Module Name: src
Committed By: christos
Date: Fri Apr 12 23:51:51 UTC 2013
Modified Files:
src/external/bsd/tcpdump/dist: print-ip.c tcpdump.c
Log Message:
move droproot after we have dealt with input and output files.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/external/bsd/tcpdump/dist/print-ip.c
cvs rdiff -u -r1.5 -r1.6 src/external/bsd/tcpdump/dist/tcpdump.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/tcpdump/dist/print-ip.c
diff -u src/external/bsd/tcpdump/dist/print-ip.c:1.3 src/external/bsd/tcpdump/dist/print-ip.c:1.4
--- src/external/bsd/tcpdump/dist/print-ip.c:1.3 Sat Apr 6 15:33:08 2013
+++ src/external/bsd/tcpdump/dist/print-ip.c Fri Apr 12 19:51:50 2013
@@ -25,7 +25,7 @@
static const char rcsid[] _U_ =
"@(#) Header: /tcpdump/master/tcpdump/print-ip.c,v 1.159 2007-09-14 01:29:28 guy Exp (LBL)";
#else
-__RCSID("$NetBSD: print-ip.c,v 1.3 2013/04/06 19:33:08 christos Exp $");
+__RCSID("$NetBSD: print-ip.c,v 1.4 2013/04/12 23:51:50 christos Exp $");
#endif
#endif
@@ -491,6 +491,7 @@ again:
break;
default:
+ fprintf(stderr, "XXXX: %d %d\n", ndo->ndo_nflag, ipds->nh);
if (ndo->ndo_nflag==0 && (proto = getprotobynumber(ipds->nh)) != NULL)
ND_PRINT((ndo, " %s", proto->p_name));
else
Index: src/external/bsd/tcpdump/dist/tcpdump.c
diff -u src/external/bsd/tcpdump/dist/tcpdump.c:1.5 src/external/bsd/tcpdump/dist/tcpdump.c:1.6
--- src/external/bsd/tcpdump/dist/tcpdump.c:1.5 Sun Apr 7 15:17:11 2013
+++ src/external/bsd/tcpdump/dist/tcpdump.c Fri Apr 12 19:51:50 2013
@@ -34,7 +34,7 @@ The Regents of the University of Califor
static const char rcsid[] _U_ =
"@(#) Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.283 2008-09-25 21:45:50 guy Exp (LBL)";
#else
-__RCSID("$NetBSD: tcpdump.c,v 1.5 2013/04/07 19:17:11 christos Exp $");
+__RCSID("$NetBSD: tcpdump.c,v 1.6 2013/04/12 23:51:50 christos Exp $");
#endif
#endif
@@ -1295,29 +1295,6 @@ main(int argc, char **argv)
(void)setsignal(SIGHUP, oldhandler);
#endif /* WIN32 */
-#ifndef WIN32
- /*
- * If a user name was specified with "-Z", attempt to switch to
- * that user's UID. This would probably be used with sudo,
- * to allow tcpdump to be run in a special restricted
- * account (if you just want to allow users to open capture
- * devices, and can't just give users that permission,
- * you'd make tcpdump set-UID or set-GID).
- *
- * Tcpdump doesn't necessarily write only to one savefile;
- * the general only way to allow a -Z instance to write to
- * savefiles as the user under whose UID it's run, rather
- * than as the user specified with -Z, would thus be to switch
- * to the original user ID before opening a capture file and
- * then switch back to the -Z user ID after opening the savefile.
- * Switching to the -Z user ID only after opening the first
- * savefile doesn't handle the general case.
- */
- if (getuid() == 0 || geteuid() == 0) {
- if (username || chroot_dir)
- droproot(username, chroot_dir);
- }
-#endif /* WIN32 */
if (pcap_setfilter(pd, &fcode) < 0)
error("%s", pcap_geterr(pd));
@@ -1421,6 +1398,28 @@ main(int argc, char **argv)
}
(void)fflush(stderr);
}
+
+ /*
+ * If a user name was specified with "-Z", attempt to switch to
+ * that user's UID. This would probably be used with sudo,
+ * to allow tcpdump to be run in a special restricted
+ * account (if you just want to allow users to open capture
+ * devices, and can't just give users that permission,
+ * you'd make tcpdump set-UID or set-GID).
+ *
+ * Tcpdump doesn't necessarily write only to one savefile;
+ * the general only way to allow a -Z instance to write to
+ * savefiles as the user under whose UID it's run, rather
+ * than as the user specified with -Z, would thus be to switch
+ * to the original user ID before opening a capture file and
+ * then switch back to the -Z user ID after opening the savefile.
+ * Switching to the -Z user ID only after opening the first
+ * savefile doesn't handle the general case.
+ */
+ if (getuid() == 0 || geteuid() == 0) {
+ if (username || chroot_dir)
+ droproot(username, chroot_dir);
+ }
#endif /* WIN32 */
status = pcap_loop(pd, cnt, callback, pcap_userdata);
if (WFileName == NULL) {
