2004-10-25 Paul Jakma <paul@dishone.st>

	* Update with fix in debian bug id 222930.
	* bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces.
	  bgp_network.c: (....) raise/lower privs around call to
          SO_BINDTODEVICE sockopt.

3 files changed, 16 insertions, 1 deletions

diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog
index e82843be..3028e727 100644
--- a/bgpd/ChangeLog
+++ b/bgpd/ChangeLog
@@ -1,3 +1,10 @@
+2004-10-25 Paul Jakma <paul@dishone.st>
+
+	* Update with fix in debian bug id 222930.
+	* bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces.
+	  bgp_network.c: (....) raise/lower privs around call to
+          SO_BINDTODEVICE sockopt. 
+
 2004-10-19 Andrew J. Schorr <aschorr@telemetry-investments.com>
 
 	* bgp_nexthop.c: (bgp_connected_add) Connected destination pointer
diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c
index 05ecb720..612013e2 100644
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@@ -100,7 +100,8 @@ char *vty_addr = NULL;
 /* privileges */
 zebra_capabilities_t _caps_p [] =  
 {
-    ZCAP_BIND,
+    ZCAP_BIND, 
+    ZCAP_RAW,
 };
 
 struct zebra_privs_t bgpd_privs =
diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c
index 85e12d94..84311e2e 100644
--- a/bgpd/bgp_network.c
+++ b/bgpd/bgp_network.c
@@ -133,8 +133,15 @@ bgp_bind (struct peer *peer)
 
   strncpy ((char *)&ifreq.ifr_name, peer->ifname, sizeof (ifreq.ifr_name));
 
+  if ( bgpd_privs.change (ZPRIVS_RAISE) )
+  	zlog_err ("bgp_bind: could not raise privs");
+  
   ret = setsockopt (peer->fd, SOL_SOCKET, SO_BINDTODEVICE, 
 		    &ifreq, sizeof (ifreq));
+
+  if (bgpd_privs.change (ZPRIVS_LOWER) )
+    zlog_err ("bgp_bind: could not lower privs");
+
   if (ret < 0)
     {
       zlog (peer->log, LOG_INFO, "bind to interface %s failed", peer->ifname);