summaryrefslogtreecommitdiff
path: root/sbin/ping6
diff options
context:
space:
mode:
authorJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2000-12-22 00:33:34 +0000
committerJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2000-12-22 00:33:34 +0000
commit3a9c99b751edf9da7e49c9b2e02bb92e82a4ab92 (patch)
tree313e4f720b12a31b31c4bc85da489040ce96f2f5 /sbin/ping6
parenta9bfe56ebf2b5ce7eeec800b2d2c5c9bb978319e (diff)
revoke root privilege earliest possible
Diffstat (limited to 'sbin/ping6')
-rw-r--r--sbin/ping6/ping6.c69
1 files changed, 40 insertions, 29 deletions
diff --git a/sbin/ping6/ping6.c b/sbin/ping6/ping6.c
index 99da4f227fb..10c4d6088cb 100644
--- a/sbin/ping6/ping6.c
+++ b/sbin/ping6/ping6.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: ping6.c,v 1.18 2000/12/02 02:56:50 itojun Exp $ */
-/* $KAME: ping6.c,v 1.105 2000/12/02 02:48:41 itojun Exp $ */
+/* $OpenBSD: ping6.c,v 1.19 2000/12/22 00:33:33 itojun Exp $ */
+/* $KAME: ping6.c,v 1.107 2000/12/22 00:32:44 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -561,6 +561,44 @@ main(argc, argv)
(void)memcpy(&dst, res->ai_addr, res->ai_addrlen);
+ if ((s = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0)
+ err(1, "socket");
+
+ /*
+ * let the kerel pass extension headers of incoming packets,
+ * for privileged socket options
+ */
+ if ((options & F_VERBOSE) != 0) {
+ int opton = 1;
+
+#ifdef IPV6_RECVHOPOPTS
+ if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVHOPOPTS, &opton,
+ sizeof(opton)))
+ err(1, "setsockopt(IPV6_RECVHOPOPTS)");
+#else /* old adv. API */
+ if (setsockopt(s, IPPROTO_IPV6, IPV6_HOPOPTS, &opton,
+ sizeof(opton)))
+ err(1, "setsockopt(IPV6_HOPOPTS)");
+#endif
+#ifdef IPV6_RECVDSTOPTS
+ if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVDSTOPTS, &opton,
+ sizeof(opton)))
+ err(1, "setsockopt(IPV6_RECVDSTOPTS)");
+#else /* old adv. API */
+ if (setsockopt(s, IPPROTO_IPV6, IPV6_DSTOPTS, &opton,
+ sizeof(opton)))
+ err(1, "setsockopt(IPV6_DSTOPTS)");
+#endif
+#ifdef IPV6_RECVRTHDRDSTOPTS
+ if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVRTHDRDSTOPTS, &opton,
+ sizeof(opton)))
+ err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)");
+#endif
+ }
+
+ /* revoke root privilege */
+ setuid(getuid());
+
if (options & F_FLOOD && options & F_INTERVAL)
errx(1, "-f and -i incompatible options");
@@ -595,9 +633,6 @@ main(argc, argv)
*((u_int32_t *)&nonce[i]) = arc4random();
#endif
- if ((s = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0)
- err(1, "socket");
-
hold = 1;
if (options & F_SO_DEBUG)
@@ -659,7 +694,6 @@ main(argc, argv)
#endif /*ICMP6_FILTER*/
/* let the kerel pass extension headers of incoming packets */
- /* TODO: implement parsing routine */
if ((options & F_VERBOSE) != 0) {
int opton = 1;
@@ -672,29 +706,6 @@ main(argc, argv)
sizeof(opton)))
err(1, "setsockopt(IPV6_RTHDR)");
#endif
-#ifdef IPV6_RECVHOPOPTS
- if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVHOPOPTS, &opton,
- sizeof(opton)))
- err(1, "setsockopt(IPV6_RECVHOPOPTS)");
-#else /* old adv. API */
- if (setsockopt(s, IPPROTO_IPV6, IPV6_HOPOPTS, &opton,
- sizeof(opton)))
- err(1, "setsockopt(IPV6_HOPOPTS)");
-#endif
-#ifdef IPV6_RECVDSTOPTS
- if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVDSTOPTS, &opton,
- sizeof(opton)))
- err(1, "setsockopt(IPV6_RECVDSTOPTS)");
-#else /* old adv. API */
- if (setsockopt(s, IPPROTO_IPV6, IPV6_DSTOPTS, &opton,
- sizeof(opton)))
- err(1, "setsockopt(IPV6_DSTOPTS)");
-#endif
-#ifdef IPV6_RECVRTHDRDSTOPTS
- if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVRTHDRDSTOPTS, &opton,
- sizeof(opton)))
- err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)");
-#endif
}
/*