diff options
-rw-r--r-- | bgpd/ChangeLog | 7 | ||||
-rw-r--r-- | bgpd/bgp_main.c | 3 | ||||
-rw-r--r-- | bgpd/bgp_network.c | 7 |
3 files changed, 16 insertions, 1 deletions
diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog index e82843be..3028e727 100644 --- a/bgpd/ChangeLog +++ b/bgpd/ChangeLog @@ -1,3 +1,10 @@ +2004-10-25 Paul Jakma <paul@dishone.st> + + * Update with fix in debian bug id 222930. + * bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces. + bgp_network.c: (....) raise/lower privs around call to + SO_BINDTODEVICE sockopt. + 2004-10-19 Andrew J. Schorr <aschorr@telemetry-investments.com> * bgp_nexthop.c: (bgp_connected_add) Connected destination pointer diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c index 05ecb720..612013e2 100644 --- a/bgpd/bgp_main.c +++ b/bgpd/bgp_main.c @@ -100,7 +100,8 @@ char *vty_addr = NULL; /* privileges */ zebra_capabilities_t _caps_p [] = { - ZCAP_BIND, + ZCAP_BIND, + ZCAP_RAW, }; struct zebra_privs_t bgpd_privs = diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c index 85e12d94..84311e2e 100644 --- a/bgpd/bgp_network.c +++ b/bgpd/bgp_network.c @@ -133,8 +133,15 @@ bgp_bind (struct peer *peer) strncpy ((char *)&ifreq.ifr_name, peer->ifname, sizeof (ifreq.ifr_name)); + if ( bgpd_privs.change (ZPRIVS_RAISE) ) + zlog_err ("bgp_bind: could not raise privs"); + ret = setsockopt (peer->fd, SOL_SOCKET, SO_BINDTODEVICE, &ifreq, sizeof (ifreq)); + + if (bgpd_privs.change (ZPRIVS_LOWER) ) + zlog_err ("bgp_bind: could not lower privs"); + if (ret < 0) { zlog (peer->log, LOG_INFO, "bind to interface %s failed", peer->ifname); |