Fixes UDP and DNS proxies binding to the same socket address

As suggested by @colinmkeith the UDP and DNS proxies should listen on different ports otherwise the DNS proxy can get traffic intended to the UDP proxy (or vice-versa) and handle it incorrectly as reported in #178. At first sight it seems that we had the code in place to try another port if the one we are binding is already bound, however, with UDP and REUSEADDR the OS will not refuse to bind two sockets to the same socket address, so both the UDP proxy and DNS proxy were being bound to the same pair.
2025-02-07 14:10:08 +01:00 · 2017-11-06 00:55:58 +00:00 · 2017-11-06 00:55:58 +00:00 · 6cdc4da1e4
commit 6cdc4da1e4
parent 8add00866c
1 changed files with 6 additions and 0 deletions
--- a/sshuttle/client.py
+++ b/sshuttle/client.py
@ -635,6 +635,9 @@ def main(listenip_v6, listenip_v4,
    else:
        # if at least one port missing, we have to search
        ports = range(12300, 9000, -1)
+        # keep track of failed bindings and used ports to avoid trying to
+        # bind to the same socket address twice in different listeners
+        used_ports = []

    # search for free ports and try to bind
    last_e = None
@ -676,6 +679,7 @@ def main(listenip_v6, listenip_v4,
            if udp_listener:
                udp_listener.bind(lv6, lv4)
            bound = True
+            used_ports.append(port)
            break
        except socket.error as e:
            if e.errno == errno.EADDRINUSE:
@ -699,6 +703,8 @@ def main(listenip_v6, listenip_v4,
        ports = range(12300, 9000, -1)
        for port in ports:
            debug2(' %d' % port)
+            if port in used_ports: continue
+
            dns_listener = MultiListener(socket.SOCK_DGRAM)

            if listenip_v6: