- guenther@cvs.openbsd.org 2010/01/15 00:05:22

     [sftp.c]
     Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
     inherited SIGTERM as ignored it will still be able to kill the ssh it
     starts.
     ok dtucker@

2 files changed, 10 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 257204240..0d35871eb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,12 @@
      [sftp-common.c]
      use user_from{uid,gid} to lookup up ids since it keeps a small cache.
      ok djm
+   - guenther@cvs.openbsd.org 2010/01/15 00:05:22
+     [sftp.c]
+     Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
+     inherited SIGTERM as ignored it will still be able to kill the ssh it
+     starts.
+     ok dtucker@
 
 20100114
  - (djm) [platform.h] Add missing prototype for
diff --git a/sftp.c b/sftp.c
index ac6ac9fed..e01703ba9 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.121 2010/01/13 12:48:34 jmc Exp $ */
+/* $OpenBSD: sftp.c,v 1.122 2010/01/15 00:05:22 guenther Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -2027,9 +2027,11 @@ connect_to_server(char *path, char **args, int *in, int *out)
                  * The underlying ssh is in the same process group, so we must
                  * ignore SIGINT if we want to gracefully abort commands,
                  * otherwise the signal will make it to the ssh process and
-                 * kill it too
+                 * kill it too.  Contrawise, since sftp sends SIGTERMs to the
+                 * underlying ssh, it must *not* ignore that signal.
                  */
                 signal(SIGINT, SIG_IGN);
+                signal(SIGTERM, SIG_DFL);
                 execvp(path, args);
                 fprintf(stderr, "exec: %s: %s\n", path, strerror(errno));
                 _exit(1);