diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2009-02-12 03:16:02 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2009-02-12 03:16:02 +0000 |
commit | 6f412ac63e3a9cf8abd29c8e34d4b3ae5167f5ea (patch) | |
tree | 21a88b5b604579bbaee54aa2ccbff8a74c8bca71 /usr.bin/ssh | |
parent | b408bf990ab866324abffed8e86f5c4aebb6a2ea (diff) |
tighten check for -R0:... forwarding: only allow dynamic allocation if
want_reply is set in the packet
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r-- | usr.bin/ssh/serverloop.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index 999e5be8a49..fffb468b74b 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.156 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.157 2009/02/12 03:16:01 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1081,6 +1081,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) /* check permissions */ if (!options.allow_tcp_forwarding || no_port_forwarding_flag || + (!want_reply && listen_port == 0) || (listen_port != 0 && listen_port < IPPORT_RESERVED && pw->pw_uid != 0)) { success = 0; |