Created attachment 182180 [details]
Patch to parms.c
In the process of starting in main() routed gets
rt_sock = socket(AF_ROUTE, SOCK_RAW, 0);
which on my test system is the first socket to be opened, and hence rt_sock is 0.
A little further down main() we call gwkludge(), which parses the /etc/gateways file and adds fake interfaces for passive networks.
Then, still in msin() we call ifinit() which looks through the interfaces known and turns on router discovery and RIP
In the rip_on() function for any interfaces that are having RIP turned on any query sockets are closed
The problem is that when the fake interface was created memset was used to clear the struct interface, but the member int_rip_sock is never initialised. Therefore, when the loop iterates over the interfaces to turn RIP on it finds a positive number (0) and closes the socket - inadvertantly closing the rt_sock by mistake.
Patch attached initialises that member to -1, an invalid socket number.