From 44843c47b8b7ea12ac7bdb803d6f134ad13a094c Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 29 Jun 2026 23:52:27 +0900 Subject: [PATCH] Unix: fix doas auth PTY opening on OpenBSD OpenBSD defines O_CLOEXEC, but rejects it in posix_openpt() with EINVAL. Retry with the POSIX pseudoterminal flags and then set FD_CLOEXEC explicitly so doas authentication can create its private PTY. --- src/Core/Unix/CoreService.cpp | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/Core/Unix/CoreService.cpp b/src/Core/Unix/CoreService.cpp index bd64fc7d..4127b2a8 100644 --- a/src/Core/Unix/CoreService.cpp +++ b/src/Core/Unix/CoreService.cpp @@ -119,13 +119,27 @@ namespace VeraCrypt static int OpenDoasAuthTerminal (string &slavePath) { #ifdef O_CLOEXEC + bool fdCloseOnExec = true; int fd = posix_openpt (O_RDWR | O_NOCTTY | O_CLOEXEC); + if (fd == -1 && errno == EINVAL) + { + // Some systems, including OpenBSD, only accept the POSIX + // pseudoterminal flags here. Set close-on-exec below instead. + fdCloseOnExec = false; + fd = posix_openpt (O_RDWR | O_NOCTTY); + } #else int fd = posix_openpt (O_RDWR | O_NOCTTY); #endif throw_sys_sub_if (fd == -1, "posix_openpt"); -#ifndef O_CLOEXEC +#ifdef O_CLOEXEC + if (!fdCloseOnExec && fcntl (fd, F_SETFD, FD_CLOEXEC) == -1) + { + close (fd); + throw SystemException (SRC_POS); + } +#else if (fcntl (fd, F_SETFD, FD_CLOEXEC) == -1) { close (fd);