[openssh-commits] [openssh] 01/01: Remove NO_IPPORT_RESERVED_CONCEPT

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Apr 8 21:21:36 AEST 2016


This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 5f41f030e2feb5295657285aa8c6602c7810bc4b
Author: Darren Tucker <dtucker at zip.com.au>
Date:   Fri Apr 8 21:14:13 2016 +1000

    Remove NO_IPPORT_RESERVED_CONCEPT
    
    Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
    the same effect without causing problems syncing patches with OpenBSD.
    Resync the two affected functions with OpenBSD.  ok djm, sanity checked
    by Corinna.
---
 configure.ac | 5 ++---
 readconf.c   | 4 +---
 serverloop.c | 9 +++------
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/configure.ac b/configure.ac
index f9fb48d..dde3c45 100644
--- a/configure.ac
+++ b/configure.ac
@@ -586,9 +586,8 @@ case "$host" in
 		[Define if you want to disable shadow passwords])
 	AC_DEFINE([NO_X11_UNIX_SOCKETS], [1],
 		[Define if X11 doesn't support AF_UNIX sockets on that system])
-	AC_DEFINE([NO_IPPORT_RESERVED_CONCEPT], [1],
-		[Define if the concept of ports only accessible to
-		superusers isn't known])
+	AC_DEFINE([IPPORT_RESERVED], [0],
+		[Cygwin has no notion of ports only accessible to superusers])
 	AC_DEFINE([DISABLE_FD_PASSING], [1],
 		[Define if your platform needs to skip post auth
 		file descriptor passing])
diff --git a/readconf.c b/readconf.c
index c692f7d..d63e596 100644
--- a/readconf.c
+++ b/readconf.c
@@ -294,14 +294,12 @@ void
 add_local_forward(Options *options, const struct Forward *newfwd)
 {
 	struct Forward *fwd;
-	int i;
-#ifndef NO_IPPORT_RESERVED_CONCEPT
 	extern uid_t original_real_uid;
+	int i;
 
 	if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0 &&
 	    newfwd->listen_path == NULL)
 		fatal("Privileged ports can only be forwarded by root.");
-#endif
 	/* Don't add duplicates */
 	for (i = 0; i < options->num_local_forwards; i++) {
 		if (forward_equals(newfwd, options->local_forwards + i))
diff --git a/serverloop.c b/serverloop.c
index f9e3e5d..3563e5d 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1243,12 +1243,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
 		/* check permissions */
 		if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 ||
 		    no_port_forwarding_flag ||
-		    (!want_reply && fwd.listen_port == 0)
-#ifndef NO_IPPORT_RESERVED_CONCEPT
-		    || (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED &&
-		    pw->pw_uid != 0)
-#endif
-		    ) {
+		    (!want_reply && fwd.listen_port == 0) ||
+		    (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED &&
+		    pw->pw_uid != 0)) {
 			success = 0;
 			packet_send_debug("Server has disabled port forwarding.");
 		} else {

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list