From: Guus Sliepen <guus@tinc-vpn.org>
Date: Thu, 27 Apr 2017 18:58:10 +0000 (+0200)
Subject: Bind outgoing TCP sockets.
X-Git-Tag: release-1.0.32~7
X-Git-Url: https://git.librecmc.org/?p=oweals%2Ftinc.git;a=commitdiff_plain;h=a25c0552ade7533e977cb585d82ff5c7b53614f5;hp=6b5cfe97f4d3f93bde5c3eac5cb82b20b160ae36

Bind outgoing TCP sockets.

This is important for multi-homed users that want to ensure the source
address of outgoing TCP connections is the same as the address that tinc
is listening on.

Binding is done automatically if there is exactly one listening address
for a given address family.
---

diff --git a/src/net_socket.c b/src/net_socket.c
index a4c7f07..80ae677 100644
--- a/src/net_socket.c
+++ b/src/net_socket.c
@@ -473,6 +473,33 @@ connect:
 		bind_to_interface(c->socket);
 	}
 
+	int b = -1;
+
+	for(int i = 0; i < listen_sockets; i++) {
+		if(listen_socket[i].sa.sa.sa_family == c->address.sa.sa_family) {
+			if(b == -1) {
+				b = i;
+			} else  {
+				b = -1;
+				break;
+			}
+		}
+	}
+
+	if(b != -1) {
+		sockaddr_t sa = listen_socket[b].sa;
+		if(sa.sa.sa_family == AF_INET)
+			sa.in.sin_port = 0;
+		else if(sa.sa.sa_family == AF_INET6)
+			sa.in6.sin6_port = 0;
+
+		if(bind(c->socket, &sa.sa, SALEN(sa.sa))) {
+			char *addrstr = sockaddr2hostname(&sa);
+			logger(LOG_ERR, "Can't bind to %s/tcp: %s", addrstr, sockstrerror(sockerrno));
+			free(addrstr);
+		}
+	}
+
 	/* Connect */
 
 	if(!proxytype) {