On Wed, Feb 17, 2021 at 06:37:56PM -0700, Theo de Raadt wrote:
> Regarding port 323,
>
> +If not specified the default
> +.Ic port
> +is
> +.Em 323 .
>
> and
>
> +rtr : RTR address {
> + currtr = get_rtr(&$2);
> + currtr->remote_port = 323;
> + if (insert_rtr(currtr) == -1) {
> + free(currtr);
> + YYERROR;
> + }
> + currtr = NULL;
> + }
> + | RTR address {
> + currtr = get_rtr(&$2);
> + currtr->remote_port = 323;
> + } '{' optnl rtropt_l optnl '}' {
>
> I think this should be published in the services file (see diff below),
> and your code should get it with getservbyname() of "rpki-rtr". If
> getservbyname() fails, consider fallback to 323 as a constant
> (#define?). The only reason to use a constant is chroot jails lacking a
> services file.
>
> And I suggest documenting it by name only, and not the number. I think
> this trend of documenting "name" as well as number is destructively
> hinting that the services file was a bad invention?
>
> Index: services
> ===================================================================
> RCS file: /cvs/src/etc/services,v
> retrieving revision 1.98
> diff -u -p -u -r1.98 services
> --- services 15 Sep 2020 09:52:47 -0000 1.98
> +++ services 18 Feb 2021 01:16:45 -0000
> @@ -121,6 +121,7 @@ ipx 213/tcp # IPX
> ipx 213/udp
> imap3 220/tcp # Interactive Mail
> Access
> imap3 220/udp # Protocol v3
> +rpki-rtr 323/tcp # Resource PKI to Router
> Protocol
> ulistserv 372/tcp # UNIX Listserv
> ulistserv 372/udp
> ldap 389/tcp # Lightweight Directory Access
>
>
Sure. Lets do that. I just checked, bgpd does not use getservbyname() for
the BGP connection either (it uses a define). Maybe that should be changed
as well.
--
:wq Claudio
