diff options
| author | Robert Gordon <rbg@openrbg.com> | 2009-11-16 13:25:02 -0500 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2009-11-16 13:25:02 -0500 |
| commit | fa42ac173d1d7e37a4052471dfc15520a09f102e (patch) | |
| tree | 0e64fe29ddfa8f4a6a27b8e94388c9005f3bf3e7 | |
| parent | 2498a68b1bec01d0ee8a63962b314140e8289036 (diff) | |
| download | nfs-utils-fa42ac173d1d7e37a4052471dfc15520a09f102e.tar.gz nfs-utils-fa42ac173d1d7e37a4052471dfc15520a09f102e.tar.xz nfs-utils-fa42ac173d1d7e37a4052471dfc15520a09f102e.zip | |
relax insecure option on mountd
In nfs-utils 1.2.0, I noticed that the insecure option validates that
the client port is a
subset of IPPORT_RESERVED as opposed to just validating it is a valid
reserved port. The following proposed patch would correct that issue.
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Robert Gordon <rbg@openrbg.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
| -rw-r--r-- | utils/mountd/auth.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c index 575f207..5a7ff8c 100644 --- a/utils/mountd/auth.c +++ b/utils/mountd/auth.c @@ -169,8 +169,7 @@ auth_authenticate_internal(char *what, struct sockaddr_in *caller, } } if (!(exp->m_export.e_flags & NFSEXP_INSECURE_PORT) && - (ntohs(caller->sin_port) < IPPORT_RESERVED/2 || - ntohs(caller->sin_port) >= IPPORT_RESERVED)) { + ntohs(caller->sin_port) >= IPPORT_RESERVED) { *error = illegal_port; return NULL; } |