ITS#5507

diff --git a/CHANGES b/CHANGES
index 5df80a32e3b872cab9e02ccaa6a8d1baad5609e7..a26ede6dfbe9e5f7b7577c3106013d41d4da2314 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,7 @@
 OpenLDAP 2.3 Change Log
 
 OpenLDAP 2.3.42 Release (2008/05/15)
+       Fixed libldap file descriptor leak with SELinux (ITS#5507)
        Fixed slapd abstract objectClass inheritance check (ITS#5474)
        Fixed slapd connection handling (ITS#5469)
        Fixed slapd delta-syncrepl refresh mode (ITS#5376)

diff --git a/libraries/libldap/os-ip.c b/libraries/libldap/os-ip.c
index 42605204da465686418179b4c6cda67b0348c296..15dd4372dc5cbac0087955523396cfa8ea89ca04 100644 (file)
--- a/libraries/libldap/os-ip.c
+++ b/libraries/libldap/os-ip.c
@@ -36,6 +36,9 @@
 #ifdef HAVE_IO_H
 #include <io.h>
 #endif /* HAVE_IO_H */
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
 
 #include "ldap-int.h"
 
@@ -110,6 +113,9 @@ ldap_int_socket(LDAP *ld, int family, int type )
 {
        ber_socket_t s = socket(family, type, 0);
        osip_debug(ld, "ldap_new_socket: %d\n",s,0,0);
+#ifdef FD_CLOEXEC
+       fcntl(s, F_SETFD, FD_CLOEXEC);
+#endif
        return ( s );
 }
 

diff --git a/libraries/libldap/os-local.c b/libraries/libldap/os-local.c
index 381220b5b64d56343eb05230df643690c5fd889a..9ed4984cf9817aefca2c0525a28c6086e614c88a 100644 (file)
--- a/libraries/libldap/os-local.c
+++ b/libraries/libldap/os-local.c
@@ -47,6 +47,9 @@
 #ifdef HAVE_IO_H
 #include <io.h>
 #endif /* HAVE_IO_H */
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
 
 #include "ldap-int.h"
 #include "ldap_defaults.h"
@@ -89,6 +92,9 @@ ldap_pvt_socket(LDAP *ld)
 {
        ber_socket_t s = socket(PF_LOCAL, SOCK_STREAM, 0);
        oslocal_debug(ld, "ldap_new_socket: %d\n",s,0,0);
+#ifdef FD_CLOEXEC
+       fcntl(s, F_SETFD, FD_CLOEXEC);
+#endif
        return ( s );
 }