diff options
| author | David Lamparter <equinox@opensourcerouting.org> | 2018-08-10 18:36:43 +0200 |
|---|---|---|
| committer | Quentin Young <qlyoung@cumulusnetworks.com> | 2018-08-14 22:02:05 +0200 |
| commit | 01b9e3fd0d354d7d4c60b1c0240f269a4fd08990 (patch) | |
| tree | 7758a10d2c803e86348e04e908f73b63c0048b96 /zebra/ioctl.c | |
| parent | lib: add frr_elevate_privs() wrapper (diff) | |
| download | frr-01b9e3fd0d354d7d4c60b1c0240f269a4fd08990.tar.xz frr-01b9e3fd0d354d7d4c60b1c0240f269a4fd08990.zip | |
*: use frr_elevate_privs() (1/2: coccinelle)
Signed-off-by: David Lamparter <equinox@diac24.net>
Diffstat (limited to 'zebra/ioctl.c')
| -rw-r--r-- | zebra/ioctl.c | 77 |
1 files changed, 29 insertions, 48 deletions
diff --git a/zebra/ioctl.c b/zebra/ioctl.c index 4804d42fd..0469bc38c 100644 --- a/zebra/ioctl.c +++ b/zebra/ioctl.c @@ -55,22 +55,16 @@ int if_ioctl(unsigned long request, caddr_t buffer) int ret; int err = 0; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - sock = socket(AF_INET, SOCK_DGRAM, 0); - if (sock < 0) { - int save_errno = errno; - - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - flog_err_sys(LIB_ERR_SOCKET, "Cannot create UDP socket: %s", - safe_strerror(save_errno)); - exit(1); + frr_elevate_privs(&zserv_privs) { + sock = socket(AF_INET, SOCK_DGRAM, 0); + if (sock < 0) { + zlog_err("Cannot create UDP socket: %s", + safe_strerror(errno)); + exit(1); + } + if ((ret = ioctl(sock, request, buffer)) < 0) + err = errno; } - if ((ret = ioctl(sock, request, buffer)) < 0) - err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); close(sock); if (ret < 0) { @@ -87,23 +81,17 @@ int vrf_if_ioctl(unsigned long request, caddr_t buffer, vrf_id_t vrf_id) int ret; int err = 0; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - sock = vrf_socket(AF_INET, SOCK_DGRAM, 0, vrf_id, NULL); - if (sock < 0) { - int save_errno = errno; - - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - flog_err_sys(LIB_ERR_SOCKET, "Cannot create UDP socket: %s", - safe_strerror(save_errno)); - exit(1); + frr_elevate_privs(&zserv_privs) { + sock = vrf_socket(AF_INET, SOCK_DGRAM, 0, vrf_id, NULL); + if (sock < 0) { + zlog_err("Cannot create UDP socket: %s", + safe_strerror(errno)); + exit(1); + } + ret = vrf_ioctl(vrf_id, sock, request, buffer); + if (ret < 0) + err = errno; } - ret = vrf_ioctl(vrf_id, sock, request, buffer); - if (ret < 0) - err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); close(sock); if (ret < 0) { @@ -120,24 +108,17 @@ static int if_ioctl_ipv6(unsigned long request, caddr_t buffer) int ret; int err = 0; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - sock = socket(AF_INET6, SOCK_DGRAM, 0); - if (sock < 0) { - int save_errno = errno; - - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - flog_err_sys(LIB_ERR_SOCKET, - "Cannot create IPv6 datagram socket: %s", - safe_strerror(save_errno)); - exit(1); - } + frr_elevate_privs(&zserv_privs) { + sock = socket(AF_INET6, SOCK_DGRAM, 0); + if (sock < 0) { + zlog_err("Cannot create IPv6 datagram socket: %s", + safe_strerror(errno)); + exit(1); + } - if ((ret = ioctl(sock, request, buffer)) < 0) - err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); + if ((ret = ioctl(sock, request, buffer)) < 0) + err = errno; + } close(sock); if (ret < 0) { |