summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--bgpd/bgp_main.c18
-rw-r--r--bgpd/bgp_route.c9
-rw-r--r--bgpd/bgp_routemap.c6
-rw-r--r--lib/privs.c1
-rw-r--r--lib/zclient.c32
-rw-r--r--ospfd/ospf_vty.c31
-rw-r--r--ripd/rip_zebra.c8
7 files changed, 57 insertions, 48 deletions
diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c
index 423c9453eb..1773070fe3 100644
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@@ -66,6 +66,7 @@ static const struct option longopts[] =
{ "listenon", required_argument, NULL, 'l'},
{ "retain", no_argument, NULL, 'r'},
{ "no_kernel", no_argument, NULL, 'n'},
+ { "skip_runas", no_argument, NULL, 'S'},
{ "ecmp", required_argument, NULL, 'e'},
{ 0 }
};
@@ -151,7 +152,8 @@ sigint (void)
if (! retain_mode)
{
bgp_terminate ();
- zprivs_terminate (&bgpd_privs);
+ if (bgpd_privs.user) /* NULL if skip_runas flag set */
+ zprivs_terminate (&bgpd_privs);
}
bgp_exit (0);
@@ -363,6 +365,8 @@ main (int argc, char **argv)
int bgp_port = BGP_PORT_DEFAULT;
char *bgp_address = NULL;
+ int no_fib_flag = 0;
+ int skip_runas = 0;
frr_preinit(&bgpd_di, argc, argv);
frr_opt_add("p:l:rne:", longopts,
@@ -370,6 +374,7 @@ main (int argc, char **argv)
" -l, --listenon Listen on specified address (implies -n)\n"
" -r, --retain When program terminates, retain added route by bgpd.\n"
" -n, --no_kernel Do not install route to kernel.\n"
+ " -S, --skip_runas Skip capabilities checks, and changing user and group IDs.\n"
" -e, --ecmp Specify ECMP to use.\n");
/* Command line argument treatment. */
@@ -389,7 +394,7 @@ main (int argc, char **argv)
if (tmp_port <= 0 || tmp_port > 0xffff)
bgp_port = BGP_PORT_DEFAULT;
else
- bm->port = tmp_port;
+ bgp_port = tmp_port;
break;
case 'e':
multipath_num = atoi (optarg);
@@ -406,18 +411,25 @@ main (int argc, char **argv)
bgp_address = optarg;
/* listenon implies -n */
case 'n':
- bgp_option_set (BGP_OPT_NO_FIB);
+ no_fib_flag = 1;
+ break;
+ case 'S':
+ skip_runas = 1;
break;
default:
frr_help_exit (1);
break;
}
}
+ if (skip_runas)
+ memset (&bgpd_privs, 0, sizeof (bgpd_privs));
/* BGP master init. */
bgp_master_init (frr_init ());
bm->port = bgp_port;
bm->address = bgp_address;
+ if (no_fib_flag)
+ bgp_option_set (BGP_OPT_NO_FIB);
/* Initializations. */
bgp_vrf_init ();
diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index 1fa3e8bc44..32cf0bcb89 100644
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -8171,7 +8171,7 @@ bgp_show_lcommunity (struct vty *vty, struct bgp *bgp, int argc,
buffer_putc (b, ' ');
else
{
- if (strmatch (argv[i]->text, "<AA:BB:CC>"))
+ if (strmatch (argv[i]->text, "AA:BB:CC"))
{
first = 1;
buffer_putstr (b, argv[i]->arg);
@@ -8187,7 +8187,7 @@ bgp_show_lcommunity (struct vty *vty, struct bgp *bgp, int argc,
XFREE (MTYPE_TMP, str);
if (! lcom)
{
- vty_out (vty, "%% Large-community malformed: %s", VTY_NEWLINE);
+ vty_out (vty, "%% Large-community malformed%s", VTY_NEWLINE);
return CMD_WARNING;
}
@@ -8299,8 +8299,7 @@ DEFUN (show_ip_bgp_large_community,
return CMD_WARNING;
}
- argv_find (argv, argc, "large-community", &idx);
- if (strmatch(argv[idx+1]->text, "AA:BB:CC"))
+ if (argv_find (argv, argc, "AA:BB:CC", &idx))
return bgp_show_lcommunity (vty, bgp, argc, argv, afi, safi, uj);
else
return bgp_show (vty, bgp, afi, safi, bgp_show_type_lcommunity_all, NULL, uj);
@@ -8563,8 +8562,6 @@ static int
bgp_show_regexp (struct vty *vty, const char *regstr, afi_t afi,
