summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--bgpd/ChangeLog4
-rw-r--r--bgpd/bgp_network.c23
2 files changed, 17 insertions, 10 deletions
diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog
index c97dbcef..428c2b93 100644
--- a/bgpd/ChangeLog
+++ b/bgpd/ChangeLog
@@ -1,3 +1,7 @@
+2003-12-23 Krzysztof Oledzki <oleq@ans.pl>
+
+ * bgp_network.c: drop privs on error cases
+
2003-08-11 kunihiro <kunihiro@zebra.org
* bgp_route{,map}.c: Extend 'set ip next-hop' in route-maps with
diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c
index 019b78b7..1590b99f 100644
--- a/bgpd/bgp_network.c
+++ b/bgpd/bgp_network.c
@@ -279,7 +279,7 @@ bgp_getsockname (struct peer *peer)
int
bgp_socket (struct bgp *bgp, unsigned short port)
{
- int ret;
+ int ret, en;
struct addrinfo req;
struct addrinfo *ainfo;
struct addrinfo *ainfo_save;
@@ -322,16 +322,17 @@ bgp_socket (struct bgp *bgp, unsigned short port)
zlog_err ("bgp_socket: could not raise privs");
ret = bind (sock, ainfo->ai_addr, ainfo->ai_addrlen);
+ en = errno;
+ if (bgpd_privs.change (ZPRIVS_LOWER) )
+ zlog_err ("bgp_bind_address: could not lower privs");
+
if (ret < 0)
{
- zlog_err ("bind: %s", strerror (errno));
- close (sock);
+ zlog_err ("bind: %s", strerror (en));
+ close(sock);
continue;
}
- if (bgpd_privs.change (ZPRIVS_LOWER) )
- zlog_err ("bgp_bind_address: could not lower privs");
-
ret = listen (sock, 3);
if (ret < 0)
{
@@ -381,16 +382,18 @@ bgp_socket (struct bgp *bgp, unsigned short port)
zlog_err ("bgp_socket: could not raise privs");
ret = bind (sock, (struct sockaddr *) &sin, socklen);
+ en = errno;
+
+ if (bgpd_privs.change (ZPRIVS_LOWER) )
+ zlog_err ("bgp_socket: could not lower privs");
+
if (ret < 0)
{
- zlog_err ("bind: %s", strerror (errno));
+ zlog_err ("bind: %s", strerror (en));
close (sock);
return ret;
}
- if (bgpd_privs.change (ZPRIVS_LOWER) )
- zlog_err ("bgp_socket: could not lower privs");
-
ret = listen (sock, 3);
if (ret < 0)
{