From owner-svn-src-stable-7@FreeBSD.ORG  Sun Oct 26 21:55:19 2008
Return-Path: <owner-svn-src-stable-7@FreeBSD.ORG>
Delivered-To: svn-src-stable-7@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E0AB81065671;
	Sun, 26 Oct 2008 21:55:19 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id CD4D58FC13;
	Sun, 26 Oct 2008 21:55:19 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id m9QLtJhj096819;
	Sun, 26 Oct 2008 21:55:19 GMT (envelope-from ed@svn.freebsd.org)
Received: (from ed@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id m9QLtJG5096815;
	Sun, 26 Oct 2008 21:55:19 GMT (envelope-from ed@svn.freebsd.org)
Message-Id: <200810262155.m9QLtJG5096815@svn.freebsd.org>
From: Ed Schouten <ed@FreeBSD.org>
Date: Sun, 26 Oct 2008 21:55:19 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org
X-SVN-Group: stable-7
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r184300 - in stable/7/lib: libc/stdlib libutil
X-BeenThere: svn-src-stable-7@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for only the 7-stable src tree
	<svn-src-stable-7.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable-7>, 
	<mailto:svn-src-stable-7-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable-7>
List-Post: <mailto:svn-src-stable-7@freebsd.org>
List-Help: <mailto:svn-src-stable-7-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable-7>, 
	<mailto:svn-src-stable-7-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Oct 2008 21:55:20 -0000

Author: ed
Date: Sun Oct 26 21:55:19 2008
New Revision: 184300
URL: http://svn.freebsd.org/changeset/base/184300

Log:
  MFC r183565:
  
    Small cleanups to openpty().
  
    - Pass O_NOCTTY to posix_openpt(2). This makes the implementation work
      consistently on implementations that make the PTY the controlling TTY
      by default.
  
    - Call unlockpt() before opening the slave device. POSIX mentions that
      de slave device should only be opened after grantpt() and unlockpt()
      have been called.
  
    - Replace some redundant code by a label.
  
  As a safety net, add a call to revoke() to unlockpt(). All applications
  out there use openpty(), explicitly call revoke() or implement their own
  PTY allocation routines. Adding the call to unlockpt() won't hurt, but
  will prevent foot-shooting.
  
  Reviewed by:	jhb, kib
  Approved by:	re

Modified:
  stable/7/lib/libc/stdlib/grantpt.3
  stable/7/lib/libc/stdlib/grantpt.c
  stable/7/lib/libutil/pty.c

Modified: stable/7/lib/libc/stdlib/grantpt.3
==============================================================================
--- stable/7/lib/libc/stdlib/grantpt.3	Sun Oct 26 19:37:38 2008	(r184299)
+++ stable/7/lib/libc/stdlib/grantpt.3	Sun Oct 26 21:55:19 2008	(r184300)
@@ -212,11 +212,6 @@ and
 functions appeared in
 .Fx 5.0 .
 .Sh NOTES
-The purpose of the
-.Fn unlockpt
-function has no meaning in
-.Fx .
-.Pp
 The flag
 .Dv O_NOCTTY
 is included for compatibility; in

Modified: stable/7/lib/libc/stdlib/grantpt.c
==============================================================================
--- stable/7/lib/libc/stdlib/grantpt.c	Sun Oct 26 19:37:38 2008	(r184299)
+++ stable/7/lib/libc/stdlib/grantpt.c	Sun Oct 26 21:55:19 2008	(r184300)
@@ -281,14 +281,20 @@ invalid:
 int
 unlockpt(int fildes)
 {
+	const char *slave;
 
 	/*
-	 * Unlocking a master/slave pseudo-terminal pair has no meaning in a
-	 * non-streams PTY environment.  However, we do ensure fildes is a
-	 * valid master pseudo-terminal device.
+	 * Even though unlocking a PTY has no meaning in a non-streams
+	 * PTY environment, make this function call revoke() to ensure
+	 * the PTY slave device is not being evesdropped.
 	 */
-	if (ptsname(fildes) == NULL)
+	if ((slave = ptsname(fildes)) == NULL)
 		return (-1);
 
+	if (revoke(slave) == -1) {
+		errno = EINVAL;
+		return (-1);
+	}
+
 	return (0);
 }

Modified: stable/7/lib/libutil/pty.c
==============================================================================
--- stable/7/lib/libutil/pty.c	Sun Oct 26 19:37:38 2008	(r184299)
+++ stable/7/lib/libutil/pty.c	Sun Oct 26 21:55:19 2008	(r184300)
@@ -56,37 +56,26 @@ openpty(int *amaster, int *aslave, char 
 	const char *slavename;
 	int master, slave;
 
-	master = posix_openpt(O_RDWR);
+	master = posix_openpt(O_RDWR|O_NOCTTY);
 	if (master == -1)
 		return (-1);
 
-	if (grantpt(master) == -1) {
-		close(master);
-		return (-1);
-	}
+	if (grantpt(master) == -1)
+		goto bad;
+
+	if (unlockpt(master) == -1)
+		goto bad;
 
 	slavename = ptsname(master);
-	if (slavename == NULL) {
-		close(master);
-		return (-1);
-	}
+	if (slavename == NULL)
+		goto bad;
 
-	if (revoke(slavename) == -1) {
-		close(master);
-		return (-1);
-	}
+	if (revoke(slavename) == -1)
+		goto bad;
 
 	slave = open(slavename, O_RDWR);
-	if (slave == -1) {
-		close(master);
-		return (-1);
-	}
-
-	if (unlockpt(master) == -1) {
-		close(master);
-		close(slave);
-		return (-1);
-	}
+	if (slave == -1)
+		goto bad;
 
 	*amaster = master;
 	*aslave = slave;
@@ -99,6 +88,9 @@ openpty(int *amaster, int *aslave, char 
 		ioctl(slave, TIOCSWINSZ, (char *)winp);
 
 	return (0);
+
+bad:	close(master);
+	return (-1);
 }
 
 int