From a1ee01486d4d2da0dce2fd97a58ca548a402d598 Mon Sep 17 00:00:00 2001
From: Ted Unangst <tedu@cvs.openbsd.org>
Date: Fri, 15 Aug 2003 20:32:22 +0000
Subject: change arguments to suser.  suser now takes the process, and a flags
 argument.  old cred only calls user suser_ucred.  this will allow future work
 to more flexibly implement the idea of a root process.  looks like something
 i saw in freebsd, but a little different. use of suser_ucred vs suser in file
 system code should be looked at again, for the moment semantics remain
 unchanged. review and input from art@  testing and further review miod@

---
 sys/netinet/in_pcb.c    |  6 +++---
 sys/netinet/ip_output.c | 10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'sys/netinet')

diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 4b1be967ce0..3136ac4366d 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: in_pcb.c,v 1.66 2003/06/02 23:28:13 millert Exp $	*/
+/*	$OpenBSD: in_pcb.c,v 1.67 2003/08/15 20:32:20 tedu Exp $	*/
 /*	$NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $	*/
 
 /*
@@ -255,7 +255,7 @@ in_pcbbind(v, nam)
 
 			/* GROSS */
 			if (ntohs(lport) < IPPORT_RESERVED &&
-			    (error = suser(p->p_ucred, &p->p_acflag)))
+			    (error = suser(p, 0)))
 				return (EACCES);
 			if (so->so_euid) {
 				t = in_pcblookup(table, &zeroin_addr, 0,
@@ -279,7 +279,7 @@ in_pcbbind(v, nam)
 			first = ipport_hifirstauto;	/* sysctl */
 			last = ipport_hilastauto;
 		} else if (inp->inp_flags & INP_LOWPORT) {
-			if ((error = suser(p->p_ucred, &p->p_acflag)))
+			if ((error = suser(p, 0)))
 				return (EACCES);
 			first = IPPORT_RESERVED-1; /* 1023 */
 			last = 600;		   /* not IPPORT_RESERVED/2 */
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index 5a8bd4bd53d..31c176d3379 100644
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_output.c,v 1.155 2003/08/14 19:00:12 jason Exp $	*/
+/*	$OpenBSD: ip_output.c,v 1.156 2003/08/15 20:32:20 tedu Exp $	*/
 /*	$NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $	*/
 
 /*
@@ -1088,7 +1088,7 @@ ip_ctloutput(op, so, level, optname, mp)
 			switch (optname) {
 			case IP_AUTH_LEVEL:
 				if (optval < ipsec_auth_default_level &&
-				    suser(p->p_ucred, &p->p_acflag)) {
+				    suser(p, 0)) {
 					error = EACCES;
 					break;
 				}
@@ -1097,7 +1097,7 @@ ip_ctloutput(op, so, level, optname, mp)
 
 			case IP_ESP_TRANS_LEVEL:
 				if (optval < ipsec_esp_trans_default_level &&
-				    suser(p->p_ucred, &p->p_acflag)) {
+				    suser(p, 0)) {
 					error = EACCES;
 					break;
 				}
@@ -1106,7 +1106,7 @@ ip_ctloutput(op, so, level, optname, mp)
 
 			case IP_ESP_NETWORK_LEVEL:
 				if (optval < ipsec_esp_network_default_level &&
-				    suser(p->p_ucred, &p->p_acflag)) {
+				    suser(p, 0)) {
 					error = EACCES;
 					break;
 				}
@@ -1114,7 +1114,7 @@ ip_ctloutput(op, so, level, optname, mp)
 				break;
 			case IP_IPCOMP_LEVEL:
 				if (optval < ipsec_ipcomp_default_level &&
-				    suser(p->p_ucred, &p->p_acflag)) {
+				    suser(p, 0)) {
 					error = EACCES;
 					break;
 				}
-- 
cgit v1.2.3