diff options
| author | dtucker@openbsd.org <dtucker@openbsd.org> | 2020-01-23 07:10:22 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2020-01-23 18:51:25 +1100 |
| commit | 3bf2a6ac791d64046a537335a0f1d5e43579c5ad (patch) | |
| tree | 76fcc0f1be306541c074be4aed3aca66023f0962 /sshd.c | |
| parent | e027c044c796f3a01081a91bee55741204283f28 (diff) | |
upstream: Replace all calls to signal(2) with a wrapper around
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.
OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 34 |
1 files changed, 18 insertions, 16 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshd.c,v 1.543 2020/01/21 22:39:57 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.544 2020/01/23 07:10:22 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -313,7 +313,7 @@ sighup_restart(void) | |||
| 313 | close_listen_socks(); | 313 | close_listen_socks(); |
| 314 | close_startup_pipes(); | 314 | close_startup_pipes(); |
| 315 | alarm(0); /* alarm timer persists across exec */ | 315 | alarm(0); /* alarm timer persists across exec */ |
| 316 | signal(SIGHUP, SIG_IGN); /* will be restored after exec */ | 316 | ssh_signal(SIGHUP, SIG_IGN); /* will be restored after exec */ |
| 317 | execv(saved_argv[0], saved_argv); | 317 | execv(saved_argv[0], saved_argv); |
| 318 | logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], | 318 | logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], |
| 319 | strerror(errno)); | 319 | strerror(errno)); |
| @@ -342,6 +342,8 @@ main_sigchld_handler(int sig) | |||
| 342 | pid_t pid; | 342 | pid_t pid; |
| 343 | int status; | 343 | int status; |
| 344 | 344 | ||
| 345 | debug("main_sigchld_handler: %s", strsignal(sig)); | ||
| 346 | |||
| 345 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 347 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
| 346 | (pid == -1 && errno == EINTR)) | 348 | (pid == -1 && errno == EINTR)) |
| 347 | ; | 349 | ; |
| @@ -363,7 +365,7 @@ grace_alarm_handler(int sig) | |||
| 363 | * keys command helpers. | 365 | * keys command helpers. |
| 364 | */ | 366 | */ |
| 365 | if (getpgid(0) == getpid()) { | 367 | if (getpgid(0) == getpid()) { |
| 366 | signal(SIGTERM, SIG_IGN); | 368 | ssh_signal(SIGTERM, SIG_IGN); |
| 367 | kill(0, SIGTERM); | 369 | kill(0, SIGTERM); |
| 368 | } | 370 | } |
| 369 | 371 | ||
| @@ -1941,7 +1943,7 @@ main(int ac, char **av) | |||
| 1941 | error("chdir(\"/\"): %s", strerror(errno)); | 1943 | error("chdir(\"/\"): %s", strerror(errno)); |
| 1942 | 1944 | ||
| 1943 | /* ignore SIGPIPE */ | 1945 | /* ignore SIGPIPE */ |
| 1944 | signal(SIGPIPE, SIG_IGN); | 1946 | ssh_signal(SIGPIPE, SIG_IGN); |
| 1945 | 1947 | ||
| 1946 | /* Get a connection, either from inetd or a listening TCP socket */ | 1948 | /* Get a connection, either from inetd or a listening TCP socket */ |
| 1947 | if (inetd_flag) { | 1949 | if (inetd_flag) { |
| @@ -1950,10 +1952,10 @@ main(int ac, char **av) | |||
| 1950 | platform_pre_listen(); | 1952 | platform_pre_listen(); |
| 1951 | server_listen(); | 1953 | server_listen(); |
| 1952 | 1954 | ||
| 1953 | signal(SIGHUP, sighup_handler); | 1955 | ssh_signal(SIGHUP, sighup_handler); |
| 1954 | signal(SIGCHLD, main_sigchld_handler); | 1956 | ssh_signal(SIGCHLD, main_sigchld_handler); |
| 1955 | signal(SIGTERM, sigterm_handler); | 1957 | ssh_signal(SIGTERM, sigterm_handler); |
| 1956 | signal(SIGQUIT, sigterm_handler); | 1958 | ssh_signal(SIGQUIT, sigterm_handler); |
| 1957 | 1959 | ||
| 1958 | /* | 1960 | /* |
| 1959 | * Write out the pid file after the sigterm handler | 1961 | * Write out the pid file after the sigterm handler |
| @@ -2043,12 +2045,12 @@ main(int ac, char **av) | |||
| 2043 | * will not restart on SIGHUP since it no longer makes sense. | 2045 | * will not restart on SIGHUP since it no longer makes sense. |
| 2044 | */ | 2046 | */ |
| 2045 | alarm(0); | 2047 | alarm(0); |
| 2046 | signal(SIGALRM, SIG_DFL); | 2048 | ssh_signal(SIGALRM, SIG_DFL); |
| 2047 | signal(SIGHUP, SIG_DFL); | 2049 | ssh_signal(SIGHUP, SIG_DFL); |
| 2048 | signal(SIGTERM, SIG_DFL); | 2050 | ssh_signal(SIGTERM, SIG_DFL); |
| 2049 | signal(SIGQUIT, SIG_DFL); | 2051 | ssh_signal(SIGQUIT, SIG_DFL); |
| 2050 | signal(SIGCHLD, SIG_DFL); | 2052 | ssh_signal(SIGCHLD, SIG_DFL); |
| 2051 | signal(SIGINT, SIG_DFL); | 2053 | ssh_signal(SIGINT, SIG_DFL); |
| 2052 | 2054 | ||
| 2053 | /* | 2055 | /* |
| 2054 | * Register our connection. This turns encryption off because we do | 2056 | * Register our connection. This turns encryption off because we do |
| @@ -2109,7 +2111,7 @@ main(int ac, char **av) | |||
| 2109 | * mode; it is just annoying to have the server exit just when you | 2111 | * mode; it is just annoying to have the server exit just when you |
| 2110 | * are about to discover the bug. | 2112 | * are about to discover the bug. |
| 2111 | */ | 2113 | */ |
| 2112 | signal(SIGALRM, grace_alarm_handler); | 2114 | ssh_signal(SIGALRM, grace_alarm_handler); |
| 2113 | if (!debug_flag) | 2115 | if (!debug_flag) |
| 2114 | alarm(options.login_grace_time); | 2116 | alarm(options.login_grace_time); |
| 2115 | 2117 | ||
| @@ -2167,7 +2169,7 @@ main(int ac, char **av) | |||
| 2167 | * authentication. | 2169 | * authentication. |
| 2168 | */ | 2170 | */ |
| 2169 | alarm(0); | 2171 | alarm(0); |
| 2170 | signal(SIGALRM, SIG_DFL); | 2172 | ssh_signal(SIGALRM, SIG_DFL); |
| 2171 | authctxt->authenticated = 1; | 2173 | authctxt->authenticated = 1; |
| 2172 | if (startup_pipe != -1) { | 2174 | if (startup_pipe != -1) { |
| 2173 | close(startup_pipe); | 2175 | close(startup_pipe); |