RFR: JDK-8257235: [PATCH] InetAddress.isReachable: Try to use an IPPROTO_ICMP socket type before attempting RAW_SOCK [v2]
Jamie Le Tual
github.com+55101029+jamieletual at openjdk.java.net
Wed Dec 23 14:06:12 UTC 2020
> Users have been able to send ICMP packets without the need for root privileges or the CAP_NET_RAW capability since at least kernel 3.11.
>
> For some time now, if the kernel parameter net.ipv4.ping_group_range included the gid of a user sending an icmp packet with the IPPROTO_ICMP protocol, then the packet would>
> It's important to note that the both the checksum and ident field are overwritten by the kernel when this is done.
>
> Newer distributions are now setting the default value of net.ipv4.ping_group_range to be open to all possible group ids (Fedora 31 and Ubuntu 20.04 for example) so it can b>
>
> Also of note is the that this is also implemented in MacOS.
>
> This patch proposes attempting to use IPPROTO_ICMP first, and then fall back to attempting a raw socket and ultimately failing over to tcp echo.
> This patch also alters the logic for identifying icmp reply packets, since the kernel overwrites id ident field when using the IPPROTO_ICMP protocol.
> The method is similar to that used by the ping(8) utility in the iputils package, where we compare data in the icmp_data member of the icmp struct
> to identify the packet as our response. The ping utility compares the timeval, whereas this patch proposes to compare both the timeval and the user's pid.
Jamie Le Tual has updated the pull request incrementally with one additional commit since the last revision:
Fixed formatting
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/1502/files
- new: https://git.openjdk.java.net/jdk/pull/1502/files/923e3489..1c8a555f
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=1502&range=01
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=1502&range=00-01
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.java.net/jdk/pull/1502.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/1502/head:pull/1502
PR: https://git.openjdk.java.net/jdk/pull/1502
More information about the net-dev
mailing list