Skip to content

Instantly share code, notes, and snippets.

  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save malfaux/8253151 to your computer and use it in GitHub Desktop.
openssh random local port forwarding
diff -Nru ./mux.c ../../openssh-5.5p1//mux.c
--- ./mux.c 2010-01-30 08:36:33.000000000 +0200
+++ ../../openssh-5.5p1//mux.c 2011-01-19 22:44:47.288605002 +0200
@@ -602,7 +602,8 @@
return 0;
}
/* XXX support rport0 forwarding with reply of port assigned */
- if (fwd.listen_port == 0 || fwd.listen_port >= 65536) {
+ //if (fwd.listen_port == 0 || fwd.listen_port >= 65536) {
+ if (fwd.listen_port >= 65536) {
logit("%s: invalid listen port %u", __func__,
fwd.listen_port);
goto invalid;
diff -Nru ./readconf.c ../../openssh-5.5p1//readconf.c
--- ./readconf.c 2011-01-19 23:03:43.000000000 +0200
+++ ../../openssh-5.5p1//readconf.c 2011-01-19 23:03:18.538605001 +0200
@@ -268,7 +268,8 @@
Forward *fwd;
#ifndef NO_IPPORT_RESERVED_CONCEPT
extern uid_t original_real_uid;
- if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
+ //if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
+ if (newfwd->listen_port < IPPORT_RESERVED && newfwd->listen_port != 0 && original_real_uid != 0)
fatal("Privileged ports can only be forwarded by root.");
#endif
if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
@@ -1349,7 +1350,8 @@
goto fail_free;
}
- if (fwd->listen_port < 0 || (!remotefwd && fwd->listen_port == 0))
+ //if (fwd->listen_port < 0 || (!remotefwd && fwd->listen_port == 0))
+ if (fwd->listen_port < 0)// || (!remotefwd && fwd->listen_port == 0))
goto fail_free;
if (fwd->connect_host != NULL &&
@malfaux
Copy link
Author

malfaux commented Jan 4, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment