mirrors/bird
mirrors/bird
0
0
Fork 0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-11-08 20:28:43 +00:00
Code Releases Activity

IO: Avoid re-binding accepted sockets to VRF

Browse Source 
When VRFs are used, BIRD correctly binds listening (and connecting)
sockets to their VRFs but also re-binds accepted sockets to the same VRF.
This is not needed as the interface bind is inherited in this case, and
indeed this redundant bind causes an -EPERM if BIRD is running as
non-root making BIRD close the connection and reject the peer.

Thanks to Christian Svensson for the original patch and Alexander Zubkov
for suggestions.
This commit is contained in:
Ondrej Zajicek 2024-07-30 16:33:51 +02:00 committed by Vojtech Vilimek
parent 08ff0af898
commit 130da72203
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sysdep/unix/io.c
View File

@ -971,10 +971,11 @@ sk_setup(sock *s)
}
#endif
if (s->vrf && !s->iface)
if (s->vrf && !s->iface && (s->type != SK_TCP))
{
/* Bind socket to associated VRF interface.
This is Linux-specific, but so is SO_BINDTODEVICE. */
This is Linux-specific, but so is SO_BINDTODEVICE.
For accepted TCP sockets it is inherited from the listening one. */
#ifdef SO_BINDTODEVICE
struct ifreq ifr = {};
strcpy(ifr.ifr_name, s->vrf->name);