From fa1607ea596802d3d3177d775eeecb0f0e5d496f Mon Sep 17 00:00:00 2001
From: Raghavendra Bhat <raghavendra@redhat.com>
Date: Thu, 25 Oct 2012 17:06:31 +0530
Subject: socket,rdma: before binding to any port check if it is a reserved
 port

* The list of ports which are reserved is obtained by reading the file
  /proc/sys/net/ipv4/ip_local_reserved_ports.

Change-Id: I3a832f53efbb79dd719b34a30cbaf28269f25816
BUG: 762989
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4131
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
---
 rpc/rpc-transport/rdma/src/name.c   | 32 ++++++++++++++++++++------------
 rpc/rpc-transport/socket/src/name.c | 30 ++++++++++++++++++------------
 2 files changed, 38 insertions(+), 24 deletions(-)

(limited to 'rpc/rpc-transport')

diff --git a/rpc/rpc-transport/rdma/src/name.c b/rpc/rpc-transport/rdma/src/name.c
index 3718cd764..6b0ee11ff 100644
--- a/rpc/rpc-transport/rdma/src/name.c
+++ b/rpc/rpc-transport/rdma/src/name.c
@@ -14,18 +14,14 @@
 #include <netdb.h>
 #include <string.h>
 
-#ifdef CLIENT_PORT_CEILING
-#undef CLIENT_PORT_CEILING
-#endif
-
-#define CLIENT_PORT_CEILING 1024
-
 #ifndef AF_INET_SDP
 #define AF_INET_SDP 27
 #endif
 
 #include "rpc-transport.h"
 #include "rdma.h"
+#include "common-utils.h"
+
 
 int32_t
 gf_resolve_ip6 (const char *hostname,
@@ -38,9 +34,17 @@ static int32_t
 af_inet_bind_to_port_lt_ceiling (int fd, struct sockaddr *sockaddr,
                                  socklen_t sockaddr_len, int ceiling)
 {
-        int32_t ret = -1;
-        /*  struct sockaddr_in sin = {0, }; */
-        uint16_t port = ceiling - 1;
+        int32_t        ret        = -1;
+        uint16_t      port        = ceiling - 1;
+        // by default assume none of the ports are blocked and all are available
+        gf_boolean_t  ports[1024] = {_gf_false,};
+        int           i           = 0;
+
+        ret = gf_process_reserved_ports (ports);
+        if (ret != 0) {
+                for (i = 0; i < 1024; i++)
+                        ports[i] = _gf_false;
+        }
 
         while (port)
         {
@@ -55,7 +59,11 @@ af_inet_bind_to_port_lt_ceiling (int fd, struct sockaddr *sockaddr,
                         ((struct sockaddr_in *)sockaddr)->sin_port = htons (port);
                         break;
                 }
-
+                // ignore the reserved ports
+                if (ports[port] == _gf_true) {
+                        port--;
+                        continue;
+                }
                 ret = bind (fd, sockaddr, sockaddr_len);
 
                 if (ret == 0)
@@ -419,12 +427,12 @@ gf_rdma_client_bind (rpc_transport_t *this,
         case AF_INET6:
                 ret = af_inet_bind_to_port_lt_ceiling (sock, sockaddr,
                                                        *sockaddr_len,
-                                                       CLIENT_PORT_CEILING);
+                                                       GF_CLIENT_PORT_CEILING);
                 if (ret == -1) {
                         gf_log (this->name, GF_LOG_WARNING,
                                 "cannot bind inet socket (%d) to port "
                                 "less than %d (%s)",
-                                sock, CLIENT_PORT_CEILING, strerror (errno));
+                                sock, GF_CLIENT_PORT_CEILING, strerror (errno));
                         ret = 0;
                 }
                 break;
diff --git a/rpc/rpc-transport/socket/src/name.c b/rpc/rpc-transport/socket/src/name.c
index d37c83e18..1647d5b6b 100644
--- a/rpc/rpc-transport/socket/src/name.c
+++ b/rpc/rpc-transport/socket/src/name.c
@@ -15,12 +15,6 @@
 #include <netdb.h>
 #include <string.h>
 
-#ifdef CLIENT_PORT_CEILING
-#undef CLIENT_PORT_CEILING
-#endif
-
-#define CLIENT_PORT_CEILING 1024
-
 #ifndef AF_INET_SDP
 #define AF_INET_SDP 27
 #endif
@@ -40,9 +34,17 @@ static int32_t
 af_inet_bind_to_port_lt_ceiling (int fd, struct sockaddr *sockaddr,
                                  socklen_t sockaddr_len, int ceiling)
 {
-        int32_t ret = -1;
-        /*  struct sockaddr_in sin = {0, }; */
-        uint16_t port = ceiling - 1;
+        int32_t        ret        = -1;
+        uint16_t      port        = ceiling - 1;
+        // by default assume none of the ports are blocked and all are available
+        gf_boolean_t  ports[1024] = {_gf_false,};
+        int           i           = 0;
+
+        ret = gf_process_reserved_ports (ports);
+        if (ret != 0) {
+                for (i = 0; i < 1024; i++)
+                        ports[i] = _gf_false;
+        }
 
         while (port)
         {
@@ -57,7 +59,11 @@ af_inet_bind_to_port_lt_ceiling (int fd, struct sockaddr *sockaddr,
                         ((struct sockaddr_in *)sockaddr)->sin_port = htons (port);
                         break;
                 }
-
+                // ignore the reserved ports
+                if (ports[port] == _gf_true) {
+                        port--;
+                        continue;
+                }
                 ret = bind (fd, sockaddr, sockaddr_len);
 
                 if (ret == 0)
@@ -440,12 +446,12 @@ client_bind (rpc_transport_t *this,
         case AF_INET6:
                 if (!this->bind_insecure) {
                         ret = af_inet_bind_to_port_lt_ceiling (sock, sockaddr,
-                                                       *sockaddr_len, CLIENT_PORT_CEILING);
+                                                       *sockaddr_len, GF_CLIENT_PORT_CEILING);
                 }
                 if (ret == -1) {
                         gf_log (this->name, GF_LOG_DEBUG,
                                 "cannot bind inet socket (%d) to port less than %d (%s)",
-                                sock, CLIENT_PORT_CEILING, strerror (errno));
+                                sock, GF_CLIENT_PORT_CEILING, strerror (errno));
                         ret = 0;
                 }
                 break;
-- 
cgit