Index: sbin/ping/Makefile =================================================================== --- sbin/ping/Makefile +++ sbin/ping/Makefile @@ -11,10 +11,12 @@ WARNS?= 3 LIBADD= m +LIBADD+= cap_dns + .if ${MK_CASPER} != "no" && !defined(RESCUE) LIBADD+= casper -LIBADD+= cap_dns -CFLAGS+=-DHAVE_LIBCASPER +.else +LIBADD+= caspermock .endif .if !defined(RELEASE_CRUNCH) Index: sbin/ping/ping.c =================================================================== --- sbin/ping/ping.c +++ sbin/ping/ping.c @@ -76,10 +76,8 @@ #include #include -#ifdef HAVE_LIBCASPER #include #include -#endif #ifdef IPSEC #include @@ -204,15 +202,11 @@ static volatile sig_atomic_t finish_up; static volatile sig_atomic_t siginfo_p; -#ifdef HAVE_LIBCASPER static cap_channel_t *capdns; -#endif static void fill(char *, char *); static u_short in_cksum(u_short *, int); -#ifdef HAVE_LIBCASPER static cap_channel_t *capdns_setup(void); -#endif static void check_status(void); static void finish(void) __dead2; static void pinger(void); @@ -255,6 +249,7 @@ char rspace[MAX_IPOPTLEN]; /* record route space */ #endif unsigned char loop, mttl; + const char *types[1]; payload = source = NULL; #ifdef IPSEC_POLICY_IPSEC @@ -563,22 +558,15 @@ if (options & F_PINGFILLED) { fill((char *)datap, payload); } -#ifdef HAVE_LIBCASPER + capdns = capdns_setup(); -#endif if (source) { bzero((char *)&sock_in, sizeof(sock_in)); sock_in.sin_family = AF_INET; if (inet_aton(source, &sock_in.sin_addr) != 0) { shostname = source; } else { -#ifdef HAVE_LIBCASPER - if (capdns != NULL) - hp = cap_gethostbyname2(capdns, source, - AF_INET); - else -#endif - hp = gethostbyname2(source, AF_INET); + hp = cap_gethostbyname2(capdns, source, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", source, hstrerror(h_errno)); @@ -606,12 +594,7 @@ if (inet_aton(target, &to->sin_addr) != 0) { hostname = target; } else { -#ifdef HAVE_LIBCASPER - if (capdns != NULL) - hp = cap_gethostbyname2(capdns, target, AF_INET); - else -#endif - hp = gethostbyname2(target, AF_INET); + hp = cap_gethostbyname2(capdns, target, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", target, hstrerror(h_errno)); @@ -624,16 +607,10 @@ hostname = hnamebuf; } -#ifdef HAVE_LIBCASPER /* From now on we will use only reverse DNS lookups. */ - if (capdns != NULL) { - const char *types[1]; - - types[0] = "ADDR"; - if (cap_dns_type_limit(capdns, types, 1) < 0) - err(1, "unable to limit access to system.dns service"); - } -#endif + types[0] = "ADDR"; + if (cap_dns_type_limit(capdns, types, 1) < 0) + err(1, "unable to limit access to system.dns service"); if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0) err(1, "connect"); @@ -722,12 +699,8 @@ if (options & F_NUMERIC) cansandbox = true; -#ifdef HAVE_LIBCASPER - else if (capdns != NULL) - cansandbox = true; -#endif else - cansandbox = false; + cansandbox = cap_enable(); /* * Here we enter capability mode. Further down access to global @@ -1704,13 +1677,7 @@ if (options & F_NUMERIC) return inet_ntoa(ina); -#ifdef HAVE_LIBCASPER - if (capdns != NULL) - hp = cap_gethostbyaddr(capdns, (char *)&ina, 4, AF_INET); - else -#endif - hp = gethostbyaddr((char *)&ina, 4, AF_INET); - + hp = cap_gethostbyaddr(capdns, (char *)&ina, 4, AF_INET); if (hp == NULL) return inet_ntoa(ina); @@ -1788,7 +1755,6 @@ } } -#ifdef HAVE_LIBCASPER static cap_channel_t * capdns_setup(void) { @@ -1814,7 +1780,6 @@ return (capdnsloc); } -#endif /* HAVE_LIBCASPER */ #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) #define SECOPT " [-P policy]"