Oberon || Library || Module Index || Search Engine || Definition || Module


Ulm's Oberon Library:
EphemeralPortRange


NAME

EphemeralPortRange - select anonymous ports

SYNOPSIS

PROCEDURE Get(VAR smallest, largest: INTEGER);
PROCEDURE Set(smallest, largest: INTEGER);


PROCEDURE GetRandomPort() : INTEGER;

DESCRIPTION

The ephemeral port range is defined to be the range of ports from which anonymous ports are selected. This selection is requested if a port number of 0 is specified within a socket address.

Unfortunately the system's choice of an ephemeral port number can be easily predicted on most operating systems. This can be a security risk where blind forgeries can be a threat. One example is the DNS protocol where UDP response packages can be successfully forged if the port number and the request id of the DNS client can be easily guessed.

EphemeralPortRange allows to reduce this risk by helping to select unpredictable ports. Set and Get allow to set and to retrieve the range of ephemeral ports that are to be used. By default, a range of 32768 up to 65535 is taken. This default can be changed by environment variables (see below).

GetRandomPort returns a port number out of the range of ephemeral port numbers using the unpredictable sequence of pseudo random numbers RandomGenerators.unpredictable.

DIAGNOSTICS

Get asserts that smallest is smaller than largest and that both values are within the range of valid port numbers.

ENVIRONMENT

EPHEMERAL_PORT_RANGE_SMALLEST
Default value of the smallest ephemeral port number.
EPHEMERAL_PORT_RANGE_LARGEST
Default value of the largest ephemeral port number.

SEE ALSO

IPv4TCPSockets
attempts to use port numbers suggested by GetRandomPort if a port number of 0 is given.
RandomGenerators
sequences of pseudo random numbers including RandomGenerators.unpredictable.

Edited by: borchert, last change: 2005/02/09, revision: 1.2, converted to HTML: 2005/02/09

Oberon || Library || Module Index || Search Engine || Definition || Module