On Mon, 26 Oct 2009 15:56:27 -0500
Robert Gordon <rbg@xxxxxxxxxxx> wrote:
> In nfs-utils 1.2.0, I noticed that the insecure option validates that
> the client port is a
> subset of IPPORT_RESERVED as opposed to just validating it is a valid
> reserved port. The following proposed patch would correct that issue.
>
> Signed-off-by: Robert Gordon <rbg@xxxxxxxxxxx>
>
> --- ./utils/mountd/auth.c.orig
> +++ ./utils/mountd/auth.c
> @@ -169,7 +169,6 @@ auth_authenticate_internal(char *what, s
> }
> }
> if (!(exp->m_export.e_flags & NFSEXP_INSECURE_PORT) &&
> - (ntohs(caller->sin_port) < IPPORT_RESERVED/2 ||
> ntohs(caller->sin_port) >= IPPORT_RESERVED)) {
> *error = illegal_port;
> return NULL;
>
Acked-by: Jeff Layton <jlayton@xxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
