Mercurial Mercurial > upstream > illumos > illumos-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
usr/src/cmd/cmd-inet/usr.sbin/in.tftpd.c
changeset 4921 6179db775944
parent 1926 d83c7a9aec2d
child 8034 10557baff919 
--- a/usr/src/cmd/cmd-inet/usr.sbin/in.tftpd.c	Tue Aug 21 04:08:01 2007 -0700
+++ b/usr/src/cmd/cmd-inet/usr.sbin/in.tftpd.c	Tue Aug 21 08:09:49 2007 -0700
@@ -18,7 +18,7 @@
  *
  * CDDL HEADER END
  *
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -197,16 +197,16 @@
 	}
 
 	(void) __init_daemon_priv(
-		PU_LIMITPRIVS,
-		uid_nobody, gid_nobody,
-		PRIV_PROC_FORK, PRIV_PROC_CHROOT, NULL);
+	    PU_LIMITPRIVS,
+	    uid_nobody, gid_nobody,
+	    PRIV_PROC_FORK, PRIV_PROC_CHROOT, PRIV_NET_PRIVADDR, NULL);
 
 	/*
 	 *  Limit set is still "all."  Trim it down to just what we need:
 	 *  fork and chroot.
 	 */
-	(void) priv_set(PRIV_SET,
-	    PRIV_ALLSETS, PRIV_PROC_FORK, PRIV_PROC_CHROOT, NULL);
+	(void) priv_set(PRIV_SET, PRIV_ALLSETS,
+	    PRIV_PROC_FORK, PRIV_PROC_CHROOT, PRIV_NET_PRIVADDR, NULL);
 	(void) priv_set(PRIV_SET, PRIV_EFFECTIVE, NULL);
 	(void) priv_set(PRIV_SET, PRIV_INHERITABLE, NULL);
 
@@ -261,11 +261,17 @@
 		(void) memset(&client, 0, clientlen);
 		sin6_ptr->sin6_family = AF_INET6;
 		sin6_ptr->sin6_port = htons(IPPORT_TFTP);
+
+		/* Enable privilege as tftp port is < 1024 */
+		(void) priv_set(PRIV_SET,
+		    PRIV_EFFECTIVE, PRIV_NET_PRIVADDR, NULL);
 		if (bind(reqsock, (struct sockaddr *)&client,
 		    clientlen) == -1) {
 			perror("bind");
 			exit(1);
 		}
+		(void) priv_set(PRIV_SET, PRIV_EFFECTIVE, NULL);
+
 		if (debug)
 			(void) puts("running in standalone mode...");
 	} else {
@@ -352,7 +358,7 @@
 		}
 
 		n = recvfrom(reqsock, &buf, sizeof (buf), 0,
-			(struct sockaddr *)&from, &fromlen);
+		    (struct sockaddr *)&from, &fromlen);
 		if (n < 0) {
 			if (errno == EINTR)
 				continue;
@@ -1135,8 +1141,8 @@
 			if (ackbuf.tb_hdr.th_opcode == ACK) {
 				if (debug && standalone)
 					(void) fprintf(stderr,
-						"received ACK for block %d\n",
-						ackbuf.tb_hdr.th_block);
+					    "received ACK for block %d\n",
+					    ackbuf.tb_hdr.th_block);
 				if (ackbuf.tb_hdr.th_block == block) {
 					break;
 				}
@@ -1254,8 +1260,8 @@
 			if (dp->th_opcode == DATA) {
 				if (debug && standalone)
 					(void) fprintf(stderr,
-						"Received DATA block %d\n",
-						dp->th_block);
+					    "Received DATA block %d\n",
+					    dp->th_block);
 				if (dp->th_block == block) {
 					break;   /* normal */
 				}
upstream/illumos/illumos-gate