diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-09 14:06:40 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-09 14:06:40 +0000 |
| commit | 99a4e14fe0615c0f8a404aec0db42feb98451eb9 (patch) | |
| tree | a69e55b6ceb1aa0ad026ba8c952ba5851cc1431a | |
| parent | cbb9066d2d697e51f5e6df6681827f17756d154a (diff) | |
- (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms
lacking that concept can share it. Patch by vinschen@redhat.com
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | acconfig.h | 5 | ||||
| -rw-r--r-- | configure.ac | 3 | ||||
| -rw-r--r-- | readconf.c | 2 | ||||
| -rw-r--r-- | serverloop.c | 7 |
5 files changed, 17 insertions, 6 deletions
@@ -1,3 +1,7 @@ +20020709 + - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms + lacking that concept can share it. Patch by vinschen@redhat.com + 20020708 - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to work in a jumpstart environment. patch by kbrint@rufus.net @@ -1316,4 +1320,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2351 2002/07/09 02:17:10 tim Exp $ +$Id: ChangeLog,v 1.2352 2002/07/09 14:06:40 mouring Exp $ @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.142 2002/07/07 20:43:36 tim Exp $ */ +/* $Id: acconfig.h,v 1.143 2002/07/09 14:06:40 mouring Exp $ */ #ifndef _CONFIG_H #define _CONFIG_H @@ -310,6 +310,9 @@ /* Define if X11 doesn't support AF_UNIX sockets on that system */ #undef NO_X11_UNIX_SOCKETS +/* Define if the concept of ports only accessible to superusers isn't known */ +#undef NO_IPPORT_RESERVED_CONCEPT + /* Needed for SCO and NeXT */ #undef BROKEN_SAVED_UIDS diff --git a/configure.ac b/configure.ac index aa9a5d21..12070987 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.76 2002/07/09 02:17:10 tim Exp $ +# $Id: configure.ac,v 1.77 2002/07/09 14:06:40 mouring Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -91,6 +91,7 @@ case "$host" in AC_DEFINE(IPV4_DEFAULT) AC_DEFINE(IP_TOS_IS_BROKEN) AC_DEFINE(NO_X11_UNIX_SOCKETS) + AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) AC_DEFINE(DISABLE_FD_PASSING) AC_DEFINE(SETGROUPS_NOOP) ;; @@ -199,7 +199,7 @@ add_local_forward(Options *options, u_short port, const char *host, u_short host_port) { Forward *fwd; -#ifndef HAVE_CYGWIN +#ifndef NO_IPPORT_RESERVED_CONCEPT extern uid_t original_real_uid; if (port < IPPORT_RESERVED && original_real_uid != 0) fatal("Privileged ports can only be forwarded by root."); diff --git a/serverloop.c b/serverloop.c index 13492135..912f6250 100644 --- a/serverloop.c +++ b/serverloop.c @@ -972,8 +972,11 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) /* check permissions */ if (!options.allow_tcp_forwarding || - no_port_forwarding_flag || - (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)) { + no_port_forwarding_flag +#ifndef NO_IPPORT_RESERVED_CONCEPT + || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0) +#endif + ) { success = 0; packet_send_debug("Server has disabled port forwarding."); } else { |