INN commit: trunk (5 files)

INN Commit Russ_Allbery at isc.org
Thu Aug 2 15:01:22 UTC 2007 

    Date: Thursday, August 2, 2007 @ 08:01:21
  Author: iulius
Revision: 7626

Allow innbind to bind port 563 (NNTP/SSL for nnrpd).

Modified:
  trunk/backends/innbind.c
  trunk/configure.ac
  trunk/doc/pod/innbind.pod
  trunk/doc/pod/innd.pod
  trunk/doc/pod/install.pod

---------------------+
 backends/innbind.c  |    5 +++--
 configure.ac        |    2 +-
 doc/pod/innbind.pod |    8 ++++----
 doc/pod/innd.pod    |    2 +-
 doc/pod/install.pod |    2 +-
 5 files changed, 10 insertions(+), 9 deletions(-)

Modified: backends/innbind.c
===================================================================
--- backends/innbind.c	2007-08-02 14:21:58 UTC (rev 7625)
+++ backends/innbind.c	2007-08-02 15:01:21 UTC (rev 7626)
@@ -167,7 +167,7 @@
 
 
 /*
-**  Given a given a struct binding, bind that file descriptor.  Also takes the
+**  Given a struct binding, bind that file descriptor.  Also takes the
 **  command-line argument for error reporting.  Returns true on success, false
 **  if binding failed due to permission denied.  Die on any other failure.
 */
@@ -180,7 +180,8 @@
     socklen_t length;
 
     /* Make sure that we're allowed to bind to that port. */
-    if (port < 1024 && port != 119 && port != 433 && port != INND_PORT)
+    if (port < 1024 && port != 119 && port != 433 && port != 563
+            && port != INND_PORT)
         die("cannot bind to restricted port %hu in %s", port, spec);
 
     /* Sanity check on the socket. */

Modified: configure.ac
===================================================================
--- configure.ac	2007-08-02 14:21:58 UTC (rev 7625)
+++ configure.ac	2007-08-02 15:01:21 UTC (rev 7626)
@@ -121,7 +121,7 @@
 INN_ARG_COMPRESS
 INN_ARG_SENDMAIL
 
-dnl innbind by default only allows ports 119 and 433 below 1024; if the user
+dnl innbind by default only allows ports 119, 433 and 563 below 1024; if the user
 dnl wants to use some other port as well, they must use this option.
 AC_ARG_WITH([innd-port],
     [AC_HELP_STRING([--with-innd-port=PORT],

Modified: doc/pod/innbind.pod
===================================================================
--- doc/pod/innbind.pod	2007-08-02 14:21:58 UTC (rev 7625)
+++ doc/pod/innbind.pod	2007-08-02 15:01:21 UTC (rev 7626)
@@ -17,7 +17,7 @@
 willing to perform are to bind an open file descriptor to a given address
 and port or to create a new socket, bind it, and return the bound socket
 to its caller.  It can only be run as the news user (as specified at
-configure time), and will only bind to ports 119, 433, an additional port
+configure time), and will only bind to ports 119, 433, 563, an additional port
 specified with the B<--with-innd-port> argument to configure, or ports
 numbered 1024 or higher.
 
@@ -110,7 +110,7 @@
 =item cannot bind to restricted port %hu in %s
 
 (Fatal) The port number portion of the given command-line argument is for
-a port below 1024 which is not 119, 433, or a port given to
+a port below 1024 which is not 119, 433, 563, or a port given to
 B<--with-innd-port> at configure time.  Other ports are not allowed for
 security reasons.
 
@@ -125,7 +125,7 @@
 
 (Fatal) B<innbind> was unable to get the UID for the news user specified
 during configure (and defaulting to C<news>).  This normally means that
-user isn't in the system passwd file.
+user isn't in the system F<passwd> file.
 
 =item cannot mark socket reusable for %s: %s
 
@@ -221,6 +221,6 @@
 
 =head1 SEE ALSO
 
-inet_aton(3), inet_pton(3), innd(8), nnrpd(8)
+inet_aton(3), inet_pton(3), innd(8), nnrpd(8).
 
 =cut

Modified: doc/pod/innd.pod
===================================================================
--- doc/pod/innd.pod	2007-08-02 14:21:58 UTC (rev 7625)
+++ doc/pod/innd.pod	2007-08-02 15:01:21 UTC (rev 7626)
@@ -55,7 +55,7 @@
 this at startup and fail to start if not run properly.  Normally it should
 be started via rc.news(8) as part of the system bootup process.  It relies
 on the setuid root helper program innbind(8) to listen on a privileged
-port (119 or 433).
+port (119, 433 or 563).
 
 =head1 OPTIONS
 

Modified: doc/pod/install.pod
===================================================================
--- doc/pod/install.pod	2007-08-02 14:21:58 UTC (rev 7625)
+++ doc/pod/install.pod	2007-08-02 15:01:21 UTC (rev 7626)
@@ -345,7 +345,7 @@
 =item B<--with-innd-port>=PORT
 
 By default, innbind(8) refuses to bind to any port under 1024 other than
-119 and 433 for security reasons (to prevent attacks on rsh(1)-based
+119, 433 and 563 for security reasons (to prevent attacks on rsh(1)-based
 commands and replacing standard system daemons).  If you want to run innd
 on a different port under 1024, you'll need to tell configure what port
 you intend to use.  (You'll also still need to set the port number in

More information about the inn-committers mailing list