delay creating the control socket until after forking, but before chroot

(lives in /var/run, i. e. outside chroot) and privdrop.
claudio ok

2 files changed, 7 insertions, 7 deletions

diff --git a/usr.sbin/bgpd/bgpd.c b/usr.sbin/bgpd/bgpd.c
index 9eb31212719..3240a9ddea6 100644
--- a/usr.sbin/bgpd/bgpd.c
+++ b/usr.sbin/bgpd/bgpd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bgpd.c,v 1.87 2004/03/12 16:21:34 henning Exp $ */
+/*	$OpenBSD: bgpd.c,v 1.88 2004/03/16 12:06:43 henning Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -104,7 +104,7 @@ main(int argc, char *argv[])
 	pid_t			 io_pid = 0, rde_pid = 0, pid;
 	char			*conffile;
 	int			 debug = 0;
-	int			 ch, csock, i, j, n, nfds, timeout;
+	int			 ch, i, j, n, nfds, timeout;
 	int			 pipe_m2s[2];
 	int			 pipe_m2r[2];
 	int			 pipe_s2r[2];
@@ -191,9 +191,6 @@ main(int argc, char *argv[])
 	    fcntl(pipe_s2r[1], F_SETFL, O_NONBLOCK) == -1)
 		fatal("fcntl");
 
-	if ((csock = control_init()) == -1)
-		fatalx("control socket setup failed");
-
 	/* fork children */
 	rde_pid = rde_main(&conf, peer_l, &net_l, rules_l, &mrt_l,
 	    pipe_m2r, pipe_s2r);
@@ -213,7 +210,6 @@ main(int argc, char *argv[])
 	close(pipe_m2r[1]);
 	close(pipe_s2r[0]);
 	close(pipe_s2r[1]);
-	close(csock);
 
 	imsg_init(&ibuf_se, pipe_m2s[0]);
 	imsg_init(&ibuf_rde, pipe_m2r[0]);
diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c
index 6f6d65546ae..8c3db943a14 100644
--- a/usr.sbin/bgpd/session.c
+++ b/usr.sbin/bgpd/session.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: session.c,v 1.136 2004/03/15 11:48:04 henning Exp $ */
+/*	$OpenBSD: session.c,v 1.137 2004/03/16 12:06:42 henning Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -166,6 +166,10 @@ session_main(struct bgpd_config *config, struct peer *cpeers,
 		return (pid);
 	}
 
+	/* control socket is outside chroot */
+	if ((csock = control_init()) == -1)
+		fatalx("control socket setup failed");
+
 	if ((pw = getpwnam(BGPD_USER)) == NULL)
 		fatal(NULL);