The SO_EXCLUSIVEADDRUSE option prevents other sockets from being forcibly bound to the same address and port, a practice enabled by the SO_REUSEADDR socket option. Such reuse can be executed by malicious applications to disrupt the application. The SO_EXCLUSIVEADDRUSE option is very useful to system services requiring high availability.
The state of the SO_EXCLUSIVEADDRUSE socket option determines whether the local transport address to which a socket will be bound is exclusively reserved for use by that socket. This socket option applies only to listening sockets, datagram sockets, and connection-oriented sockets.
The solution on Windows is to use the SO_EXCLUSIVEADDRUSE socket option instead of SO_REUSEADDR, which effectively affords the same semantics as SO_REUSEADDR on Unix. Given the propensity of Unix developers in the Open Source world compared to Windows ones, this is a common mistake.
In order to address this security issue, Windows Sockets introduced the SO_EXCLUSIVEADDRUSE socket option, which became available on Windows NT 4.0 with Service Pack 4 (SP4) and later. The SO_EXCLUSIVEADDRUSE socket option can only be used by members of the Administrators security group on Windows XP and earlier. The reasons.
SO_EXCLUSIVEADDRUSE is a security measure to avoid my (server) application´s traffic being hijacked / rendered useless by a later binding to the same IP/port. As I see it, you need SO_REUSEADDR for UDP multicats, and you need SO_EXCLUSIVEADDRUSE as a security measure for server applications.
Mongoose Embedded Web Server Library – a multi-protocol embedded networking library with TCP/UDP, HTTP, WebSocket, MQTT built-in protocols, async DNS resolver, and non-blocking API. – cesanta/mongoose, 2/14/2019 · So it sounds like SO_EXCLUSIVEADDRUSE’s modern purpose is actually unrelated to what its docs say. In terms of the actual semantics, I don’t feel like there’s a strong argument for or against SO_EXCLUSIVEADDRUSE. The Linux behavior seems slightly more sensible to me, but acting like BSD is perfectly defensible, and I guess the default …
Conversely, a socket with the SO_EXCLUSIVEADDRUSE set cannot necessarily be reused immediately after socket closure. For example, if a listening socket with SO_EXCLUSIVEADDRUSE set accepts a connection and is then subsequently closed, another socket (also with SO_EXCLUSIVEADDRUSE) cannot bind to the same port as the first socket.
Set SO_EXCLUSIVEADDRUSE using Java . R. Praveen Kumar. Greenhorn Posts: 10. posted 6 years ago. Number of slices to send: Optional ‘thank-you’ note: Send.
The SO_EXCLUSIVEADDRUSE option is required in order to get the default Unix behaviour of first-come first-served binding to ports. See wp_socket_hijacking.pdf (not readable in some PDF viewers), and here for more details. (The latter is slightly out of date since Windows does restrict binding to privileged ports since Windows XP SP2, but …
