ephemeral ports and port re-use for socket_wrapper emulated TCP bind()

Michael Adam obnox at samba.org
Thu Oct 20 10:14:19 UTC 2016


On 2016-10-20 at 11:59 +0200, Andreas Schneider wrote:
> On Thursday, 20 October 2016 20:03:47 CEST Andrew Bartlett wrote:
> > > > However, because swrap_bind has the (new, at that point)
> > > > check_addr_port_in_use() function removed with an #if 0 by commit
> > > > 064592d9cb6349e625b881cfcfab37b19d141ebe, no check is made to see
> > > > if a
> > > > socket is available.
> > > 
> > > This is code is commented out because
> > > 
> > > a) it is incomplete
> > > b) it doesn't have tests
> > > 
> > > The way to fix this is to start working on a) and b). Well, implement
> > > b) first 
> > > ... :)
> > > 
> > > However this is limited to one process, the process socket_wrapper
> > > is 
> > > preloaded. It will be possible to check that as soon as
> > > socket_wrapper has a 
> > > database. This is the work being done do make it thread safe and
> > > support fd-
> > > passing.
> > > 
> > > https://git.samba.org/?p=obnox/cwrap/socket_wrapper.git;a=shortlog;h=
> > > refs/
> > > heads/fd-passing-threadsafe
> > 
> > Thanks for the pointer. 
> 
> I think this is Michael his wip branch for binding:
> 
> https://git.samba.org/?p=obnox/cwrap/socket_wrapper.git;a=shortlog;h=refs/heads/bind-wip

Correct. I started to work on that quite some time ago.
Iirc, while implementing tests for addr_in_use was distracted
into a refactoring the tests in the first place.

The above branch is a rebase of my original branch:

https://git.samba.org/?p=obnox/cwrap/socket_wrapper.git;a=shortlog;h=refs/heads/bind-wip-old

And the rebase was not yet quite functional.
I would like to pick that task up and complete it, but
it's a lot of work and there is only so much you can do.
Let's see what we can get done. :-)

First and foremost the thread-safety and implementation
of fd-passing which will also introduce the db/shared storage
for the socket-info structures. (Preparations for this have
just been pushed to master.) Afterwards, I think the
revival of the bind /addr_port_in_use work. Unless someone
chimes in inbetween.

Cheers - Michael

> > > > I'm thinking to just do option 1 (with the advantage that many of
> > > > our
> > > > users would like to be able to control these ports), but in the
> > > > meantime do you have any other suggestions?
> > > 
> > > Why don't you want to improve socket_wrapper?
> > 
> > Mostly because of the reasons you mentioned, which were clear in the
> > disabled code: that without a database it would just work per process. 
> > 
> > I hasn't considered a whole database, which is certainly an improvement
> > over my option 3.
> > 
> > Sadly I don't think I'll have enough budget to divert into major
> > socket_wrapper patching, but neither did I want to go ahead without
> > checking with you on the current status. 
> 
> Then you have to wait till we have that implemented. It doesn't make sense to 
> work around any issues in Samba.
> 
> 
> However the port range we use should be updated. See
> 
> https://support.microsoft.com/en-us/kb/929851
> 
> 
> 
> 	Andreas
> 
> -- 
> Andreas Schneider                   GPG-ID: CC014E3D
> Samba Team                             asn at samba.org
> www.samba.org
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20161020/2ca7f815/signature.sig>


More information about the samba-technical mailing list