From 9c500d06f20c5f0cc3deff18702c2be2a2e1405d Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Sun, 17 Jan 2010 13:41:02 +0100 Subject: Fix bug #68: Allow all ports for CONNECT at absence of ConnectPort in config. --- src/connect-ports.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/connect-ports.c b/src/connect-ports.c index 1aaacf8..011e98c 100644 --- a/src/connect-ports.c +++ b/src/connect-ports.c @@ -53,11 +53,11 @@ int check_allowed_connect_ports (int port, vector_t connect_ports) int *data; /* - * A port list is REQUIRED for a CONNECT request to function - * properly. This closes a potential security hole. + * The absence of ConnectPort options in the config file + * meanas that all ports are allowed for CONNECT. */ if (!connect_ports) - return 0; + return 1; for (i = 0; i != (size_t) vector_length (connect_ports); ++i) { data = (int *) vector_getentry (connect_ports, i, NULL); -- cgit v1.2.3