diff options
author | Darren Tucker <dtucker@zip.com.au> | 2004-01-14 22:14:04 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2004-01-14 22:14:04 +1100 |
commit | 749bc95bd81aca8c69829551f9f1ae8c7d0bdefa (patch) | |
tree | 6912bd3ebcb938c46bfa778c1c782ea0d9d6251a | |
parent | 1b27c8fbcb8f59559bc3bcf4d9d6f739305b4ee8 (diff) |
- (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits
unexpectedly. with & ok djm@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | auth-pam.c | 23 |
2 files changed, 27 insertions, 2 deletions
@@ -1,3 +1,7 @@ | |||
1 | 20040114 | ||
2 | - (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits | ||
3 | unexpectedly. with & ok djm@ | ||
4 | |||
1 | 20040113 | 5 | 20040113 |
2 | - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. No | 6 | - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. No |
3 | functional changes. | 7 | functional changes. |
@@ -1659,4 +1663,4 @@ | |||
1659 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. | 1663 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
1660 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | 1664 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au |
1661 | 1665 | ||
1662 | $Id: ChangeLog,v 1.3166 2004/01/13 11:35:58 dtucker Exp $ | 1666 | $Id: ChangeLog,v 1.3167 2004/01/14 11:14:04 dtucker Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index fe2ae7711..14d0c7b7f 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -31,7 +31,7 @@ | |||
31 | 31 | ||
32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
33 | #include "includes.h" | 33 | #include "includes.h" |
34 | RCSID("$Id: auth-pam.c,v 1.89 2004/01/13 11:35:59 dtucker Exp $"); | 34 | RCSID("$Id: auth-pam.c,v 1.90 2004/01/14 11:14:05 dtucker Exp $"); |
35 | 35 | ||
36 | #ifdef USE_PAM | 36 | #ifdef USE_PAM |
37 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 37 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
@@ -86,6 +86,23 @@ static struct pam_ctxt *cleanup_ctxt; | |||
86 | * Simulate threads with processes. | 86 | * Simulate threads with processes. |
87 | */ | 87 | */ |
88 | 88 | ||
89 | static int sshpam_thread_status = -1; | ||
90 | static mysig_t sshpam_oldsig; | ||
91 | |||
92 | static void | ||
93 | sshpam_sigchld_handler(int sig) | ||
94 | { | ||
95 | if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0) == -1) | ||
96 | return; /* couldn't wait for process */ | ||
97 | if (WIFSIGNALED(sshpam_thread_status) && | ||
98 | WTERMSIG(sshpam_thread_status) == SIGTERM) | ||
99 | return; /* terminated by pthread_cancel */ | ||
100 | if (!WIFEXITED(sshpam_thread_status)) | ||
101 | fatal("PAM: authentication thread exited unexpectedly"); | ||
102 | if (WEXITSTATUS(sshpam_thread_status) != 0) | ||
103 | fatal("PAM: authentication thread exited uncleanly"); | ||
104 | } | ||
105 | |||
89 | static void | 106 | static void |
90 | pthread_exit(void *value __unused) | 107 | pthread_exit(void *value __unused) |
91 | { | 108 | { |
@@ -107,6 +124,7 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused, | |||
107 | _exit(1); | 124 | _exit(1); |
108 | default: | 125 | default: |
109 | *thread = pid; | 126 | *thread = pid; |
127 | sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler); | ||
110 | return (0); | 128 | return (0); |
111 | } | 129 | } |
112 | } | 130 | } |
@@ -122,6 +140,9 @@ pthread_join(sp_pthread_t thread, void **value __unused) | |||
122 | { | 140 | { |
123 | int status; | 141 | int status; |
124 | 142 | ||
143 | if (sshpam_thread_status != -1) | ||
144 | return (sshpam_thread_status); | ||
145 | signal(SIGCHLD, sshpam_oldsig); | ||
125 | waitpid(thread, &status, 0); | 146 | waitpid(thread, &status, 0); |
126 | return (status); | 147 | return (status); |
127 | } | 148 | } |