diff options
-rw-r--r-- | auth-pam.c | 8 | ||||
-rw-r--r-- | auth.c | 4 | ||||
-rw-r--r-- | auth2-pubkey.c | 10 | ||||
-rw-r--r-- | clientloop.c | 26 | ||||
-rw-r--r-- | entropy.c | 4 | ||||
-rw-r--r-- | misc.c | 19 | ||||
-rw-r--r-- | misc.h | 4 | ||||
-rw-r--r-- | monitor.c | 10 | ||||
-rw-r--r-- | mux.c | 22 | ||||
-rw-r--r-- | openbsd-compat/bsd-openpty.c | 4 | ||||
-rw-r--r-- | progressmeter.c | 6 | ||||
-rw-r--r-- | readconf.c | 4 | ||||
-rw-r--r-- | readpass.c | 14 | ||||
-rw-r--r-- | sandbox-systrace.c | 6 | ||||
-rw-r--r-- | scp.c | 22 | ||||
-rw-r--r-- | serverloop.c | 10 | ||||
-rw-r--r-- | session.c | 4 | ||||
-rw-r--r-- | sftp.c | 26 | ||||
-rw-r--r-- | ssh-agent.c | 10 | ||||
-rw-r--r-- | ssh-sk-client.c | 9 | ||||
-rw-r--r-- | ssh.c | 6 | ||||
-rw-r--r-- | sshbuf.c | 4 | ||||
-rw-r--r-- | sshconnect.c | 10 | ||||
-rw-r--r-- | sshconnect2.c | 8 | ||||
-rw-r--r-- | sshd.c | 34 |
25 files changed, 153 insertions, 131 deletions
diff --git a/auth-pam.c b/auth-pam.c index 856fdd40f..0cd2b0019 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -156,7 +156,7 @@ static mysig_t sshpam_oldsig; | |||
156 | static void | 156 | static void |
157 | sshpam_sigchld_handler(int sig) | 157 | sshpam_sigchld_handler(int sig) |
158 | { | 158 | { |
159 | signal(SIGCHLD, SIG_DFL); | 159 | ssh_signal(SIGCHLD, SIG_DFL); |
160 | if (cleanup_ctxt == NULL) | 160 | if (cleanup_ctxt == NULL) |
161 | return; /* handler called after PAM cleanup, shouldn't happen */ | 161 | return; /* handler called after PAM cleanup, shouldn't happen */ |
162 | if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG) | 162 | if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG) |
@@ -208,7 +208,7 @@ pthread_create(sp_pthread_t *thread, const void *attr, | |||
208 | *thread = pid; | 208 | *thread = pid; |
209 | close(ctx->pam_csock); | 209 | close(ctx->pam_csock); |
210 | ctx->pam_csock = -1; | 210 | ctx->pam_csock = -1; |
211 | sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler); | 211 | sshpam_oldsig = ssh_signal(SIGCHLD, sshpam_sigchld_handler); |
212 | return (0); | 212 | return (0); |
213 | } | 213 | } |
214 | } | 214 | } |
@@ -216,7 +216,7 @@ pthread_create(sp_pthread_t *thread, const void *attr, | |||
216 | static int | 216 | static int |
217 | pthread_cancel(sp_pthread_t thread) | 217 | pthread_cancel(sp_pthread_t thread) |
218 | { | 218 | { |
219 | signal(SIGCHLD, sshpam_oldsig); | 219 | ssh_signal(SIGCHLD, sshpam_oldsig); |
220 | return (kill(thread, SIGTERM)); | 220 | return (kill(thread, SIGTERM)); |
221 | } | 221 | } |
222 | 222 | ||
@@ -228,7 +228,7 @@ pthread_join(sp_pthread_t thread, void **value) | |||
228 | 228 | ||
229 | if (sshpam_thread_status != -1) | 229 | if (sshpam_thread_status != -1) |
230 | return (sshpam_thread_status); | 230 | return (sshpam_thread_status); |
231 | signal(SIGCHLD, sshpam_oldsig); | 231 | ssh_signal(SIGCHLD, sshpam_oldsig); |
232 | while (waitpid(thread, &status, 0) == -1) { | 232 | while (waitpid(thread, &status, 0) == -1) { |
233 | if (errno == EINTR) | 233 | if (errno == EINTR) |
234 | continue; | 234 | continue; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.144 2019/12/16 13:58:53 tobhe Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.145 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -921,7 +921,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
921 | child_set_env(&child_env, &envsize, "LANG", cp); | 921 | child_set_env(&child_env, &envsize, "LANG", cp); |
922 | 922 | ||
923 | for (i = 0; i < NSIG; i++) | 923 | for (i = 0; i < NSIG; i++) |
924 | signal(i, SIG_DFL); | 924 | ssh_signal(i, SIG_DFL); |
925 | 925 | ||
926 | if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { | 926 | if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { |
927 | error("%s: open %s: %s", tag, _PATH_DEVNULL, | 927 | error("%s: open %s: %s", tag, _PATH_DEVNULL, |
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index b656b1f8c..5b4a2cc02 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.97 2019/11/25 00:54:23 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.98 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -460,7 +460,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
