Patch to fix dynamic -R forwarding when not root

Ari Hyttinen ari.hyttinen at gmail.com
Wed Oct 21 19:01:34 EST 2009


Hi!

Sorry if this has already been reported or even fixed, I didn't search
very thoroughly. Here's a patch to make dynamic -R remote port
allocation work even when not connecting as root. Without the patch I
got that "Server has disabled port forwarding." message visible in the
patch.

OpenSSH version I'm using is openssh-5.2p1, compiled from official
source package, configured without any configure options, on Ubuntu
Linux platform.

PS. If this patch isn't necessary, and I did something else wrong when
trying to 'ssh -R 0:localhost:22 user at remote', please let me know!


--- serverloop.c.original	2009-10-21 10:45:13.000000000 +0300
+++ serverloop.c	2009-10-21 10:53:09.000000000 +0300
@@ -1119,9 +1119,9 @@
 		if (!options.allow_tcp_forwarding ||
 		    no_port_forwarding_flag ||
 		    (!want_reply && listen_port == 0)
 #ifndef NO_IPPORT_RESERVED_CONCEPT
-		    || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
+		    || (listen_port !=0 && listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
 #endif
 		    ) {
 			success = 0;
 			packet_send_debug("Server has disabled port forwarding.");


-- 
Ari Hyttinen


More information about the openssh-unix-dev mailing list