From 342213eac063ad7fd215345d9beae80287608df7 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Wed, 11 Oct 2017 10:37:20 -0400 Subject: [PATCH] *: Modify zclient_init to require privs data Signed-off-by: Donald Sharp --- babeld/babel_zebra.c | 2 +- bgpd/bgp_zebra.c | 4 +++- bgpd/rfapi/vnc_zebra.c | 3 ++- eigrpd/eigrp_zebra.c | 2 +- isisd/isis_zebra.c | 2 +- ldpd/lde.c | 4 +++- ldpd/ldp_zebra.c | 4 +++- lib/zclient.c | 12 ++++++++++-- lib/zclient.h | 5 ++++- nhrpd/nhrp_route.c | 2 +- ospf6d/ospf6_zebra.c | 2 +- ospfd/ospf_zebra.c | 2 +- pimd/pim_zebra.c | 2 +- pimd/pim_zlookup.c | 1 + ripd/rip_zebra.c | 2 +- ripngd/ripng_zebra.c | 2 +- 16 files changed, 35 insertions(+), 16 deletions(-) diff --git a/babeld/babel_zebra.c b/babeld/babel_zebra.c index 337b7b3927..e7c27e8e21 100644 --- a/babeld/babel_zebra.c +++ b/babeld/babel_zebra.c @@ -238,7 +238,7 @@ babel_zebra_connected (struct zclient *zclient) void babelz_zebra_init(void) { zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_BABEL, 0); + zclient_init(zclient, ZEBRA_ROUTE_BABEL, 0, &babeld_privs); zclient->zebra_connected = babel_zebra_connected; zclient->interface_add = babel_interface_add; diff --git a/bgpd/bgp_zebra.c b/bgpd/bgp_zebra.c index ddf461f1b1..ed162cb7dc 100644 --- a/bgpd/bgp_zebra.c +++ b/bgpd/bgp_zebra.c @@ -1749,13 +1749,15 @@ static int bgp_zebra_process_local_macip(int command, struct zclient *zclient, return bgp_evpn_local_macip_del(bgp, vni, &mac, &ip); } +extern struct zebra_privs_t bgpd_privs; + void bgp_zebra_init(struct thread_master *master) { zclient_num_connects = 0; /* Set default values. */ zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_BGP, 0); + zclient_init(zclient, ZEBRA_ROUTE_BGP, 0, &bgpd_privs); zclient->zebra_connected = bgp_zebra_connected; zclient->router_id_update = bgp_router_id_update; zclient->interface_add = bgp_interface_add; diff --git a/bgpd/rfapi/vnc_zebra.c b/bgpd/rfapi/vnc_zebra.c index b8058cf1e5..478d3b5ac7 100644 --- a/bgpd/rfapi/vnc_zebra.c +++ b/bgpd/rfapi/vnc_zebra.c @@ -883,6 +883,7 @@ int vnc_redistribute_unset(struct bgp *bgp, afi_t afi, int type) return CMD_SUCCESS; } +extern struct zebra_privs_t bgpd_privs; /* * Modeled after bgp_zebra.c'bgp_zebra_init() @@ -892,7 +893,7 @@ void vnc_zebra_init(struct thread_master *master) { /* Set default values. */ zclient_vnc = zclient_new(master); - zclient_init(zclient_vnc, ZEBRA_ROUTE_VNC, 0); + zclient_init(zclient_vnc, ZEBRA_ROUTE_VNC, 0, &bgpd_privs); zclient_vnc->redistribute_route_add = vnc_zebra_read_route; zclient_vnc->redistribute_route_del = vnc_zebra_read_route; diff --git a/eigrpd/eigrp_zebra.c b/eigrpd/eigrp_zebra.c index 28d2f29811..9076a50f57 100644 --- a/eigrpd/eigrp_zebra.c +++ b/eigrpd/eigrp_zebra.c @@ -103,7 +103,7 @@ void eigrp_zebra_init(void) { zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_EIGRP, 0); + zclient_init(zclient, ZEBRA_ROUTE_EIGRP, 0, &eigrpd_privs); zclient->zebra_connected = eigrp_zebra_connected; zclient->router_id_update = eigrp_router_id_update_zebra; zclient->interface_add = eigrp_interface_add; diff --git a/isisd/isis_zebra.c b/isisd/isis_zebra.c index 387f99938e..c186dd56ad 100644 --- a/isisd/isis_zebra.c +++ b/isisd/isis_zebra.c @@ -412,7 +412,7 @@ static void isis_zebra_connected(struct zclient *zclient) void isis_zebra_init(struct thread_master *master) { zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_ISIS, 0); + zclient_init(zclient, ZEBRA_ROUTE_ISIS, 