summaryrefslogtreecommitdiff
path: root/sys/netinet
diff options
context:
space:
mode:
authorTed Unangst <tedu@cvs.openbsd.org>2003-08-15 20:32:22 +0000
committerTed Unangst <tedu@cvs.openbsd.org>2003-08-15 20:32:22 +0000
commita1ee01486d4d2da0dce2fd97a58ca548a402d598 (patch)
treeeb06f4625b973fc701bb62d6902e4f1eb40bb4f2 /sys/netinet
parent1a3299929d48eae52404e0b75267c111d07d2af4 (diff)
change arguments to suser. suser now takes the process, and a flags
argument. old cred only calls user suser_ucred. this will allow future work to more flexibly implement the idea of a root process. looks like something i saw in freebsd, but a little different. use of suser_ucred vs suser in file system code should be looked at again, for the moment semantics remain unchanged. review and input from art@ testing and further review miod@
Diffstat (limited to 'sys/netinet')
-rw-r--r--sys/netinet/in_pcb.c6
-rw-r--r--sys/netinet/ip_output.c10
2 files changed, 8 insertions, 8 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 4b1be967ce0..3136ac4366d 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: in_pcb.c,v 1.66 2003/06/02 23:28:13 millert Exp $ */
+/* $OpenBSD: in_pcb.c,v 1.67 2003/08/15 20:32:20 tedu Exp $ */
/* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */
/*
@@ -255,7 +255,7 @@ in_pcbbind(v, nam)
/* GROSS */
if (ntohs(lport) < IPPORT_RESERVED &&
- (error = suser(p->p_ucred, &p->p_acflag)))
+ (error = suser(p, 0)))
return (EACCES);
if (so->so_euid) {
t = in_pcblookup(table, &zeroin_addr, 0,
@@ -279,7 +279,7 @@ in_pcbbind(v, nam)
first = ipport_hifirstauto; /* sysctl */
last = ipport_hilastauto;
} else if (inp->inp_flags & INP_LOWPORT) {
- if ((error = suser(p->p_ucred, &p->p_acflag)))
+ if ((error = suser(p, 0)))
return (EACCES);
first = IPPORT_RESERVED-1; /* 1023 */
last = 600; /* not IPPORT_RESERVED/2 */
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index 5a8bd4bd53d..31c176d3379 100644
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_output.c,v 1.155 2003/08/14 19:00:12 jason Exp $ */
+/* $OpenBSD: ip_output.c,v 1.156 2003/08/15 20:32:20 tedu Exp $ */
/* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */
/*
@@ -1088,7 +1088,7 @@ ip_ctloutput(op, so, level, optname, mp)
switch (optname) {
case IP_AUTH_LEVEL:
if (optval < ipsec_auth_default_level &&
- suser(p->p_ucred, &p->p_acflag)) {
+ suser(p, 0)) {
error = EACCES;
break;
}
@@ -1097,7 +1097,7 @@ ip_ctloutput(op, so, level, optname, mp)
case IP_ESP_TRANS_LEVEL:
if (optval < ipsec_esp_trans_default_level &&
- suser(p->p_ucred, &p->p_acflag)) {
+ suser(p, 0)) {
error = EACCES;
break;
}
@@ -1106,7 +1106,7 @@ ip_ctloutput(op, so, level, optname, mp)
case IP_ESP_NETWORK_LEVEL:
if (optval < ipsec_esp_network_default_level &&
- suser(p->p_ucred, &p->p_acflag)) {
+ suser(p, 0)) {
error = EACCES;
break;
}
@@ -1114,7 +1114,7 @@ ip_ctloutput(op, so, level, optname, mp)
break;
case IP_IPCOMP_LEVEL:
if (optval < ipsec_ipcomp_default_level &&
- suser(p->p_ucred, &p->p_acflag)) {
+ suser(p, 0)) {
error = EACCES;
break;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-14 16:30:10 +0000