) &&
diff -ur krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/hash1.tests/thash4.c krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/hash1.tests/thash4.c
--- krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/hash1.tests/thash4.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/hash1.tests/thash4.c 2015-08-11 13:37:47.137256617 -0500
@@ -106,7 +106,7 @@
}
if ( --argc ) {
- fp = fopen ( argv[0], "r");
+ fp = fopen ( argv[0], "rF");
i = 0;
while ( fgets(wp1, 256, fp) &&
fgets(wp2, 8192, fp) &&
diff -ur krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/hash2.tests/passtest.c krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/hash2.tests/passtest.c
--- krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/hash2.tests/passtest.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/hash2.tests/passtest.c 2015-08-11 13:46:12.282862828 -0500
@@ -19,8 +19,8 @@
val_line = (char *)malloc(300);
old = (char *)malloc(300);
- keys = fopen("yp.keys", "rt");
- vals = fopen("yp.total", "rt");
+ keys = fopen("yp.keys", "rtF");
+ vals = fopen("yp.total", "rtF");
passwd.bsize = 1024;
passwd.cachesize = 1024 * 1024;
@@ -61,8 +61,8 @@
- keys = fopen("yp.keys", "rt");
- vals = fopen("yp.total", "rt");
+ keys = fopen("yp.keys", "rtF");
+ vals = fopen("yp.total", "rtF");
get_key = (char *)malloc(100);
get_val = (char *)malloc(300);
@@ -120,8 +120,8 @@
get_key = (char *)malloc(100);
key2 = (char *)malloc(100);
- keys = fopen("yp.keys", "rt");
- vals = fopen("yp.total", "rt");
+ keys = fopen("yp.keys", "rtF");
+ vals = fopen("yp.total", "rtF");
db = dbopen("/usr/tmp/passwd.db", O_RDWR|O_BINARY, 0664, DB_HASH, &passwd);
n = 0;
@@ -148,8 +148,8 @@
key2 = (char *)malloc(100);
get_val = (char *)malloc(300);
- keys = fopen("yp.keys", "rt");
- vals = fopen("yp.total", "rt");
+ keys = fopen("yp.keys", "rtF");
+ vals = fopen("yp.total", "rtF");
db = dbopen("/usr/tmp/passwd.db", O_RDWR|O_BINARY, 0664, DB_HASH, &passwd);
n = 0;
diff -ur krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/SEQ_TEST/t.c krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/SEQ_TEST/t.c
--- krb5-1.13.2/src/plugins/kdb/db2/libdb2/test/SEQ_TEST/t.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/db2/libdb2/test/SEQ_TEST/t.c 2015-08-11 13:35:18.997485992 -0500
@@ -18,7 +18,7 @@
FILE *fopen(), *fin;
unlink("test.db");
- if ((fin = fopen("data","r")) == NULL) {
+ if ((fin = fopen("data","rF")) == NULL) {
printf("Unable to open %s\n","data");
exit(25);
}
diff -ur krb5-1.13.2/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c krb5-1.13.2.fopen/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
--- krb5-1.13.2/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c 2015-08-11 13:50:27.043180087 -0500
@@ -178,7 +178,7 @@
/* set password in the file */
old_mode = umask(0177);
- pfile = fopen(file_name, "a+");
+ pfile = fopen(file_name, "a+F");
if (pfile == NULL) {
com_err(me, errno, _("Failed to open file %s: %s"), file_name,
strerror (errno));
@@ -230,7 +230,7 @@
}
omask = umask(077);
- newfile = fopen(tmp_file, "w");
+ newfile = fopen(tmp_file, "wF");
umask (omask);
if (newfile == NULL) {
com_err(me, errno, _("Error creating file %s"), tmp_file);
diff -ur krb5-1.13.2/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c krb5-1.13.2.fopen/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
--- krb5-1.13.2/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c 2015-08-11 13:38:33.143752493 -0500
@@ -87,7 +87,7 @@
*password_out = NULL;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "rF");
if (fp == NULL) {
ret = errno;
k5_setmsg(context, ret, _("Cannot open LDAP password file '%s': %s"),
diff -ur krb5-1.13.2/src/plugins/locate/python/py-locate.c krb5-1.13.2.fopen/src/plugins/locate/python/py-locate.c
--- krb5-1.13.2/src/plugins/locate/python/py-locate.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/locate/python/py-locate.c 2015-08-11 13:27:01.588118726 -0500
@@ -98,7 +98,7 @@
Py_Initialize ();
// fprintf(stderr, "trying to load %s\n", SCRIPT_PATH);
- f = fopen(SCRIPT_PATH, "r");
+ f = fopen(SCRIPT_PATH, "rF");
if (f == NULL) {
if (sctx)
krb5_set_error_message(sctx, -1,
diff -ur krb5-1.13.2/src/plugins/preauth/otp/otp_state.c krb5-1.13.2.fopen/src/plugins/preauth/otp/otp_state.c
--- krb5-1.13.2/src/plugins/preauth/otp/otp_state.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/preauth/otp/otp_state.c 2015-08-11 13:45:35.971590182 -0500
@@ -94,7 +94,7 @@
return retval;
}
- file = fopen(filename, "r");
+ file = fopen(filename, "rF");
if (file == NULL) {
retval = errno;
