Be more cautious about use for privilege ports (<1024).

Ports < 1024 are a scarce resource and should not be used
carelessly.  Technically they should be not used at all without
registration with IANA, but sometimes we need them despite that.

So: for the socket that RPC services listen on, don't use a <1024 port
by default.  There is no need.

For sockets that we send messages on, that are long-lived, and that might
need to appear 'privileged', avoid using a number that is registered in
/etc/services if possible.

1 files changed, 23 insertions, 11 deletions

diff --git a/utils/statd/rmtcall.c b/utils/statd/rmtcall.c
index 816a6f3..eb1919a 100644
--- a/utils/statd/rmtcall.c
+++ b/utils/statd/rmtcall.c
@@ -62,25 +62,37 @@ int
 statd_get_socket(void)
 {
 	struct sockaddr_in	sin;
+	struct servent *se;
+	int loopcnt = 100;
 
 	if (sockfd >= 0)
 		return sockfd;
 
-	if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
-		note(N_CRIT, "Can't create socket: %m");
-		return -1;
-	}
+	while (loopcnt-- > 0) {
 
-	FD_SET(sockfd, &SVC_FDSET);
+		if (sockfd >= 0) close(sockfd);
 
-	memset(&sin, 0, sizeof(sin));
-	sin.sin_family = AF_INET;
-	sin.sin_addr.s_addr = INADDR_ANY;
+		if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
+			note(N_CRIT, "Can't create socket: %m");
+			return -1;
+		}
 
-	if (bindresvport(sockfd, &sin) < 0) {
-		dprintf(N_WARNING,
-			"process_hosts: can't bind to reserved port\n");
+
+		memset(&sin, 0, sizeof(sin));
+		sin.sin_family = AF_INET;
+		sin.sin_addr.s_addr = INADDR_ANY;
+
+		if (bindresvport(sockfd, &sin) < 0) {
+			dprintf(N_WARNING,
+				"process_hosts: can't bind to reserved port\n");
+			break;
+		}
+		se = getservbyport(sin.sin_port, "udp");
+		if (se == NULL)
+			break;
+		/* rather not use that port, try again */
 	}
+	FD_SET(sockfd, &SVC_FDSET);
 	return sockfd;
 }