ldpd: fix startup on OpenBSD

We must open the PF_KEY socket before dropping privileges, otherwise the
socket creation will fail with permission problems.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>

diff --git a/ldpd/ldpe.c b/ldpd/ldpe.c
index 56af76d94eba7aa640f8b48497b9eced5c48bbb3..c16d92f28b9821365f82591086ecce616e0cd19b 100644 (file)
--- a/ldpd/ldpe.c
+++ b/ldpd/ldpe.c
@@ -139,6 +139,16 @@ ldpe(void)
 void
 ldpe_init(struct ldpd_init *init)
 {
+#ifdef __OpenBSD__
+       /* This socket must be open before dropping privileges. */
+       global.pfkeysock = pfkey_init();
+       if (sysdep.no_pfkey == 0) {
+               pfkey_ev = NULL;
+               thread_add_read(master, ldpe_dispatch_pfkey, NULL, global.pfkeysock,
+                               &pfkey_ev);
+       }
+#endif
+
        /* drop privileges */
        ldpe_privs.user = init->user;
        ldpe_privs.group = init->group;
@@ -159,14 +169,6 @@ ldpe_init(struct ldpd_init *init)
                fatal("inet_pton");
        if (inet_pton(AF_INET6, AllRouters_v6, &global.mcast_addr_v6) != 1)
                fatal("inet_pton");
-#ifdef __OpenBSD__
-       global.pfkeysock = pfkey_init();
-       if (sysdep.no_pfkey == 0) {
-               pfkey_ev = NULL;
-               thread_add_read(master, ldpe_dispatch_pfkey, NULL, global.pfkeysock,
-                               &pfkey_ev);
-       }
-#endif
 
        /* mark sockets as closed */
        global.ipv4.ldp_disc_socket = -1;