fd_cloexec: add and use lws_open wrapper and lws_plat_apply_FD_CLOEXEC() on cgi

This adds lws_open() like master, but unlike master, it can't add it as a
public api.  Instead it's used internally only.

lib/core/context.c

@@ -808,7 +808,7 @@ lws_create_vhost(struct lws_context *context,
 
 #ifdef LWS_WITH_ACCESS_LOG
 	if (info->log_filepath) {
-		vh->log_fd = open(info->log_filepath,
+		vh->log_fd = lws_open(info->log_filepath,
 				  O_CREAT | O_APPEND | O_RDWR, 0600);
 		if (vh->log_fd == (int)LWS_INVALID_FILE) {
 			lwsl_err("unable to open log filepath %s\n",

lib/core/libwebsockets.c

@@ -58,6 +58,28 @@ static const char * const log_level_names[] = {
 };
 #endif
 
+int lws_open(const char *__file, int __oflag, ...)
+{
+	va_list ap;
+	int n;
+
+	va_start(ap, __oflag);
+	if (((__oflag & O_CREAT) == O_CREAT)
+#if defined(O_TMPFILE)
+		|| ((__oflag & O_TMPFILE) == O_TMPFILE)
+#endif
+	)
+		/* last arg is really a mode_t.  But windows... */
+		n = open(__file, __oflag, va_arg(ap, uint32_t));
+	else
+		n = open(__file, __oflag);
+	va_end(ap);
+
+	lws_plat_apply_FD_CLOEXEC(n);
+
+	return n;
+}
+
 #if defined (_DEBUG)
 void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role)
 {

lib/core/private.h

@@ -1606,6 +1606,9 @@ lws_plat_pipe_close(struct lws *wsi);
 int
 lws_create_event_pipes(struct lws_context *context);
 
+int lws_open(const char *__file, int __oflag, ...);
+void lws_plat_apply_FD_CLOEXEC(int n);
+
 const struct lws_plat_file_ops *
 lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path,
 		    const char **vpath);

lib/libwebsockets.h

@@ -2812,7 +2812,7 @@ struct lws_context_creation_info {
 	/**< VHOST: pointer to optional linked list of per-vhost
 	 * options made accessible to protocols */
 	int keepalive_timeout;
-	/**< VHOST: (default = 0 = 60s) seconds to allow remote
+	/**< VHOST: (default = 0 = 5s) seconds to allow remote
 	 * client to hold on to an idle HTTP/1.1 connection */
 	const char *log_filepath;
 	/**< VHOST: filepath to append logs to... this is opened before

lib/misc/daemonize.c

@@ -49,7 +49,7 @@ child_handler(int signum)
 		if (lock_path) {
 			/* Create the lock file as the current user */
 
-			fd = open(lock_path, O_TRUNC | O_RDWR | O_CREAT, 0640);
+			fd = lws_open(lock_path, O_TRUNC | O_RDWR | O_CREAT, 0640);
 			if (fd < 0) {
 				fprintf(stderr,
 				   "unable to create lock file %s, code=%d (%s)\n",
@@ -106,7 +106,7 @@ lws_daemonize(const char *_lock_path)
 //		return 1;
 
 	if (_lock_path) {
-		fd = open(_lock_path, O_RDONLY);
+		fd = lws_open(_lock_path, O_RDONLY);
 		if (fd >= 0) {
 			n = read(fd, buf, sizeof(buf));
 			close(fd);

lib/plat/lws-plat-esp32.c

@@ -29,6 +29,10 @@
 #include <lwip/sockets.h>
 #include <esp_task_wdt.h>
 
+void lws_plat_apply_FD_CLOEXEC(int n)
+{
+}
+
 int
 lws_plat_socket_offset(void)
 {

lib/plat/lws-plat-optee.c

@@ -4,6 +4,10 @@
  * included from libwebsockets.c for OPTEE builds
  */
 
+void lws_plat_apply_FD_CLOEXEC(int n)
+{
+}
+
 int
 lws_plat_socket_offset(void)
 {

lib/plat/lws-plat-unix.c

@@ -30,6 +30,12 @@
 #endif
 #include <dirent.h>
 
+void lws_plat_apply_FD_CLOEXEC(int n)
+{
+	if (n != -1)
+		fcntl(n, F_SETFD, FD_CLOEXEC );
+}
+
 int
 lws_plat_socket_offset(void)
 {
@@ -954,7 +960,7 @@ lws_plat_write_file(const char *filename, void *buf, int len)
 LWS_VISIBLE int
 lws_plat_read_file(const char *filename, void *buf, int len)
 {
-	int n, fd = open(filename, O_RDONLY);
+	int n, fd = lws_open(filename, O_RDONLY);
 	if (fd == -1)
 		return -1;
 

lib/plat/lws-plat-win.c

@@ -3,6 +3,10 @@
 #endif
 #include "core/private.h"
 
+void lws_plat_apply_FD_CLOEXEC(int n)
+{
+}
+
 int
 lws_plat_socket_offset(void)
 {
@@ -800,7 +804,7 @@ lws_plat_write_file(const char *filename, void *buf, int len)
 {
 	int m, fd;
 
-	fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+	fd = lws_open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
 
 	if (fd == -1)
 		return -1;
@@ -814,7 +818,7 @@ lws_plat_write_file(const char *filename, void *buf, int len)
 LWS_VISIBLE int
 lws_plat_read_file(const char *filename, void *buf, int len)
 {
-	int n, fd = open(filename, O_RDONLY);
+	int n, fd = lws_open(filename, O_RDONLY);
 	if (fd == -1)
 		return -1;
 

lib/roles/cgi/cgi-server.c

@@ -402,8 +402,14 @@ lws_cgi(struct lws *wsi, const char * const *exec_array, int script_uri_path_len
 		lwsl_debug("%s: cgi %p spawned PID %d\n", __func__,
 			   cgi, cgi->pid);
 
-		for (n = 0; n < 3; n++)
+		/*
+		 *  close:                stdin:r, stdout:w, stderr:w
+		 * hide from other forks: stdin:w, stdout:r, stderr:r
+		 */
+		for (n = 0; n < 3; n++) {
+			lws_plat_apply_FD_CLOEXEC(cgi->pipe_fds[n][!!(n == 0)]);
 			close(cgi->pipe_fds[n][!(n == 0)]);
+		}
 
 		/* inform cgi owner of the child PID */
 		n = user_callback_handle_rxflow(wsi->protocol->callback, wsi,

lib/roles/http/server/lejp-conf.c

@@ -779,7 +779,7 @@ lwsws_get_config(void *user, const char *f, const char * const *paths,
 	struct lejp_ctx ctx;
 	int n, m, fd;
 
-	fd = open(f, O_RDONLY);
+	fd = lws_open(f, O_RDONLY);
 	if (fd < 0) {
 		lwsl_err("Cannot open %s\n", f);
 		return 2;

lib/roles/http/server/server.c

@@ -694,7 +694,7 @@ lws_find_string_in_file(const char *filename, const char *string, int stringlen)
 	char buf[128];
 	int fd, match = 0, pos = 0, n = 0, hit = 0;
 
-	fd = open(filename, O_RDONLY);
+	fd = lws_open(filename, O_RDONLY);
 	if (fd < 0) {
 		lwsl_err("can't open auth file: %s\n", filename);
 		return 0;