- Use suser_cred(9) instead of directly comparing cr_uid.
- Compare pointer with NULL. Reviewed by: rwatson
This commit is contained in:
Pawel Jakub Dawidek
parent
5279398812
commit
06c5d8fa73
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=159978
@ -211,14 +211,15 @@ if_handoff(struct ifqueue *ifq, struct mbuf *m, struct ifnet *ifp, int adjust)
|
||||
|
||||
/*
|
||||
* 8. Test for "privileged" socket opened by superuser.
|
||||
* FreeBSD tests ((so)->so_cred && (so)->so_cred.cr_uid == 0),
|
||||
* FreeBSD tests ((so)->so_cred != NULL && suser_cred((so)->so_cred, SUSER_ALLOWJAIL == 0))
|
||||
* NetBSD (1.6N) tests (so)->so_uid == 0).
|
||||
* This difference is wrapped inside the IPSEC_PRIVILEGED_SO() macro.
|
||||
*
|
||||
*/
|
||||
#ifdef __FreeBSD__
|
||||
#define IPSEC_IS_PRIVILEGED_SO(_so) \
|
||||
((_so)->so_cred && (_so)->so_cred->cr_uid == 0)
|
||||
((_so)->so_cred != NULL && \
|
||||
suser_cred((_so)->so_cred, SUSER_ALLOWJAIL) == 0)
|
||||
#endif /* __FreeBSD__ */
|
||||
|
||||
#ifdef __NetBSD__
|
||||
|
||||
Loading…
Reference in New Issue
Block a user