From bd401e645200601ab9c25dab905425112f3cafc4 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Thu, 22 Mar 2007 16:06:22 +1100 Subject: [PATCH] Never set SO_REUSEADDR on a UDP socket. The effect is quite different from TCP sockets. For TCP, it allows you to listen for new connections even if there are outstanding old connections with the same local address. For UDP, it allows other people to steal your packets by binding to the same address. --- support/nfs/rpcmisc.c | 7 +++++-- support/nfs/svc_socket.c | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/support/nfs/rpcmisc.c b/support/nfs/rpcmisc.c index 5b0a88f..22ea62c 100644 --- a/support/nfs/rpcmisc.c +++ b/support/nfs/rpcmisc.c @@ -184,8 +184,11 @@ int makesock(int port, int proto) sin.sin_port = htons(port); val = 1; - if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)) < 0) - xlog(L_ERROR, "setsockopt failed: %s\n", strerror(errno)); + if (proto == IPPROTO_TCP) + if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, + &val, sizeof(val)) < 0) + xlog(L_ERROR, "setsockopt failed: %s\n", + strerror(errno)); #if 0 /* I was told it didn't work with gigabit ethernet. diff --git a/support/nfs/svc_socket.c b/support/nfs/svc_socket.c index 3307600..6799d16 100644 --- a/support/nfs/svc_socket.c +++ b/support/nfs/svc_socket.c @@ -162,7 +162,7 @@ svctcp_socket (u_long number, int reuse) int svcudp_socket (u_long number, int reuse) { - return svc_socket (number, SOCK_DGRAM, IPPROTO_UDP, reuse); + return svc_socket (number, SOCK_DGRAM, IPPROTO_UDP, 0); } #ifdef TEST -- 2.39.5