460 | * NB. all returns later this function should go via "out" to | 460 | * NB. all returns later this function should go via "out" to |
461 | * ensure the original SIGCHLD handler is restored properly. | 461 | * ensure the original SIGCHLD handler is restored properly. |
462 | */ | 462 | */ |
463 | osigchld = signal(SIGCHLD, SIG_DFL); | 463 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); |
464 | 464 | ||
465 | /* Prepare and verify the user for the command */ | 465 | /* Prepare and verify the user for the command */ |
466 | username = percent_expand(options.authorized_principals_command_user, | 466 | username = percent_expand(options.authorized_principals_command_user, |
@@ -548,7 +548,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
548 | out: | 548 | out: |
549 | if (f != NULL) | 549 | if (f != NULL) |
550 | fclose(f); | 550 | fclose(f); |
551 | signal(SIGCHLD, osigchld); | 551 | ssh_signal(SIGCHLD, osigchld); |
552 | for (i = 0; i < ac; i++) | 552 | for (i = 0; i < ac; i++) |
553 | free(av[i]); | 553 | free(av[i]); |
554 | free(av); | 554 | free(av); |
@@ -898,7 +898,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
898 | * NB. all returns later this function should go via "out" to | 898 | * NB. all returns later this function should go via "out" to |
899 | * ensure the original SIGCHLD handler is restored properly. | 899 | * ensure the original SIGCHLD handler is restored properly. |
900 | */ | 900 | */ |
901 | osigchld = signal(SIGCHLD, SIG_DFL); | 901 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); |
902 | 902 | ||
903 | /* Prepare and verify the user for the command */ | 903 | /* Prepare and verify the user for the command */ |
904 | username = percent_expand(options.authorized_keys_command_user, | 904 | username = percent_expand(options.authorized_keys_command_user, |
@@ -987,7 +987,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
987 | out: | 987 | out: |
988 | if (f != NULL) | 988 | if (f != NULL) |
989 | fclose(f); | 989 | fclose(f); |
990 | signal(SIGCHLD, osigchld); | 990 | ssh_signal(SIGCHLD, osigchld); |
991 | for (i = 0; i < ac; i++) | 991 | for (i = 0; i < ac; i++) |
992 | free(av[i]); | 992 | free(av[i]); |
993 | free(av); | 993 | free(av); |
diff --git a/clientloop.c b/clientloop.c index 4acf2806d..d4c23d554 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.c,v 1.331 2020/01/23 02:46:49 dtucker Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.332 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -785,7 +785,7 @@ process_cmdline(struct ssh *ssh) | |||
785 | memset(&fwd, 0, sizeof(fwd)); | 785 | memset(&fwd, 0, sizeof(fwd)); |
786 | 786 | ||
787 | leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); | 787 | leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); |
788 | handler = signal(SIGINT, SIG_IGN); | 788 | handler = ssh_signal(SIGINT, SIG_IGN); |
789 | cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); | 789 | cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); |
790 | if (s == NULL) | 790 | if (s == NULL) |
791 | goto out; | 791 | goto out; |
@@ -883,7 +883,7 @@ process_cmdline(struct ssh *ssh) | |||
883 | } | 883 | } |
884 | 884 | ||
885 | out: | 885 | out: |
886 | signal(SIGINT, handler); | 886 | ssh_signal(SIGINT, handler); |
887 | enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); | 887 | enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); |
888 | free(cmd); | 888 | free(cmd); |
889 | free(fwd.listen_host); | 889 | free(fwd.listen_host); |
@@ -1306,15 +1306,15 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1306 | * Set signal handlers, (e.g. to restore non-blocking mode) | 1306 | * Set signal handlers, (e.g. to restore non-blocking mode) |
1307 | * but don't overwrite SIG_IGN, matches behaviour from rsh(1) | 1307 | * but don't overwrite SIG_IGN, matches behaviour from rsh(1) |
1308 | */ | 1308 | */ |
1309 | if (signal(SIGHUP, SIG_IGN) != SIG_IGN) | 1309 | if (ssh_signal(SIGHUP, SIG_IGN) != SIG_IGN) |
1310 | signal(SIGHUP, signal_handler); | 1310 | ssh_signal(SIGHUP, signal_handler); |
1311 | if (signal(SIGINT, SIG_IGN) != SIG_IGN) | 1311 | if (ssh_signal(SIGINT, SIG_IGN) != SIG_IGN) |
1312 | signal(SIGINT, signal_handler); | 1312 | ssh_signal(SIGINT, signal_handler); |
1313 | if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) | 1313 | if (ssh_signal(SIGQUIT, SIG_IGN) != SIG_IGN) |
