From 06f582f23e7e3204a110d9b5a619c4d9ce451f07 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
Date: Wed, 6 Mar 2019 14:01:24 +0100
Subject: [PATCH] Make nsupdate use OS-supplied ephemeral port range

Make nsupdate honor the operating system's preferred ephemeral port
range instead of always using the default 1024-65535 range for outgoing
messages.
---
 bin/nsupdate/nsupdate.c | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c
index 7ffba6be54..0ebd1feab3 100644
--- a/bin/nsupdate/nsupdate.c
+++ b/bin/nsupdate/nsupdate.c
@@ -33,6 +33,7 @@
 #include <isc/mem.h>
 #include <isc/nonce.h>
 #include <isc/parseint.h>
+#include <isc/portset.h>
 #include <isc/print.h>
 #include <isc/platform.h>
 #include <isc/random.h>
@@ -748,6 +749,34 @@ shutdown_program(isc_task_t *task, isc_event_t *event) {
 	maybeshutdown();
 }
 
+/*
+ * Try honoring the operating system's preferred ephemeral port range.
+ */
+static void
+set_source_ports(dns_dispatchmgr_t *manager) {
+	isc_portset_t *v4portset = NULL, *v6portset = NULL;
+	in_port_t udpport_low, udpport_high;
+	isc_result_t result;
+
+	result = isc_portset_create(gmctx, &v4portset);
+	check_result(result, "isc_portset_create (v4)");
+	result = isc_net_getudpportrange(AF_INET, &udpport_low, &udpport_high);
+	check_result(result, "isc_net_getudpportrange (v4)");
+	isc_portset_addrange(v4portset, udpport_low, udpport_high);
+
+	result = isc_portset_create(gmctx, &v6portset);
+	check_result(result, "isc_portset_create (v6)");
+	result = isc_net_getudpportrange(AF_INET6, &udpport_low, &udpport_high);
+	check_result(result, "isc_net_getudpportrange (v6)");
+	isc_portset_addrange(v6portset, udpport_low, udpport_high);
+
+	result = dns_dispatchmgr_setavailports(manager, v4portset, v6portset);
+	check_result(result, "dns_dispatchmgr_setavailports");
+
+	isc_portset_destroy(gmctx, &v4portset);
+	isc_portset_destroy(gmctx, &v6portset);
+}
+
 static void
 setup_system(void) {
 	isc_result_t result;
@@ -898,6 +927,8 @@ setup_system(void) {
 	check_result(result, "dst_lib_init");
 	is_dst_up = true;
 
+	set_source_ports(dispatchmgr);
+
 	attrmask = DNS_DISPATCHATTR_UDP | DNS_DISPATCHATTR_TCP;
 	attrmask |= DNS_DISPATCHATTR_IPV4 | DNS_DISPATCHATTR_IPV6;