diff options
author | Damien Miller <djm@mindrot.org> | 2014-01-26 09:39:53 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-01-26 09:39:53 +1100 |
commit | 2035b2236d3b1f76c749c642a43e03c85eae76e6 (patch) | |
tree | 7e4d397d9f030d5180f6a9e1dab7d9f39e01d065 | |
parent | a92ac7410475fbb00383c7402aa954dc0a75ae19 (diff) |
- (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable
RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
libc will attempt to open additional file descriptors for crypto
offload and crash if they cannot be opened.
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | configure.ac | 7 | ||||
-rw-r--r-- | sandbox-capsicum.c | 2 | ||||
-rw-r--r-- | sandbox-rlimit.c | 2 |
4 files changed, 13 insertions, 2 deletions
@@ -12,6 +12,10 @@ | |||
12 | [kex.c] | 12 | [kex.c] |
13 | dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) | 13 | dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) |
14 | ok dtucker@, noted by mancha | 14 | ok dtucker@, noted by mancha |
15 | - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable | ||
16 | RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations, | ||
17 | libc will attempt to open additional file descriptors for crypto | ||
18 | offload and crash if they cannot be opened. | ||
15 | 19 | ||
16 | 20130125 | 20 | 20130125 |
17 | - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD | 21 | - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD |
diff --git a/configure.ac b/configure.ac index 5e5e4d135..4a398418a 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.562 2014/01/25 02:16:59 djm Exp $ | 1 | # $Id: configure.ac,v 1.563 2014/01/25 22:39:53 djm Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -15,7 +15,7 @@ | |||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) | 17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) |
18 | AC_REVISION($Revision: 1.562 $) | 18 | AC_REVISION($Revision: 1.563 $) |
19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
20 | AC_LANG([C]) | 20 | AC_LANG([C]) |
21 | 21 | ||
@@ -780,6 +780,9 @@ mips-sony-bsd|mips-sony-newsos4) | |||
780 | AC_DEFINE([BROKEN_STRNVIS], [1], | 780 | AC_DEFINE([BROKEN_STRNVIS], [1], |
781 | [FreeBSD strnvis argument order is swapped compared to OpenBSD]) | 781 | [FreeBSD strnvis argument order is swapped compared to OpenBSD]) |
782 | TEST_MALLOC_OPTIONS="AJRX" | 782 | TEST_MALLOC_OPTIONS="AJRX" |
783 | # Preauth crypto occasionally uses file descriptors for crypto offload | ||
784 | # and will crash if they cannot be opened. | ||
785 | AC_DEFINE([SANDBOX_SKIP_RLIMIT_NOFILE]) | ||
783 | ;; | 786 | ;; |
784 | *-*-bsdi*) | 787 | *-*-bsdi*) |
785 | AC_DEFINE([SETEUID_BREAKS_SETUID]) | 788 | AC_DEFINE([SETEUID_BREAKS_SETUID]) |
diff --git a/sandbox-capsicum.c b/sandbox-capsicum.c index f648c6ece..ee2a7e79e 100644 --- a/sandbox-capsicum.c +++ b/sandbox-capsicum.c | |||
@@ -75,9 +75,11 @@ ssh_sandbox_child(struct ssh_sandbox *box) | |||
75 | if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) | 75 | if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) |
76 | fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", | 76 | fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", |
77 | __func__, strerror(errno)); | 77 | __func__, strerror(errno)); |
78 | #ifndef SANDBOX_SKIP_RLIMIT_NOFILE | ||
78 | if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) | 79 | if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) |
79 | fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s", | 80 | fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s", |
80 | __func__, strerror(errno)); | 81 | __func__, strerror(errno)); |
82 | #endif | ||
81 | if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1) | 83 | if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1) |
82 | fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s", | 84 | fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s", |
83 | __func__, strerror(errno)); | 85 | __func__, strerror(errno)); |
diff --git a/sandbox-rlimit.c b/sandbox-rlimit.c index da91eb1b9..bba80778b 100644 --- a/sandbox-rlimit.c +++ b/sandbox-rlimit.c | |||
@@ -69,9 +69,11 @@ ssh_sandbox_child(struct ssh_sandbox *box) | |||
69 | fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", | 69 | fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", |
70 | __func__, strerror(errno)); | 70 | __func__, strerror(errno)); |
71 | #endif | 71 | #endif |
72 | #ifndef SANDBOX_SKIP_RLIMIT_NOFILE | ||
72 | if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) | 73 | if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) |
73 | fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s", | 74 | fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s", |
74 | __func__, strerror(errno)); | 75 | __func__, strerror(errno)); |
76 | #endif | ||
75 | #ifdef HAVE_RLIMIT_NPROC | 77 | #ifdef HAVE_RLIMIT_NPROC |
76 | if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1) | 78 | if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1) |
77 | fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s", | 79 | fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s", |