From: hno <>
Date: Thu, 15 Nov 2001 07:52:42 +0000 (+0000)
Subject: Bugzilla #157: /dev/nat permissions
X-Git-Tag: SQUID_3_0_PRE1~1291
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=68108ec58520b4b13883644bfc9349b662fa7ddb;p=thirdparty%2Fsquid.git

Bugzilla #157: /dev/nat permissions
---

diff --git a/src/client_side.cc b/src/client_side.cc
index 5debaeb010..516ed7b789 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: client_side.cc,v 1.557 2001/11/13 06:38:27 hno Exp $
+ * $Id: client_side.cc,v 1.558 2001/11/15 00:52:42 hno Exp $
  *
  * DEBUG: section 33    Client-side Routines
  * AUTHOR: Duane Wessels
@@ -2615,8 +2615,14 @@ parseHttpRequest(ConnStateData * conn, method_t * method_p, int *status,
 	    natLookup.nl_inip = http->conn->me.sin_addr;
 	    natLookup.nl_outip = http->conn->peer.sin_addr;
 	    natLookup.nl_flags = IPN_TCP;
-	    if (natfd < 0)
+	    if (natfd < 0) {
+		int save_errno;
+		enter_suid();
 		natfd = open(IPL_NAT, O_RDONLY, 0);
+		save_errno = errno;
+		leave_suid();
+		errno = save_errno;
+	    }
 	    if (natfd < 0) {
 		debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n",
 		    xstrerror());