establish_server + SO_REUSEADDR #2452
Labels
Comments
|
Comment author: administrator
It's just an oversight. Now that you mention it, I'd be tempted to
Interesting. I can't remember seeing a discussion of the security Best regards,
|
|
Comment author: administrator Added SO_REUSEADDR in Unix.establish_server as suggested. -Xavier, 2000-06-05. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Original bug ID: 111
Reporter: administrator
Status: closed
Resolution: fixed
Priority: normal
Severity: feature
Category: ~DO NOT USE (was: OCaml general)
Bug description
Hello,
is it out of security concerns that the socket option "SO_REUSEADDR" is not
set on the socket created by "Unix.establish_server"?
The problem is that terminating such a server and starting it again
immediately will fail for a while with "EADDRINUSE", because the system
waits for possible further packets in the network even after having closed
the socket. Setting the option gets rid of the problem, but might be a
security problem when the server is bound to the "any"-address - another
program could bind to and steal specific addresses.
Maybe it would be a good idea to add an argument that sets the option if
needed?
This problem (bind unexpectedly fails) might be a bit confusing for people
without previous experience with TCP/IP. A short hint in the documentation
would surely be helpful.
Best regards,
Markus Mottl
--
Markus Mottl, mottl@miss.wu-wien.ac.at, http://miss.wu-wien.ac.at/~mottl
The text was updated successfully, but these errors were encountered: