+2396. [bug] Don't set SO_REUSEADDR for randomized ports.
+ [RT #18336]
+
--- 9.3.5-P1 released ---
2375. [security] Fully randomize UDP query ports to improve
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dighost.c,v 1.221.2.19.2.46 2008/01/17 23:45:26 tbox Exp $ */
+/* $Id: dighost.c,v 1.221.2.19.2.46.4.1 2008/07/22 04:16:13 marka Exp $ */
/*
* Notice to programmers: Do not use this code as an example of how to
sockcount++;
debug("sockcount=%d", sockcount);
if (specified_source)
- result = isc_socket_bind(query->sock, &bind_address);
+ result = isc_socket_bind(query->sock, &bind_address, 1);
else {
if ((isc_sockaddr_pf(&query->sockaddr) == AF_INET) &&
have_ipv4)
isc_sockaddr_any(&bind_any);
else
isc_sockaddr_any6(&bind_any);
- result = isc_socket_bind(query->sock, &bind_any);
+ result = isc_socket_bind(query->sock, &bind_any, 0);
}
check_result(result, "isc_socket_bind");
bringup_timer(query, TCP_TIMEOUT);
sockcount++;
debug("sockcount=%d", sockcount);
if (specified_source) {
- result = isc_socket_bind(query->sock, &bind_address);
+ result = isc_socket_bind(query->sock,
+ &bind_address, 1);
} else {
isc_sockaddr_anyofpf(&bind_any,
isc_sockaddr_pf(&query->sockaddr));
- result = isc_socket_bind(query->sock, &bind_any);
+ result = isc_socket_bind(query->sock, &bind_any, 0);
}
check_result(result, "isc_socket_bind");
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: controlconf.c,v 1.28.2.9.2.13 2008/01/17 23:45:27 tbox Exp $ */
+/* $Id: controlconf.c,v 1.28.2.9.2.13.4.1 2008/07/22 04:16:13 marka Exp $ */
#include <config.h>
if (result == ISC_R_SUCCESS)
result = isc_socket_bind(listener->sock,
- &listener->address);
+ &listener->address, 1);
if (result == ISC_R_SUCCESS)
result = control_listen(listener);
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: interfacemgr.c,v 1.59.2.5.8.21 2007/08/28 07:19:08 tbox Exp $ */
+/* $Id: interfacemgr.c,v 1.59.2.5.8.21.4.1 2008/07/22 04:16:13 marka Exp $ */
#include <config.h>
#ifndef ISC_ALLOW_MAPPED
isc_socket_ipv6only(ifp->tcpsocket, ISC_TRUE);
#endif
- result = isc_socket_bind(ifp->tcpsocket, &ifp->addr);
+ result = isc_socket_bind(ifp->tcpsocket, &ifp->addr, 1);
if (result != ISC_R_SUCCESS) {
isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_ERROR,
"binding TCP socket: %s",
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: lwresd.c,v 1.37.2.2.2.8 2006/02/28 06:32:53 marka Exp $ */
+/* $Id: lwresd.c,v 1.37.2.2.2.8.14.1 2008/07/22 04:16:13 marka Exp $ */
/*
* Main program for the Lightweight Resolver Daemon.
return (result);
}
- result = isc_socket_bind(sock, &listener->address);
+ result = isc_socket_bind(sock, &listener->address, 1);
if (result != ISC_R_SUCCESS) {
char socktext[ISC_SOCKADDR_FORMATSIZE];
isc_sockaddr_format(&listener->address, socktext,
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: sig0_test.c,v 1.9.12.8 2007/08/28 07:19:09 tbox Exp $ */
+/* $Id: sig0_test.c,v 1.9.12.8.4.1 2008/07/22 04:16:13 marka Exp $ */
#include <config.h>
isc_buffer_usedregion(&qbuffer, &r);
isc_sockaddr_any(&sa);
- result = isc_socket_bind(s, &sa);
+ result = isc_socket_bind(s, &sa, 0);
CHECK("isc_socket_bind", result);
result = isc_socket_sendto(s, &r, task1, senddone, NULL, &address,
NULL);
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: sock_test.c,v 1.47.12.7 2007/08/28 07:19:09 tbox Exp $ */
+/* $Id: sock_test.c,v 1.47.12.7.4.1 2008/07/22 04:16:13 marka Exp $ */
#include <config.h>
}
RUNTIME_CHECK(isc_socket_create(socketmgr, pf, isc_sockettype_tcp,
&so1) == ISC_R_SUCCESS);
- result = isc_socket_bind(so1, &sockaddr);
+ result = isc_socket_bind(so1, &sockaddr, 1);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
RUNTIME_CHECK(isc_socket_listen(so1, 0) == ISC_R_SUCCESS);
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dispatch.c,v 1.101.2.6.2.21.4.1 2008/05/22 21:11:15 each Exp $ */
+/* $Id: dispatch.c,v 1.101.2.6.2.21.4.2 2008/07/22 04:16:13 marka Exp $ */
#include <config.h>
static isc_result_t
create_socket(isc_socketmgr_t *mgr, isc_sockaddr_t *local,
- isc_socket_t **sockp)
+ int reuseaddr, isc_socket_t **sockp)
{
isc_socket_t *sock;
isc_result_t result;
#ifndef ISC_ALLOW_MAPPED
isc_socket_ipv6only(sock, ISC_TRUE);
#endif
- result = isc_socket_bind(sock, local);
+ result = isc_socket_bind(sock, local, reuseaddr);
if (result != ISC_R_SUCCESS) {
