cap_net: correct capability name from addr2name to name2addr

Previously, while checking name2addr capabilities, we mistakenly used
the addr2name set. This error could cause a process to inadvertently
reset its limitations.

Reported by:	Shawn Webb <shawn.webb@hardenedbsd.org>

(cherry picked from commit afd74c400075d94e01dd3430844bb290834660ef)

lib/libcasper/services/cap_net/cap_net.c

@@ -1232,7 +1232,7 @@ verify_name2addr_newlimits(const nvlist_t *oldlimits,
 	oldfunclimits = NULL;
 	if (oldlimits != NULL) {
 		oldfunclimits = dnvlist_get_nvlist(oldlimits,
-		    LIMIT_NV_ADDR2NAME, NULL);
+		    LIMIT_NV_NAME2ADDR, NULL);
 	}
 
 	cookie = NULL;

lib/libcasper/services/cap_net/tests/net_test.c

@@ -783,6 +783,18 @@ ATF_TC_BODY(capnet__limits_name2addr_hosts, tc)
 	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
 	ATF_REQUIRE(cap_net_limit(limit) != 0);
 
+	/* Try to extend the limit. */
+	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
+	ATF_REQUIRE(limit != NULL);
+	cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL);
+	ATF_REQUIRE(cap_net_limit(limit) != 0);
+
+	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
+	ATF_REQUIRE(limit != NULL);
+	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
+	cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL);
+	ATF_REQUIRE(cap_net_limit(limit) != 0);
+
 	cap_close(capnet);
 }