diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-11-19 19:31:20 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-11-19 19:31:20 +0000 |
| commit | cd93351eee383f454480c81f5c144abd94115683 (patch) | |
| tree | 3632e20a43084187b3df09cded467075564543de /usr.sbin/rarpd | |
| parent | "tty proc exec", not "proc exec tty" (diff) | |
| download | wireguard-openbsd-cd93351eee383f454480c81f5c144abd94115683.tar.xz wireguard-openbsd-cd93351eee383f454480c81f5c144abd94115683.zip | |
hoist the SOCK_RAW setup to the top before pledge
issues discovered by sebastia
comments from semarie
Diffstat (limited to 'usr.sbin/rarpd')
| -rw-r--r-- | usr.sbin/rarpd/arptab.c | 17 | ||||
| -rw-r--r-- | usr.sbin/rarpd/rarpd.c | 5 |
2 files changed, 7 insertions, 15 deletions
diff --git a/usr.sbin/rarpd/arptab.c b/usr.sbin/rarpd/arptab.c index f7b70d920cf..3e8ea40b15e 100644 --- a/usr.sbin/rarpd/arptab.c +++ b/usr.sbin/rarpd/arptab.c @@ -1,4 +1,4 @@ -/* $OpenBSD: arptab.c,v 1.24 2015/08/03 13:39:22 mpi Exp $ */ +/* $OpenBSD: arptab.c,v 1.25 2015/11/19 19:31:20 deraadt Exp $ */ /* * Copyright (c) 1984, 1993 @@ -70,8 +70,8 @@ static int s = -1; int rtget(struct sockaddr_inarp **, struct sockaddr_dl **); -static void -getsocket(void) +void +arptab_init(void) { s = socket(PF_ROUTE, SOCK_RAW, 0); if (s < 0) @@ -105,7 +105,6 @@ arptab_set(u_char *eaddr, u_int32_t host) struct timeval now; int rt; - getsocket(); pid = getpid(); sdl_m = blank_sdl; @@ -121,8 +120,6 @@ arptab_set(u_char *eaddr, u_int32_t host) tryagain: if (rtget(&sin, &sdl)) { syslog(LOG_ERR,"%s: %m", inet_ntoa(sin->sin_addr)); - close(s); - s = -1; return (1); } @@ -143,15 +140,11 @@ tryagain: if (doing_proxy == 0) { syslog(LOG_ERR, "arptab_set: can only proxy for %s", inet_ntoa(sin->sin_addr)); - close(s); - s = -1; return (1); } if (sin_m.sin_other & SIN_PROXY) { syslog(LOG_ERR, "arptab_set: proxy entry exists for non 802 device"); - close(s); - s = -1; return(1); } sin_m.sin_other = SIN_PROXY; @@ -163,15 +156,11 @@ overwrite: syslog(LOG_ERR, "arptab_set: cannot intuit interface index and type for %s", inet_ntoa(sin->sin_addr)); - close(s); - s = -1; return (1); } sdl_m.sdl_type = sdl->sdl_type; sdl_m.sdl_index = sdl->sdl_index; rt = rtmsg(RTM_ADD); - close(s); - s = -1; return (rt); } diff --git a/usr.sbin/rarpd/rarpd.c b/usr.sbin/rarpd/rarpd.c index 6cbff7072b1..7f01514f506 100644 --- a/usr.sbin/rarpd/rarpd.c +++ b/usr.sbin/rarpd/rarpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rarpd.c,v 1.66 2015/11/13 16:10:23 deraadt Exp $ */ +/* $OpenBSD: rarpd.c,v 1.67 2015/11/19 19:31:20 deraadt Exp $ */ /* $NetBSD: rarpd.c,v 1.25 1998/04/23 02:48:33 mrg Exp $ */ /* @@ -86,6 +86,7 @@ void usage(void); void rarp_process(struct if_info *, u_char *); void rarp_reply(struct if_info *, struct if_addr *, struct ether_header *, u_int32_t, struct hostent *); +void arptab_init(void); int arptab_set(u_char *, u_int32_t); void error(int, const char *,...); void debug(const char *,...); @@ -370,6 +371,8 @@ rarp_loop(void) /* NOTREACHED */ } + arptab_init(); + if (pledge("stdio rpath dns", NULL) == -1) error(FATAL, "pledge"); |