[Kerberos] Find if port is available before using it for Kdc server (#36192)

If the randomly selected port was already in use the Kerberos
tests would fail. This commit adds check to see if the network
port is available and if not continue to find one for KDC server.
If it does not find port after 100 retries it throws an exception.

Closes #34261

x-pack/qa/evil-tests/src/test/java/org/elasticsearch/xpack/security/authc/kerberos/SimpleKdcLdapServer.java

@@ -13,7 +13,6 @@ import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.client.KrbConfig;
 import org.apache.kerby.kerberos.kerb.server.KdcConfigKey;
 import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
-import org.apache.kerby.util.NetworkUtil;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.elasticsearch.ExceptionsHelper;
@@ -22,6 +21,9 @@ import org.elasticsearch.common.unit.TimeValue;
 import org.elasticsearch.test.ESTestCase;
 
 import java.io.IOException;
+import java.net.DatagramSocket;
+import java.net.InetAddress;
+import java.net.ServerSocket;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -31,6 +33,8 @@ import java.security.PrivilegedExceptionAction;
 import java.util.Locale;
 import java.util.concurrent.TimeUnit;
 
+import javax.net.ServerSocketFactory;
+
 /**
  * Utility wrapper around Apache {@link SimpleKdcServer} backed by Unboundid
  * {@link InMemoryDirectoryServer}.<br>
@@ -127,14 +131,14 @@ public class SimpleKdcLdapServer {
         simpleKdc.setWorkDir(workDir.toFile());
         simpleKdc.setKdcHost(host);
         simpleKdc.setKdcRealm(realm);
-        if (kdcPort == 0) {
-            kdcPort = NetworkUtil.getServerPort();
-        }
         if (transport != null) {
-            if (transport.trim().equals("TCP")) {
+            if (kdcPort == 0) {
+                kdcPort = getServerPort(transport);
+            }
+            if (transport.trim().equalsIgnoreCase("TCP")) {
                 simpleKdc.setKdcTcpPort(kdcPort);
                 simpleKdc.setAllowUdp(false);
-            } else if (transport.trim().equals("UDP")) {
+            } else if (transport.trim().equalsIgnoreCase("UDP")) {
                 simpleKdc.setKdcUdpPort(kdcPort);
                 simpleKdc.setAllowTcp(false);
             } else {
@@ -221,4 +225,21 @@ public class SimpleKdcLdapServer {
         logger.info("SimpleKdcServer stoppped.");
     }
 
+    private static int getServerPort(String transport) {
+        if (transport != null && transport.trim().equalsIgnoreCase("TCP")) {
+            try (ServerSocket serverSocket = ServerSocketFactory.getDefault().createServerSocket(0, 1,
+                    InetAddress.getByName("127.0.0.1"))) {
+                return serverSocket.getLocalPort();
+            } catch (Exception ex) {
+                throw new RuntimeException("Failed to get a TCP server socket point");
+            }
+        } else if (transport != null && transport.trim().equalsIgnoreCase("UDP")) {
+            try (DatagramSocket socket = new DatagramSocket(0, InetAddress.getByName("127.0.0.1"))) {
+                return socket.getLocalPort();
+            } catch (Exception ex) {
+                throw new RuntimeException("Failed to get a UDP server socket point");
+            }
+        }
+        throw new IllegalArgumentException("Invalid transport: " + transport);
+    }
 }