Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet/raw_ip.c,v
rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/raw_ip.c,v: warning: Unknown phrases like `commitid ...;' are present.
retrieving revision 1.87.2.4
retrieving revision 1.88.8.2
diff -u -p -r1.87.2.4 -r1.88.8.2
--- src/sys/netinet/raw_ip.c	2007/09/03 14:43:00	1.87.2.4
+++ src/sys/netinet/raw_ip.c	2006/08/11 15:46:33	1.88.8.2
@@ -1,4 +1,4 @@
-/*	$NetBSD: raw_ip.c,v 1.87.2.4 2007/09/03 14:43:00 yamt Exp $	*/
+/*	$NetBSD: raw_ip.c,v 1.88.8.2 2006/08/11 15:46:33 yamt Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.87.2.4 2007/09/03 14:43:00 yamt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.88.8.2 2006/08/11 15:46:33 yamt Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipsec.h"
@@ -143,8 +143,8 @@ rip_input(struct mbuf *m, ...)
 	struct ip *ip = mtod(m, struct ip *);
 	struct inpcb_hdr *inph;
 	struct inpcb *inp;
-	struct inpcb *last = NULL;
-	struct mbuf *n, *opts = NULL;
+	struct inpcb *last = 0;
+	struct mbuf *opts = 0;
 	struct sockaddr_in ripsrc;
 	va_list ap;
 
@@ -153,7 +153,11 @@ rip_input(struct mbuf *m, ...)
 	proto = va_arg(ap, int);
 	va_end(ap);
 
-	sockaddr_in_init(&ripsrc, &ip->ip_src, 0);
+	ripsrc.sin_family = AF_INET;
+	ripsrc.sin_len = sizeof(struct sockaddr_in);
+	ripsrc.sin_addr = ip->ip_src;
+	ripsrc.sin_port = 0;
+	bzero((caddr_t)ripsrc.sin_zero, sizeof(ripsrc.sin_zero));
 
 	/*
 	 * XXX Compatibility: programs using raw IP expect ip_len
@@ -175,41 +179,43 @@ rip_input(struct mbuf *m, ...)
 		if (!in_nullhost(inp->inp_faddr) &&
 		    !in_hosteq(inp->inp_faddr, ip->ip_src))
 			continue;
-		if (last == NULL)
-			;
+		if (last) {
+			struct mbuf *n;
+
 #if defined(IPSEC) || defined(FAST_IPSEC)
-		/* check AH/ESP integrity. */
-		else if (ipsec4_in_reject_so(m, last->inp_socket)) {
-			ipsecstat.in_polvio++;
-			/* do not inject data to pcb */
-		}
-#endif /*IPSEC*/
-		else if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) {
-			if (last->inp_flags & INP_CONTROLOPTS ||
-			    last->inp_socket->so_options & SO_TIMESTAMP)
-				ip_savecontrol(last, &opts, ip, n);
-			if (sbappendaddr(&last->inp_socket->so_rcv,
-			    sintosa(&ripsrc), n, opts) == 0) {
-				/* should notify about lost packet */
-				m_freem(n);
-				if (opts)
-					m_freem(opts);
+			/* check AH/ESP integrity. */
+			if (ipsec4_in_reject_so(m, last->inp_socket)) {
+				ipsecstat.in_polvio++;
+				/* do not inject data to pcb */
 			} else
-				sorwakeup(last->inp_socket);
-			opts = NULL;
+#endif /*IPSEC*/
+			if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) {
+				if (last->inp_flags & INP_CONTROLOPTS ||
+				    last->inp_socket->so_options & SO_TIMESTAMP)
+					ip_savecontrol(last, &opts, ip, n);
+				if (sbappendaddr(&last->inp_socket->so_rcv,
+				    sintosa(&ripsrc), n, opts) == 0) {
+					/* should notify about lost packet */
+					m_freem(n);
+					if (opts)
+						m_freem(opts);
+				} else
+					sorwakeup(last->inp_socket);
+				opts = NULL;
+			}
 		}
 		last = inp;
 	}
 #if defined(IPSEC) || defined(FAST_IPSEC)
 	/* check AH/ESP integrity. */
-	if (last != NULL && ipsec4_in_reject_so(m, last->inp_socket)) {
+	if (last && ipsec4_in_reject_so(m, last->inp_socket)) {
 		m_freem(m);
 		ipsecstat.in_polvio++;
 		ipstat.ips_delivered--;
 		/* do not inject data to pcb */
 	} else
 #endif /*IPSEC*/
-	if (last != NULL) {
+	if (last) {
 		if (last->inp_flags & INP_CONTROLOPTS ||
 		    last->inp_socket->so_options & SO_TIMESTAMP)
 			ip_savecontrol(last, &opts, ip, m);
@@ -220,13 +226,15 @@ rip_input(struct mbuf *m, ...)
 				m_freem(opts);
 		} else
 			sorwakeup(last->inp_socket);
-	} else if (inetsw[ip_protox[ip->ip_p]].pr_input == rip_input) {
-		icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PROTOCOL,
-		    0, 0);
-		ipstat.ips_noproto++;
-		ipstat.ips_delivered--;
-	} else
-		m_freem(m);
+	} else {
+		if (inetsw[ip_protox[ip->ip_p]].pr_input == rip_input) {
+			icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PROTOCOL,
+			    0, 0);
+			ipstat.ips_noproto++;
+			ipstat.ips_delivered--;
+		} else
+			m_freem(m);
+	}
 	return;
 }
 
