Skip to content
Snippets Groups Projects

Draft: Only check for bindable ports if we are unsure if it will fail.

Closed Alexander Hansen Færøy requested to merge ahf/tor:ahf/40257_035 into maint-0.3.5
2 unresolved threads

We currently assume that the only way for Tor to listen on ports in the privileged port range (1 to 1023), on Linux, is if we are granted the NET_BIND_SERVICE capability. Today on Linux, it's possible to specify the beginning of the unprivileged port range using a sysctl configuration option. Docker (and thus the CI service Tor uses) recently changed this sysctl value to 0, which causes our tests to fail as they assume that we should NOT be able to bind to a privileged port without the NET_BIND_SERVICE capability.

In this patch, we read the value of the sysctl value via the /proc/sys/ filesystem iff it's present, otherwise we assume the default unprivileged port range begins at port 1024.

See: #40275 (closed)

Edited by Alexander Hansen Færøy

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
35 * permissions. Usually this function returns 1024. */
36 static uint16_t
37 unprivileged_port_range_start(void)
38 {
39 uint16_t result = 1024;
40
41 #if defined(__linux__)
42 char *content = NULL;
43
44 content = read_file_to_str(
45 "/proc/sys/net/ipv4/ip_unprivileged_port_start",
46 0,
47 NULL);
48
49 if (content != NULL)
50 result = (uint16_t)atoi(content);
  • Nick Mathewson
    Nick Mathewson @nickm started a thread on commit b5099682
  • 150 178 * does not make us lose the ability to bind low ports */
    151 179 {
    152 int keepcaps = (test_id == TEST_SETUID_KEEPCAPS);
    180 const int keepcaps = (test_id == TEST_SETUID_KEEPCAPS);
    153 181 okay = switch_id(username, keepcaps ? SWITCH_ID_KEEP_BINDLOW : 0) == 0;
    182
    154 183 if (okay) {
    155 okay = check_can_bind_low_ports() == keepcaps;
    184 /* Only run this check if there are ports we may not be able to bind
    185 * to. */
    186 const uint16_t min_port = unprivileged_port_range_start();
    187
    188 if (min_port >= PORT_TEST_RANGE_START &&
    189 min_port < PORT_TEST_RANGE_END) {
    190 okay = check_can_bind_low_ports() == keepcaps;
    191 }
  • Looks reasonable; I've added a couple of comments.

    By my understanding of our proposed new LTS policy, if that LTS policy is accepted, we will backport this MR to oldstable, but not to LTS. Does that match your understanding?

  • added 2 commits

    • 7a90a6aa - fixup! Only check for bindable ports if we are unsure if it will fail.
    • 861c0fe3 - fixup! fixup! Only check for bindable ports if we are unsure if it will fail.

    Compare with previous version

  • Alexander Hansen Færøy marked this merge request as draft from ahf/tor@7a90a6aa

    marked this merge request as draft from ahf/tor@7a90a6aa

  • I think since this is a CI and test issue, we will backport it to all branches that we currently may build Tor for in the near future to get CI checked?

  • These changes look good. Once CI passes, please feel free to merge this to 044 and forward.

  • Merged to 0.4.4 and forward.

  • Please register or sign in to reply
    Loading