Gitiles
Code Review Sign In
gerrit.opencord.org / quagga / 41d3fc96959c9dea614822dfbb1891cd9a6f38a4^! / . / zebra
commit41d3fc96959c9dea614822dfbb1891cd9a6f38a4[log] [tgz]
authorhasso <hasso>Tue Apr 06 11:59:00 2004 +0000
committerhasso <hasso>Tue Apr 06 11:59:00 2004 +0000
treeb493df69256ed58534ddd9a00a9a900f1ed80c6e
parent4991f6ca305a325d1ec7a38eeb2a7cf8cf6d7f2d [diff]
* Fixed lowering privileges in proc ipforward method.
* Fixed "(no) ipv6 forwarding" command logic.
* Added --disable-capabilities switch to configure.

diff --git a/zebra/ipforward_proc.c b/zebra/ipforward_proc.c
index befa236..4c30cf6 100644
--- a/zebra/ipforward_proc.c
+++ b/zebra/ipforward_proc.c

@@ -81,16 +81,19 @@
 
   fp = fopen (proc_ipv4_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-    
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "1\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward ();
 }
 
@@ -104,17 +107,19 @@
 
   fp = fopen (proc_ipv4_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-
-  
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "0\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward ();
 }
 #ifdef HAVE_IPV6
@@ -149,16 +154,19 @@
 
   fp = fopen (proc_ipv6_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-  
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "1\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward_ipv6 ();
 }
 
@@ -172,16 +180,19 @@
 
   fp = fopen (proc_ipv6_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-  
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "0\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward_ipv6 ();
 }
 #endif /* HAVE_IPV6 */

diff --git a/zebra/zserv.c b/zebra/zserv.c
index 833b369..c623151 100644
--- a/zebra/zserv.c
+++ b/zebra/zserv.c

@@ -1919,9 +1919,16 @@
 {
   int ret;
 
-  ret = ipforward_ipv6_on ();
+  ret = ipforward_ipv6 ();
   if (ret != 0)
     {
+      vty_out (vty, "IPv6 forwarding is already on%s", VTY_NEWLINE);
+      return CMD_ERR_NOTHING_TODO;
+    }
+
+  ret = ipforward_ipv6_on ();
+  if (ret == 0)
+    {
       vty_out (vty, "Can't turn on IPv6 forwarding%s", VTY_NEWLINE);
       return CMD_WARNING;
     }
@@ -1938,6 +1945,13 @@
 {
   int ret;
 
+  ret = ipforward_ipv6 ();
+  if (ret == 0)
+    {
+      vty_out (vty, "IP forwarding is already off%s", VTY_NEWLINE);
+      return CMD_ERR_NOTHING_TODO;
+    }
+
   ret = ipforward_ipv6_off ();
   if (ret != 0)
     {