From luigi@prova.iet.unipi.it  Sat Aug 22 03:18:13 1998
Received: from prova.iet.unipi.it (prova.iet.unipi.it [131.114.9.236])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA15358
          for <FreeBSD-gnats-submit@freebsd.org>; Sat, 22 Aug 1998 03:18:12 -0700 (PDT)
          (envelope-from luigi@prova.iet.unipi.it)
Received: (from luigi@localhost)
	by prova.iet.unipi.it (8.8.8/8.8.8) id KAA00468;
	Sat, 22 Aug 1998 10:20:46 GMT
	(envelope-from luigi)
Message-Id: <199808221020.KAA00468@prova.iet.unipi.it>
Date: Sat, 22 Aug 1998 10:20:46 GMT
From: Luigi Rizzo <luigi@prova.iet.unipi.it>
Reply-To: luigi@prova.iet.unipi.it
To: FreeBSD-gnats-submit@freebsd.org
Subject: problem with reusing ports with multicast
X-Send-Pr-Version: 3.2

>Number:         7713
>Category:       kern
>Synopsis:       [MFC] problem with reusing ports with multicast
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    fenner
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Aug 22 03:20:01 PDT 1998
>Closed-Date:    Tue Jul 20 00:23:51 PDT 1999
>Last-Modified:  Tue Jul 20 00:25:26 PDT 1999
>Originator:     Luigi Rizzo
>Release:        FreeBSD 2.2.7-RELEASE i386
>Organization:
DEIT
>Environment:

	all versions starting at least from 2.2.6, with
	multicast enabled.

>Description:

some time ago, presumably importing a fix from netbsd, a fix was
applied to the FreeBSD networking code that prevented a process to
reuse the same port unless it was the same uid as the previous owner,
or it was superuser.

While this might make some sense for unicast, it makes absolutely
no sense for multicast where multiple receivers for the same data are
the normal way of operation. It is actually harmful since e.g. it
prevents multiple sdr sessions being run from different users on the
same machine.

The following diff fixes the problem. Would you mind looking at it and
possibly committing it ?

>How-To-Repeat:

    try run multiple instances of sdr (or other multicast receivers,
    e.g. vic i think) as different non-root users on the same machine.

>Fix:
	
diff -ubwr /usr/CVS-luigi-checkout/src/sys/netinet/in_pcb.c /mnt/src/sys/netinet.luigi/in_pcb.c
--- /usr/CVS-luigi-checkout/src/sys/netinet/in_pcb.c	Mon Mar  2 07:58:17 1998
+++ /mnt/src/sys/netinet.luigi/in_pcb.c	Mon Jun  1 08:36:58 1998
@@ -190,7 +190,8 @@
 			if (ntohs(lport) < IPPORT_RESERVED &&
 			    (error = suser(p->p_ucred, &p->p_acflag)))
 				return (EACCES);
-			if (so->so_uid) {
+			if (so->so_uid &&
+			    !IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) ) {
 				t = in_pcblookup(inp->inp_pcbinfo, zeroin_addr,
 				    0, sin->sin_addr, lport,
 				    INPLOOKUP_WILDCARD);

>Release-Note:
>Audit-Trail:

From: Bill Fenner <fenner@parc.xerox.com>
To: luigi@prova.iet.unipi.it
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: kern/7713: problem with reusing ports with multicast 
Date: Sat, 22 Aug 1998 10:29:41 PDT

 This is only a partial fix; INADDR_ANY has to work too for multicast.
 
 I worked with Guido a while ago to come up with a more complete solution
 and then I dropped the ball on finishing testing it.
 
   Bill

From: Bill Fenner <fenner@FreeBSD.ORG>
To: freebsd-gnats-submit@FreeBSD.org, luigi@prova.iet.unipi.it
Cc:  Subject: Re: kern/7713: problem with reusing ports with multicast
Date: Tue, 15 Sep 1998 16:50:50 -0700 (PDT)

 I think this patch is more complete, as it allows different users to
 bind INADDR_ANY as long as SO_REUSEPORT is set.  Unicast applications
 don't set SO_REUSEPORT, so will still be protected, while multicast
 applications that bind to INADDR_ANY will still be allowed to be run
 by different uid's.
 
