[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.8-12-g72a35ff

by NIIBE Yutaka cvs at cvs.gnupg.org
Wed Jun 20 02:14:52 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-2-2 has been updated
       via  72a35ffee022f1bf180d02250c5be6a4edb599e7 (commit)
      from  87d0ecf8a1b80139a6cab2a79f1ca6e287207999 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 72a35ffee022f1bf180d02250c5be6a4edb599e7
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Jun 20 08:59:05 2018 +0900

    libdns: Let kernel to decide the local port.
    
    * dirmngr/dns.c (LEAVE_SELECTION_OF_PORT_TO_KERNEL): New.
    (dns_socket): Don't select ephemeral port in user space.
    
    --
    
    Cherry picked from master commit:
        861f1da0731bf29dcb9221c4f22c76b40ec15a78
    
    There is no good reason to bind local port aggressively.  It might be
    some reason to do so, then, a user can specify it in /etc/resolv.conf
    by the second argument of "interface" directive.
    
    At least, it causes a problem on Windows.  Binding a specified port in
    user space can trigger the Firewall dialog on Windows.  Since it can
    be considered valid question, it is better not to bind with an
    ephemeral port which is selected in user space, by default.
    
    GnuPG-bug-id: 3610
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>

diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index 908bf15..f82ed26 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -7121,6 +7121,8 @@ static int dns_socket(struct sockaddr *local, int type, int *error_) {
 	if (type != SOCK_DGRAM)
 		return fd;
 
+#define LEAVE_SELECTION_OF_PORT_TO_KERNEL
+#if !defined(LEAVE_SELECTION_OF_PORT_TO_KERNEL)
 	/*
 	 * FreeBSD, Linux, OpenBSD, OS X, and Solaris use random ports by
 	 * default. Though the ephemeral range is quite small on OS X
@@ -7146,6 +7148,7 @@ static int dns_socket(struct sockaddr *local, int type, int *error_) {
 
 		/* NB: continue to next bind statement */
 	}
+#endif
 
 	if (0 == bind(fd, local, dns_sa_len(local)))
 		return fd;

-----------------------------------------------------------------------

Summary of changes:
 dirmngr/dns.c | 3 +++
 1 file changed, 3 insertions(+)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list