commit 41d3fc96959c9dea614822dfbb1891cd9a6f38a4
author hasso <hasso> Tue Apr 06 11:59:00 2004 +0000
committer hasso <hasso> Tue Apr 06 11:59:00 2004 +0000
tree b493df69256ed58534ddd9a00a9a900f1ed80c6e
parent 4991f6ca305a325d1ec7a38eeb2a7cf8cf6d7f2d

* Fixed lowering privileges in proc ipforward method.
* Fixed "(no) ipv6 forwarding" command logic.
* Added --disable-capabilities switch to configure.

zebra/ipforward_proc.c

diff --git a/zebra/ipforward_proc.c b/zebra/ipforward_proc.c
index befa236..4c30cf6 100644
--- a/zebra/ipforward_proc.c
+++ b/zebra/ipforward_proc.c
@@ -81,16 +81,19 @@
 
   fp = fopen (proc_ipv4_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-    
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "1\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward ();
 }
 
@@ -104,17 +107,19 @@
 
   fp = fopen (proc_ipv4_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-
-  
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "0\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward ();
 }
 #ifdef HAVE_IPV6
@@ -149,16 +154,19 @@
 
   fp = fopen (proc_ipv6_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-  
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "1\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward_ipv6 ();
 }
 
@@ -172,16 +180,19 @@
 
   fp = fopen (proc_ipv6_forwarding, "w");
 
-  if ( zserv_privs.change(ZPRIVS_LOWER) )
-  	zlog_err ("Can't lower privileges, %s", strerror (errno));
-  
-  if (fp == NULL)
+  if (fp == NULL) {
+    if ( zserv_privs.change(ZPRIVS_LOWER) )
+      zlog_err ("Can't lower privileges, %s", strerror (errno));
     return -1;
+  }
 
   fprintf (fp, "0\n");
 
   fclose (fp);
 
+  if ( zserv_privs.change(ZPRIVS_LOWER) )
+    zlog_err ("Can't lower privileges, %s", strerror (errno));
+
   return ipforward_ipv6 ();
 }
 #endif /* HAVE_IPV6 */