From 98f5163c3fb005af35f9f3a4bc4ee60d4f3ee741 Mon Sep 17 00:00:00 2001 From: paul Date: Mon, 25 Oct 2004 14:19:15 +0000 Subject: 2004-10-25 Paul Jakma * Update with fix in debian bug id 222930. * bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces. bgp_network.c: (....) raise/lower privs around call to SO_BINDTODEVICE sockopt. --- bgpd/ChangeLog | 7 +++++++ bgpd/bgp_main.c | 3 ++- bgpd/bgp_network.c | 7 +++++++ 3 files changed, 16 insertions(+), 1 deletion(-) (limited to 'bgpd') diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog index e82843be..3028e727 100644 --- a/bgpd/ChangeLog +++ b/bgpd/ChangeLog @@ -1,3 +1,10 @@ +2004-10-25 Paul Jakma + + * Update with fix in debian bug id 222930. + * bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces. + bgp_network.c: (....) raise/lower privs around call to + SO_BINDTODEVICE sockopt. + 2004-10-19 Andrew J. Schorr * bgp_nexthop.c: (bgp_connected_add) Connected destination pointer diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c index 05ecb720..612013e2 100644 --- a/bgpd/bgp_main.c +++ b/bgpd/bgp_main.c @@ -100,7 +100,8 @@ char *vty_addr = NULL; /* privileges */ zebra_capabilities_t _caps_p [] = { - ZCAP_BIND, + ZCAP_BIND, + ZCAP_RAW, }; struct zebra_privs_t bgpd_privs = diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c index 85e12d94..84311e2e 100644 --- a/bgpd/bgp_network.c +++ b/bgpd/bgp_network.c @@ -133,8 +133,15 @@ bgp_bind (struct peer *peer) strncpy ((char *)&ifreq.ifr_name, peer->ifname, sizeof (ifreq.ifr_name)); + if ( bgpd_privs.change (ZPRIVS_RAISE) ) + zlog_err ("bgp_bind: could not raise privs"); + ret = setsockopt (peer->fd, SOL_SOCKET, SO_BINDTODEVICE, &ifreq, sizeof (ifreq)); + + if (bgpd_privs.change (ZPRIVS_LOWER) ) + zlog_err ("bgp_bind: could not lower privs"); + if (ret < 0) { zlog (peer->log, LOG_INFO, "bind to interface %s failed", peer->ifname); -- cgit v1.2.1