upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
author: dtucker@openbsd.org <dtucker@openbsd.org> 2020-01-23 07:10:22 +0000
committer: Darren Tucker <dtucker@dtucker.net> 2020-01-23 18:51:25 +1100
commit: 3bf2a6ac791d64046a537335a0f1d5e43579c5ad (patch)
tree: 76fcc0f1be306541c074be4aed3aca66023f0962 /sshconnect2.c
parent: e027c044c796f3a01081a91bee55741204283f28 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/sshconnect2.c b/sshconnect2.c
index 7f52cc55e..8d13310f2 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.317 2020/01/23 07:10:22 dtucker Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -1924,7 +1924,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
                error("%s: fork: %s", __func__, strerror(errno));
                return -1;
        }
-        osigchld = signal(SIGCHLD, SIG_DFL);
+        osigchld = ssh_signal(SIGCHLD, SIG_DFL);
        if (pid == 0) {
                close(from[0]);
                if (dup2(from[1], STDOUT_FILENO) == -1)
@@ -1996,11 +1996,11 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
        if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) {
                error("%s: buffer error: %s", __func__, ssh_err(r));
 fail:
-                signal(SIGCHLD, osigchld);
+                ssh_signal(SIGCHLD, osigchld);
                sshbuf_free(b);
                return -1;
        }
-        signal(SIGCHLD, osigchld);
+        ssh_signal(SIGCHLD, osigchld);
        sshbuf_free(b);
        return 0;
author	dtucker@openbsd.org <dtucker@openbsd.org>	2020-01-23 07:10:22 +0000
committer	Darren Tucker <dtucker@dtucker.net>	2020-01-23 18:51:25 +1100
commit	3bf2a6ac791d64046a537335a0f1d5e43579c5ad (patch)
tree	76fcc0f1be306541c074be4aed3aca66023f0962 /sshconnect2.c
parent	e027c044c796f3a01081a91bee55741204283f28 (diff)

diff --git a/sshconnect2.c b/sshconnect2.c index 7f52cc55e..8d13310f2 100644 --- a/sshconnect2.c +++ b/sshconnect2.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */	1	/* $OpenBSD: sshconnect2.c,v 1.317 2020/01/23 07:10:22 dtucker Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	* Copyright (c) 2008 Damien Miller. All rights reserved.	4	* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -1924,7 +1924,7 @@ ssh_keysign(struct ssh ssh, struct sshkey key, u_char *sigp, size_t lenp,
1924	error("%s: fork: %s", __func__, strerror(errno));	1924	error("%s: fork: %s", __func__, strerror(errno));
1925	return -1;	1925	return -1;
1926	}	1926	}
1927	osigchld = signal(SIGCHLD, SIG_DFL);	1927	osigchld = ssh_signal(SIGCHLD, SIG_DFL);
1928	if (pid == 0) {	1928	if (pid == 0) {
1929	close(from[0]);	1929	close(from[0]);
1930	if (dup2(from[1], STDOUT_FILENO) == -1)	1930	if (dup2(from[1], STDOUT_FILENO) == -1)
@@ -1996,11 +1996,11 @@ ssh_keysign(struct ssh ssh, struct sshkey key, u_char *sigp, size_t lenp,
1996	if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) {	1996	if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) {
1997	error("%s: buffer error: %s", __func__, ssh_err(r));	1997	error("%s: buffer error: %s", __func__, ssh_err(r));
1998	fail:	1998	fail:
1999	signal(SIGCHLD, osigchld);	1999	ssh_signal(SIGCHLD, osigchld);
2000	sshbuf_free(b);	2000	sshbuf_free(b);
2001	return -1;	2001	return -1;
2002	}	2002	}
2003	signal(SIGCHLD, osigchld);	2003	ssh_signal(SIGCHLD, osigchld);
2004	sshbuf_free(b);	2004	sshbuf_free(b);
2005		2005
2006	return 0;	2006	return 0;