From e6e52f8c5dc89a6767702e65bb595aaf7bc8991c Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Thu, 10 Oct 2013 10:28:07 +1100
Subject: [PATCH]    - djm@cvs.openbsd.org 2013/09/19 01:26:29     
 [sshconnect.c]      bz#1211: make BindAddress work with
 UsePrivilegedPort=yes; patch from      swp AT swp.pp.ru; ok dtucker@

---
 ChangeLog    |  4 ++++
 sshconnect.c | 51 ++++++++++++++++++++++++++-------------------------
 2 files changed, 30 insertions(+), 25 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 2a56ccfc7..6152abb51 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,10 @@
      bz#1297 - tell the client (via packet_send_debug) when their preferred
      listen address has been overridden by the server's GatewayPorts;
      ok dtucker@
+   - djm@cvs.openbsd.org 2013/09/19 01:26:29
+     [sshconnect.c]
+     bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from
+     swp AT swp.pp.ru; ok dtucker@
 
 20131009
  - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull
diff --git a/sshconnect.c b/sshconnect.c
index 76bb5cdac..aee38198b 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.239 2013/08/20 00:11:38 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.240 2013/09/19 01:26:29 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -282,34 +282,18 @@ ssh_kill_proxy_command(void)
 static int
 ssh_create_socket(int privileged, struct addrinfo *ai)
 {
-	int sock, gaierr;
+	int sock, r, gaierr;
 	struct addrinfo hints, *res;
 
-	/*
-	 * If we are running as root and want to connect to a privileged
-	 * port, bind our own socket to a privileged port.
-	 */
-	if (privileged) {
-		int p = IPPORT_RESERVED - 1;
-		PRIV_START;
-		sock = rresvport_af(&p, ai->ai_family);
-		PRIV_END;
-		if (sock < 0)
-			error("rresvport: af=%d %.100s", ai->ai_family,
-			    strerror(errno));
-		else
-			debug("Allocated local port %d.", p);
-		return sock;
-	}
 	sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
 	if (sock < 0) {
-		error("socket: %.100s", strerror(errno));
+		error("socket: %s", strerror(errno));
 		return -1;
 	}
 	fcntl(sock, F_SETFD, FD_CLOEXEC);
 
 	/* Bind the socket to an alternative local IP address */
-	if (options.bind_address == NULL)
+	if (options.bind_address == NULL && !privileged)
 		return sock;
 
 	memset(&hints, 0, sizeof(hints));
@@ -324,11 +308,28 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
 		close(sock);
 		return -1;
 	}
-	if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
-		error("bind: %s: %s", options.bind_address, strerror(errno));
-		close(sock);
-		freeaddrinfo(res);
-		return -1;
+	/*
+	 * If we are running as root and want to connect to a privileged
+	 * port, bind our own socket to a privileged port.
+	 */
+	if (privileged) {
+		PRIV_START;
+		r = bindresvport_sa(sock, res->ai_addr);
+		PRIV_END;
+		if (r < 0) {
+			error("bindresvport_sa: af=%d %s", ai->ai_family,
+			    strerror(errno));
+			goto fail;
+		}
+	} else {
+		if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
+			error("bind: %s: %s", options.bind_address,
+			    strerror(errno));
+ fail:
+			close(sock);
+			freeaddrinfo(res);
+			return -1;
+		}
 	}
 	freeaddrinfo(res);
 	return sock;