2004-10-25 Paul Jakma <paul@dishone.st>

	* Update with fix in debian bug id 222930.
	* bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces.
	  bgp_network.c: (....) raise/lower privs around call to
          SO_BINDTODEVICE sockopt.

diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog
index e82843beb4aa370682db7e264d4bf897fa4f3b75..3028e727bff97a467ac1249675aeb481daa6592e 100644 (file)
--- a/bgpd/ChangeLog
+++ b/bgpd/ChangeLog
@@ -1,3 +1,10 @@
+2004-10-25 Paul Jakma <paul@dishone.st>
+
+       * Update with fix in debian bug id 222930.
+       * bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces.
+         bgp_network.c: (....) raise/lower privs around call to
+          SO_BINDTODEVICE sockopt. 
+
 2004-10-19 Andrew J. Schorr <aschorr@telemetry-investments.com>
 
        * bgp_nexthop.c: (bgp_connected_add) Connected destination pointer

diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c
index 05ecb7207d53c975a0925e3b2280c89ff1177fad..612013e263cbe432bfedcdbb53efbc9db7d0c274 100644 (file)
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@@ -100,7 +100,8 @@ char *vty_addr = NULL;
 /* privileges */
 zebra_capabilities_t _caps_p [] =  
 {
-    ZCAP_BIND,
+    ZCAP_BIND, 
+    ZCAP_RAW,
 };
 
 struct zebra_privs_t bgpd_privs =

diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c
index 85e12d94f254b39b518a5f8007f41891aebb0f31..84311e2ef74241c3cd4a861a47deae843fad49ef 100644 (file)
--- a/bgpd/bgp_network.c
+++ b/bgpd/bgp_network.c
@@ -133,8 +133,15 @@ bgp_bind (struct peer *peer)
 
   strncpy ((char *)&ifreq.ifr_name, peer->ifname, sizeof (ifreq.ifr_name));
 
+  if ( bgpd_privs.change (ZPRIVS_RAISE) )
+       zlog_err ("bgp_bind: could not raise privs");
+  
   ret = setsockopt (peer->fd, SOL_SOCKET, SO_BINDTODEVICE, 
                    &ifreq, sizeof (ifreq));
+
+  if (bgpd_privs.change (ZPRIVS_LOWER) )
+    zlog_err ("bgp_bind: could not lower privs");
+
   if (ret < 0)
     {
       zlog (peer->log, LOG_INFO, "bind to interface %s failed", peer->ifname);