diff options
| author | Roy Marples <roy@marples.name> | 2020-05-10 16:09:54 +0100 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-05-10 16:09:54 +0100 |
| commit | 2f9d9eae5fb8fb1922b0e096e157987ac0df110e (patch) | |
| tree | c90effa39a8875fdf93f703bd9174a3d7e59dc77 /src/ipv6.c | |
| parent | 82d7c0bc10c09e0fb5ae4df1eeaede78377d1c8b (diff) | |
| download | dhcpcd-2f9d9eae5fb8fb1922b0e096e157987ac0df110e.tar.xz | |
privsep: Implement pledge(2) support as found on OpenBSD
Diffstat (limited to 'src/ipv6.c')
| -rw-r--r-- | src/ipv6.c | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -69,6 +69,7 @@ #include "ipv6.h" #include "ipv6nd.h" #include "logerr.h" +#include "privsep.h" #include "sa.h" #include "script.h" @@ -1094,10 +1095,25 @@ ipv6_anyglobal(struct interface *sifp) struct interface *ifp; struct ipv6_state *state; struct ipv6_addr *ia; +#ifdef BSD + bool forwarding; + +#ifdef HAVE_PLEDGE + forwarding = ps_root_ip6forwarding(sifp->ctx) == 1; +#else + forwarding = ip6_forwarding(NULL) == 1; +#endif +#endif + TAILQ_FOREACH(ifp, sifp->ctx->ifaces, next) { +#ifdef BSD + if (ifp != sifp && !forwarding) + continue; +#else if (ifp != sifp && ip6_forwarding(ifp->name) != 1) continue; +#endif state = IPV6_STATE(ifp); if (state == NULL) |