Bugzilla – Attachment 1504 Details for
Bug 1464
"possible hijacking of X11-forwarded connections" bug has not been fixed completely
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Don't set SO_REUSEADDR for X11UseLocalhost=no
x.diff (text/plain), 1.72 KB, created by
Damien Miller
on 2008-05-20 10:22:56 AEST
(
hide
)
Description:
Don't set SO_REUSEADDR for X11UseLocalhost=no
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2008-05-20 10:22:56 AEST
Size:
1.72 KB
patch
obsolete
>Index: configure.ac >=================================================================== >RCS file: /cvs/openssh/configure.ac,v >retrieving revision 1.398 >diff -u -r1.398 configure.ac >--- configure.ac 19 May 2008 04:47:37 -0000 1.398 >+++ configure.ac 20 May 2008 00:15:21 -0000 >@@ -551,7 +551,6 @@ > no_dev_ptmx=1 > check_for_libcrypt_later=1 > check_for_openpty_ctty_bug=1 >- AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks]) > AC_DEFINE(PAM_TTY_KLUDGE, 1, > [Work around problematic Linux PAM modules handling of PAM_TTY]) > AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", >@@ -1034,7 +1033,7 @@ > AC_CHECK_HEADERS(libutil.h) > AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, > [Define if your libraries define login()])]) >-AC_CHECK_FUNCS(logout updwtmp logwtmp) >+AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp) > > AC_FUNC_STRFTIME > >Index: channels.c >=================================================================== >RCS file: /cvs/openssh/channels.c,v >retrieving revision 1.261 >diff -u -r1.261 channels.c >--- channels.c 19 May 2008 06:05:41 -0000 1.261 >+++ channels.c 20 May 2008 00:15:21 -0000 >@@ -3007,7 +3007,8 @@ > error("setsockopt IPV6_V6ONLY: %.100s", strerror(errno)); > } > #endif >- channel_set_reuseaddr(sock); >+ if (x11_use_localhost) >+ channel_set_reuseaddr(sock); > if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { > debug2("bind port %d: %.100s", port, strerror(errno)); > close(sock); >@@ -3019,17 +3020,8 @@ > break; > } > socks[num_socks++] = sock; >-#ifndef DONT_TRY_OTHER_AF > if (num_socks == NUM_SOCKS) > break; >-#else >- if (x11_use_localhost) { >- if (num_socks == NUM_SOCKS) >- break; >- } else { >- break; >- } >-#endif > } > freeaddrinfo(aitop); > if (num_socks > 0)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1504">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1464
: 1504