From f0bd57ec98731988301fd829f836873cc62f369b Mon Sep 17 00:00:00 2001
From: bluhm <bluhm@openbsd.org>
Date: Wed, 20 Jan 2021 16:36:09 +0000
Subject: [PATCH] If pledge "wroute" is missing for setsockopt SO_RTABLE, print
 failure message "wroute" into dmesg.  Since revision 1.263 pledge "wroute"
 allows to change the routing table of a socket. OK florian@ semarie@

---
 sys/kern/kern_pledge.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index c969af7c7a1..9ffb7f2ffb9 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.268 2021/01/19 17:41:51 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.269 2021/01/20 16:36:09 bluhm Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -1401,7 +1401,7 @@ pledge_sockopt(struct proc *p, int set, int level, int optname)
 	case SOL_SOCKET:
 		switch (optname) {
 		case SO_RTABLE:
-			return pledge_fail(p, EINVAL, PLEDGE_INET);
+			return pledge_fail(p, EINVAL, PLEDGE_WROUTE);
 		}
 		return (0);
 	}
-- 
2.20.1