On 04/10/2019 17:03, Florian Weimer wrote:
:
The kernel will do it atomically during connect, so there is no race
condition. With the change above, the port is selected and opened,
packets can arrive (from arbitrary addresses), and only then the socket
is bound to the remote address.
I don't see an issue here as packets in the socket buffer are read and
discarded after the address association is setup in the kernel.
Also just to say that the spec has already set expectations that connect
would do an explicit bind ("If this channel's socket is not bound ...")
although that is only behavior observable when running with a custom
security manager.
-Alan.
