From e6f15ed1b97d131dab0e348a8f9d77b6e05a6040 Mon Sep 17 00:00:00 2001 From: mouring Date: Tue, 9 Jul 2002 14:06:40 +0000 Subject: [PATCH] - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms lacking that concept can share it. Patch by vinschen@redhat.com --- ChangeLog | 4 ++++ acconfig.h | 3 +++ configure.ac | 1 + readconf.c | 2 +- serverloop.c | 7 +++++-- 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4522e963..5279c736 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20020709 + - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms + lacking that concept can share it. Patch by vinschen@redhat.com + 20020708 - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to work in a jumpstart environment. patch by kbrint@rufus.net diff --git a/acconfig.h b/acconfig.h index aa8b6782..086be749 100644 --- a/acconfig.h +++ b/acconfig.h @@ -310,6 +310,9 @@ /* Define if X11 doesn't support AF_UNIX sockets on that system */ #undef NO_X11_UNIX_SOCKETS +/* Define if the concept of ports only accessible to superusers isn't known */ +#undef NO_IPPORT_RESERVED_CONCEPT + /* Needed for SCO and NeXT */ #undef BROKEN_SAVED_UIDS diff --git a/configure.ac b/configure.ac index 8bd7d477..dfc8fbbd 100644 --- a/configure.ac +++ b/configure.ac @@ -91,6 +91,7 @@ case "$host" in AC_DEFINE(IPV4_DEFAULT) AC_DEFINE(IP_TOS_IS_BROKEN) AC_DEFINE(NO_X11_UNIX_SOCKETS) + AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) AC_DEFINE(DISABLE_FD_PASSING) AC_DEFINE(SETGROUPS_NOOP) ;; diff --git a/readconf.c b/readconf.c index 80d99fef..bae06be1 100644 --- a/readconf.c +++ b/readconf.c @@ -199,7 +199,7 @@ add_local_forward(Options *options, u_short port, const char *host, u_short host_port) { Forward *fwd; -#ifndef HAVE_CYGWIN +#ifndef NO_IPPORT_RESERVED_CONCEPT extern uid_t original_real_uid; if (port < IPPORT_RESERVED && original_real_uid != 0) fatal("Privileged ports can only be forwarded by root."); diff --git a/serverloop.c b/serverloop.c index 13492135..912f6250 100644 --- a/serverloop.c +++ b/serverloop.c @@ -972,8 +972,11 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) /* check permissions */ if (!options.allow_tcp_forwarding || - no_port_forwarding_flag || - (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)) { + no_port_forwarding_flag +#ifndef NO_IPPORT_RESERVED_CONCEPT + || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0) +#endif + ) { success = 0; packet_send_debug("Server has disabled port forwarding."); } else { -- 2.45.1