From cfefbcea1057c2623e76c579174a4107a0b6e6cd Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 3 May 2016 15:57:39 +0000 Subject: [PATCH] upstream commit fix overriding of StreamLocalBindMask and StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2 --- servconf.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/servconf.c b/servconf.c index 01750a6c8..c064d0b59 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.288 2016/05/03 15:25:06 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.289 2016/05/03 15:57:39 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1994,6 +1994,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(allow_agent_forwarding); M_CP_INTOPT(permit_tun); M_CP_INTOPT(fwd_opts.gateway_ports); + M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink); M_CP_INTOPT(x11_display_offset); M_CP_INTOPT(x11_forwarding); M_CP_INTOPT(x11_use_localhost); @@ -2006,6 +2007,16 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); + /* + * The bind_mask is a mode_t that may be unsigned, so we can't use + * M_CP_INTOPT - it does a signed comparison that causes compiler + * warnings. + */ + if (src->fwd_opts.streamlocal_bind_mask == (mode_t)-1) { + dst->fwd_opts.streamlocal_bind_mask = + src->fwd_opts.streamlocal_bind_mask; + } + /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */ #define M_CP_STROPT(n) do {\ if (src->n != NULL && dst->n != src->n) { \