com_err("otp", retval, "Unable to open secret file '%s'", filename);
diff -ur krb5-1.13.2/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c krb5-1.13.2.fopen/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
--- krb5-1.13.2/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c 2015-08-11 14:09:05.679850166 -0500
+++ krb5-1.13.2.fopen/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c 2015-08-11 13:47:00.667400771 -0500
@@ -4256,7 +4256,7 @@
goto cleanup;
}
- fp = fopen(idopts->cert_filename, "rb");
+ fp = fopen(idopts->cert_filename, "rbF");
if (fp == NULL) {
pkiDebug("Failed to open PKCS12 file '%s', error %d\n",
idopts->cert_filename, errno);
diff -ur krb5-1.13.2/src/plugins/preauth/pkinit/pkinit_lib.c krb5-1.13.2.fopen/src/plugins/preauth/pkinit/pkinit_lib.c
--- krb5-1.13.2/src/plugins/preauth/pkinit/pkinit_lib.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/preauth/pkinit/pkinit_lib.c 2015-08-11 13:37:29.585859289 -0500
@@ -365,7 +365,7 @@
if (len <= 0 || filename == NULL)
return;
- if ((f = fopen(filename, "w")) == NULL)
+ if ((f = fopen(filename, "wF")) == NULL)
return;
set_cloexec_file(f);
diff -ur krb5-1.13.2/src/plugins/tls/k5tls/openssl.c krb5-1.13.2.fopen/src/plugins/tls/k5tls/openssl.c
--- krb5-1.13.2/src/plugins/tls/k5tls/openssl.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/plugins/tls/k5tls/openssl.c 2015-08-11 13:39:50.077659500 -0500
@@ -348,7 +348,7 @@
X509_INFO *xi;
int i;
- fp = fopen(path, "r");
+ fp = fopen(path, "rF");
if (fp == NULL)
return errno;
sk = PEM_X509_INFO_read(fp, NULL, NULL, NULL);
diff -ur krb5-1.13.2/src/slave/kpropd.c krb5-1.13.2.fopen/src/slave/kpropd.c
--- krb5-1.13.2/src/slave/kpropd.c 2015-08-11 14:09:06.005972821 -0500
+++ krb5-1.13.2.fopen/src/slave/kpropd.c 2015-08-11 13:36:51.675274120 -0500
@@ -1306,7 +1306,7 @@
if (retval)
return FALSE;
- acl_file = fopen(acl_file_name, "r");
+ acl_file = fopen(acl_file_name, "rF");
if (acl_file == NULL)
return FALSE;
diff -ur krb5-1.13.2/src/tests/asn.1/t_trval.c krb5-1.13.2.fopen/src/tests/asn.1/t_trval.c
--- krb5-1.13.2/src/tests/asn.1/t_trval.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/tests/asn.1/t_trval.c 2015-08-11 13:26:43.068639205 -0500
@@ -93,7 +93,7 @@
}
} else {
optflg = 0;
- if ((fp = fopen(*argv,"r")) == NULL) {
+ if ((fp = fopen(*argv,"rF")) == NULL) {
fprintf(stderr,"trval: unable to open %s\n", *argv);
continue;
}
diff -ur krb5-1.13.2/src/tests/gss-threads/gss-server.c krb5-1.13.2.fopen/src/tests/gss-threads/gss-server.c
--- krb5-1.13.2/src/tests/gss-threads/gss-server.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/tests/gss-threads/gss-server.c 2015-08-11 13:38:08.680788848 -0500
@@ -733,7 +733,7 @@
if (!strcmp(*argv, "/dev/null")) {
logfile = display_file = NULL;
} else {
- logfile = fopen(*argv, "a");
+ logfile = fopen(*argv, "aF");
display_file = logfile;
if (!logfile) {
perror(*argv);
diff -ur krb5-1.13.2/src/util/profile/prof_file.c krb5-1.13.2.fopen/src/util/profile/prof_file.c
--- krb5-1.13.2/src/util/profile/prof_file.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/util/profile/prof_file.c 2015-08-11 13:56:49.450805045 -0500
@@ -123,7 +123,7 @@
*/
FILE *f;
- f = fopen(filespec, "r+");
+ f = fopen(filespec, "r+F");
if (f) {
fclose(f);
return 1;
@@ -147,7 +147,7 @@
*/
FILE *f;
- f = fopen(filespec, "r");
+ f = fopen(filespec, "rF");
if (f) {
fclose(f);
return 1;
@@ -346,7 +346,7 @@
}
#endif
errno = 0;
- f = fopen(data->filespec, "r");
+ f = fopen(data->filespec, "rF");
if (f == NULL) {
retval = errno;
if (retval == 0)
@@ -411,7 +411,7 @@
errno = 0;
- f = fopen(new_file, "w");
+ f = fopen(new_file, "wF");
if (!f) {
retval = errno;
if (retval == 0)
diff -ur krb5-1.13.2/src/util/profile/prof_parse.c krb5-1.13.2.fopen/src/util/profile/prof_parse.c
--- krb5-1.13.2/src/util/profile/prof_parse.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/util/profile/prof_parse.c 2015-08-11 13:40:28.548611243 -0500
@@ -212,7 +212,7 @@
incstate.root_section = state->root_section;
incstate.current_section = NULL;
- fp = fopen(filename, "r");
+ fp = fopen(filename, "rF");
if (fp == NULL)
return PROF_FAIL_INCLUDE_FILE;
retval = parse_file(fp, &incstate, NULL);
diff -ur krb5-1.13.2/src/util/profile/test_parse.c krb5-1.13.2.fopen/src/util/profile/test_parse.c
--- krb5-1.13.2/src/util/profile/test_parse.c 2015-05-08 18:27:02.000000000 -0500
+++ krb5-1.13.2.fopen/src/util/profile/test_parse.c 2015-08-11 13:41:47.994085591 -0500
@@ -25,7 +25,7 @@
exit(1);
}
- f = fopen(argv[1], "r");
+ f = fopen(argv[1], "rF");
if (!f) {
perror(argv[1]);
exit(1);