[git] GnuPG - branch, master, updated. gnupg-2.2.7-158-g861f1da

by NIIBE Yutaka cvs at cvs.gnupg.org
Wed Jun 20 02:13:33 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  861f1da0731bf29dcb9221c4f22c76b40ec15a78 (commit)
      from  08147f8bbdca40c98c2a094fa48fab15b8339c80 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 861f1da0731bf29dcb9221c4f22c76b40ec15a78
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Jun 20 08:59:05 2018 +0900

    libdns: Let kernel to decide the local port.
    
    * dirmngr/dns.c (LEAVE_SELECTION_OF_PORT_TO_KERNEL): New.
    (dns_socket): Don't select ephemeral port in user space.
    
    --
    
    There is no good reason to bind local port aggressively.  It might be
    some reason to do so, then, a user can specify it in /etc/resolv.conf
    by the second argument of "interface" directive.
    
    At least, it causes a problem on Windows.  Binding a specified port in
    user space can trigger the Firewall dialog on Windows.  Since it can
    be considered valid question, it is better not to bind with an
    ephemeral port which is selected in user space, by default.
    
    GnuPG-bug-id: 3610
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>

diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index 908bf15..f82ed26 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -7121,6 +7121,8 @@ static int dns_socket(struct sockaddr *local, int type, int *error_) {
 	if (type != SOCK_DGRAM)
 		return fd;
 
+#define LEAVE_SELECTION_OF_PORT_TO_KERNEL
+#if !defined(LEAVE_SELECTION_OF_PORT_TO_KERNEL)
 	/*
 	 * FreeBSD, Linux, OpenBSD, OS X, and Solaris use random ports by
 	 * default. Though the ephemeral range is quite small on OS X
@@ -7146,6 +7148,7 @@ static int dns_socket(struct sockaddr *local, int type, int *error_) {
 
 		/* NB: continue to next bind statement */
 	}
+#endif
 
 	if (0 == bind(fd, local, dns_sa_len(local)))
 		return fd;

-----------------------------------------------------------------------

Summary of changes:
 dirmngr/dns.c | 3 +++
 1 file changed, 3 insertions(+)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list