From 40664566e6c93811b93728ca9f560548fea376b3 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben@defora.org>
Date: Mon, 27 Aug 2018 20:01:13 +0200
Subject: [PATCH] Look for support for fileno() in the system

This should help fwknop remain as portable as before.
The fallback code still suffers from the TOCTOU condition though.
---
 client/fwknop.c       | 8 ++++++++
 server/access.c       | 4 ++++
 server/config_init.c  | 4 ++++
 server/replay_cache.c | 4 ++++
 4 files changed, 20 insertions(+)

diff --git a/client/fwknop.c b/client/fwknop.c
index 34cacfb5..bcd2c99f 100644
--- a/client/fwknop.c
+++ b/client/fwknop.c
@@ -899,7 +899,11 @@ show_last_command(const char * const args_save_file)
         return 0;
     }
 
+#if HAVE_FILENO
     if(verify_file_perms_ownership(args_save_file, fileno(args_file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(args_save_file, -1) != 1)
+#endif
     {
         fclose(args_file_ptr);
         return 0;
@@ -937,7 +941,11 @@ run_last_args(fko_cli_options_t *options, const char * const args_save_file)
                 args_save_file);
         return 0;
     }
+#if HAVE_FILENO
     if(verify_file_perms_ownership(args_save_file, fileno(args_file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(args_save_file, -1) != 1)
+#endif
     {
         fclose(args_file_ptr);
         return 0;
diff --git a/server/access.c b/server/access.c
index d5612426..8424f13f 100644
--- a/server/access.c
+++ b/server/access.c
@@ -1508,7 +1508,11 @@ parse_access_file(fko_srv_options_t *opts, char *access_filename, int *depth)
         return EXIT_FAILURE;
     }
 
+#if HAVE_FILENO
     if(verify_file_perms_ownership(access_filename, fileno(file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(access_filename, -1) != 1)
+#endif
     {
         fclose(file_ptr);
         return EXIT_FAILURE;
diff --git a/server/config_init.c b/server/config_init.c
index 0f519c31..c308b925 100644
--- a/server/config_init.c
+++ b/server/config_init.c
@@ -303,7 +303,11 @@ parse_config_file(fko_srv_options_t *opts, const char *config_file)
         clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
     }
 
+#if HAVE_FILENO
     if(verify_file_perms_ownership(config_file, fileno(cfile_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(config_file, -1) != 1)
+#endif
     {
         fclose(cfile_ptr);
         clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
diff --git a/server/replay_cache.c b/server/replay_cache.c
index 834386ec..2265f402 100644
--- a/server/replay_cache.c
+++ b/server/replay_cache.c
@@ -274,7 +274,11 @@ replay_file_cache_init(fko_srv_options_t *opts)
         return(-1);
     }
 
+#if HAVE_FILENO
     if(verify_file_perms_ownership(opts->config[CONF_DIGEST_FILE], fileno(digest_file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(opts->config[CONF_DIGEST_FILE], -1) != 1)
+#endif
     {
         fclose(digest_file_ptr);
         return(-1);