From: deraadt <deraadt@openbsd.org>
Date: Wed, 7 Dec 2022 01:02:28 +0000 (+0000)
Subject: If the called of ypconnect(2) is root, the socket should acquire a
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=28141d3d274b8eca124c3a4f4efaf8f6e38e134d;p=openbsd

If the called of ypconnect(2) is root, the socket should acquire a
reserved port to received secure-maps from the ypserver.
issue found by niklas, using a simpler diff i proposed
ok miod
---

diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c
index 4e5dd64402f..395f0a20c26 100644
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: uipc_syscalls.c,v 1.206 2022/12/05 23:18:37 deraadt Exp $	*/
+/*	$OpenBSD: uipc_syscalls.c,v 1.207 2022/12/07 01:02:28 deraadt Exp $	*/
 /*	$NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $	*/
 
 /*
@@ -60,6 +60,9 @@
 
 #include <sys/domain.h>
 #include <netinet/in.h>
+#include <netinet/ip.h>
+#include <net/route.h>
+#include <netinet/in_pcb.h>
 #include <net/rtable.h>
 
 int	copyaddrout(struct proc *, struct mbuf *, struct sockaddr *, socklen_t,
@@ -1648,6 +1651,11 @@ out:
 		ktrsockaddr(p, mtod(nam, caddr_t), sizeof(struct sockaddr_in));
 #endif
 	solock(so);
+
+	/* Secure YP maps require reserved ports */
+	if (suser(p) == 0)
+		sotoinpcb(so)->inp_flags |= INP_LOWPORT;
+
 	error = soconnect(so, nam);
 	while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
 		error = sosleep_nsec(so, &so->so_timeo, PSOCK | PCATCH,