Skip to content
Permalink
Browse files

ldpd: fix startup on OpenBSD

We must open the PF_KEY socket before dropping privileges, otherwise the
socket creation will fail with permission problems.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
  • Loading branch information...
rzalamena authored and mwinter-osr committed Dec 21, 2018
1 parent 4a36086 commit c6cc79445d39521eaa9485516d127d5a30e39c66
Showing with 10 additions and 8 deletions.
  1. +10 −8 ldpd/ldpe.c
@@ -139,6 +139,16 @@ ldpe(void)
void
ldpe_init(struct ldpd_init *init)
{
#ifdef __OpenBSD__
/* This socket must be open before dropping privileges. */
global.pfkeysock = pfkey_init();
if (sysdep.no_pfkey == 0) {
pfkey_ev = NULL;
thread_add_read(master, ldpe_dispatch_pfkey, NULL, global.pfkeysock,
&pfkey_ev);
}
#endif

/* drop privileges */
ldpe_privs.user = init->user;
ldpe_privs.group = init->group;
@@ -159,14 +169,6 @@ ldpe_init(struct ldpd_init *init)
fatal("inet_pton");
if (inet_pton(AF_INET6, AllRouters_v6, &global.mcast_addr_v6) != 1)
fatal("inet_pton");
#ifdef __OpenBSD__
global.pfkeysock = pfkey_init();
if (sysdep.no_pfkey == 0) {
pfkey_ev = NULL;
thread_add_read(master, ldpe_dispatch_pfkey, NULL, global.pfkeysock,
&pfkey_ev);
}
#endif

/* mark sockets as closed */
global.ipv4.ldp_disc_socket = -1;

0 comments on commit c6cc794

Please sign in to comment.
You can’t perform that action at this time.