Tree - rpms/nfs-utils - src.fedoraproject.org

Forked from rpms/nfs-utils 6 years ago

Blob History Raw

		c775a85	`From fa42ac173d1d7e37a4052471dfc15520a09f102e Mon Sep 17 00:00:00 2001`
		c775a85	`From: Robert Gordon <rbg@openrbg.com>`
		c775a85	`Date: Mon, 16 Nov 2009 13:25:02 -0500`
		c775a85	`Subject: [PATCH] relax insecure option on mountd`
		c775a85
		c775a85	`In nfs-utils 1.2.0, I noticed that the insecure option validates that`
		c775a85	`the client port is a`
		c775a85	`subset of IPPORT_RESERVED as opposed to just validating it is a valid`
		c775a85	`reserved port. The following proposed patch would correct that issue.`
		c775a85
		c775a85	`Acked-by: Jeff Layton <jlayton@redhat.com>`
		c775a85	`Signed-off-by: Robert Gordon <rbg@openrbg.com>`
		c775a85	`Signed-off-by: Steve Dickson <steved@redhat.com>`
		c775a85	`---`
		c775a85	`utils/mountd/auth.c \| 3 +--`
		c775a85	`1 files changed, 1 insertions(+), 2 deletions(-)`
		c775a85
		c775a85	`diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c`
		c775a85	`index 575f207..5a7ff8c 100644`
		c775a85	`--- a/utils/mountd/auth.c`
		c775a85	`+++ b/utils/mountd/auth.c`
		c775a85	`@@ -169,8 +169,7 @@ auth_authenticate_internal(char what, struct sockaddr_in caller,`
		c775a85	`}`
		c775a85	`}`
		c775a85	`if (!(exp->m_export.e_flags & NFSEXP_INSECURE_PORT) &&`
		c775a85	`- (ntohs(caller->sin_port) < IPPORT_RESERVED/2 \|\|`
		c775a85	`- ntohs(caller->sin_port) >= IPPORT_RESERVED)) {`
		c775a85	`+ ntohs(caller->sin_port) >= IPPORT_RESERVED) {`
		c775a85	`*error = illegal_port;`
		c775a85	`return NULL;`
		c775a85	`}`
		c775a85	`--`
		c775a85	`1.6.5.2`
		c775a85