summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremie Courreges-Anglas <jca@cvs.openbsd.org>2017-07-23 14:28:23 +0000
committerJeremie Courreges-Anglas <jca@cvs.openbsd.org>2017-07-23 14:28:23 +0000
commit4d2540015cbb419961b7180f7348aa6bc813a784 (patch)
treeb4de4dc4fc46bb484f65ad5b043e16e29567840b
parente0912176cbfb3584e1ee9c27f720d8918d22a935 (diff)
Don't hit pledge(2) restrictions on interface departure
if_exists() can't be used after dropping privileges, since it uses socket(2) and ioctl(SIOCGIFDATA). We're just trying to know whether an interface exists, and if_nametoindex(3) is enough for that. ok deraadt@
Diffstat
-rw-r--r--sbin/pflogd/pflogd.c20
1 files changed, 2 insertions, 18 deletions
diff --git a/sbin/pflogd/pflogd.c b/sbin/pflogd/pflogd.c
index 40440aab5c7..429f0d375b9 100644
--- a/sbin/pflogd/pflogd.c
+++ b/sbin/pflogd/pflogd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pflogd.c,v 1.53 2016/01/16 03:17:48 canacar Exp $ */
+/* $OpenBSD: pflogd.c,v 1.54 2017/07/23 14:28:22 jca Exp $ */
/*
* Copyright (c) 2001 Theo de Raadt
@@ -194,23 +194,7 @@ set_pcap_filter(void)
int
if_exists(char *ifname)
{
- int s, ret = 1;
- struct ifreq ifr;
- struct if_data ifrdat;
-
- if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1)
- err(1, "socket");
- bzero(&ifr, sizeof(ifr));
- if (strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)) >=
- sizeof(ifr.ifr_name))
- errx(1, "main ifr_name: strlcpy");
- ifr.ifr_data = (caddr_t)&ifrdat;
- if (ioctl(s, SIOCGIFDATA, (caddr_t)&ifr) == -1)
- ret = 0;
- if (close(s))
- err(1, "close");
-
- return (ret);
+ return (if_nametoindex(ifname) != 0);
}
int
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 14:20:46 +0000