From 5c88f19d5b166c6afa8a9b8501badb785afa553b Mon Sep 17 00:00:00 2001
From: Chris Luke <chrisy@flirble.org>
Date: Tue, 18 Oct 2011 17:26:51 +0400
Subject: bgpd: justify capabilities for TOS setting

To set the TOS bits on TCP connections, platforms that restrict
capabilities need the priv level to be raised before the sockopt
is set, and this requires the ZCAP_NET_ADMIN priv.

* bgp_main.c: update _caps_p to include ZCAP_NET_ADMIN
* bgp_network.c
  * bgp_connect(): request ZPRIVS_RAISE/ZPRIVS_LOWER
  * bgp_listener(): request ZPRIVS_RAISE earlier
---
 bgpd/bgp_main.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'bgpd/bgp_main.c')

diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c
index 1a460c6b..0e85d57e 100644
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@@ -119,6 +119,7 @@ static zebra_capabilities_t _caps_p [] =
 {
     ZCAP_BIND, 
     ZCAP_NET_RAW,
+    ZCAP_NET_ADMIN,
 };
 
 struct zebra_privs_t bgpd_privs =
-- 
cgit v1.2.1