From 7a88ecf659d526636b4b4820b247a744939616a6 Mon Sep 17 00:00:00 2001
From: florian <florian@openbsd.org>
Date: Mon, 21 Apr 2014 14:26:10 +0000
Subject: [PATCH] Revert 1.101 as it breaks source port selection. This needs
 more thought / code shuffling. Reported by deraadt@ and sthen@, thanks!

---
 usr.sbin/traceroute/traceroute.8 |  9 ++++----
 usr.sbin/traceroute/traceroute.c | 38 +++++++-------------------------
 2 files changed, 13 insertions(+), 34 deletions(-)

diff --git a/usr.sbin/traceroute/traceroute.8 b/usr.sbin/traceroute/traceroute.8
index a5b0b54a0d9..fe2a7ad9875 100644
--- a/usr.sbin/traceroute/traceroute.8
+++ b/usr.sbin/traceroute/traceroute.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: traceroute.8,v 1.54 2014/04/18 16:19:11 florian Exp $
+.\"	$OpenBSD: traceroute.8,v 1.55 2014/04/21 14:26:10 florian Exp $
 .\"	$NetBSD: traceroute.8,v 1.6 1995/10/12 03:05:50 mycroft Exp $
 .\"
 .\" Copyright (c) 1990, 1991, 1993
@@ -33,7 +33,7 @@
 .\"
 .\"	@(#)traceroute.8	8.1 (Berkeley) 6/6/93
 .\"
-.Dd $Mdocdate: April 18 2014 $
+.Dd $Mdocdate: April 21 2014 $
 .Dt TRACEROUTE 8
 .Os
 .Sh NAME
@@ -160,8 +160,9 @@ a hostname) as the source address in outgoing probe packets.
 On hosts with more than one IP address, this option can be used to
 force the source address to be something other than the IP address
 of the interface the probe packet is sent on.
-If the IP address is not one of this machine's interface addresses an error is
-returned and nothing is sent.
+If the IP address
+is not one of this machine's interface addresses and the user is
+not the superuser, an error is returned and nothing is sent.
 .It Fl t Ar toskeyword
 Set the
 .Em type-of-service
diff --git a/usr.sbin/traceroute/traceroute.c b/usr.sbin/traceroute/traceroute.c
index cb647521afa..00936669357 100644
--- a/usr.sbin/traceroute/traceroute.c
+++ b/usr.sbin/traceroute/traceroute.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: traceroute.c,v 1.111 2014/04/19 14:06:10 florian Exp $	*/
+/*	$OpenBSD: traceroute.c,v 1.112 2014/04/21 14:26:10 florian Exp $	*/
 /*	$NetBSD: traceroute.c,v 1.10 1995/05/21 15:50:45 mycroft Exp $	*/
 
 /*-
@@ -234,8 +234,6 @@
 #include <string.h>
 #include <unistd.h>
 
-#define DUMMY_PORT 10010
-
 #define MAX_LSRR		((MAX_IPOPTLEN - 4) / 4)
 
 #define MPLS_LABEL(m)		((m & MPLS_LABEL_MASK) >> MPLS_LABEL_OFFSET)
@@ -291,7 +289,6 @@ char *hostname;
 int nprobes = 3;
 u_int8_t max_ttl = IPDEFTTL;
 u_int8_t first_ttl = 1;
-u_int16_t srcport;
 u_short ident;
 u_int16_t port = 32768+666;	/* start udp dest port # for probe packets */
 u_char	proto = IPPROTO_UDP;
@@ -503,7 +500,7 @@ main(int argc, char *argv[])
 
 	setvbuf(stdout, NULL, _IOLBF, 0);
 
-	ident = getpid() & 0xffff;
+	ident = (getpid() & 0xffff) | 0x8000;
 	tmprnd = arc4random();
 	sec_perturb = (tmprnd & 0x80000000) ? -(tmprnd & 0x7ff) :
 	    (tmprnd & 0x7ff);
@@ -622,8 +619,8 @@ main(int argc, char *argv[])
 		(void) setsockopt(sndsock, SOL_SOCKET, SO_DEBUG,
 		    (char *)&on, sizeof(on));
 
-	(void) memset(&from, 0, sizeof(struct sockaddr));
 	if (source) {
+		(void) memset(&from, 0, sizeof(struct sockaddr));
 		from.sin_family = AF_INET;
 		if (inet_aton(source, &from.sin_addr) == 0)
 			errx(1, "unknown host %s", source);
@@ -632,29 +629,10 @@ main(int argc, char *argv[])
 		    (ntohl(from.sin_addr.s_addr) & 0xff000000U) == 0x7f000000U &&
 		    (ntohl(to.sin_addr.s_addr) & 0xff000000U) != 0x7f000000U)
 			errx(1, "source is on 127/8, destination is not");
-	} else {
-		struct sockaddr_in nxt;
-		int dummy;
-
-		nxt = to;
-		nxt.sin_port = htons(DUMMY_PORT);
-		if ((dummy = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
-			err(1, "socket");
-		if (connect(dummy, (struct sockaddr *)&nxt, sizeof(nxt)) < 0)
-			err(1, "connect");
-		len = sizeof(from);
-		if (getsockname(dummy, (struct sockaddr *)&from, &len) < 0)
-			err(1, "getsockname");
-		close(dummy);
+		if (getuid() &&
+		    bind(sndsock, (struct sockaddr *)&from, sizeof(from)) < 0)
+			err(1, "bind");
 	}
-	from.sin_port = htons(0);
-	if (bind(sndsock, (struct sockaddr *)&from, sizeof(from)) < 0)
-		err(1, "bind sndsock");
-
-	len = sizeof(from);
-	if (getsockname(sndsock, (struct sockaddr *)&from, &len) < 0)
-		err(1, "getsockname");
-	srcport = ntohs(from.sin_port);
 
 	if (getnameinfo((struct sockaddr *)&to, to.sin_len, hbuf,
 	    sizeof(hbuf), NULL, 0, NI_NUMERICHOST))
@@ -908,7 +886,7 @@ build_probe4(int seq, u_int8_t ttl, int iflag)
 		op = (struct packetdata *)(icmpp + 1);
 		break;
 	case IPPROTO_UDP:
-		up->uh_sport = htons(srcport);
+		up->uh_sport = htons(ident);
 		if (iflag)
 			up->uh_dport = htons(port+seq);
 		else
@@ -1070,7 +1048,7 @@ packet_ok(struct msghdr *mhdr, int cc,int seq, int iflag)
 		case IPPROTO_UDP:
 			up = (struct udphdr *)((u_char *)hip + hlen);
 			if (hlen + 12 <= cc && hip->ip_p == proto &&
-			    up->uh_sport == htons(srcport) &&
+			    up->uh_sport == htons(ident) &&
 			    ((iflag && up->uh_dport == htons(port + seq)) ||
 			    (!iflag && up->uh_dport == htons(port))))
 				return (type == ICMP_TIMXCEED? -1 : code + 1);
-- 
2.20.1