diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2016-04-08 21:14:13 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2016-04-08 21:21:27 +1000 |
| commit | 5f41f030e2feb5295657285aa8c6602c7810bc4b (patch) | |
| tree | 734cac54186b893082a675a1b8a13db410cd8f33 | |
| parent | 34a01b2cf737d946ddb140618e28c3048ab7a229 (diff) | |
Remove NO_IPPORT_RESERVED_CONCEPT
Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
the same effect without causing problems syncing patches with OpenBSD.
Resync the two affected functions with OpenBSD. ok djm, sanity checked
by Corinna.
| -rw-r--r-- | configure.ac | 5 | ||||
| -rw-r--r-- | readconf.c | 4 | ||||
| -rw-r--r-- | serverloop.c | 9 |
3 files changed, 6 insertions, 12 deletions
diff --git a/configure.ac b/configure.ac index f9fb48d1..dde3c458 100644 --- a/configure.ac +++ b/configure.ac @@ -586,9 +586,8 @@ case "$host" in [Define if you want to disable shadow passwords]) AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], [Define if X11 doesn't support AF_UNIX sockets on that system]) - AC_DEFINE([NO_IPPORT_RESERVED_CONCEPT], [1], - [Define if the concept of ports only accessible to - superusers isn't known]) + AC_DEFINE([IPPORT_RESERVED], [0], + [Cygwin has no notion of ports only accessible to superusers]) AC_DEFINE([DISABLE_FD_PASSING], [1], [Define if your platform needs to skip post auth file descriptor passing]) @@ -294,14 +294,12 @@ void add_local_forward(Options *options, const struct Forward *newfwd) { struct Forward *fwd; - int i; -#ifndef NO_IPPORT_RESERVED_CONCEPT extern uid_t original_real_uid; + int i; if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0 && newfwd->listen_path == NULL) fatal("Privileged ports can only be forwarded by root."); -#endif /* Don't add duplicates */ for (i = 0; i < options->num_local_forwards; i++) { if (forward_equals(newfwd, options->local_forwards + i)) diff --git a/serverloop.c b/serverloop.c index f9e3e5d1..3563e5d4 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1243,12 +1243,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) /* check permissions */ if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || no_port_forwarding_flag || - (!want_reply && fwd.listen_port == 0) -#ifndef NO_IPPORT_RESERVED_CONCEPT - || (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED && - pw->pw_uid != 0) -#endif - ) { + (!want_reply && fwd.listen_port == 0) || + (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED && + pw->pw_uid != 0)) { success = 0; packet_send_debug("Server has disabled port forwarding."); } else { |