Tree - rpms/nfs-utils - src.fedoraproject.org

walters / rpms / nfs-utils

Forked from rpms/nfs-utils 6 years ago

Files

Commit: c5723272c9d54b45606c94c85c5f059422a6b7d1

Blob Blame History Raw

From fa42ac173d1d7e37a4052471dfc15520a09f102e Mon Sep 17 00:00:00 2001
From: Robert Gordon <rbg@openrbg.com>
Date: Mon, 16 Nov 2009 13:25:02 -0500
Subject: [PATCH] relax insecure option on mountd

In nfs-utils 1.2.0, I noticed that the insecure option validates that
the client port is a
subset of IPPORT_RESERVED as opposed to just validating it is a valid
reserved port. The following proposed patch would correct that issue.

Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Robert Gordon <rbg@openrbg.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
 utils/mountd/auth.c |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c
index 575f207..5a7ff8c 100644
--- a/utils/mountd/auth.c
+++ b/utils/mountd/auth.c
@@ -169,8 +169,7 @@ auth_authenticate_internal(char *what, struct sockaddr_in *caller,
 		}
 	}
 	if (!(exp->m_export.e_flags & NFSEXP_INSECURE_PORT) &&
-		    (ntohs(caller->sin_port) <  IPPORT_RESERVED/2 ||
-		     ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
+		     ntohs(caller->sin_port) >= IPPORT_RESERVED) {
 		*error = illegal_port;
 		return NULL;
 	}
-- 
1.6.5.2

walters / rpms / nfs-utils

Source Code

Files