From nobody Fri Feb 21 14:00:06 2025 X-Original-To: freebsd-java@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YzsGC1wfXz5psd0 for ; Fri, 21 Feb 2025 14:00:19 +0000 (UTC) (envelope-from haraldei@anduin.net) Received: from mail.anduin.net (mail.anduin.net [185.42.170.45]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4YzsG84DNqz3TGp for ; Fri, 21 Feb 2025 14:00:15 +0000 (UTC) (envelope-from haraldei@anduin.net) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=anduin.net header.s=dkim2021 header.b=GydvCt2y; dmarc=pass (policy=reject) header.from=anduin.net; spf=pass (mx1.freebsd.org: domain of haraldei@anduin.net designates 185.42.170.45 as permitted sender) smtp.mailfrom=haraldei@anduin.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=anduin.net; s=dkim2021; h=In-Reply-To:Content-Transfer-Encoding:Content-Type:MIME-Version :References:Message-ID:Subject:To:From:Date:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=d6JHqiTB9IfKOIWh4TXhL5KgD7h30g7uBSEt2KQ9sqw=; t=1740146415; x=1741010415; b=GydvCt2y5cC6Pi+lzdGQ5O1N15S0Bi6oKyRnQXXHv6MSI8OBq+BWJS5tNu0ePegiodZMdxqMraE y704gLK/2Ipv7qnTRlYUs6EGSdmF2kjCr2XPU4WTtkVsvOqlPMCA4OjweabIe0iFHt3XyWRQjLapK KRCgQl/i3SDSLzzwFrvGSwor1yQcySvdWGJnPNl1I6kTJlJMzu7wMwz2JCtYPNmJzDDM0S+WeL/fA ZwD/ruUNy8KGW4eY4y7uCANfFTT+dJSIz8gFktdY8Ez9NdGjfLmHFUR/+QW/axPel2s7ZlinBZN3H U7i1b0SuXKRMnfltdxRSY2s79cYimzfaI6Rw==; Received: by mail.anduin.net with esmtpsa (TLS1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.97.1 (FreeBSD)) (envelope-from ) id 1tlTZW-000000004ne-3aEk; Fri, 21 Feb 2025 14:00:08 +0000 Date: Fri, 21 Feb 2025 15:00:06 +0100 From: Harald Eilertsen To: Jeff Anton , freebsd-java@freebsd.org Subject: Re: IPv6 in Java on FreeBSD Message-ID: Mail-Followup-To: Jeff Anton , freebsd-java@freebsd.org References: <79B052D3-8A9F-4658-AD33-EDD26BBB1A34@gid.co.uk> List-Id: Porting Java to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-java List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-java@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-SA-Authenticated: Yes X-Spam-Score: -1.9 X-Spam-Level: - X-Spam-Report: host: mail.modirum.com | contact: hostmaster@modirum.com | scores: BAYES_00=-1.9,NO_RELAYS=-0.001 | autolearn=no autolearn_force=no, score=0 X-Spamd-Result: default: False [-3.81 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; RBL_SENDERSCORE_REPUT_9(-1.00)[185.42.170.45:from]; DMARC_POLICY_ALLOW(-0.50)[anduin.net,reject]; MID_RHS_NOT_FQDN(0.50)[]; NEURAL_HAM_SHORT(-0.31)[-0.307]; R_SPF_ALLOW(-0.20)[+ip4:185.42.170.45/32]; R_DKIM_ALLOW(-0.20)[anduin.net:s=dkim2021]; MIME_GOOD(-0.10)[text/plain]; MISSING_XM_UA(0.00)[]; FREEFALL_USER(0.00)[haraldei]; RCVD_COUNT_ONE(0.00)[1]; ARC_NA(0.00)[]; TO_DN_SOME(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:62248, ipnet:185.42.170.0/24, country:EE]; RCVD_TLS_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MLMMJ_DEST(0.00)[freebsd-java@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[anduin.net:+] X-Rspamd-Queue-Id: 4YzsG84DNqz3TGp X-Spamd-Bar: --- On Thu, Feb 20, 2025 at 02:55:27PM +0100, Harald Eilertsen wrote: > On Wed, Feb 19, 2025 at 01:18:03PM -0800, Jeff Anton wrote: > > I believe the security issue is that if you have an ipv4 mapped into > > ipv6 arrangement, another process may be able to set up an ipv4 only > > socket to capture or intercept ipv4 traffic instead of the ipv4 mapped > > into ipv6 socket already established. > > This seems to be a BSD problem, as it allows a bind to a port on a > specific addess (localhost or an interface address) even if the port is > bound by the wildcard address. I don't know the rationale for that. I did a bit of research, and god a lot of help from Tom Jones to get to the bottom of this yesterday. And I think the culprit is SO_REUSEADDR. For a server socket, Java will set the SO_REUSEADDR socket option by default. But this option behaves quite differently on BSD (at least FreeBSD) than in Linux (and presumably AIX and macOS, which are the other platforms using this code path.) While Linux (and the others?) will refuse to create a socket to the same port as an already active listening socket bound to INADDR_ANY – even with the SO_REUSEADDR set, BSD will allow this. (https://www.man7.org/linux/man-pages/man7/socket.7.html) >From the testing I've done so far, it seems like it would be safe to not set the SO_REUSEADDR option on FreeBSD. This should allow the Java use of dual protocol sockets without opening for port higjacking from other processes. Anything else I've missed regarding this issue then? :) Take care! Harald