0, &isisd_privs); zclient->zebra_connected = isis_zebra_connected; zclient->router_id_update = isis_router_id_update_zebra; zclient->interface_add = isis_zebra_if_add; diff --git a/ldpd/lde.c b/ldpd/lde.c index a7f933bbe5..8122b88cca 100644 --- a/ldpd/lde.c +++ b/ldpd/lde.c @@ -77,7 +77,7 @@ struct thread_master *master; /* lde privileges */ static zebra_capabilities_t _caps_p [] = { - /* none */ + ZCAP_NET_ADMIN }; static struct zebra_privs_t lde_privs = @@ -1622,6 +1622,8 @@ zclient_sync_init(u_short instance) zclient_sync->sock = -1; zclient_sync->redist_default = ZEBRA_ROUTE_LDP; zclient_sync->instance = instance; + zclient_sync->privs = &lde_privs; + while (zclient_socket_connect(zclient_sync) < 0) { log_warnx("Error connecting synchronous zclient!"); sleep(1); diff --git a/ldpd/ldp_zebra.c b/ldpd/ldp_zebra.c index 7f68f0b694..8fe51cb9d1 100644 --- a/ldpd/ldp_zebra.c +++ b/ldpd/ldp_zebra.c @@ -507,12 +507,14 @@ ldp_zebra_connected(struct zclient *zclient) ZEBRA_ROUTE_ALL, 0, VRF_DEFAULT); } +extern struct zebra_privs_t ldpd_privs; + void ldp_zebra_init(struct thread_master *master) { /* Set default values. */ zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_LDP, 0); + zclient_init(zclient, ZEBRA_ROUTE_LDP, 0, &ldpd_privs); /* set callbacks */ zclient->zebra_connected = ldp_zebra_connected; diff --git a/lib/zclient.c b/lib/zclient.c index ad5c30584c..d23e5fbd79 100644 --- a/lib/zclient.c +++ b/lib/zclient.c @@ -35,6 +35,7 @@ #include "table.h" #include "nexthop.h" #include "mpls.h" +#include "sockopt.h" DEFINE_MTYPE_STATIC(LIB, ZCLIENT, "Zclient") DEFINE_MTYPE_STATIC(LIB, REDIST_INST, "Redistribution instance IDs") @@ -180,7 +181,8 @@ void zclient_reset(struct zclient *zclient) &zclient->mi_redist[afi][zclient->redist_default], zclient->instance); - zclient_init(zclient, zclient->redist_default, zclient->instance); + zclient_init(zclient, zclient->redist_default, + zclient->instance, zclient->privs); } /** @@ -202,6 +204,10 @@ int zclient_socket_connect(struct zclient *zclient) set_cloexec(sock); + zclient->privs->change(ZPRIVS_RAISE); + setsockopt_so_sendbuf(sock, 1048576); + zclient->privs->change(ZPRIVS_LOWER); + /* Connect to zebra. */ ret = connect(sock, (struct sockaddr *)&zclient_addr, zclient_addr_len); @@ -543,12 +549,14 @@ int zclient_start(struct zclient *zclient) /* Initialize zebra client. Argument redist_default is unwanted redistribute route type. */ -void zclient_init(struct zclient *zclient, int redist_default, u_short instance) +void zclient_init(struct zclient *zclient, int redist_default, + u_short instance, struct zebra_privs_t *privs) { int afi, i; /* Set -1 to the default socket value. */ zclient->sock = -1; + zclient->privs = privs; /* Clear redistribution flags. */ for (afi = AFI_IP; afi < AFI_MAX; afi++) diff --git a/lib/zclient.h b/lib/zclient.h index 288951eb1a..23fe0e41f4 100644 --- a/lib/zclient.h +++ b/lib/zclient.h @@ -134,6 +134,9 @@ struct zclient { /* The thread master we schedule ourselves on */ struct thread_master *master; + /* Priviledges to change socket values */ + struct zebra_privs_t *privs; + /* Socket to zebra daemon. */ int sock; @@ -315,7 +318,7 @@ struct zapi_pw_status { /* Prototypes of zebra client service functions. */ extern struct zclient *zclient_new(struct thread_master *); -extern void zclient_init(struct zclient *, int, u_short); +extern void zclient_init(struct zclient *, int, u_short, struct zebra_privs_t *privs); extern