*: Modify zclient_init to require privs data

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
LabNConsulting · Oct 23, 2017 · 342213e · 342213e
1 parent 5cb6ce9
commit 342213e
Show file tree

Hide file tree

Showing 16 changed files with 35 additions and 16 deletions.
diff --git a/babeld/babel_zebra.c b/babeld/babel_zebra.c
@@ -238,7 +238,7 @@ babel_zebra_connected (struct zclient *zclient)
 void babelz_zebra_init(void)
 {
     zclient = zclient_new(master);
-    zclient_init(zclient, ZEBRA_ROUTE_BABEL, 0);
+    zclient_init(zclient, ZEBRA_ROUTE_BABEL, 0, &babeld_privs);
 
     zclient->zebra_connected = babel_zebra_connected;
     zclient->interface_add = babel_interface_add;

diff --git a/bgpd/bgp_zebra.c b/bgpd/bgp_zebra.c
@@ -1749,13 +1749,15 @@ static int bgp_zebra_process_local_macip(int command, struct zclient *zclient,
 		return bgp_evpn_local_macip_del(bgp, vni, &mac, &ip);
 }
 
+extern struct zebra_privs_t bgpd_privs;
+
 void bgp_zebra_init(struct thread_master *master)
 {
 	zclient_num_connects = 0;
 
 	/* Set default values. */
 	zclient = zclient_new(master);
-	zclient_init(zclient, ZEBRA_ROUTE_BGP, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_BGP, 0, &bgpd_privs);
 	zclient->zebra_connected = bgp_zebra_connected;
 	zclient->router_id_update = bgp_router_id_update;
 	zclient->interface_add = bgp_interface_add;

diff --git a/bgpd/rfapi/vnc_zebra.c b/bgpd/rfapi/vnc_zebra.c
@@ -883,6 +883,7 @@ int vnc_redistribute_unset(struct bgp *bgp, afi_t afi, int type)
 	return CMD_SUCCESS;
 }
 
+extern struct zebra_privs_t bgpd_privs;
 
 /*
  * Modeled after bgp_zebra.c'bgp_zebra_init()
@@ -892,7 +893,7 @@ void vnc_zebra_init(struct thread_master *master)
 {
 	/* Set default values. */
 	zclient_vnc = zclient_new(master);
-	zclient_init(zclient_vnc, ZEBRA_ROUTE_VNC, 0);
+	zclient_init(zclient_vnc, ZEBRA_ROUTE_VNC, 0, &bgpd_privs);
 
 	zclient_vnc->redistribute_route_add = vnc_zebra_read_route;
 	zclient_vnc->redistribute_route_del = vnc_zebra_read_route;

diff --git a/eigrpd/eigrp_zebra.c b/eigrpd/eigrp_zebra.c
@@ -103,7 +103,7 @@ void eigrp_zebra_init(void)
 {
 	zclient = zclient_new(master);
 
-	zclient_init(zclient, ZEBRA_ROUTE_EIGRP, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_EIGRP, 0, &eigrpd_privs);
 	zclient->zebra_connected = eigrp_zebra_connected;
 	zclient->router_id_update = eigrp_router_id_update_zebra;
 	zclient->interface_add = eigrp_interface_add;

diff --git a/isisd/isis_zebra.c b/isisd/isis_zebra.c
@@ -412,7 +412,7 @@ static void isis_zebra_connected(struct zclient *zclient)
 void isis_zebra_init(struct thread_master *master)
 {
 	zclient = zclient_new(master);
-	zclient_init(zclient, ZEBRA_ROUTE_ISIS, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_ISIS, 0, &isisd_privs);
 	zclient->zebra_connected = isis_zebra_connected;
 	zclient->router_id_update = isis_router_id_update_zebra;
 	zclient->interface_add = isis_zebra_if_add;

diff --git a/ldpd/lde.c b/ldpd/lde.c
@@ -77,7 +77,7 @@ struct thread_master *master;
 /* lde privileges */
 static zebra_capabilities_t _caps_p [] =
 {
-	/* none */
+	ZCAP_NET_ADMIN
 };
 
