On Feb 19, 10:55pm, al...@yandex.ru (Alexander Nasonov) wrote:
-- Subject: Re: CVS commit: src/sys/dist/pf/net
| I think it's perfectly normal for an incoming packet to have no
| cred. For instance, if that packet is about to be accepted.
Yes, that is what I was thinking.
| pd->lookup.uid and pd->lookup.gid are set to UID_MAX and GID_MAX
| at the beginning of the function. They can be probably changed only
| if so_cred is set:
|
| if (so == NULL)
return -1;
if (so->so_cred != NULL) {
pd->lookup.uid =
kauth_cred_geteuid(so->so_cred);
pd->lookup.gid =
kauth_cred_getegid(so->so_cred);
}
Or should return -1 there too without printing anything...
I have not looked if -1 is handled differently.
christos
