-/* $OpenBSD: readconf.c,v 1.293 2018/07/18 11:34:04 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.294 2018/07/19 10:28:47 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
{ "userknownhostsfile2", oDeprecated },
{ "useroaming", oDeprecated },
{ "usersh", oDeprecated },
+ { "useprivilegedport", oDeprecated },
/* Unsupported options */
{ "afstokenpassing", oUnsupported },
{ "exitonforwardfailure", oExitOnForwardFailure },
{ "xauthlocation", oXAuthLocation },
{ "gatewayports", oGatewayPorts },
- { "useprivilegedport", oUsePrivilegedPort },
{ "passwordauthentication", oPasswordAuthentication },
{ "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
{ "kbdinteractivedevices", oKbdInteractiveDevices },
intptr = &options->exit_on_forward_failure;
goto parse_flag;
- case oUsePrivilegedPort:
- intptr = &options->use_privileged_port;
- goto parse_flag;
-
case oPasswordAuthentication:
intptr = &options->password_authentication;
goto parse_flag;
options->fwd_opts.gateway_ports = -1;
options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
options->fwd_opts.streamlocal_bind_unlink = -1;
- options->use_privileged_port = -1;
options->pubkey_authentication = -1;
options->challenge_response_authentication = -1;
options->gss_authentication = -1;
options->fwd_opts.streamlocal_bind_mask = 0177;
if (options->fwd_opts.streamlocal_bind_unlink == -1)
options->fwd_opts.streamlocal_bind_unlink = 0;
- if (options->use_privileged_port == -1)
- options->use_privileged_port = 0;
if (options->pubkey_authentication == -1)
options->pubkey_authentication = 1;
if (options->challenge_response_authentication == -1)
dump_cfg_fmtint(oStrictHostKeyChecking, o->strict_host_key_checking);
dump_cfg_fmtint(oTCPKeepAlive, o->tcp_keep_alive);
dump_cfg_fmtint(oTunnel, o->tun_open);
- dump_cfg_fmtint(oUsePrivilegedPort, o->use_privileged_port);
dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns);
dump_cfg_fmtint(oVisualHostKey, o->visual_host_key);
dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys);
-/* $OpenBSD: readconf.h,v 1.126 2018/06/09 03:01:12 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.127 2018/07/19 10:28:47 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
int exit_on_forward_failure; /* Exit if bind(2) fails for -L/-R */
char *xauth_location; /* Location for xauth program */
struct ForwardOptions fwd_opts; /* forwarding options */
- int use_privileged_port; /* Don't use privileged port if false. */
int pubkey_authentication; /* Try ssh2 pubkey authentication. */
int hostbased_authentication; /* ssh2's rhosts_rsa */
int challenge_response_authentication;
.\"
.\" Created: Sun May 7 00:14:37 1995 ylo
.\"
-.\" $OpenBSD: scp.1,v 1.79 2018/06/09 06:36:31 jmc Exp $
+.\" $OpenBSD: scp.1,v 1.80 2018/07/19 10:28:47 dtucker Exp $
.\"
-.Dd $Mdocdate: June 9 2018 $
+.Dd $Mdocdate: July 19 2018 $
.Dt SCP 1
.Os
.Sh NAME
.It StrictHostKeyChecking
.It TCPKeepAlive
.It UpdateHostKeys
-.It UsePrivilegedPort
.It User
.It UserKnownHostsFile
.It VerifyHostKeyDNS
-.\" $OpenBSD: sftp.1,v 1.116 2018/06/09 06:36:31 jmc Exp $
+.\" $OpenBSD: sftp.1,v 1.117 2018/07/19 10:28:47 dtucker Exp $
.\"
.\" Copyright (c) 2001 Damien Miller. All rights reserved.
.\"
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: June 9 2018 $
+.Dd $Mdocdate: July 19 2018 $
.Dt SFTP 1
.Os
.Sh NAME
.It StrictHostKeyChecking
.It TCPKeepAlive
.It UpdateHostKeys
-.It UsePrivilegedPort
.It User
.It UserKnownHostsFile
.It VerifyHostKeyDNS
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.395 2018/06/09 06:36:31 jmc Exp $
-.Dd $Mdocdate: June 9 2018 $
+.\" $OpenBSD: ssh.1,v 1.396 2018/07/19 10:28:47 dtucker Exp $
+.Dd $Mdocdate: July 19 2018 $
.Dt SSH 1
.Os
.Sh NAME
.It Tunnel
.It TunnelDevice
.It UpdateHostKeys
-.It UsePrivilegedPort
.It User
.It UserKnownHostsFile
.It VerifyHostKeyDNS
-/* $OpenBSD: ssh.c,v 1.487 2018/07/18 11:34:04 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.488 2018/07/19 10:28:47 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
fatal("Invalid multiplex command.");
break;
case 'P': /* deprecated */
- options.use_privileged_port = 0;
break;
case 'Q':
cp = NULL;
if (options.connection_attempts <= 0)
fatal("Invalid number of ConnectionAttempts");
- if (original_effective_uid != 0)
- options.use_privileged_port = 0;
-
if (sshbuf_len(command) != 0 && options.remote_command != NULL)
fatal("Cannot execute command-line and remote command.");
/* Open a connection to the remote host. */
if (ssh_connect(ssh, host, addrs, &hostaddr, options.port,
options.address_family, options.connection_attempts,
- &timeout_ms, options.tcp_keep_alive,
- options.use_privileged_port) != 0)
+ &timeout_ms, options.tcp_keep_alive) != 0)
exit(255);
if (addrs != NULL)
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.279 2018/07/04 13:49:31 djm Exp $
-.Dd $Mdocdate: July 4 2018 $
+.\" $OpenBSD: ssh_config.5,v 1.280 2018/07/19 10:28:47 dtucker Exp $
+.Dd $Mdocdate: July 19 2018 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
Use the specified address on the local machine as the source address of
the connection.