int zclient_start(struct zclient *); extern void zclient_stop(struct zclient *); extern void zclient_reset(struct zclient *); diff --git a/nhrpd/nhrp_route.c b/nhrpd/nhrp_route.c index 495e226f15..7701dcbb88 100644 --- a/nhrpd/nhrp_route.c +++ b/nhrpd/nhrp_route.c @@ -325,7 +325,7 @@ void nhrp_zebra_init(void) zclient->redistribute_route_add = nhrp_route_read; zclient->redistribute_route_del = nhrp_route_read; - zclient_init(zclient, ZEBRA_ROUTE_NHRP, 0); + zclient_init(zclient, ZEBRA_ROUTE_NHRP, 0, &nhrpd_privs); } void nhrp_zebra_terminate(void) diff --git a/ospf6d/ospf6_zebra.c b/ospf6d/ospf6_zebra.c index b032bd7a79..022b913168 100644 --- a/ospf6d/ospf6_zebra.c +++ b/ospf6d/ospf6_zebra.c @@ -584,7 +584,7 @@ void ospf6_zebra_init(struct thread_master *master) { /* Allocate zebra structure. */ zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_OSPF6, 0); + zclient_init(zclient, ZEBRA_ROUTE_OSPF6, 0, &ospf6d_privs); zclient->zebra_connected = ospf6_zebra_connected; zclient->router_id_update = ospf6_router_id_update_zebra; zclient->interface_add = ospf6_zebra_if_add; diff --git a/ospfd/ospf_zebra.c b/ospfd/ospf_zebra.c index 7e6146e0d3..76fa6fa6dd 100644 --- a/ospfd/ospf_zebra.c +++ b/ospfd/ospf_zebra.c @@ -1472,7 +1472,7 @@ void ospf_zebra_init(struct thread_master *master, u_short instance) { /* Allocate zebra structure. */ zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_OSPF, instance); + zclient_init(zclient, ZEBRA_ROUTE_OSPF, instance, &ospfd_privs); zclient->zebra_connected = ospf_zebra_connected; zclient->router_id_update = ospf_router_id_update_zebra; zclient->interface_add = ospf_interface_add; diff --git a/pimd/pim_zebra.c b/pimd/pim_zebra.c index db11e5f171..8c90ccbed1 100644 --- a/pimd/pim_zebra.c +++ b/pimd/pim_zebra.c @@ -753,7 +753,7 @@ void pim_zebra_init(void) zclient->interface_address_delete = pim_zebra_if_address_del; zclient->nexthop_update = pim_parse_nexthop_update; - zclient_init(zclient, ZEBRA_ROUTE_PIM, 0); + zclient_init(zclient, ZEBRA_ROUTE_PIM, 0, &pimd_privs); if (PIM_DEBUG_PIM_TRACE) { zlog_info("zclient_init cleared redistribution request"); } diff --git a/pimd/pim_zlookup.c b/pimd/pim_zlookup.c index df8ad4e428..fd75a699b3 100644 --- a/pimd/pim_zlookup.c +++ b/pimd/pim_zlookup.c @@ -128,6 +128,7 @@ void zclient_lookup_new(void) zlookup->sock = -1; zlookup->t_connect = NULL; + zlookup->privs = &pimd_privs; zclient_lookup_sched_now(zlookup); diff --git a/ripd/rip_zebra.c b/ripd/rip_zebra.c index 28144a2435..3772f6223e 100644 --- a/ripd/rip_zebra.c +++ b/ripd/rip_zebra.c @@ -586,7 +586,7 @@ void rip_zclient_init(struct thread_master *master) { /* Set default value to the zebra client structure. */ zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_RIP, 0); + zclient_init(zclient, ZEBRA_ROUTE_RIP, 0, &ripd_privs); zclient->zebra_connected = rip_zebra_connected; zclient->interface_add = rip_interface_add; zclient->interface_delete = rip_interface_delete; diff --git a/ripngd/ripng_zebra.c b/ripngd/ripng_zebra.c index 7edaaa5dff..084d58ee53 100644 --- a/ripngd/ripng_zebra.c +++ b/ripngd/ripng_zebra.c @@ -414,7 +414,7 @@ void zebra_init(struct thread_master *master) { /* Allocate zebra structure. */ zclient = zclient_new(master); - zclient_init(zclient, ZEBRA_ROUTE_RIPNG, 0); + zclient_init(zclient, ZEBRA_ROUTE_RIPNG, 0, &ripngd_privs); zclient->zebra_connected = ripng_zebra_connected; zclient->interface_up = ripng_interface_up; -- 2.39.5