[openssh-commits] [openssh] 02/02: upstream commit

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 79d078e7a49caef746516d9710ec369ba45feab6
Author: jsg at openbsd.org <jsg at openbsd.org>
Date:   Tue Oct 25 04:08:13 2016 +0000

    upstream commit
    
    Fix logic in add_local_forward() that inverted a test
    when code was refactored out into bind_permitted().  This broke ssh port
    forwarding for non-priv ports as a non root user.
    
    ok dtucker@ 'looks good' deraadt@
    
    Upstream-ID: ddb8156ca03cc99997de284ce7777536ff9570c9
---
 readconf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/readconf.c b/readconf.c
index 1be5648..fa3fab8 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.261 2016/10/23 22:04:05 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.262 2016/10/25 04:08:13 jsg Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -312,7 +312,7 @@ add_local_forward(Options *options, const struct Forward *newfwd)
 	extern uid_t original_real_uid;
 	int i;
 
-	if (bind_permitted(newfwd->listen_port, original_real_uid) &&
+	if (!bind_permitted(newfwd->listen_port, original_real_uid) &&
 	    newfwd->listen_path == NULL)
 		fatal("Privileged ports can only be forwarded by root.");
 	/* Don't add duplicates */

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.