diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-09-29 17:52:13 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-09-29 17:52:13 +0000 |
| commit | 0d39821d0d77161333749fc800238b94cde1aef0 (patch) | |
| tree | ca0f6ccacd356f824ac9f4a70fe615a1c9997f19 /usr.bin/ssh/readconf.c | |
| parent | a41e3d925cca910cbf14cee280d8216828b17566 (diff) | |
disable portforwarding for reserved/bad ports; Markus.Friedl@informatik.uni-erlangen.de
Diffstat (limited to 'usr.bin/ssh/readconf.c')
| -rw-r--r-- | usr.bin/ssh/readconf.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 6bcd6194c5a..46ab3c7e125 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -14,7 +14,7 @@ Functions for reading the configuration files. */ #include "includes.h" -RCSID("$Id: readconf.c,v 1.3 1999/09/29 00:10:16 deraadt Exp $"); +RCSID("$Id: readconf.c,v 1.4 1999/09/29 17:52:12 deraadt Exp $"); #include "ssh.h" #include "cipher.h" @@ -165,6 +165,11 @@ void add_local_forward(Options *options, int port, const char *host, int host_port) { Forward *fwd; + extern uid_t original_real_uid; + if ((port & 0xffff) != port) + fatal("Requested forwarding of nonexistent port %d.", port); + if (port < 1024 && original_real_uid != 0) + fatal("Privileged ports can only be forwarded by root.\n"); if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->local_forwards[options->num_local_forwards++]; |