safi_t safi, enum bgp_show_type type)
{
- return CMD_SUCCESS;
-
regex_t *regex;
int rc;
diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c
index bafc81eaf8..9b5a7a5ebb 100644
--- a/bgpd/bgp_routemap.c
+++ b/bgpd/bgp_routemap.c
@@ -1437,7 +1437,7 @@ route_set_aspath_prepend_compile (const char *arg)
{
unsigned int num;
- if (sscanf(arg, "last-as %u", &num) == 1 && num > 0 && num < 10)
+ if (sscanf(arg, "last-as %u", &num) == 1 && num > 0 && num <= 10)
return (void*)(uintptr_t)num;
return route_aspath_compile(arg);
@@ -3677,12 +3677,12 @@ DEFUN (set_aspath_prepend_asn,
DEFUN (set_aspath_prepend_lastas,
set_aspath_prepend_lastas_cmd,
- "set as-path prepend last-as (1-9)",
+ "set as-path prepend last-as (1-10)",
SET_STR
"Transform BGP AS_PATH attribute\n"
"Prepend to the as-path\n"
"Use the peer's AS-number\n"
- "Number of times to insert")
+ "Number of times to insert\n")
{
return set_aspath_prepend_asn (self, vty, argc, argv);
}
diff --git a/lib/privs.c b/lib/privs.c
index decd4bb7db..767ab667e7 100644
--- a/lib/privs.c
+++ b/lib/privs.c
@@ -769,6 +769,7 @@ zprivs_init(struct zebra_privs_t *zprivs)
}
}
+ zprivs_state.zsuid = geteuid(); /* initial uid */
/* add groups only if we changed uid - otherwise skip */
if ((ngroups) && (zprivs_state.zsuid != zprivs_state.zuid))
{
diff --git a/lib/zclient.c b/lib/zclient.c
index 71b95ae7db..d2a5186315 100644
--- a/lib/zclient.c
+++ b/lib/zclient.c
@@ -1486,7 +1486,9 @@ lm_label_manager_connect (struct zclient *zclient)
vrf_id_t vrf_id;
u_int16_t cmd;
- zlog_debug ("Connecting to Label Manager");
+ if (zclient_debug)
+ zlog_debug ("Connecting to Label Manager");
+
if (zclient->sock < 0)
return -1;
@@ -1518,7 +1520,8 @@ lm_label_manager_connect (struct zclient *zclient)
zclient->sock = -1;
return -1;
}
- zlog_debug ("%s: Label manager connect request (%d bytes) sent", __func__, ret);
+ if (zclient_debug)
+ zlog_debug ("%s: Label manager connect request (%d bytes) sent", __func__, ret);
/* read response */
s = zclient->ibuf;
@@ -1532,8 +1535,9 @@ lm_label_manager_connect (struct zclient *zclient)
}
/* result */
result = stream_getc(s);
- zlog_debug ("%s: Label Manager connect response (%d bytes) received, result %u",
- __func__, size, result);
+ if (zclient_debug)
+ zlog_debug ("%s: Label Manager connect response (%d bytes) received, result %u",
+ __func__, size, result);
return (int)result;
}
@@ -1564,7 +1568,9 @@ lm_get_label_chunk (struct zclient *zclient, u_char keep, uint32_t chunk_size,
u_int16_t cmd;
u_char response_keep;
- zlog_debug ("Getting Label Chunk");
+ if (zclient_debug)
+ zlog_debug ("Getting Label Chunk");
+
if (zclient->sock < 0)
return -1;
@@ -1594,7 +1600,8 @@ lm_get_label_chunk (struct zclient *zclient, u_char keep, uint32_t chunk_size,
zclient->sock = -1;
return -1;
}
- zlog_debug ("%s: Label chunk request (%d bytes) sent", __func__, ret);
+ if (zclient_debug)
+ zlog_debug ("%s: Label chunk request (%d bytes) sent", __func__, ret);
/* read response */
s = zclient->ibuf;
@@ -1606,7 +1613,9 @@ lm_get_label_chunk (struct zclient *zclient, u_char keep, uint32_t chunk_size,
zlog_err ("%s: Invalid Get Label Chunk Message Reply Header", __func__);
return -1;
}
- zlog_debug ("%s: Label chunk response (%d bytes) received", __func__, size);
+ if (zclient_debug)
+ zlog_debug ("%s: Label chunk response (%d bytes) received", __func__, size);
+
/* keep */
response_keep = stream_getc(s);
