Add a new privilege, PRIV_NETINET_REUSEPORT, which will replace superuser

checks to see whether bind() can reuse a port/address combination while it's already in use (for some definition of use).
author: rwatson <rwatson@FreeBSD.org> 2007-04-10 15:58:38 +0000
committer: rwatson <rwatson@FreeBSD.org> 2007-04-10 15:58:38 +0000
commit: 3e9709c5513e6596840403fca428e826608a4bc4 (patch)
tree: 6119cb734ddaa9c04bd2ba4c76f5ab21d3c8a086 /sys/netinet/in_pcb.c
parent: fc1b9c146d4d1e857dc4eb0d4f003b3fd6600295 (diff)
download: FreeBSD-src-3e9709c5513e6596840403fca428e826608a4bc4.zip
FreeBSD-src-3e9709c5513e6596840403fca428e826608a4bc4.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index eb0852a..fc31367 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -345,7 +345,8 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
 			if (jailed(cred))
 				prison = 1;
 			if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
-			    suser_cred(so->so_cred, SUSER_ALLOWJAIL) != 0) {
+			    priv_check_cred(so->so_cred,
+			    PRIV_NETINET_REUSEPORT, SUSER_ALLOWJAIL) != 0) {
 				t = in_pcblookup_local(inp->inp_pcbinfo,
 				    sin->sin_addr, lport,
 				    prison ? 0 :  INPLOOKUP_WILDCARD);
author	rwatson <rwatson@FreeBSD.org>	2007-04-10 15:58:38 +0000
committer	rwatson <rwatson@FreeBSD.org>	2007-04-10 15:58:38 +0000
commit	3e9709c5513e6596840403fca428e826608a4bc4 (patch)
tree	6119cb734ddaa9c04bd2ba4c76f5ab21d3c8a086 /sys/netinet/in_pcb.c
parent	fc1b9c146d4d1e857dc4eb0d4f003b3fd6600295 (diff)
download	FreeBSD-src-3e9709c5513e6596840403fca428e826608a4bc4.zip FreeBSD-src-3e9709c5513e6596840403fca428e826608a4bc4.tar.gz