1.\" $NetBSD: bind.2,v 1.32 2022/06/28 20:24:08 rillig Exp $ 2.\" 3.\" Copyright (c) 1983, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" @(#)bind.2 8.1 (Berkeley) 6/4/93 31.\" 32.Dd June 28, 2022 33.Dt BIND 2 34.Os 35.Sh NAME 36.Nm bind 37.Nd bind a name to a socket 38.Sh LIBRARY 39.Lb libc 40.Sh SYNOPSIS 41.In sys/socket.h 42.Ft int 43.Fn bind "int s" "const struct sockaddr *name" "socklen_t namelen" 44.Sh DESCRIPTION 45.Fn bind 46assigns a name to an unnamed socket. 47When a socket is created 48with 49.Xr socket 2 50it exists in a name space (address family) 51but has no name assigned. 52.Fn bind 53requests that 54.Fa name 55be assigned to the socket. 56.Fa namelen 57indicates the amount of space pointed to by 58.Fa name , 59in bytes. 60.Sh NOTES 61Binding a name in the 62.Ux 63domain creates a socket in the file 64system that must be deleted by the caller when it is no longer 65needed (using 66.Xr unlink 2 ) . 67.Pp 68The rules used in name binding vary between communication domains. 69Consult the manual entries in section 4 for detailed information. 70.Sh RETURN VALUES 71If the bind is successful, a 0 value is returned. 72A return value of \-1 indicates an error, which is 73further specified in the global 74.Va errno . 75.Sh ERRORS 76The 77.Fn bind 78call will fail if: 79.Bl -tag -width Er 80.It Bq Er EACCES 81The requested address is protected, and the current user 82has inadequate permission to access it. 83.It Bq Er EADDRINUSE 84The specified address is already in use. 85.It Bq Er EADDRNOTAVAIL 86The specified address is not available from the local machine. 87.It Bq Er EAFNOSUPPORT 88Addresses in the specified address family cannot be used with this socket. 89.It Bq Er EBADF 90.Fa s 91is not a valid descriptor. 92.It Bq Er EFAULT 93The 94.Fa name 95parameter is not in a valid part of the user 96address space. 97.It Bq Er EINVAL 98The socket is already bound to an address; or 99the family of the socket and that requested in 100.Fa name->sa_family 101are not equivalent. 102.It Bq Er EINVAL 103The socket address length passed was outside the allowable range. 104.It Bq Er ENOTSOCK 105.Fa s 106is not a socket. 107.El 108.Pp 109The following errors are specific to binding names in the 110.Ux 111domain. 112.Bl -tag -width Er 113.It Bq Er EIO 114An I/O error occurred while making the directory entry or allocating the inode. 115.It Bq Er EISDIR 116An empty pathname was specified. 117.It Bq Er ELOOP 118Too many symbolic links were encountered in translating the pathname. 119.It Bq Er ENAMETOOLONG 120A component of a pathname exceeded 121.Brq Dv NAME_MAX 122characters, or an entire path name exceeded 123.Brq Dv PATH_MAX 124characters. 125.It Bq Er ENOENT 126A prefix component of the path name does not exist. 127.It Bq Er ENOTDIR 128A component of the path prefix is not a directory. 129.It Bq Er EROFS 130The name would reside on a read-only file system. 131.El 132.Sh SEE ALSO 133.Xr connect 2 , 134.Xr getsockname 2 , 135.Xr listen 2 , 136.Xr socket 2 , 137.Xr inet 4 , 138.Xr inet6 4 139.Sh HISTORY 140The 141.Fn bind 142function call appeared in 143.Bx 4.2 . 144.Sh SECURITY CONSIDERATIONS 145.Fn bind 146was changed in 147.Nx 1.4 148to prevent the binding of a socket to the same port as an existing 149socket when all of the following is true: 150.Bl -bullet -compact -offset indent 151.It 152either of the existing or new addresses is 153.Li INADDR_ANY , 154.It 155the uid of the new socket is not root, and 156the uids of the creators of the sockets are different, 157.It 158the address is not a multicast address, and 159.It 160both sockets are not bound to 161.Li INADDR_ANY 162with 163.Li SO_REUSEPORT 164set. 165.El 166.Pp 167This prevents an attack where a user could bind to a port with 168the host's IP address (after setting 169.Li SO_REUSEADDR ) 170and 171.Sq steal 172packets destined for a server that bound to the 173same port with 174.Li INADDR_ANY . 175.Pp 176.Fn bind 177was changed in 178.Nx 4.0 179to honor the user's umask when binding sockets in the local domain. 180This was done to match the behavior of other operating systems, 181including 182.Fx , 183.Ox , 184and 185Linux, and to improve compatibility with some third-party software. 186Please note that this behavior 187.Em is not portable . 188If you must bind a local socket in a portable and secure way, you need 189to make a directory with tight permissions and then create the socket 190inside it. 191