[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bind_socket uses SO_REUSEADDR
[Thread Prev] | [Thread Next]
- Subject: Re: bind_socket uses SO_REUSEADDR
- From: Игорь Коваленко <igor.a.kovalenko@xxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Fri, 23 Jun 2017 09:49:50 +0000
- To: libssh@xxxxxxxxxx
Hi, >Are you mistaking it with SO_REUSEPORT ? Yes and no. I'm more a Windows developer and there is no SO_REUSEPORT on Windows but SO_REUSEADDR behaves like setting SO_REUSEPORT and SO_REUSEADDR on a socket in BSD ( https://stackoverflow.com/questions/14388706/socket-options-so-reuseaddr-and-so-reuseport-how-do-they-differ-do-they-mean-t ). Also here is the quote from MSDN about using SO_REUSEADDR ( https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms740621(v=vs.85).aspx ): "The *SO_REUSEADDR* socket option allows a socket to forcibly bind to a port in use by another socket. The second socket calls *setsockopt* <https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms740476(v=vs.85).aspx> with the *optname* parameter set to *SO_REUSEADDR* and the *optval* parameter set to a boolean value of *TRUE* before calling *bind* <https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms737550(v=vs.85).aspx> on the same port as the original socket. Once the second socket has successfully bound, the behavior for all sockets bound to that port is indeterminate. For example, if all of the sockets on the same port provide TCP service, any incoming TCP connection requests over the port cannot be guaranteed to be handled by the correct socket — the behavior is non-deterministic. A malicious program can use *SO_REUSEADDR* to forcibly bind sockets already in use for standard network protocol services in order to deny access to those service. No special privileges are required to use this option." пт, 23 июн. 2017 г. в 12:11, Aris Adamantiadis <aris@xxxxxxxxxxxx>: > Hi, > > The reason we use SO_REUSEADDR is not to start two servers on the same > port. Actually that wouldn't work, the port would be marked as busy > until the application is closed. This flag is important because without > it, it can take a few minutes after the server exited or was killed > before we can bind again to the same port. It's a stupid legacy from BSD > sockets and I not aware of a single server that does not use it. > This links describes what happens without it: > > https://stackoverflow.com/questions/24194961/how-do-i-use-setsockoptso-reuseaddr > > Are you mistaking it with SO_REUSEPORT ? > > *SO_REUSEPORT *(since Linux 3.9) > Permits multiple *AF_INET *or *AF_INET6 *sockets to be bound > to an > identical socket address. This option must be set on each > socket (including the first socket) prior to calling bind(2) > <http://man7.org/linux/man-pages/man2/bind.2.html> > on the socket. To prevent port hijacking, all of the > processes binding to the same address must have the same > effective UID. This option can be employed with both TCP and > UDP sockets. > > If you have very specific needs about the port binding, > ssh_bind_set_fd() is the way to go > Aris > > > On 23/06/17 10:53, Игорь Коваленко wrote: > > Hello! > > I'm developing an ssh server and I came to the following problem. > > In bind_socket functional hard coded using SO_REUSEADDR socket > > option. Why is that so? > > Because of that it is possible to start two servers on the same port > > which I don't need. > > What alternatives do I have? I see the following: > > - to add new SSH_BIND_OPTIONS_REUSEADDR or something like that (but I > > need to change libssh for that) > > - to use ssh_bind_set_fd with a socket created by myself > > - something else? > > > > > >
Re: bind_socket uses SO_REUSEADDR | Aris Adamantiadis <aris@xxxxxxxxxxxx> |
bind_socket uses SO_REUSEADDR | Игорь Коваленко <igor.a.kovalenko@xxxxxxxxx> |
Re: bind_socket uses SO_REUSEADDR | Aris Adamantiadis <aris@xxxxxxxxxxxx> |