diff options
| author | Neil Brown <neilb@suse.de> | 2007-04-16 11:15:40 +1000 |
|---|---|---|
| committer | Neil Brown <neilb@suse.de> | 2007-04-16 11:15:40 +1000 |
| commit | 0210f16cf1bd2f87b7fe4336311c6dfd88030f8b (patch) | |
| tree | 575be7b8a1bec8f6690e2f4c38722ec4eb0d857e /utils/statd/sm-notify.c | |
| parent | ec79b7a3b06c034a9a71a39a5ac24b66dbd475a6 (diff) | |
| download | nfs-utils-0210f16cf1bd2f87b7fe4336311c6dfd88030f8b.tar.gz nfs-utils-0210f16cf1bd2f87b7fe4336311c6dfd88030f8b.tar.xz nfs-utils-0210f16cf1bd2f87b7fe4336311c6dfd88030f8b.zip | |
Be more cautious about use for privilege ports (<1024).
Ports < 1024 are a scarce resource and should not be used
carelessly. Technically they should be not used at all without
registration with IANA, but sometimes we need them despite that.
So: for the socket that RPC services listen on, don't use a <1024 port
by default. There is no need.
For sockets that we send messages on, that are long-lived, and that might
need to appear 'privileged', avoid using a number that is registered in
/etc/services if possible.
Diffstat (limited to 'utils/statd/sm-notify.c')
| -rw-r--r-- | utils/statd/sm-notify.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/utils/statd/sm-notify.c b/utils/statd/sm-notify.c index bb6c2ef..1059a88 100644 --- a/utils/statd/sm-notify.c +++ b/utils/statd/sm-notify.c @@ -215,7 +215,9 @@ notify(void) nsm_address local_addr; time_t failtime = 0; int sock = -1; + int retry_cnt = 0; + retry: sock = socket(AF_INET, SOCK_DGRAM, 0); if (sock < 0) { perror("socket"); @@ -248,7 +250,15 @@ notify(void) exit(1); } } else { + struct servent *se; (void) bindresvport(sock, (struct sockaddr_in *) &local_addr); + /* try to avoid known ports */ + se = getservbyport(local_addr.sin_port, "udp"); + if (se && retry_cnt < 100) { + retry_cnt++; + close(sock); + goto retry; + } } if (opt_max_retry) |