Attachment 682464 Details for Bug 894486 – Proposed patch from upstream

[patch] Proposed patch from upstream

bindtodevice.patch (text/plain), 1.33 KB, created by Tomáš Hozza on 2013-01-18 14:57:15 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Tomáš Hozza

Created: 2013-01-18 14:57:15 UTC

Size: 1.33 KB

patch

obsolete

>diff --git a/src/network.c b/src/network.c
>index 049cd17..2dcde1a 100644
>--- a/src/network.c
>+++ b/src/network.c
>@@ -555,6 +555,21 @@ void create_bound_listeners(int dienow)
> 	new->next = daemon->listeners;
> 	daemon->listeners = new;
> 	iface->done = 1;
>+
>+#if defined(SO_BINDTODEVICE)
>+	/* This is needed to stop TCP connections to the address of an interface on which
>+	   we are listening, via an interface we should ignore. */
>+	if (option_bool(OPT_CLEVERBIND) &&
>+	    setsockopt(new->tcpfd, SOL_SOCKET, SO_BINDTODEVICE, iface->name, IF_NAMESIZE) == -1)
>+	  {
>+	    char *s = _("failed to set SO_BINDTODEVICE for %s: %s");
>+	    if (dienow)
>+	      die(s, iface->name, EC_BADNET);
>+	    else
>+	      my_syslog(LOG_WARNING, s, iface->name, strerror(errno));
>+	  }
>+#endif
>+
>       }
> 
>   /* Check for --listen-address options that haven't been used because there's
>@@ -566,7 +581,8 @@ void create_bound_listeners(int dienow)
> 
>      The resulting listeners have the ->iface field NULL, and this has to be
>      handled by the DNS and TFTP code. It disables --localise-queries processing
>-     (no netmask) and some MTU login the tftp code. */
>+     (no netmask) and some MTU login the tftp code. It also precludes doing the
>+     SO_BINDTODEVICE trick above. */
> 
>   for (if_tmp = daemon->if_addrs; if_tmp; if_tmp = if_tmp->next)
>     if (!if_tmp->used &&

Actions: View | Diff

Attachments on bug 894486: 682464