   Bill
 
 cvs diff: Diffing .
 Index: in_pcb.c
 ===================================================================
 RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v
 retrieving revision 1.44
 diff -u -r1.44 in_pcb.c
 --- in_pcb.c	1998/05/15 20:11:32	1.44
 +++ in_pcb.c	1998/09/15 22:54:27
 @@ -197,10 +197,16 @@
  			if (ntohs(lport) < IPPORT_RESERVED && p &&
  			    suser(p->p_ucred, &p->p_acflag))
  				return (EACCES);
 -			if (so->so_uid) {
 +			if (so->so_uid &&
 +			    !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
  				t = in_pcblookup_local(inp->inp_pcbinfo,
  				    sin->sin_addr, lport, INPLOOKUP_WILDCARD);
 -				if (t && (so->so_uid != t->inp_socket->so_uid))
 +				if (t &&
 +				    (ntohl(sin->sin_addr.s_addr) != INADDR_ANY ||
 +				     ntohl(t->inp_laddr.s_addr) != INADDR_ANY ||
 +				     (t->inp_socket->so_options &
 +					 SO_REUSEPORT) == 0) &&
 +				    (so->so_uid != t->inp_socket->so_uid))
  					return (EADDRINUSE);
  			}
  			t = in_pcblookup_local(pcbinfo, sin->sin_addr,
State-Changed-From-To: open->suspended 
State-Changed-By: fenner 
State-Changed-When: Thu Sep 17 11:58:12 PDT 1998 
State-Changed-Why:  
Fixed in rev 1.45 of netinet/in_pcb.c 


Responsible-Changed-From-To: freebsd-bugs->fenner 
Responsible-Changed-By: fenner 
Responsible-Changed-When: Thu Sep 17 11:58:12 PDT 1998 
Responsible-Changed-Why:  
fenner will merge after more testing 

From: Nick Hibma <nick.hibma@jrc.it>
To: freebsd-gnats-submit@freebsd.org, luigi@prova.iet.unipi.it,
	fenner@freebsd.org
Cc:  
Subject: Re: kern/7713: [MFC] problem with reusing ports with multicast
Date: Tue, 13 Jul 1999 14:46:45 +0200

 Has this ever been done? Will this be done? Can this PR be closed?
 
 Nick
 -- 
 ISIS/STA, T.P.270, Joint Research Centre, 21020 Ispra, Italy
 

From: Luigi Rizzo <luigi@iet.unipi.it>
To: nick.hibma@jrc.it (Nick Hibma)
Cc: freebsd-gnats-submit@freebsd.org, fenner@freebsd.org
Subject: Re: kern/7713: [MFC] problem with reusing ports with multicast
Date: Mon, 19 Jul 1999 08:30:34 +0200 (CEST)

 > Has this ever been done? Will this be done? Can this PR be closed?
 
 don't know, just assign it to me so i can fix it later.
 
 	cheers
 	luigi
 
 

From: Bill Fenner <fenner@research.att.com>
To: luigi@iet.unipi.it
Cc: nick.hibma@jrc.it, freebsd-gnats-submit@freebsd.org
Subject: Re: kern/7713: [MFC] problem with reusing ports with multicast
Date: Mon, 19 Jul 1999 11:29:38 -0700

 It's in 3.0, so unless someone thinks it should be merged to 2.2 then
 it should be closed.
 
   Bill
 
State-Changed-From-To: suspended->closed 
State-Changed-By: n_hibma 
State-Changed-When: Tue Jul 20 00:23:51 PDT 1999 
State-Changed-Why:  
The problem has been fixed in 3.0. 2.2.x is no longer supported. This sounds 
like too drastic a change to be eligible for back porting. 
>Unformatted:
