#include <assert.h>
#include <errno.h>
+#include <fcntl.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <poll.h>
int create_server_socket(const sockaddr_in6 &addr, SocketType socket_type)
{
+ // NOTE: We set as non-blocking, so the acceptor thread can notice that we want to shut it down.
int server_sock;
if (socket_type == TCP_SOCKET) {
- server_sock = socket(PF_INET6, SOCK_STREAM, IPPROTO_TCP);
+ server_sock = socket(PF_INET6, SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, IPPROTO_TCP);
} else {
assert(socket_type == UDP_SOCKET);
- server_sock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
+ server_sock = socket(PF_INET6, SOCK_DGRAM | SOCK_NONBLOCK | SOCK_CLOEXEC, IPPROTO_UDP);
}
if (server_sock == -1) {
log_perror("socket");
exit(1);
}
- // Set as non-blocking, so the acceptor thread can notice that we want to shut it down.
- if (ioctl(server_sock, FIONBIO, &one) == -1) {
- log_perror("ioctl(FIONBIO)");
- exit(1);
- }
-
- if (bind(server_sock, reinterpret_cast<const sockaddr *>(&addr), sizeof(addr)) == -1) {
+ if (::bind(server_sock, reinterpret_cast<const sockaddr *>(&addr), sizeof(addr)) == -1) {
log_perror("bind");
exit(1);
}
certificate_chain(serialized.certificate_chain()),
private_key(serialized.private_key())
{
+ // Set back the close-on-exec flag for the socket.
+ // (This can't leak into a child, since we haven't been started yet.)
+ fcntl(server_sock, F_SETFD, FD_CLOEXEC);
}
AcceptorProto Acceptor::serialize() const
{
+ // Unset the close-on-exec flag for the socket.
+ // (This can't leak into a child, since there's only one thread left.)
+ fcntl(server_sock, F_SETFD, 0);
+
char buf[INET6_ADDRSTRLEN];
inet_ntop(addr.sin6_family, &addr.sin6_addr, buf, sizeof(buf));
void Acceptor::do_work()
{
while (!should_stop()) {
- if (!wait_for_activity(server_sock, POLLIN, NULL)) {
+ if (!wait_for_activity(server_sock, POLLIN, nullptr)) {
continue;
}
socklen_t addrlen = sizeof(addr);
// Get a new socket, and set it as nonblocking.
- int sock = accept4(server_sock, reinterpret_cast<sockaddr *>(&addr), &addrlen, SOCK_NONBLOCK);
+ int sock = accept4(server_sock, reinterpret_cast<sockaddr *>(&addr), &addrlen, SOCK_NONBLOCK | SOCK_CLOEXEC);
if (sock == -1 && errno == EINTR) {
continue;
}