 static struct zebra_privs_t lde_privs =
@@ -1622,6 +1622,8 @@ zclient_sync_init(u_short instance)
 	zclient_sync->sock = -1;
 	zclient_sync->redist_default = ZEBRA_ROUTE_LDP;
 	zclient_sync->instance = instance;
+	zclient_sync->privs = &lde_privs;
+
 	while (zclient_socket_connect(zclient_sync) < 0) {
 		log_warnx("Error connecting synchronous zclient!");
 		sleep(1);

diff --git a/ldpd/ldp_zebra.c b/ldpd/ldp_zebra.c
@@ -507,12 +507,14 @@ ldp_zebra_connected(struct zclient *zclient)
 	    ZEBRA_ROUTE_ALL, 0, VRF_DEFAULT);
 }
 
+extern struct zebra_privs_t ldpd_privs;
+
 void
 ldp_zebra_init(struct thread_master *master)
 {
 	/* Set default values. */
 	zclient = zclient_new(master);
-	zclient_init(zclient, ZEBRA_ROUTE_LDP, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_LDP, 0, &ldpd_privs);
 
 	/* set callbacks */
 	zclient->zebra_connected = ldp_zebra_connected;

diff --git a/lib/zclient.c b/lib/zclient.c
@@ -35,6 +35,7 @@
 #include "table.h"
 #include "nexthop.h"
 #include "mpls.h"
+#include "sockopt.h"
 
 DEFINE_MTYPE_STATIC(LIB, ZCLIENT, "Zclient")
 DEFINE_MTYPE_STATIC(LIB, REDIST_INST, "Redistribution instance IDs")
@@ -180,7 +181,8 @@ void zclient_reset(struct zclient *zclient)
 			&zclient->mi_redist[afi][zclient->redist_default],
 			zclient->instance);
 
-	zclient_init(zclient, zclient->redist_default, zclient->instance);
+	zclient_init(zclient, zclient->redist_default,
+		     zclient->instance, zclient->privs);
 }
 
 /**
@@ -202,6 +204,10 @@ int zclient_socket_connect(struct zclient *zclient)
 
 	set_cloexec(sock);
 
+	zclient->privs->change(ZPRIVS_RAISE);
+	setsockopt_so_sendbuf(sock, 1048576);
+	zclient->privs->change(ZPRIVS_LOWER);
+
 	/* Connect to zebra. */
 	ret = connect(sock, (struct sockaddr *)&zclient_addr,
 			zclient_addr_len);
@@ -543,12 +549,14 @@ int zclient_start(struct zclient *zclient)
 
 /* Initialize zebra client.  Argument redist_default is unwanted
    redistribute route type. */
-void zclient_init(struct zclient *zclient, int redist_default, u_short instance)
+void zclient_init(struct zclient *zclient, int redist_default,
+		  u_short instance, struct zebra_privs_t *privs)
 {
 	int afi, i;
 
 	/* Set -1 to the default socket value. */
 	zclient->sock = -1;
+	zclient->privs = privs;
 
 	/* Clear redistribution flags. */
 	for (afi = AFI_IP; afi < AFI_MAX; afi++)

diff --git a/lib/zclient.h b/lib/zclient.h
@@ -134,6 +134,9 @@ struct zclient {
 	/* The thread master we schedule ourselves on */
 	struct thread_master *master;
 
+	/* Priviledges to change socket values */
+	struct zebra_privs_t *privs;
+
 	/* Socket to zebra daemon. */
 	int sock;
 
