Date: Mon, 17 Feb 2003 23:47:32 +0100 From: Wiktor Niesiobedzki <w@evip.pl> To: current@freebsd.org Subject: IPFW/socheckuid() patch Message-ID: <20030217224732.GC2315@mail.evip.pl>
next in thread | raw e-mail | index | archive | help
Hi,
During my firewall configuration I noticed strange behaviour of ipfw option
uid.
ip_fw2.c:1513
#if __FreeBSD_version < 500034
#define socheckuid(a,b) ((a)->so_cred->cr_uid == (b))
#endif
if (cmd->opcode == O_UID) {
match =
socheckuid(pcb->inp_socket,
(uid_t)((ipfw_insn_u32 *)cmd)->d[0]);
} else {
Whereas the /sys/kern/uipc_socket.c:1844
int
socheckuid(struct socket *so, uid_t uid)
{
if (so == NULL)
return (EPERM);
if (so->so_cred->cr_uid == uid)
return (0);
return (EPERM);
}
Definitions found in macro code and function are incompatible. Thus following
patch:
===================================================================
RCS file: /sys/kern/uipc_socket.c,v
retrieving revision 1.144
diff -u -r1.1 uipc_socket.c
--- uipc_socket.c 2003/02/17 22:37:58 1.144
+++ uipc_socket.c 2003/02/17 22:44:33
@@ -1848,6 +1848,6 @@
if (so == NULL)
return (EPERM);
if (so->so_cred->cr_uid == uid)
- return (0);
+ return (1);
return (EPERM);
}
Cheers,
Wiktor Niesiobędzki
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030217224732.GC2315>