From 99a4e14fe0615c0f8a404aec0db42feb98451eb9 Mon Sep 17 00:00:00 2001
From: Ben Lindstrom <mouring@eviladmin.org>
Date: Tue, 9 Jul 2002 14:06:40 +0000
Subject: [PATCH]  - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so
 other platforms    lacking that concept can share it. Patch by
 vinschen@redhat.com

---
 ChangeLog    | 6 +++++-
 acconfig.h   | 5 ++++-
 configure.ac | 3 ++-
 readconf.c   | 2 +-
 serverloop.c | 7 +++++--
 5 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 860d9805e..a6d472a74 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20020709
+ - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms
+   lacking that concept can share it. Patch by vinschen@redhat.com
+
 20020708
  - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to
    work in a jumpstart environment. patch by kbrint@rufus.net
@@ -1316,4 +1320,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2351 2002/07/09 02:17:10 tim Exp $
+$Id: ChangeLog,v 1.2352 2002/07/09 14:06:40 mouring Exp $
diff --git a/acconfig.h b/acconfig.h
index d809d059d..147295510 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -1,4 +1,4 @@
-/* $Id: acconfig.h,v 1.142 2002/07/07 20:43:36 tim Exp $ */
+/* $Id: acconfig.h,v 1.143 2002/07/09 14:06:40 mouring Exp $ */
 
 #ifndef _CONFIG_H
 #define _CONFIG_H
@@ -310,6 +310,9 @@
 /* Define if X11 doesn't support AF_UNIX sockets on that system */
 #undef NO_X11_UNIX_SOCKETS
 
+/* Define if the concept of ports only accessible to superusers isn't known */
+#undef NO_IPPORT_RESERVED_CONCEPT
+
 /* Needed for SCO and NeXT */
 #undef BROKEN_SAVED_UIDS
 
diff --git a/configure.ac b/configure.ac
index aa9a5d215..120709876 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.76 2002/07/09 02:17:10 tim Exp $
+# $Id: configure.ac,v 1.77 2002/07/09 14:06:40 mouring Exp $
 
 AC_INIT
 AC_CONFIG_SRCDIR([ssh.c])
@@ -91,6 +91,7 @@ case "$host" in
 	AC_DEFINE(IPV4_DEFAULT)
 	AC_DEFINE(IP_TOS_IS_BROKEN)
 	AC_DEFINE(NO_X11_UNIX_SOCKETS)
+	AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
 	AC_DEFINE(DISABLE_FD_PASSING)
 	AC_DEFINE(SETGROUPS_NOOP)
 	;;
diff --git a/readconf.c b/readconf.c
index 80d99fef1..bae06be12 100644
--- a/readconf.c
+++ b/readconf.c
@@ -199,7 +199,7 @@ add_local_forward(Options *options, u_short port, const char *host,
 		  u_short host_port)
 {
 	Forward *fwd;
-#ifndef HAVE_CYGWIN
+#ifndef NO_IPPORT_RESERVED_CONCEPT
 	extern uid_t original_real_uid;
 	if (port < IPPORT_RESERVED && original_real_uid != 0)
 		fatal("Privileged ports can only be forwarded by root.");
diff --git a/serverloop.c b/serverloop.c
index 134921355..912f62501 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -972,8 +972,11 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
 
 		/* check permissions */
 		if (!options.allow_tcp_forwarding ||
-		    no_port_forwarding_flag ||
-		    (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)) {
+		    no_port_forwarding_flag
+#ifndef NO_IPPORT_RESERVED_CONCEPT
+		    || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
+#endif
+		   ) {
 			success = 0;
 			packet_send_debug("Server has disabled port forwarding.");
 		} else {