Users have been able to send ICMP packets without the need for root privileges or the CAP_NET_RAW capability since at least kernel 3.11.
For some time now, if the kernel parameter net.ipv4.ping_group_range included the gid of a user sending an icmp packet with the IPPROTO_ICMP protocol, then the packet would> It's important to note that the both the checksum and ident field are overwritten by the kernel when this is done. Newer distributions are now setting the default value of net.ipv4.ping_group_range to be open to all possible group ids (Fedora 31 and Ubuntu 20.04 for example) so it can b> Also of note is the that this is also implemented in MacOS. This patch proposes attempting to use IPPROTO_ICMP first, and then fall back to attempting a raw socket and ultimately failing over to tcp echo. This patch also alters the logic for identifying icmp reply packets, since the kernel overwrites id ident field when using the IPPROTO_ICMP protocol. The method is similar to that used by the ping(8) utility in the iputils package, where we compare data in the icmp_data member of the icmp struct to identify the packet as our response. The ping utility compares the timeval, whereas this patch proposes to compare both the timeval and the user's pid. Please not that my OCA has been sent in and is pending. ------------- Commit messages: - ipv6 working now - fixed misplaced parenthesis in ipv6, cleared up manipulation of pid - fixed a misplaced parenthesis - ipv6 changes for ipproto_icmp socket for isReachable - Update Inet4AddressImpl.c - Try to use IPPROTO_ICMP socket type first before attempting to use a RAW_SOCK in isReachable Changes: https://git.openjdk.java.net/jdk/pull/1502/files Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=1502&range=00 Issue: https://bugs.openjdk.java.net/browse/JDK-8257235 Stats: 58 lines in 2 files changed: 29 ins; 5 del; 24 mod Patch: https://git.openjdk.java.net/jdk/pull/1502.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/1502/head:pull/1502 PR: https://git.openjdk.java.net/jdk/pull/1502