/* start and end labels */
@@ -1627,8 +1636,9 @@ lm_get_label_chunk (struct zclient *zclient, u_char keep, uint32_t chunk_size,
return -1;
}
- zlog_debug ("Label Chunk assign: %u - %u (%u) ",
- *start, *end, response_keep);
+ if (zclient_debug)
+ zlog_debug ("Label Chunk assign: %u - %u (%u) ",
+ *start, *end, response_keep);
return 0;
}
@@ -1647,7 +1657,9 @@ lm_release_label_chunk (struct zclient *zclient, uint32_t start, uint32_t end)
int ret;
struct stream *s;
- zlog_debug ("Releasing Label Chunk");
+ if (zclient_debug)
+ zlog_debug ("Releasing Label Chunk");
+
if (zclient->sock < 0)
return -1;
diff --git a/ospfd/ospf_vty.c b/ospfd/ospf_vty.c
index 49474df826..b4c456e0aa 100644
--- a/ospfd/ospf_vty.c
+++ b/ospfd/ospf_vty.c
@@ -3557,7 +3557,7 @@ show_ip_ospf_interface_common (struct vty *vty, struct ospf *ospf, int argc,
VTY_NEWLINE, VTY_NEWLINE);
}
- if (argc == (iface_argv + 1))
+ if (argc == iface_argv)
{
/* Show All Interfaces.*/
for (ALL_LIST_ELEMENTS_RO (vrf_iflist (VRF_DEFAULT), node, ifp))
@@ -3570,25 +3570,6 @@ show_ip_ospf_interface_common (struct vty *vty, struct ospf *ospf, int argc,
}
}
}
- else if (argv[iface_argv] && strcmp(argv[iface_argv]->arg, "json") == 0)
- {
- if (!use_json)
- {
- json = json_object_new_object();
- json_interface_sub = json_object_new_object ();
- use_json = 1;
- }
- /* Show All Interfaces. */
- for (ALL_LIST_ELEMENTS_RO (vrf_iflist (VRF_DEFAULT), node, ifp))
- {
- if (ospf_oi_count(ifp))
- {
- show_ip_ospf_interface_sub (vty, ospf, ifp, json_interface_sub, use_json);
- if (use_json)
- json_object_object_add(json, ifp->name, json_interface_sub);
- }
- }
- }
else
{
/* Interface name is specified. */
@@ -3634,7 +3615,10 @@ DEFUN (show_ip_ospf_interface,
if ((ospf = ospf_lookup()) == NULL || !ospf->oi_running)
return CMD_SUCCESS;
- return show_ip_ospf_interface_common(vty, ospf, argc, argv, 0, uj);
+ if (uj)
+ argc--;
+
+ return show_ip_ospf_interface_common(vty, ospf, argc, argv, 4, uj);
}
DEFUN (show_ip_ospf_instance_interface,
@@ -3657,7 +3641,10 @@ DEFUN (show_ip_ospf_instance_interface,
if ((ospf = ospf_lookup_instance (instance)) == NULL || !ospf->oi_running)
return CMD_SUCCESS;
- return show_ip_ospf_interface_common(vty, ospf, argc, argv, 1, uj);
+ if (uj)
+ argc--;
+
+ return show_ip_ospf_interface_common(vty, ospf, argc, argv, 5, uj);
}
static void
diff --git a/ripd/rip_zebra.c b/ripd/rip_zebra.c
index 7fa3baea7e..578c513c78 100644
--- a/ripd/rip_zebra.c
+++ b/ripd/rip_zebra.c
@@ -339,7 +339,7 @@ DEFUN (rip_redistribute_type,
for(i = 0; redist_type[i].str; i++)
{
- if (strncmp (redist_type[i].str, argv[2]->arg,
+ if (strncmp (redist_type[i].str, argv[1]->arg,
redist_type[i].str_min_len) == 0)
{
zclient_redistribute (ZEBRA_REDISTRIBUTE_ADD, zclient,
@@ -348,7 +348,7 @@ DEFUN (rip_redistribute_type,
}
}
- vty_out(vty, "Invalid type %s%s", argv[2]->arg,
+ vty_out(vty, "Invalid type %s%s", argv[1]->arg,
VTY_NEWLINE);
return CMD_WARNING;
@@ -365,7 +365,7 @@ DEFUN (no_rip_redistribute_type,
for (i = 0; redist_type[i].str; i++)
{
- if (strncmp(redist_type[i].str, argv[3]->arg,
+ if (strncmp(redist_type[i].str, argv[2]->arg,
redist_type[i].str_min_len) == 0)
{
rip_metric_unset (redist_type[i].type, DONT_CARE_METRIC_RIP);
@@ -375,7 +375,7 @@ DEFUN (no_rip_redistribute_type,
}
}
- vty_out(vty, "Invalid type %s%s", argv[3]->arg,
+ vty_out(vty, "Invalid type %s%s", argv[2]->arg,
VTY_NEWLINE);
return CMD_WARNING;