conf: Don't configure port forwarding for a disabled protocol

UDP and/or TCP can be disabled with the --no-udp and --no-tcp options.
However, when this is specified, it's still possible to configure forwarded
ports for the disabled protocol.  In some cases this will open sockets and
perform other actions, which might not be safe since the entire protocol
won't be initialised.

Check for this case, and explicitly forbid it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2024-07-17 10:36:00 +10:00 committed by Stefano Brivio
parent a740e16fd1
commit f79c42317f

5
conf.c
View file

@ -132,6 +132,11 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
return;
}
if ((optname == 't' || optname == 'T') && c->no_tcp)
die("TCP port forwarding requested but TCP is disabled");
if ((optname == 'u' || optname == 'U') && c->no_udp)
die("UDP port forwarding requested but UDP is disabled");
if (!strcmp(optarg, "auto")) {
if (fwd->mode)
goto mode_conflict;