From 52b65dbe85fafaf636d9f6c8501a5504d20cfbdf Mon Sep 17 00:00:00 2001
From: Bill Fenner <fenner@FreeBSD.org>
Date: Thu, 17 Sep 1998 18:42:16 +0000
Subject: [PATCH] Fix the bind security fix introduced in rev 1.38 to work with
 multicast: - Don't bother checking for conflicting sockets if we're binding
 to a   multicast address. - Don't return an error if we're binding to
 INADDR_ANY, the conflicting   socket is bound to INADDR_ANY, and the
 conflicting socket has SO_REUSEPORT   set.

PR:		kern/7713
---
 sys/netinet/in_pcb.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 424ff9ff278..c8ac1c0ee29 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -31,7 +31,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)in_pcb.c	8.4 (Berkeley) 5/24/95
- *	$Id: in_pcb.c,v 1.43 1998/04/19 17:22:30 phk Exp $
+ *	$Id: in_pcb.c,v 1.44 1998/05/15 20:11:32 wollman Exp $
  */
 
 #include <sys/param.h>
@@ -197,10 +197,16 @@ in_pcbbind(inp, nam, p)
 			if (ntohs(lport) < IPPORT_RESERVED && p &&
 			    suser(p->p_ucred, &p->p_acflag))
 				return (EACCES);
-			if (so->so_uid) {
+			if (so->so_uid &&
+			    !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
 				t = in_pcblookup_local(inp->inp_pcbinfo,
 				    sin->sin_addr, lport, INPLOOKUP_WILDCARD);
-				if (t && (so->so_uid != t->inp_socket->so_uid))
+				if (t &&
+				    (ntohl(sin->sin_addr.s_addr) != INADDR_ANY ||
+				     ntohl(t->inp_laddr.s_addr) != INADDR_ANY ||
+				     (t->inp_socket->so_options &
+					 SO_REUSEPORT) == 0) &&
+				    (so->so_uid != t->inp_socket->so_uid))
 					return (EADDRINUSE);
 			}
 			t = in_pcblookup_local(pcbinfo, sin->sin_addr,