isc_socket_detach(&sock);
return (result);
attributes &= ~DNS_DISPATCHATTR_RANDOMPORT;
goto getsocket;
}
- result = create_socket(sockmgr, &localaddr_bound, &sock);
+ result = create_socket(sockmgr, &localaddr_bound, 0, &sock);
if (result == ISC_R_ADDRINUSE) {
if (++k == 1024)
attributes &= ~DNS_DISPATCHATTR_RANDOMPORT;
}
localport = prt;
} else
- result = create_socket(sockmgr, localaddr, &sock);
+ result = create_socket(sockmgr, localaddr, 1, &sock);
if (result != ISC_R_SUCCESS)
goto deallocate_dispatch;
if ((attributes & DNS_DISPATCHATTR_RANDOMPORT) == 0 &&
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: request.c,v 1.64.2.1.10.12 2007/08/28 07:19:13 tbox Exp $ */
+/* $Id: request.c,v 1.64.2.1.10.12.4.1 2008/07/22 04:16:13 marka Exp $ */
#include <config.h>
if (srcaddr == NULL) {
isc_sockaddr_anyofpf(&bind_any,
isc_sockaddr_pf(destaddr));
- result = isc_socket_bind(socket, &bind_any);
+ result = isc_socket_bind(socket, &bind_any, 0);
} else {
src = *srcaddr;
isc_sockaddr_setport(&src, 0);
- result = isc_socket_bind(socket, &src);
+ result = isc_socket_bind(socket, &src, 0);
}
if (result != ISC_R_SUCCESS)
goto cleanup;
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: resolver.c,v 1.218.2.18.4.77.2.1 2008/05/22 21:11:15 each Exp $ */
+/* $Id: resolver.c,v 1.218.2.18.4.77.2.2 2008/07/22 04:16:13 marka Exp $ */
#include <config.h>
goto cleanup_query;
#ifndef BROKEN_TCP_BIND_BEFORE_CONNECT
- result = isc_socket_bind(query->tcpsocket, &addr);
+ result = isc_socket_bind(query->tcpsocket, &addr, 0);
if (result != ISC_R_SUCCESS)
goto cleanup_socket;
#endif
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: xfrin.c,v 1.124.2.4.2.21 2007/10/31 01:59:03 marka Exp $ */
+/* $Id: xfrin.c,v 1.124.2.4.2.21.4.1 2008/07/22 04:16:14 marka Exp $ */
#include <config.h>
isc_sockettype_tcp,
&xfr->socket));
#ifndef BROKEN_TCP_BIND_BEFORE_CONNECT
- CHECK(isc_socket_bind(xfr->socket, &xfr->sourceaddr));
+ CHECK(isc_socket_bind(xfr->socket, &xfr->sourceaddr, 1));
#endif
CHECK(isc_socket_connect(xfr->socket, &xfr->masteraddr, xfr->task,
xfrin_connect_done, xfr));
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: socket.h,v 1.54.12.7 2007/08/28 07:19:15 tbox Exp $ */
+/* $Id: socket.h,v 1.54.12.7.4.1 2008/07/22 04:16:14 marka Exp $ */
#ifndef ISC_SOCKET_H
#define ISC_SOCKET_H 1
*/
isc_result_t
-isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *addressp);
+isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *addressp, int reuseaddr);
/*
* Bind 'socket' to '*addressp'.
*
*
* 'socket' is a valid, bound TCP socket.
*
+ * \li 'reuseaddr' asks to set SO_REUSEADDR (if the port is not 0).
+
* Returns:
*
* ISC_R_SUCCESS
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: socket.c,v 1.207.2.19.2.35 2008/01/27 02:06:07 marka Exp $ */
+/* $Id: socket.c,v 1.207.2.19.2.35.4.1 2008/07/22 04:16:14 marka Exp $ */
#include <config.h>
}
isc_result_t
-isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr) {
+isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr, int reuseaddr) {
char strbuf[ISC_STRERRORSIZE];
int on = 1;
/*
* Only set SO_REUSEADDR when we want a specific port.
*/
- if (isc_sockaddr_getport(sockaddr) != (in_port_t)0 &&
+ if (reuseaddr &&
+ isc_sockaddr_getport(sockaddr) != (in_port_t)0 &&
setsockopt(sock->fd, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
sizeof(on)) < 0) {
UNEXPECTED_ERROR(__FILE__, __LINE__,
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: socket.c,v 1.5.2.13.2.24 2007/08/28 07:19:17 tbox Exp $ */
+/* $Id: socket.c,v 1.5.2.13.2.24.4.1 2008/07/22 04:16:14 marka Exp $ */
/* This code has been rewritten to take advantage of Windows Sockets
* I/O Completion Ports and Events. I/O Completion Ports is ONLY
}
isc_result_t
-isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr) {
+isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr, int reuseaddr) {
int bind_errno;
char strbuf[ISC_STRERRORSIZE];
int on = 1;
/*
* Only set SO_REUSEADDR when we want a specific port.
*/
- if (isc_sockaddr_getport(sockaddr) != (in_port_t)0 &&
+ if (reuseaddr &&
+ isc_sockaddr_getport(sockaddr) != (in_port_t)0 &&
setsockopt(sock->fd, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
sizeof(on)) < 0) {
UNEXPECTED_ERROR(__FILE__, __LINE__,
projects / thirdparty / bind9.git / commitdiff
