first bunch of patches with mkstemp()

Russ Allbery rra at stanford.edu
Sat Apr 8 08:24:06 UTC 2000


Moving this to inn-workers and quoting it all so that the inn-workers
folks can also read over the discussion.  Reading it again, it sounded a
little unclear, so clarification at the bottom of what I'm proposing.

Russ Allbery <rra at Stanford.EDU> writes:

> Matus \"fantomas\" Uhlar <uhlar at fantomas.sk> writes:
>> ok, I can rewrite those files, i can create function that returns opened
>> temporary FILE; should I make new .c ?

> The autoconf macro AC_REPLACE_FUNC() will check whether a host has a
> particular function, and if not will add .c to the end of the name of the
> function and set up the Makefiles to try to compile that file and add it
> to libinn.  So for autoconf to work nicely, any function that should be
> compiled only if the host doesn't have it should be in its own .c file
> named after the function.

> Most hosts already have a function that returns a temporary FILE *, BTW
> (namely tmpfile).  I'd be inclined to use the native implementation if
> it's there.  I know OpenBSD's man page recommends to always use mkstemp
> and not rely on tmpfile due to flaws in old implementations of tmpfile,
> but on most modern operating systems tmpfile is equivalent in strength to
> mkstemp (and often even implemented by using it under the hood).  And by
> using standard functions, we can take advantage of any security fixes to
> the underlying operating system.

> The difference between mkstemp and tmpfile, of course (besides the fact
> that the first returns a file descriptor and the second a FILE *), is that
> mkstemp leaves the file linked in so that it can be passed to other
> processes, while tmpfile unlinks the file and makes it truly temporary.
> I'm guessing that most of INN actually wants to use tmpfile, though.  If
> there are a lot of functions that need a FILE * and need it to stick
> around, it may be worth writing a function that wraps mkstemp in an fdopen
> call.

> (I'm of course open to being persuaded if you think the above approach
> isn't the best.  :))

What I think would be best, then, is for INN to provide both mkstemp and
tmpfile implementations, with AC_REPLACE_FUNC(), for platforms that don't
have them, and then to convert all uses of temporary files anywhere in INN
to using either mkstemp or tmpfile as appropriate.  If there are enough
places that need a FILE * and need to know the name (which I don't
expect), we may want to write a regular function that uses mkstemp under
the hood to perform that operation and factor out that common code.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the inn-workers mailing list