--- squid-3.2/src/comm/TcpAcceptor.cc.bak 2012-12-03 13:27:20.961364778 +0200 +++ squid-3.2/src/comm/TcpAcceptor.cc 2013-05-01 07:48:00.046286162 +0300 @@ -51,6 +51,12 @@ #include #endif +/* accept4 */ +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif +#include + CBDATA_NAMESPACED_CLASS_INIT(Comm, TcpAcceptor); Comm::TcpAcceptor::TcpAcceptor(const Comm::ConnectionPointer &newConn, const char *note, const Subscription::Pointer &aSub) : @@ -305,7 +311,8 @@ Comm::TcpAcceptor::oldAccept(Comm::Conne details->local.InitAddrInfo(gai); errcode = 0; // reset local errno copy. - if ((sock = accept(conn->fd, gai->ai_addr, &gai->ai_addrlen)) < 0) { + if ((sock = accept4(conn->fd, gai->ai_addr, &gai->ai_addrlen, + SOCK_CLOEXEC | SOCK_NONBLOCK)) < 0) { errcode = errno; // store last accept errno locally. details->local.FreeAddrInfo(gai); @@ -357,10 +364,6 @@ Comm::TcpAcceptor::oldAccept(Comm::Conne F->local_addr = details->local; F->sock_family = details->local.IsIPv6()?AF_INET6:AF_INET; - // set socket flags - commSetCloseOnExec(sock); - commSetNonBlocking(sock); - /* IFF the socket is (tproxy) transparent, pass the flag down to allow spoofing */ F->flags.transparent = fd_table[conn->fd].flags.transparent; // XXX: can we remove this line yet? --- squid-3.2/src/comm.cc.bak 2012-12-03 13:20:50.504617964 +0200 +++ squid-3.2/src/comm.cc 2013-05-01 08:02:23.564749056 +0300 @@ -516,6 +516,7 @@ comm_openex(int sock_type, { int new_socket; struct addrinfo *AI = NULL; + int hackflags = 0; PROF_start(comm_open); /* Create socket for accepting new connections. */ @@ -528,7 +529,9 @@ comm_openex(int sock_type, debugs(50, 3, "comm_openex: Attempt open socket for: " << addr ); - new_socket = socket(AI->ai_family, AI->ai_socktype, AI->ai_protocol); + if (!(flags & COMM_NOCLOEXEC)) hackflags |= SOCK_CLOEXEC; + if (flags & COMM_NONBLOCKING) hackflags |= SOCK_NONBLOCK; + new_socket = socket(AI->ai_family, AI->ai_socktype | hackflags, AI->ai_protocol); /* under IPv6 there is the possibility IPv6 is present but disabled. */ /* try again as IPv4-native if possible */ @@ -637,10 +640,10 @@ comm_apply_flags(int new_socket, assert(new_socket >= 0); assert(AI); const int sock_type = AI->ai_socktype; - +#if 0 if (!(flags & COMM_NOCLOEXEC)) commSetCloseOnExec(new_socket); - +#endif if ((flags & COMM_REUSEADDR)) commSetReuseAddr(new_socket); @@ -670,13 +673,13 @@ comm_apply_flags(int new_socket, return -1; } } - +#if 0 if (flags & COMM_NONBLOCKING) if (commSetNonBlocking(new_socket) == COMM_ERROR) { comm_close(new_socket); return -1; } - +#endif #ifdef TCP_NODELAY if (sock_type == SOCK_STREAM) commSetTcpNoDelay(new_socket);