[gnutls-devel] GnuTLS | GnuTLS leaks file descriptors in child processes (#985)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue May 12 20:54:03 CEST 2020

Remi Denis-Courmont commented:

As far as I know, there are two ways to solve this (and none else):
- use the "e" flag to `fopen()` (specified in POSIX.next if I understood correctly, originating in glibc), or
- use `open() with the `O_CLOEXEC` flag followed by `fdopen()` (specified in POSIX.2008 already).

As to portability, you have four cases:
1) The OS does not support `fork()` (e.g. Windows): no need to do anything.
2) The OS supports `fork()`, lacks POSIX.2008: this is broken beyond repair.
3) The OS supports `fork()` and POSIX.2008: using `open()` then `fdopen()` is the only solution.
4) The OS supports both solutions.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/985#note_341226072
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200512/179d5ffd/attachment.html>

More information about the Gnutls-devel mailing list