Re: bind_socket uses SO_REUSEADDR

[Aris Adamantiadis <aris@xxxxxxxxxxxx>]

Hi,

If SO_REUSEADDR behaves badly on windows, and lack of SO_REUSEADDR
doesn't have any negative impact like it has on unix, then we can put it
in a #ifndef WIN32

Aris

On 23/06/17 11:49, Игорь Коваленко wrote:
> Hi,
> >Are you mistaking it with SO_REUSEPORT ?
> Yes and no. I'm more a Windows developer and there is no SO_REUSEPORT
> on Windows but SO_REUSEADDR behaves like setting SO_REUSEPORT and
> SO_REUSEADDR on a socket in BSD
> (https://stackoverflow.com/questions/14388706/socket-options-so-reuseaddr-and-so-reuseport-how-do-they-differ-do-they-mean-t).
> Also here is the quote from MSDN about using SO_REUSEADDR
> (https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms740621(v=vs.85).aspx
> <https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms740621%28v=vs.85%29.aspx>):
> "The *SO_REUSEADDR* socket option allows a socket to forcibly bind to
> a port in use by another socket. The second socket calls *setsockopt*
> <https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms740476%28v=vs.85%29.aspx> with
> the /optname/ parameter set to *SO_REUSEADDR* and
> the /optval/ parameter set to a boolean value of *TRUE* before
> calling *bind*
> <https://msdn.microsoft.com/ru-ru/library/windows/desktop/ms737550%28v=vs.85%29.aspx> on
> the same port as the original socket. Once the second socket has
> successfully bound, the behavior for all sockets bound to that port is
> indeterminate. For example, if all of the sockets on the same port
> provide TCP service, any incoming TCP connection requests over the
> port cannot be guaranteed to be handled by the correct socket — the
> behavior is non-deterministic. A malicious program can
> use *SO_REUSEADDR* to forcibly bind sockets already in use for
> standard network protocol services in order to deny access to those
> service. No special privileges are required to use this option."
>
> пт, 23 июн. 2017 г. в 12:11, Aris Adamantiadis <aris@xxxxxxxxxxxx
> <mailto:aris@xxxxxxxxxxxx>>:
>
>     Hi,
>
>     The reason we use SO_REUSEADDR is not to start two servers on the same
>     port. Actually that wouldn't work, the port would be marked as busy
>     until the application is closed. This flag is important because
>     without
>     it, it can take a few minutes after the server exited or was killed
>     before we can bind again to the same port. It's a stupid legacy
>     from BSD
>     sockets and I not aware of a single server that does not use it.
>     This links describes what happens without it:
>     https://stackoverflow.com/questions/24194961/how-do-i-use-setsockoptso-reuseaddr
>
>     Are you mistaking it with SO_REUSEPORT ?
>
>            *SO_REUSEPORT *(since Linux 3.9)
>                   Permits multiple *AF_INET *or *AF_INET6 *sockets to
>     be bound to an
>                   identical socket address.  This option must be set
>     on each
>                   socket (including the first socket) prior to calling
>     bind(2) <http://man7.org/linux/man-pages/man2/bind.2.html>
>                   on the socket.  To prevent port hijacking, all of the
>                   processes binding to the same address must have the same
>                   effective UID.  This option can be employed with
>     both TCP and
>                   UDP sockets.
>
>     If you have very specific needs about the port binding,
>     ssh_bind_set_fd() is the way to go
>     Aris
>
>
>     On 23/06/17 10:53, Игорь Коваленко wrote:
>     > Hello!
>     > I'm developing an ssh server and I came to the following problem.
>     > In bind_socket functional hard coded using SO_REUSEADDR socket
>     > option. Why is that so?
>     > Because of that it is possible to start two servers on the same port
>     > which I don't need.
>     > What alternatives do I have? I see the following:
>     > - to add new SSH_BIND_OPTIONS_REUSEADDR or something like that
>     (but I
>     > need to change libssh for that)
>     > - to use ssh_bind_set_fd with a socket created by myself
>     > - something else?
>     >
>
>
>