Only useful on systems with more than one address.
-Note that this option does not work if
-.Cm UsePrivilegedPort
-is set to
-.Cm yes .
.It Cm BindInterface
Use the address of the specified interface on the local machine as the
source address of the connection.
-Note that this option does not work if
-.Cm UsePrivilegedPort
-is set to
-.Cm yes .
.It Cm CanonicalDomains
When
.Cm CanonicalizeHostname
from OpenSSH 6.8 and greater support the
.Qq hostkeys@openssh.com
protocol extension used to inform the client of all the server's hostkeys.
-.It Cm UsePrivilegedPort
-Specifies whether to use a privileged port for outgoing connections.
-The argument must be
-.Cm yes
-or
-.Cm no
-(the default).
-If set to
-.Cm yes ,
-.Xr ssh 1
-must be setuid root.
.It Cm User
Specifies the user to log in as.
This can be useful when a different user name is used on different machines.
-/* $OpenBSD: sshconnect.c,v 1.301 2018/07/18 11:34:04 dtucker Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.302 2018/07/19 10:28:47 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
}
/*
- * Creates a (possibly privileged) socket for use as the ssh connection.
+ * Creates a ocket for use as the ssh connection.
*/
static int
-ssh_create_socket(int privileged, struct addrinfo *ai)
+ssh_create_socket(struct addrinfo *ai)
{
int sock, r;
struct sockaddr_storage bindaddr;
fcntl(sock, F_SETFD, FD_CLOEXEC);
/* Bind the socket to an alternative local IP address */
- if (options.bind_address == NULL && options.bind_interface == NULL &&
- !privileged)
+ if (options.bind_address == NULL && options.bind_interface == NULL)
return sock;
if (options.bind_address != NULL) {
/*
* Opens a TCP/IP connection to the remote server on the given host.
* The address of the remote host will be returned in hostaddr.
- * If port is 0, the default port will be used. If needpriv is true,
- * a privileged port will be allocated to make the connection.
- * This requires super-user privileges if needpriv is true.
+ * If port is 0, the default port will be used.
* Connection_attempts specifies the maximum number of tries (one per
* second). If proxy_command is non-NULL, it specifies the command (with %h
* and %p substituted for host and port, respectively) to use to contact
static int
ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
struct sockaddr_storage *hostaddr, u_short port, int family,
- int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv)
+ int connection_attempts, int *timeout_ms, int want_keepalive)
{
int on = 1;
int oerrno, sock = -1, attempt;
char ntop[NI_MAXHOST], strport[NI_MAXSERV];
struct addrinfo *ai;
- debug2("%s: needpriv %d", __func__, needpriv);
+ debug2("%s", __func__);
memset(ntop, 0, sizeof(ntop));
memset(strport, 0, sizeof(strport));
host, ntop, strport);
/* Create a socket for connecting. */
- sock = ssh_create_socket(needpriv, ai);
+ sock = ssh_create_socket(ai);
if (sock < 0) {
/* Any error is already output */
errno = 0;
int
ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
struct sockaddr_storage *hostaddr, u_short port, int family,
- int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv)
+ int connection_attempts, int *timeout_ms, int want_keepalive)
{
if (options.proxy_command == NULL) {
return ssh_connect_direct(ssh, host, addrs, hostaddr, port,
- family, connection_attempts, timeout_ms, want_keepalive,
- needpriv);
+ family, connection_attempts, timeout_ms, want_keepalive);
} else if (strcmp(options.proxy_command, "-") == 0) {
if ((ssh_packet_set_connection(ssh,
STDIN_FILENO, STDOUT_FILENO)) == NULL)
-/* $OpenBSD: sshconnect.h,v 1.34 2018/07/18 11:34:04 dtucker Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.35 2018/07/19 10:28:47 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
struct ssh;
int ssh_connect(struct ssh *, const char *, struct addrinfo *,
- struct sockaddr_storage *, u_short, int, int, int *, int, int);
+ struct sockaddr_storage *, u_short, int, int, int *, int);
void ssh_kill_proxy_command(void);
void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short,
projects / openbsd / commitdiff