Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
0.14
-
Windows broker
Description
Socket code on windows allows multiple, simultaneous listening processes on broker port.
C:\Windows\system32>netstat -anb
TCP 0.0.0.0:5672 0.0.0.0:0 LISTENING
[qpidd2.exe]
TCP 0.0.0.0:5672 0.0.0.0:0 LISTENING
[qpidd.exe]
This is a security issue as it allows a rogue process to hijack connections directed to the broker.
A simple first step is in Socket.cpp to change SO_REUSEADDR to SO_EXCLUSIVEADDRUSE as described in
http://msdn.microsoft.com/en-us/library/windows/desktop/cc150667%28v=vs.85%29.aspx