@@ -315,7 +318,7 @@ struct zapi_pw_status {
 
 /* Prototypes of zebra client service functions. */
 extern struct zclient *zclient_new(struct thread_master *);
-extern void zclient_init(struct zclient *, int, u_short);
+extern void zclient_init(struct zclient *, int, u_short, struct zebra_privs_t *privs);
 extern int zclient_start(struct zclient *);
 extern void zclient_stop(struct zclient *);
 extern void zclient_reset(struct zclient *);

diff --git a/nhrpd/nhrp_route.c b/nhrpd/nhrp_route.c
@@ -325,7 +325,7 @@ void nhrp_zebra_init(void)
 	zclient->redistribute_route_add = nhrp_route_read;
 	zclient->redistribute_route_del = nhrp_route_read;
 
-	zclient_init(zclient, ZEBRA_ROUTE_NHRP, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_NHRP, 0, &nhrpd_privs);
 }
 
 void nhrp_zebra_terminate(void)

diff --git a/ospf6d/ospf6_zebra.c b/ospf6d/ospf6_zebra.c
@@ -584,7 +584,7 @@ void ospf6_zebra_init(struct thread_master *master)
 {
 	/* Allocate zebra structure. */
 	zclient = zclient_new(master);
-	zclient_init(zclient, ZEBRA_ROUTE_OSPF6, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_OSPF6, 0, &ospf6d_privs);
 	zclient->zebra_connected = ospf6_zebra_connected;
 	zclient->router_id_update = ospf6_router_id_update_zebra;
 	zclient->interface_add = ospf6_zebra_if_add;

diff --git a/ospfd/ospf_zebra.c b/ospfd/ospf_zebra.c
@@ -1472,7 +1472,7 @@ void ospf_zebra_init(struct thread_master *master, u_short instance)
 {
 	/* Allocate zebra structure. */
 	zclient = zclient_new(master);
-	zclient_init(zclient, ZEBRA_ROUTE_OSPF, instance);
+	zclient_init(zclient, ZEBRA_ROUTE_OSPF, instance, &ospfd_privs);
 	zclient->zebra_connected = ospf_zebra_connected;
 	zclient->router_id_update = ospf_router_id_update_zebra;
 	zclient->interface_add = ospf_interface_add;

diff --git a/pimd/pim_zebra.c b/pimd/pim_zebra.c
@@ -753,7 +753,7 @@ void pim_zebra_init(void)
 	zclient->interface_address_delete = pim_zebra_if_address_del;
 	zclient->nexthop_update = pim_parse_nexthop_update;
 
-	zclient_init(zclient, ZEBRA_ROUTE_PIM, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_PIM, 0, &pimd_privs);
 	if (PIM_DEBUG_PIM_TRACE) {
 		zlog_info("zclient_init cleared redistribution request");
 	}

diff --git a/pimd/pim_zlookup.c b/pimd/pim_zlookup.c
@@ -128,6 +128,7 @@ void zclient_lookup_new(void)
 
 	zlookup->sock = -1;
 	zlookup->t_connect = NULL;
+	zlookup->privs = &pimd_privs;
 
 	zclient_lookup_sched_now(zlookup);
 

diff --git a/ripd/rip_zebra.c b/ripd/rip_zebra.c
@@ -586,7 +586,7 @@ void rip_zclient_init(struct thread_master *master)
 {
 	/* Set default value to the zebra client structure. */
 	zclient = zclient_new(master);
-	zclient_init(zclient, ZEBRA_ROUTE_RIP, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_RIP, 0, &ripd_privs);
 	zclient->zebra_connected = rip_zebra_connected;
 	zclient->interface_add = rip_interface_add;
 	zclient->interface_delete = rip_interface_delete;

diff --git a/ripngd/ripng_zebra.c b/ripngd/ripng_zebra.c
@@ -414,7 +414,7 @@ void zebra_init(struct thread_master *master)
 {
 	/* Allocate zebra structure. */
 	zclient = zclient_new(master);
-	zclient_init(zclient, ZEBRA_ROUTE_RIPNG, 0);
+	zclient_init(zclient, ZEBRA_ROUTE_RIPNG, 0, &ripngd_privs);
 
 	zclient->zebra_connected = ripng_zebra_connected;
 	zclient->interface_up = ripng_interface_up;