From 9c6eaccc32563fbc277664e0135c7cefc762bf02 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 20 Nov 2023 13:34:59 +0100 Subject: [PATCH] nts: close reusable sockets in helper process Close all reusable sockets when the NTS-KE server helper is forked. It is not supposed to have access to any of the server sockets, just the socket for getting requests from the main process and the syslog socket. --- nts_ke_server.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nts_ke_server.c b/nts_ke_server.c index 5e25c50..3fe99db 100644 --- a/nts_ke_server.c +++ b/nts_ke_server.c @@ -685,6 +685,8 @@ run_helper(uid_t uid, gid_t gid, int scfilter_level) DEBUG_LOG("Helper started"); + SCK_CloseReusableSockets(); + /* Suppress a log message about disabled clock control */ log_severity = LOG_GetMinSeverity(); LOG_SetMinSeverity(LOGS_ERR);