From 93ab609b105b8d0145fc97d987587b074de83503 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <cristian@rodriguez.im>
Date: Fri, 6 Dec 2024 14:57:28 -0300
Subject: [PATCH] linux,ssh: set IP_BIND_ADDRESS_NO_PORT on connected socket

if binding to a local address (ssh -b ...) the source port is taken
at bind() time when the kernel does not know if the socket
will be connect()ed or listen()ed on. It also does not
know the destination host or port so it has to reserve the port
until the socket is closed, effectively limiting the number
of useful source ports to ~32k. a very small number in the modern era.

Set IP_BIND_ADDRESS_NO_PORT, which delays source port allocation
to connect() time allowing a few million connections out from the
same -b address.
---
 sshconnect.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sshconnect.c b/sshconnect.c
index 7cf6b638674c..7423c446ff18 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -415,6 +415,9 @@ ssh_create_socket(struct addrinfo *ai)
 		error_f("getnameinfo failed: %s", ssh_gai_strerror(r));
 		goto fail;
 	}
+#ifdef IP_BIND_ADDRESS_NO_PORT
+	(void) setsockopt(sock, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &(int) {1}, sizeof(int));
+#endif
 	if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) {
 		error("bind %s: %s", ntop, strerror(errno));
 		goto fail;