diff options
| -rw-r--r-- | zebra/ipforward_proc.c | 2 | ||||
| -rw-r--r-- | zebra/rt_netlink.c | 23 |
2 files changed, 16 insertions, 9 deletions
diff --git a/zebra/ipforward_proc.c b/zebra/ipforward_proc.c index e9d6b9fc..a31ec84b 100644 --- a/zebra/ipforward_proc.c +++ b/zebra/ipforward_proc.c @@ -100,7 +100,6 @@ ipforward_off () if ( zserv_privs.change(ZPRIVS_RAISE) ) zlog_err ("Can't raise privileges, %s", strerror (errno)); - fp = fopen (proc_ipv4_forwarding, "w"); if ( zserv_privs.change(ZPRIVS_LOWER) ) @@ -150,7 +149,6 @@ ipforward_ipv6_on () if ( zserv_privs.change(ZPRIVS_LOWER) ) zlog_err ("Can't lower privileges, %s", strerror (errno)); - if (fp == NULL) return -1; diff --git a/zebra/rt_netlink.c b/zebra/rt_netlink.c index f1784a77..e1514623 100644 --- a/zebra/rt_netlink.c +++ b/zebra/rt_netlink.c @@ -102,11 +102,16 @@ netlink_socket (struct nlsock *nl, unsigned long groups) /* Bind the socket to the netlink structure for anything. */ if ( zserv_privs.change(ZPRIVS_RAISE) ) - zlog (NULL, LOG_ERR, "Can't raise privileges"); - + { + zlog (NULL, LOG_ERR, "Can't raise privileges"); + return -1; + } + ret = bind (sock, (struct sockaddr *) &snl, sizeof snl); if (ret < 0) { + if ( zserv_privs.change(ZPRIVS_LOWER) ) + zlog (NULL, LOG_ERR, "Can't lower privileges"); zlog (NULL, LOG_ERR, "Can't bind %s socket to group 0x%x: %s", nl->name, snl.nl_groups, strerror (errno)); close (sock); @@ -200,19 +205,23 @@ netlink_request (int family, int type, struct nlsock *nl) * have to raise caps for every message sent */ if ( zserv_privs.change(ZPRIVS_RAISE) ) - zlog (NULL, LOG_ERR, "Can't raise privileges"); + { + zlog (NULL, LOG_ERR, "Can't raise privileges"); + return -1; + } ret = sendto (nl->sock, (void*) &req, sizeof req, 0, (struct sockaddr*) &snl, sizeof snl); + + if ( zserv_privs.change(ZPRIVS_LOWER) ) + zlog (NULL, LOG_ERR, "Can't lower privileges"); + if (ret < 0) - { + { zlog (NULL, LOG_ERR, "%s sendto failed: %s", nl->name, strerror (errno)); return -1; } - if ( zserv_privs.change(ZPRIVS_LOWER) ) - zlog (NULL, LOG_ERR, "Can't lower privileges"); - return 0; } |