upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
author: dtucker@openbsd.org <dtucker@openbsd.org> 2020-01-23 07:10:22 +0000
committer: Darren Tucker <dtucker@dtucker.net> 2020-01-23 18:51:25 +1100
commit: 3bf2a6ac791d64046a537335a0f1d5e43579c5ad (patch)
tree: 76fcc0f1be306541c074be4aed3aca66023f0962 /scp.c
parent: e027c044c796f3a01081a91bee55741204283f28 (diff)
1 files changed, 11 insertions, 11 deletions
diff --git a/scp.c b/scp.c
index 762286c73..6901e0c94 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.206 2019/09/09 02:31:19 dtucker Exp $ */
+/* $OpenBSD: scp.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */
 /*
 * scp - secure remote copy.  This is basically patched BSD rcp which
 * uses ssh to do the data transfer (instead of using rcmd).
@@ -215,9 +215,9 @@ do_local_cmd(arglist *a)
        }
        do_cmd_pid = pid;
-        signal(SIGTERM, killchild);
+        ssh_signal(SIGTERM, killchild);
-        signal(SIGINT, killchild);
+        ssh_signal(SIGINT, killchild);
-        signal(SIGHUP, killchild);
+        ssh_signal(SIGHUP, killchild);
        while (waitpid(pid, &status, 0) == -1)
                if (errno != EINTR)
@@ -268,9 +268,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout)
        close(reserved[0]);
        close(reserved[1]);
-        signal(SIGTSTP, suspchild);
+        ssh_signal(SIGTSTP, suspchild);
-        signal(SIGTTIN, suspchild);
+        ssh_signal(SIGTTIN, suspchild);
-        signal(SIGTTOU, suspchild);
+        ssh_signal(SIGTTOU, suspchild);
        /* Fork a child to execute the command on the remote host using ssh. */
        do_cmd_pid = fork();
@@ -307,9 +307,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout)
        *fdout = pin[1];
        close(pout[1]);
        *fdin = pout[0];
-        signal(SIGTERM, killchild);
+        ssh_signal(SIGTERM, killchild);
-        signal(SIGINT, killchild);
+        ssh_signal(SIGINT, killchild);
-        signal(SIGHUP, killchild);
+        ssh_signal(SIGHUP, killchild);
        return 0;
 }
@@ -561,7 +561,7 @@ main(int argc, char **argv)
            iamrecursive ? " -r" : "", pflag ? " -p" : "",
            targetshouldbedirectory ? " -d" : "");
-        (void) signal(SIGPIPE, lostconn);
+        (void) ssh_signal(SIGPIPE, lostconn);
        if (colon(argv[argc - 1]))      /* Dest is remote host. */
                toremote(argc, argv);
author	dtucker@openbsd.org <dtucker@openbsd.org>	2020-01-23 07:10:22 +0000
committer	Darren Tucker <dtucker@dtucker.net>	2020-01-23 18:51:25 +1100
commit	3bf2a6ac791d64046a537335a0f1d5e43579c5ad (patch)
tree	76fcc0f1be306541c074be4aed3aca66023f0962 /scp.c
parent	e027c044c796f3a01081a91bee55741204283f28 (diff)

diff --git a/scp.c b/scp.c index 762286c73..6901e0c94 100644 --- a/scp.c +++ b/scp.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: scp.c,v 1.206 2019/09/09 02:31:19 dtucker Exp $ */	1	/* $OpenBSD: scp.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */
2	/*	2	/*
3	* scp - secure remote copy. This is basically patched BSD rcp which	3	* scp - secure remote copy. This is basically patched BSD rcp which
4	* uses ssh to do the data transfer (instead of using rcmd).	4	* uses ssh to do the data transfer (instead of using rcmd).
@@ -215,9 +215,9 @@ do_local_cmd(arglist *a)
215	}	215	}
216		216
217	do_cmd_pid = pid;	217	do_cmd_pid = pid;
218	signal(SIGTERM, killchild);	218	ssh_signal(SIGTERM, killchild);
219	signal(SIGINT, killchild);	219	ssh_signal(SIGINT, killchild);
220	signal(SIGHUP, killchild);	220	ssh_signal(SIGHUP, killchild);
221		221
222	while (waitpid(pid, &status, 0) == -1)	222	while (waitpid(pid, &status, 0) == -1)
223	if (errno != EINTR)	223	if (errno != EINTR)
@@ -268,9 +268,9 @@ do_cmd(char host, char remuser, int port, char cmd, int fdin, int *fdout)
268	close(reserved[0]);	268	close(reserved[0]);
269	close(reserved[1]);	269	close(reserved[1]);
270		270
271	signal(SIGTSTP, suspchild);	271	ssh_signal(SIGTSTP, suspchild);
272	signal(SIGTTIN, suspchild);	272	ssh_signal(SIGTTIN, suspchild);
273	signal(SIGTTOU, suspchild);	273	ssh_signal(SIGTTOU, suspchild);
274		274
275	/* Fork a child to execute the command on the remote host using ssh. */	275	/* Fork a child to execute the command on the remote host using ssh. */
276	do_cmd_pid = fork();	276	do_cmd_pid = fork();
@@ -307,9 +307,9 @@ do_cmd(char host, char remuser, int port, char cmd, int fdin, int *fdout)
307	*fdout = pin[1];	307	*fdout = pin[1];
308	close(pout[1]);	308	close(pout[1]);
309	*fdin = pout[0];	309	*fdin = pout[0];
310	signal(SIGTERM, killchild);	310	ssh_signal(SIGTERM, killchild);
311	signal(SIGINT, killchild);	311	ssh_signal(SIGINT, killchild);
312	signal(SIGHUP, killchild);	312	ssh_signal(SIGHUP, killchild);
313	return 0;	313	return 0;
314	}	314	}
315		315
@@ -561,7 +561,7 @@ main(int argc, char **argv)
561	iamrecursive ? " -r" : "", pflag ? " -p" : "",	561	iamrecursive ? " -r" : "", pflag ? " -p" : "",
562	targetshouldbedirectory ? " -d" : "");	562	targetshouldbedirectory ? " -d" : "");
563		563
564	(void) signal(SIGPIPE, lostconn);	564	(void) ssh_signal(SIGPIPE, lostconn);
565		565
566	if (colon(argv[argc - 1])) /* Dest is remote host. */	566	if (colon(argv[argc - 1])) /* Dest is remote host. */
567	toremote(argc, argv);	567	toremote(argc, argv);