Date: Mon, 17 Feb 2003 23:47:32 +0100 From: Wiktor Niesiobedzki <w@evip.pl> To: current@freebsd.org Subject: IPFW/socheckuid() patch Message-ID: <20030217224732.GC2315@mail.evip.pl>
next in thread | raw e-mail | index | archive | help
Hi, During my firewall configuration I noticed strange behaviour of ipfw option uid. ip_fw2.c:1513 #if __FreeBSD_version < 500034 #define socheckuid(a,b) ((a)->so_cred->cr_uid == (b)) #endif if (cmd->opcode == O_UID) { match = socheckuid(pcb->inp_socket, (uid_t)((ipfw_insn_u32 *)cmd)->d[0]); } else { Whereas the /sys/kern/uipc_socket.c:1844 int socheckuid(struct socket *so, uid_t uid) { if (so == NULL) return (EPERM); if (so->so_cred->cr_uid == uid) return (0); return (EPERM); } Definitions found in macro code and function are incompatible. Thus following patch: =================================================================== RCS file: /sys/kern/uipc_socket.c,v retrieving revision 1.144 diff -u -r1.1 uipc_socket.c --- uipc_socket.c 2003/02/17 22:37:58 1.144 +++ uipc_socket.c 2003/02/17 22:44:33 @@ -1848,6 +1848,6 @@ if (so == NULL) return (EPERM); if (so->so_cred->cr_uid == uid) - return (0); + return (1); return (EPERM); } Cheers, Wiktor Niesiobędzki To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030217224732.GC2315>