From 3e9709c5513e6596840403fca428e826608a4bc4 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Tue, 10 Apr 2007 15:58:38 +0000
Subject: Add a new privilege, PRIV_NETINET_REUSEPORT, which will replace
 superuser checks to see whether bind() can reuse a port/address combination
 while it's already in use (for some definition of use).

---
 sys/netinet/in_pcb.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'sys/netinet/in_pcb.c')

diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index eb0852a..fc31367 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -345,7 +345,8 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
 			if (jailed(cred))
 				prison = 1;
 			if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
-			    suser_cred(so->so_cred, SUSER_ALLOWJAIL) != 0) {
+			    priv_check_cred(so->so_cred,
+			    PRIV_NETINET_REUSEPORT, SUSER_ALLOWJAIL) != 0) {
 				t = in_pcblookup_local(inp->inp_pcbinfo,
 				    sin->sin_addr, lport,
 				    prison ? 0 :  INPLOOKUP_WILDCARD);
-- 
cgit v1.1