Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

Patch to fix dynamic -R forwarding when not root

  

 
OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


ari.hyttinen at gmail

Oct 21, 2009, 1:01 AM

Post #1 of 2 (615 views)
Permalink
Patch to fix dynamic -R forwarding when not root
Hi!

Sorry if this has already been reported or even fixed, I didn't search
very thoroughly. Here's a patch to make dynamic -R remote port
allocation work even when not connecting as root. Without the patch I
got that "Server has disabled port forwarding." message visible in the
patch.

OpenSSH version I'm using is openssh-5.2p1, compiled from official
source package, configured without any configure options, on Ubuntu
Linux platform.

PS. If this patch isn't necessary, and I did something else wrong when
trying to 'ssh -R 0:localhost:22 user [at] remot', please let me know!


--- serverloop.c.original 2009-10-21 10:45:13.000000000 +0300
+++ serverloop.c 2009-10-21 10:53:09.000000000 +0300
@@ -1119,9 +1119,9 @@
if (!options.allow_tcp_forwarding ||
no_port_forwarding_flag ||
(!want_reply && listen_port == 0)
#ifndef NO_IPPORT_RESERVED_CONCEPT
- || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
+ || (listen_port !=0 && listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
#endif
) {
success = 0;
packet_send_debug("Server has disabled port forwarding.");


--
Ari Hyttinen
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


ari.hyttinen at gmail

Oct 21, 2009, 1:34 AM

Post #2 of 2 (558 views)
Permalink
Re: Patch to fix dynamic -R forwarding when not root [In reply to]
And yes, it's indeed been fixed in 5.3p1. For some reason the mirror I
got the "latest" source from didn't yet have 5.3. So just ignore this,
sorry for the noise.


2009/10/21 Ari Hyttinen <ari.hyttinen [at] gmail>:
> Hi!
>
> Sorry if this has already been reported or even fixed, I didn't search
> very thoroughly. Here's a patch to make dynamic -R remote port
> allocation work even when not connecting as root. Without the patch I
> got that "Server has disabled port forwarding." message visible in the
> patch.
>
> OpenSSH version I'm using is openssh-5.2p1, compiled from official
> source package, configured without any configure options, on Ubuntu
> Linux platform.
>
> PS. If this patch isn't necessary, and I did something else wrong when
> trying to 'ssh -R 0:localhost:22 user [at] remot', please let me know!
>
>
> --- serverloop.c.original       2009-10-21 10:45:13.000000000 +0300
> +++ serverloop.c        2009-10-21 10:53:09.000000000 +0300
> @@ -1119,9 +1119,9 @@
>                if (!options.allow_tcp_forwarding ||
>                    no_port_forwarding_flag ||
>                    (!want_reply && listen_port == 0)
>  #ifndef NO_IPPORT_RESERVED_CONCEPT
> -                   || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
> +                   || (listen_port !=0 && listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
>  #endif
>                    ) {
>                        success = 0;
>                        packet_send_debug("Server has disabled port forwarding.");
>
>
> --
> Ari Hyttinen
>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.