- Fix permission denied printed for auth zone probe random port nrs.

git-svn-id: file:///svn/unbound/trunk@4769 be551aaa-1e26-0410-a405-d3ace91eadb9
2025-12-20 23:00:56 -05:00 · 2018-07-03 13:58:49 +00:00 · 2018-07-03 13:58:49 +00:00 · 5d298ed474
commit 5d298ed474
parent 82e1e3959f
2 changed files with 36 additions and 26 deletions
--- a/doc/Changelog
+++ b/doc/Changelog
@ -1,6 +1,7 @@
 3 July 2018: Wouter
 	- Better documentation for unblock-lan-zones and insecure-lan-zones
 	  config statements.
+	- Fix permission denied printed for auth zone probe random port nrs.

 2 July 2018: Wouter
 	- Fix checking for libhiredis printout in configure output.
--- a/services/outside_network.c
+++ b/services/outside_network.c
@ -2192,8 +2192,16 @@ fd_for_dest(struct outside_network* outnet, struct sockaddr_storage* to_addr,
 {
 	struct sockaddr_storage* addr;
 	socklen_t addrlen;
-	int i;
-	int try;
+	int i, try, pnum;
+	struct port_if* pif;
+
+	/* create fd */
+	for(try = 0; try<1000; try++) {
+		int port = 0;
+		int freebind = 0;
+		int noproto = 0;
+		int inuse = 0;
+		int fd = -1;

 		/* select interface */
 		if(addr_is_ip6(to_addr, to_addrlen)) {
@ -2204,8 +2212,7 @@ fd_for_dest(struct outside_network* outnet, struct sockaddr_storage* to_addr,
 				return -1;
 			}
 			i = ub_random_max(outnet->rnd, outnet->num_ip6);
-		addr = &outnet->ip6_ifs[i].addr;
-		addrlen = outnet->ip6_ifs[i].addrlen;
+			pif = &outnet->ip6_ifs[i];
 		} else {
 			if(outnet->num_ip4 == 0) {
 				char to[64];
@ -2214,17 +2221,19 @@ fd_for_dest(struct outside_network* outnet, struct sockaddr_storage* to_addr,
 				return -1;
 			}
 			i = ub_random_max(outnet->rnd, outnet->num_ip4);
-		addr = &outnet->ip4_ifs[i].addr;
-		addrlen = outnet->ip4_ifs[i].addrlen;
+			pif = &outnet->ip4_ifs[i];
+		}
+		addr = &pif->addr;
+		addrlen = pif->addrlen;
+		pnum = ub_random_max(outnet->rnd, pif->avail_total);
+		if(pnum < pif->inuse) {
+			/* port already open */
+			port = pif->out[pnum]->number;
+		} else {
+			/* unused ports in start part of array */
+			port = pif->avail_ports[pnum - pif->inuse];
 		}

-	/* create fd */
-	for(try = 0; try<1000; try++) {
-		int freebind = 0;
-		int noproto = 0;
-		int inuse = 0;
-		int port = ub_random(outnet->rnd)&0xffff;
-		int fd = -1;
 		if(addr_is_ip6(to_addr, to_addrlen)) {
 			struct sockaddr_in6 sa = *(struct sockaddr_in6*)addr;
 			sa.sin6_port = (in_port_t)htons((uint16_t)port);