equal
deleted
inserted
replaced
4 user, initial user needs elevated privileges. Those |
4 user, initial user needs elevated privileges. Those |
5 privileges are unnecessary and should be dropped. |
5 privileges are unnecessary and should be dropped. |
6 |
6 |
7 --- src/network.c |
7 --- src/network.c |
8 +++ src/network.c |
8 +++ src/network.c |
9 @@ -21,6 +21,8 @@ |
9 @@ -23,6 +23,8 @@ |
10 #include <stdlib.h> |
10 #include <stdlib.h> |
11 #include <assert.h> |
11 #include <assert.h> |
12 |
12 |
13 +#include <priv.h> |
13 +#include <priv.h> |
14 + |
14 + |
15 #ifdef USE_OPENSSL |
15 #ifdef USE_OPENSSL |
16 # include <openssl/ssl.h> |
16 # include <openssl/ssl.h> |
17 # include <openssl/err.h> |
17 # include <openssl/err.h> |
18 @@ -615,6 +617,8 @@ |
18 @@ -677,6 +679,8 @@ |
19 size_t i, j; |
19 size_t i, j; |
20 network_backend_t backend; |
20 network_backend_t backend; |
21 |
21 |
22 + priv_set_t *tset; |
22 + priv_set_t *tset; |
23 + |
23 + |
24 #if OPENSSL_VERSION_NUMBER >= 0x0090800fL |
24 #if OPENSSL_VERSION_NUMBER >= 0x0090800fL |
25 #ifndef OPENSSL_NO_ECDH |
25 #ifndef OPENSSL_NO_ECDH |
26 EC_KEY *ecdh; |
26 EC_KEY *ecdh; |
27 @@ -1005,6 +1009,16 @@ |
27 @@ -1082,6 +1086,16 @@ |
28 } |
28 } |
29 } |
29 } |
30 |
30 |
31 + /* here we drop privileges we won't need any more */ |
31 + /* here we drop privileges we won't need any more */ |
32 + tset = priv_allocset(); |
32 + tset = priv_allocset(); |