UDP and/or TCP can be disabled with the --no-udp and --no-tcp options.
However, when this is specified, it's still possible to configure forwarded
ports for the disabled protocol. In some cases this will open sockets and
perform other actions, which might not be safe since the entire protocol
won't be initialised.
Check for this case, and explicitly forbid it.
Signed-off-by: David Gibson
---
conf.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/conf.c b/conf.c
index 3c38cebc..629eb897 100644
--- a/conf.c
+++ b/conf.c
@@ -132,6 +132,11 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
return;
}
+ if ((optname == 't' || optname == 'T') && c->no_tcp)
+ die("TCP port forwarding requested but TCP is disabled");
+ if ((optname == 'u' || optname == 'U') && c->no_udp)
+ die("UDP port forwarding requested but UDP is disabled");
+
if (!strcmp(optarg, "auto")) {
if (fwd->mode)
goto mode_conflict;
--
2.45.2