diff options
| author | bz <bz@FreeBSD.org> | 2008-02-02 14:11:31 +0000 |
|---|---|---|
| committer | bz <bz@FreeBSD.org> | 2008-02-02 14:11:31 +0000 |
| commit | cfb85f0c07e631c309f5158c6aeebac935619b92 (patch) | |
| tree | dbf75dec875afa39ded965d6896a91bf2171580d /sys/netipsec/ipsec.c | |
| parent | ddf9fd25a8b759fac39499e04a7624ae5c938dd0 (diff) | |
| download | FreeBSD-src-cfb85f0c07e631c309f5158c6aeebac935619b92.zip FreeBSD-src-cfb85f0c07e631c309f5158c6aeebac935619b92.tar.gz | |
Rather than passing around a cached 'priv', pass in an ucred to
ipsec*_set_policy and do the privilege check only if needed.
Try to assimilate both ip*_ctloutput code blocks calling ipsec*_set_policy.
Reviewed by: rwatson
Diffstat (limited to 'sys/netipsec/ipsec.c')
| -rw-r--r-- | sys/netipsec/ipsec.c | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c index 354157b..a99759b 100644 --- a/sys/netipsec/ipsec.c +++ b/sys/netipsec/ipsec.c @@ -219,7 +219,7 @@ static int ipsec6_setspidx_ipaddr __P((struct mbuf *, struct secpolicyindex *)); static void ipsec_delpcbpolicy __P((struct inpcbpolicy *)); static struct secpolicy *ipsec_deepcopy_policy __P((struct secpolicy *src)); static int ipsec_set_policy __P((struct secpolicy **pcb_sp, - int optname, caddr_t request, size_t len, int priv)); + int optname, caddr_t request, size_t len, struct ucred *cred)); static int ipsec_get_policy __P((struct secpolicy *pcb_sp, struct mbuf **mp)); static void vshiftl __P((unsigned char *, int, int)); static size_t ipsec_hdrsiz __P((struct secpolicy *)); @@ -1005,12 +1005,12 @@ fail: /* set policy and ipsec request if present. */ static int -ipsec_set_policy(pcb_sp, optname, request, len, priv) +ipsec_set_policy(pcb_sp, optname, request, len, cred) struct secpolicy **pcb_sp; int optname; caddr_t request; size_t len; - int priv; + struct ucred *cred; { struct sadb_x_policy *xpl; struct secpolicy *newsp = NULL; @@ -1034,8 +1034,11 @@ ipsec_set_policy(pcb_sp, optname, request, len, priv) return EINVAL; /* check privileged socket */ - if (priv == 0 && xpl->sadb_x_policy_type == IPSEC_POLICY_BYPASS) - return EACCES; + if (cred != NULL && xpl->sadb_x_policy_type == IPSEC_POLICY_BYPASS) { + error = priv_check_cred(cred, PRIV_NETINET_IPSEC, 0); + if (error) + return EACCES; + } /* allocation new SP entry */ if ((newsp = key_msg2sp(xpl, len, &error)) == NULL) @@ -1077,12 +1080,12 @@ ipsec_get_policy(pcb_sp, mp) } int -ipsec4_set_policy(inp, optname, request, len, priv) +ipsec4_set_policy(inp, optname, request, len, cred) struct inpcb *inp; int optname; caddr_t request; size_t len; - int priv; + struct ucred *cred; { struct sadb_x_policy *xpl; struct secpolicy **pcb_sp; @@ -1108,7 +1111,7 @@ ipsec4_set_policy(inp, optname, request, len, priv) return EINVAL; } - return ipsec_set_policy(pcb_sp, optname, request, len, priv); + return ipsec_set_policy(pcb_sp, optname, request, len, cred); } int @@ -1170,12 +1173,12 @@ ipsec4_delete_pcbpolicy(inp) #ifdef INET6 int -ipsec6_set_policy(in6p, optname, request, len, priv) +ipsec6_set_policy(in6p, optname, request, len, cred) struct in6pcb *in6p; int optname; caddr_t request; size_t len; - int priv; + struct ucred *cred; { struct sadb_x_policy *xpl; struct secpolicy **pcb_sp; @@ -1201,7 +1204,7 @@ ipsec6_set_policy(in6p, optname, request, len, priv) return EINVAL; } - return ipsec_set_policy(pcb_sp, optname, request, len, priv); + return ipsec_set_policy(pcb_sp, optname, request, len, cred); } int |
