diff options
| author | Jamie Gritton <jamie@FreeBSD.org> | 2009-02-05 14:06:09 +0000 |
|---|---|---|
| committer | Jamie Gritton <jamie@FreeBSD.org> | 2009-02-05 14:06:09 +0000 |
| commit | b89e82dd87dec9034c8b7f1a01524dceea11ff49 (patch) | |
| tree | 71fe0b10296684e7094a545ca78ed6f72789d82d /sys/netinet6/in6_src.c | |
| parent | 9719301922b4612e967cf109913d18c2fe0e1563 (diff) | |
| download | src-b89e82dd87dec9034c8b7f1a01524dceea11ff49.tar.gz src-b89e82dd87dec9034c8b7f1a01524dceea11ff49.zip | |
Standardize the various prison_foo_ip[46] functions and prison_if to
return zero on success and an error code otherwise. The possible errors
are EADDRNOTAVAIL if an address being checked for doesn't match the
prison, and EAFNOSUPPORT if the prison doesn't have any addresses in
that address family. For most callers of these functions, use the
returned error code instead of e.g. a hard-coded EADDRNOTAVAIL or
EINVAL.
Always include a jailed() check in these functions, where a non-jailed
cred always returns success (and makes no changes). Remove the explicit
jailed() checks that preceded many of the function calls.
Approved by: bz (mentor)
Notes
Notes:
svn path=/head/; revision=188144
Diffstat (limited to 'sys/netinet6/in6_src.c')
| -rw-r--r-- | sys/netinet6/in6_src.c | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/sys/netinet6/in6_src.c b/sys/netinet6/in6_src.c index ca65bc9a8568..80304169490e 100644 --- a/sys/netinet6/in6_src.c +++ b/sys/netinet6/in6_src.c @@ -240,11 +240,10 @@ in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, if (*errorp != 0) return (NULL); } - if (cred != NULL && prison_local_ip6(cred, &srcsock.sin6_addr, - (inp != NULL && (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) { - *errorp = EADDRNOTAVAIL; + if (cred != NULL && (*errorp = prison_local_ip6(cred, + &srcsock.sin6_addr, (inp != NULL && + (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) return (NULL); - } ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)(&srcsock)); if (ia6 == NULL || @@ -262,11 +261,10 @@ in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, * Otherwise, if the socket has already bound the source, just use it. */ if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { - if (cred != NULL && prison_local_ip6(cred, &inp->in6p_laddr, - ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) { - *errorp = EADDRNOTAVAIL; + if (cred != NULL && + (*errorp = prison_local_ip6(cred, &inp->in6p_laddr, + ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) return (NULL); - } return (&inp->in6p_laddr); } @@ -823,15 +821,16 @@ in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) INIT_VNET_INET(curvnet); struct socket *so = inp->inp_socket; u_int16_t lport = 0, first, last, *lastport; - int count, error = 0, wild = 0, dorandom; + int count, error, wild = 0, dorandom; struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; INP_INFO_WLOCK_ASSERT(pcbinfo); INP_WLOCK_ASSERT(inp); - if (prison_local_ip6(cred, laddr, - ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) - return(EINVAL); + error = prison_local_ip6(cred, laddr, + ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)); + if (error) + return(error); /* XXX: this is redundant when called from in6_pcbbind */ if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) |