diff options
author | jsg@openbsd.org <jsg@openbsd.org> | 2016-10-25 04:08:13 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2016-10-26 08:52:46 +1100 |
commit | 79d078e7a49caef746516d9710ec369ba45feab6 (patch) | |
tree | 4a81d6f35229b48b56068fc115d5de8c58236d1a | |
parent | a903e315dee483e555c8a3a02c2946937f9b4e5d (diff) |
upstream commit
Fix logic in add_local_forward() that inverted a test
when code was refactored out into bind_permitted(). This broke ssh port
forwarding for non-priv ports as a non root user.
ok dtucker@ 'looks good' deraadt@
Upstream-ID: ddb8156ca03cc99997de284ce7777536ff9570c9
-rw-r--r-- | readconf.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/readconf.c b/readconf.c index 1be564856..fa3fab8f0 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.261 2016/10/23 22:04:05 dtucker Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.262 2016/10/25 04:08:13 jsg Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -312,7 +312,7 @@ add_local_forward(Options *options, const struct Forward *newfwd) | |||
312 | extern uid_t original_real_uid; | 312 | extern uid_t original_real_uid; |
313 | int i; | 313 | int i; |
314 | 314 | ||
315 | if (bind_permitted(newfwd->listen_port, original_real_uid) && | 315 | if (!bind_permitted(newfwd->listen_port, original_real_uid) && |
316 | newfwd->listen_path == NULL) | 316 | newfwd->listen_path == NULL) |
317 | fatal("Privileged ports can only be forwarded by root."); | 317 | fatal("Privileged ports can only be forwarded by root."); |
318 | /* Don't add duplicates */ | 318 | /* Don't add duplicates */ |