diff options
author | bz <bz@FreeBSD.org> | 2008-01-24 08:25:59 +0000 |
---|---|---|
committer | bz <bz@FreeBSD.org> | 2008-01-24 08:25:59 +0000 |
commit | 1c376286e046dbe30549b705bd310d6218ffc824 (patch) | |
tree | 54dfe6089b6177f2bd726f05233e0c1a76433c3e /sys/netinet6/udp6_usrreq.c | |
parent | ca561e0217663df7e35502550d299ef5f818e4e8 (diff) | |
download | FreeBSD-src-1c376286e046dbe30549b705bd310d6218ffc824.zip FreeBSD-src-1c376286e046dbe30549b705bd310d6218ffc824.tar.gz |
Replace the last susers calls in netinet6/ with privilege checks.
Introduce a new privilege allowing to set certain IP header options
(hop-by-hop, routing headers).
Leave a few comments to be addressed later.
Reviewed by: rwatson (older version, before addressing his comments)
Diffstat (limited to 'sys/netinet6/udp6_usrreq.c')
-rw-r--r-- | sys/netinet6/udp6_usrreq.c | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c index f9f3297..803e32d 100644 --- a/sys/netinet6/udp6_usrreq.c +++ b/sys/netinet6/udp6_usrreq.c @@ -488,17 +488,12 @@ udp6_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr6, u_short fport; int error = 0; struct ip6_pktopts *optp, opt; - int priv; int af = AF_INET6, hlen = sizeof(struct ip6_hdr); int flags; struct sockaddr_in6 tmp; INP_LOCK_ASSERT(inp); - priv = 0; - if (td && !suser(td)) - priv = 1; - if (addr6) { /* addr6 has been validated in udp6_send(). */ sin6 = (struct sockaddr_in6 *)addr6; @@ -523,7 +518,7 @@ udp6_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr6, if (control) { if ((error = ip6_setpktopts(control, &opt, - inp->in6p_outputopts, priv, IPPROTO_UDP)) != 0) + inp->in6p_outputopts, td->td_ucred, IPPROTO_UDP)) != 0) goto release; optp = &opt; } else |