diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2024-07-17 10:36:00 +1000 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2024-07-17 07:04:55 +0200 |
| commit | f79c42317fb80ee181b13273c80f93b7af6f04f3 (patch) | |
| tree | a16ee8f2401a23c441fdb3ab38839fe6d468033b | |
| parent | a740e16fd1b9bdca8d259aa6d37f942a3874425c (diff) | |
| download | passt-f79c42317fb80ee181b13273c80f93b7af6f04f3.tar passt-f79c42317fb80ee181b13273c80f93b7af6f04f3.tar.gz passt-f79c42317fb80ee181b13273c80f93b7af6f04f3.tar.bz2 passt-f79c42317fb80ee181b13273c80f93b7af6f04f3.tar.lz passt-f79c42317fb80ee181b13273c80f93b7af6f04f3.tar.xz passt-f79c42317fb80ee181b13273c80f93b7af6f04f3.tar.zst passt-f79c42317fb80ee181b13273c80f93b7af6f04f3.zip | |
conf: Don't configure port forwarding for a disabled protocol
UDP and/or TCP can be disabled with the --no-udp and --no-tcp options.
However, when this is specified, it's still possible to configure forwarded
ports for the disabled protocol. In some cases this will open sockets and
perform other actions, which might not be safe since the entire protocol
won't be initialised.
Check for this case, and explicitly forbid it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | conf.c | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -132,6 +132,11 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg, return; } + if ((optname == 't' || optname == 'T') && c->no_tcp) + die("TCP port forwarding requested but TCP is disabled"); + if ((optname == 'u' || optname == 'U') && c->no_udp) + die("UDP port forwarding requested but UDP is disabled"); + if (!strcmp(optarg, "auto")) { if (fwd->mode) goto mode_conflict; |