From 3d0de2c1d72757a7754532f788b53102420e987d Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Thu, 16 Feb 2023 01:29:55 +0100
Subject: conf, tcp, udp: Exit if we fail to bind sockets for all given ports

passt supports ranges of forwarded ports as well as 'all' for TCP and
UDP, so it might be convenient to proceed if we fail to bind only
some of the desired ports.

But if we fail to bind even a single port for a given specification,
we're clearly, unexpectedly, conflicting with another network
service. In that case, report failure and exit.

Reported-by: Yalan Zhang <yalzhang@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
---
 conf.c | 47 ++++++++++++++++++++++++++++++++++-------------
 1 file changed, 34 insertions(+), 13 deletions(-)

(limited to 'conf.c')

diff --git a/conf.c b/conf.c
index f175405..675d961 100644
--- a/conf.c
+++ b/conf.c
@@ -179,9 +179,9 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
 {
 	char addr_buf[sizeof(struct in6_addr)] = { 0 }, *addr = addr_buf;
 	char buf[BUFSIZ], *spec, *ifname = NULL, *p;
+	bool exclude_only = true, bound_one = false;
 	uint8_t exclude[PORT_BITMAP_SIZE] = { 0 };
 	sa_family_t af = AF_UNSPEC;
-	bool exclude_only = true;
 
 	if (!strcmp(optarg, "none")) {
 		if (fwd->mode)
@@ -215,12 +215,19 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
 		memset(fwd->map, 0xff, PORT_EPHEMERAL_MIN / 8);
 
 		for (i = 0; i < PORT_EPHEMERAL_MIN; i++) {
-			if (optname == 't')
-				tcp_sock_init(c, AF_UNSPEC, NULL, NULL, i);
-			else if (optname == 'u')
-				udp_sock_init(c, 0, AF_UNSPEC, NULL, NULL, i);
+			if (optname == 't') {
+				if (!tcp_sock_init(c, AF_UNSPEC, NULL, NULL, i))
+					bound_one = true;
+			} else if (optname == 'u') {
+				if (!udp_sock_init(c, 0, AF_UNSPEC, NULL, NULL,
+						   i))
+					bound_one = true;
+			}
 		}
 
+		if (!bound_one)
+			goto bind_fail;
+
 		return;
 	}
 
@@ -293,12 +300,18 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
 
 			bitmap_set(fwd->map, i);
 
-			if (optname == 't')
-				tcp_sock_init(c, af, addr, ifname, i);
-			else if (optname == 'u')
-				udp_sock_init(c, 0, af, addr, ifname, i);
+			if (optname == 't') {
+				if (!tcp_sock_init(c, af, addr, ifname, i))
+					bound_one = true;
+			} else if (optname == 'u') {
+				if (!udp_sock_init(c, 0, af, addr, ifname, i))
+					bound_one = true;
+			}
 		}
 
+		if (!bound_one)
+			goto bind_fail;
+
 		return;
 	}
 
@@ -339,13 +352,19 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
 
 			fwd->delta[i] = mapped_range.first - orig_range.first;
 
-			if (optname == 't')
-				tcp_sock_init(c, af, addr, ifname, i);
-			else if (optname == 'u')
-				udp_sock_init(c, 0, af, addr, ifname, i);
+			if (optname == 't') {
+				if (!tcp_sock_init(c, af, addr, ifname, i))
+					bound_one = true;
+			} else if (optname == 'u') {
+				if (udp_sock_init(c, 0, af, addr, ifname, i))
+					bound_one = true;
+			}
 		}
 	} while ((p = next_chunk(p, ',')));
 
+	if (!bound_one)
+		goto bind_fail;
+
 	return;
 bad:
 	die("Invalid port specifier %s", optarg);
@@ -353,6 +372,8 @@ overlap:
 	die("Overlapping port specifier %s", optarg);
 mode_conflict:
 	die("Port forwarding mode '%s' conflicts with previous mode", optarg);
+bind_fail:
+	die("Failed to bind any port for '-%c %s', exiting", optname, optarg);
 }
 
 /**
-- 
cgit v1.2.3