From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Tue, 3 Apr 2018 09:05:33 +0000 (+0200)
Subject: privops: allow binding to acquisition port
X-Git-Tag: 3.3~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fd1e80802f69ca5194928bb7f5e840d09a6824cd;p=thirdparty%2Fchrony.git

privops: allow binding to acquisition port

Fix the privileged helper process to allow binding of client sockets to
a non-zero acquisition port which is not equal to the server port.
---

diff --git a/privops.c b/privops.c
index a7ba8902..359e1637 100644
--- a/privops.c
+++ b/privops.c
@@ -268,7 +268,7 @@ do_bind_socket(ReqBindSocket *req, PrvResponse *res)
   sock_fd = req->sock;
 
   UTI_SockaddrToIPAndPort(sa, &ip, &port);
-  if (port && port != CNF_GetNTPPort()) {
+  if (port && port != CNF_GetNTPPort() && port != CNF_GetAcquisitionPort()) {
     close(sock_fd);
     res_fatal(res, "Invalid port %d", port);
     return;
@@ -579,7 +579,8 @@ PRV_BindSocket(int sock, struct sockaddr *address, socklen_t address_len)
   unsigned short port;
 
   UTI_SockaddrToIPAndPort(address, &ip, &port);
-  assert(!port || port == CNF_GetNTPPort());
+  if (port && port != CNF_GetNTPPort() && port != CNF_GetAcquisitionPort())
+    assert(0);
 
   if (!have_helper())
     return bind(sock, address, address_len);