@@ -258,7 +266,7 @@ rip_pcbnotify(struct inpcbtable *table,
 }
 
 void *
-rip_ctlinput(int cmd, const struct sockaddr *sa, void *v)
+rip_ctlinput(int cmd, struct sockaddr *sa, void *v)
 {
 	struct ip *ip = v;
 	void (*notify)(struct inpcb *, int) = in_rtchange;
@@ -277,12 +285,12 @@ rip_ctlinput(int cmd, const struct socka
 	else if (errno == 0)
 		return NULL;
 	if (ip) {
-		rip_pcbnotify(&rawcbtable, satocsin(sa)->sin_addr,
+		rip_pcbnotify(&rawcbtable, satosin(sa)->sin_addr,
 		    ip->ip_src, ip->ip_p, errno, notify);
 
 		/* XXX mapped address case */
 	} else
-		in_pcbnotifyall(&rawcbtable, satocsin(sa)->sin_addr, errno,
+		in_pcbnotifyall(&rawcbtable, satosin(sa)->sin_addr, errno,
 		    notify);
 	return NULL;
 }
@@ -505,19 +513,17 @@ rip_usrreq(struct socket *so, int req,
 #endif
 
 	if (req == PRU_CONTROL)
-		return (in_control(so, (long)m, (void *)nam,
+		return (in_control(so, (long)m, (caddr_t)nam,
 		    (struct ifnet *)control, l));
 
-	s = splsoftnet();
-
 	if (req == PRU_PURGEIF) {
 		in_pcbpurgeif0(&rawcbtable, (struct ifnet *)control);
 		in_purgeif((struct ifnet *)control);
 		in_pcbpurgeif(&rawcbtable, (struct ifnet *)control);
-		splx(s);
 		return (0);
 	}
 
+	s = splsoftnet();
 	inp = sotoinpcb(so);
 #ifdef DIAGNOSTIC
 	if (req != PRU_SEND && req != PRU_SENDOOB && control)
@@ -535,14 +541,11 @@ rip_usrreq(struct socket *so, int req,
 			error = EISCONN;
 			break;
 		}
-
-		if (l == NULL) {
+		if (l == 0 || (error = kauth_authorize_generic(l->l_cred,
+		    KAUTH_GENERIC_ISSUSER, &l->l_acflag))) {
 			error = EACCES;
 			break;
 		}
-
-		/* XXX: raw socket permissions are checked in socreate() */
-
 		if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
 			error = soreserve(so, rip_sendspace, rip_recvspace);
 			if (error)