version 1.74, 2004/05/25 04:34:00 |
version 1.75, 2004/06/01 03:13:22 |
Line 997 ip6_savecontrol(in6p, mp, ip6, m) |
|
Line 997 ip6_savecontrol(in6p, mp, ip6, m) |
|
struct ip6_hdr *ip6; |
struct ip6_hdr *ip6; |
struct mbuf *m; |
struct mbuf *m; |
{ |
{ |
struct proc *p = curproc; /* XXX */ |
|
int privileged; |
|
|
|
privileged = 0; |
|
if (p && !suser(p->p_ucred, &p->p_acflag)) |
|
privileged++; |
|
|
|
#ifdef SO_TIMESTAMP |
#ifdef SO_TIMESTAMP |
if (in6p->in6p_socket->so_options & SO_TIMESTAMP) { |
if (in6p->in6p_socket->so_options & SO_TIMESTAMP) { |
Line 1055 ip6_savecontrol(in6p, mp, ip6, m) |
|
Line 1049 ip6_savecontrol(in6p, mp, ip6, m) |
|
/* IN6P_NEXTHOP - for outgoing packet only */ |
/* IN6P_NEXTHOP - for outgoing packet only */ |
|
|
/* |
/* |
* IPV6_HOPOPTS socket option. We require super-user privilege |
* IPV6_HOPOPTS socket option. Recall that we required super-user |
* for the option, but it might be too strict, since there might |
* privilege for the option (see ip6_ctloutput), but it might be too |
* be some hop-by-hop options which can be returned to normal user. |
* strict, since there might be some hop-by-hop options which can be |
* See RFC 2292 section 6. |
* returned to normal user. |
|
* See also RFC 2292 section 6. |
*/ |
*/ |
if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0 && privileged) { |
if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) { |
/* |
/* |
* Check if a hop-by-hop options header is contatined in the |
* Check if a hop-by-hop options header is contatined in the |
* received packet, and if so, store the options as ancillary |
* received packet, and if so, store the options as ancillary |
Line 1155 ip6_savecontrol(in6p, mp, ip6, m) |
|
Line 1150 ip6_savecontrol(in6p, mp, ip6, m) |
|
if (!in6p->in6p_flags & IN6P_DSTOPTS) |
if (!in6p->in6p_flags & IN6P_DSTOPTS) |
break; |
break; |
|
|
/* |
|
* We also require super-user privilege for |
|
* the option. |
|
* See the comments on IN6_HOPOPTS. |
|
*/ |
|
if (!privileged) |
|
break; |
|
|
|
*mp = sbcreatecontrol((caddr_t)ip6e, elen, |
*mp = sbcreatecontrol((caddr_t)ip6e, elen, |
IPV6_DSTOPTS, IPPROTO_IPV6); |
IPV6_DSTOPTS, IPPROTO_IPV6); |
if (*mp) |
if (*mp) |