Bug 1578 - Remote port forwarding with a listen port of '0' only works for root user bz #1003
Summary: Remote port forwarding with a listen port of '0' only works for root user bz ...
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 5.2p1
Hardware: Other Linux
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_5_3
  Show dependency treegraph
 
Reported: 2009-03-27 14:51 AEDT by Gavin Mathias
Modified: 2009-10-06 15:03 AEDT (History)
2 users (show)

See Also:

Attachments
Change made to line 1123 of serverloop.c (293 bytes, text/plain)
2009-03-27 14:51 AEDT, Gavin Mathias 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Gavin Mathias 2009-03-27 14:51:06 AEDT 
Created attachment 1618 [details]
Change made to line 1123 of serverloop.c

In 5.2p1 only root can login using remote forwarding with port 0 and get a port dynamically assigned. Non root users get an error like this:

debug1: Remote: Server has disabled port forwarding.
debug1: remote forward failure for: listen 0, connect localhost:8080
Warning: remote port forwarding failed for listen port 0
debug1: All remote forwarding requests processed

when running:
ssh -v -R 0:localhost:8080 -N gavin@xxxxx.com

whereas the port is dynamically assigned as expected when the user is root
ssh -v -R 0:localhost:8080 -N root@xxxxx.com

debug1: remote forward success for: listen 0, connect localhost:80
Allocated port 49189 for remote forward to localhost:80
debug1: All remote forwarding requests processed


I fixed this in line 1123 serverloop.c. Hopefully this doesn't break something important.

Gavin
Comment 1 Damien Miller 2009-09-09 11:08:24 AEST 
Fix applied. This will be in OpenSSH 5.3 - thanks!
Comment 2 Damien Miller 2009-10-06 15:03:05 AEDT 
Mass move of RESOLVED bugs to CLOSED now that 5.3 is out.