2004-10-25 Paul Jakma <paul@dishone.st>
* Update with fix in debian bug id 222930.
* bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces.
bgp_network.c: (....) raise/lower privs around call to
SO_BINDTODEVICE sockopt.
diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog
index e82843b..3028e72 100644
--- a/bgpd/ChangeLog
+++ b/bgpd/ChangeLog
@@ -1,3 +1,10 @@
+2004-10-25 Paul Jakma <paul@dishone.st>
+
+ * Update with fix in debian bug id 222930.
+ * bgp_main.c: Add ZCAP_RAW, needed to bind to interfaces.
+ bgp_network.c: (....) raise/lower privs around call to
+ SO_BINDTODEVICE sockopt.
+
2004-10-19 Andrew J. Schorr <aschorr@telemetry-investments.com>
* bgp_nexthop.c: (bgp_connected_add) Connected destination pointer
diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c
index 05ecb72..612013e 100644
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@@ -100,7 +100,8 @@
/* privileges */
zebra_capabilities_t _caps_p [] =
{
- ZCAP_BIND,
+ ZCAP_BIND,
+ ZCAP_RAW,
};
struct zebra_privs_t bgpd_privs =
diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c
index 85e12d9..84311e2 100644
--- a/bgpd/bgp_network.c
+++ b/bgpd/bgp_network.c
@@ -133,8 +133,15 @@
strncpy ((char *)&ifreq.ifr_name, peer->ifname, sizeof (ifreq.ifr_name));
+ if ( bgpd_privs.change (ZPRIVS_RAISE) )
+ zlog_err ("bgp_bind: could not raise privs");
+
ret = setsockopt (peer->fd, SOL_SOCKET, SO_BINDTODEVICE,
&ifreq, sizeof (ifreq));
+
+ if (bgpd_privs.change (ZPRIVS_LOWER) )
+ zlog_err ("bgp_bind: could not lower privs");
+
if (ret < 0)
{
zlog (peer->log, LOG_INFO, "bind to interface %s failed", peer->ifname);