diff options
author | paul <paul> | 2004-10-25 14:19:15 +0000 |
---|---|---|
committer | paul <paul> | 2004-10-25 14:19:15 +0000 |
commit | 98f5163c3fb005af35f9f3a4bc4ee60d4f3ee741 (patch) | |
tree | 0fb3b1a0da479f53152294a5f1f059b9ab8258a8 | |
parent | 508ec9102057c86769e5c0dd280037025102a9c0 (diff) |
2004-10-25 Paul Jakma <paul@dishone.st>
* Update with fix in debian bug id 222930.
* bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces.
bgp_network.c: (....) raise/lower privs around call to
SO_BINDTODEVICE sockopt.
-rw-r--r-- | bgpd/ChangeLog | 7 | ||||
-rw-r--r-- | bgpd/bgp_main.c | 3 | ||||
-rw-r--r-- | bgpd/bgp_network.c | 7 |
3 files changed, 16 insertions, 1 deletions
diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog index e82843be..3028e727 100644 --- a/bgpd/ChangeLog +++ b/bgpd/ChangeLog @@ -1,3 +1,10 @@ +2004-10-25 Paul Jakma <paul@dishone.st> + + * Update with fix in debian bug id 222930. + * bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces. + bgp_network.c: (....) raise/lower privs around call to + SO_BINDTODEVICE sockopt. + 2004-10-19 Andrew J. Schorr <aschorr@telemetry-investments.com> * bgp_nexthop.c: (bgp_connected_add) Connected destination pointer diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c index 05ecb720..612013e2 100644 --- a/bgpd/bgp_main.c +++ b/bgpd/bgp_main.c @@ -100,7 +100,8 @@ char *vty_addr = NULL; /* privileges */ zebra_capabilities_t _caps_p [] = { - ZCAP_BIND, + ZCAP_BIND, + ZCAP_RAW, }; struct zebra_privs_t bgpd_privs = diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c index 85e12d94..84311e2e 100644 --- a/bgpd/bgp_network.c +++ b/bgpd/bgp_network.c @@ -133,8 +133,15 @@ bgp_bind (struct peer *peer) strncpy ((char *)&ifreq.ifr_name, peer->ifname, sizeof (ifreq.ifr_name)); + if ( bgpd_privs.change (ZPRIVS_RAISE) ) + zlog_err ("bgp_bind: could not raise privs"); + ret = setsockopt (peer->fd, SOL_SOCKET, SO_BINDTODEVICE, &ifreq, sizeof (ifreq)); + + if (bgpd_privs.change (ZPRIVS_LOWER) ) + zlog_err ("bgp_bind: could not lower privs"); + if (ret < 0) { zlog (peer->log, LOG_INFO, "bind to interface %s failed", peer->ifname); |