1314 | signal(SIGQUIT, signal_handler); | 1314 | ssh_signal(SIGQUIT, signal_handler); |
1315 | if (signal(SIGTERM, SIG_IGN) != SIG_IGN) | 1315 | if (ssh_signal(SIGTERM, SIG_IGN) != SIG_IGN) |
1316 | signal(SIGTERM, signal_handler); | 1316 | ssh_signal(SIGTERM, signal_handler); |
1317 | signal(SIGWINCH, window_change_handler); | 1317 | ssh_signal(SIGWINCH, window_change_handler); |
1318 | 1318 | ||
1319 | if (have_pty) | 1319 | if (have_pty) |
1320 | enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); | 1320 | enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); |
@@ -1413,7 +1413,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg, | |||
1413 | /* Terminate the session. */ | 1413 | /* Terminate the session. */ |
1414 | 1414 | ||
1415 | /* Stop watching for window change. */ | 1415 | /* Stop watching for window change. */ |
1416 | signal(SIGWINCH, SIG_DFL); | 1416 | ssh_signal(SIGWINCH, SIG_DFL); |
1417 | 1417 | ||
1418 | if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 || | 1418 | if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 || |
1419 | (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_BY_APPLICATION)) != 0 || | 1419 | (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_BY_APPLICATION)) != 0 || |
@@ -110,7 +110,7 @@ get_random_bytes_prngd(unsigned char *buf, int len, | |||
110 | strlen(socket_path) + 1; | 110 | strlen(socket_path) + 1; |
111 | } | 111 | } |
112 | 112 | ||
113 | old_sigpipe = signal(SIGPIPE, SIG_IGN); | 113 | old_sigpipe = ssh_signal(SIGPIPE, SIG_IGN); |
114 | 114 | ||
115 | errors = 0; | 115 | errors = 0; |
116 | rval = -1; | 116 | rval = -1; |
@@ -160,7 +160,7 @@ reopen: | |||
160 | 160 | ||
161 | rval = 0; | 161 | rval = 0; |
162 | done: | 162 | done: |
163 | signal(SIGPIPE, old_sigpipe); | 163 | ssh_signal(SIGPIPE, old_sigpipe); |
164 | if (fd != -1) | 164 | if (fd != -1) |
165 | close(fd); | 165 | close(fd); |
166 | return rval; | 166 | return rval; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.c,v 1.143 2019/11/22 06:50:30 dtucker Exp $ */ | 1 | /* $OpenBSD: misc.c,v 1.144 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. |
@@ -2221,3 +2221,20 @@ opt_match(const char **opts, const char *term) | |||
2221 | return 0; | 2221 | return 0; |
2222 | } | 2222 | } |
2223 | 2223 | ||
2224 | sshsig_t | ||
2225 | ssh_signal(int signum, sshsig_t handler) | ||
2226 | { | ||
2227 | struct sigaction sa, osa; | ||
2228 | |||
2229 | /* mask all other signals while in handler */ | ||
2230 | bzero(&sa, sizeof(sa)); | ||
2231 | sa.sa_handler = handler; | ||
2232 | sigfillset(&sa.sa_mask); | ||
2233 | if (signum != SIGALRM) | ||
2234 | sa.sa_flags = SA_RESTART; | ||
2235 | if (sigaction(signum, &sa, &osa) == -1) { | ||
2236 | debug3("sigaction(%s): %s", strsignal(signum), strerror(errno)); | ||
2237 | return SIG_ERR; | ||
2238 | } | ||
2239 | return osa.sa_handler; | ||
2240 | } | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.h,v 1.82 2019/11/12 22:34:20 djm Exp $ */ | 1 | /* $OpenBSD: misc.h,v 1.83 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -190,4 +190,6 @@ void notify_complete(struct notifier_ctx *); | |||
190 | #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) | 190 | #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) |
191 | #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) | 191 | #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) |
192 | 192 | ||
193 | typedef void (*sshsig_t)(int); | ||
194 | sshsig_t ssh_signal(int, sshsig_t); | ||
193 | #endif /* _MISC_H */ | 195 | #endif /* _MISC_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.206 2019/12/15 18:57:30 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -393,11 +393,11 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor) | |||
393 | pmonitor->m_recvfd = -1; | 393 | pmonitor->m_recvfd = -1; |
394 | 394 | ||
395 | monitor_set_child_handler(pmonitor->m_pid); | 395 | monitor_set_child_handler(pmonitor->m_pid); |
396 | signal(SIGHUP, &monitor_child_handler); | 396 | ssh_signal(SIGHUP, &monitor_child_handler); |
397 | signal(SIGTERM, &monitor_child_handler); | 397 | ssh_signal(SIGTERM, &monitor_child_handler); |
398 | signal(SIGINT, &monitor_child_handler); | 398 | ssh_signal(SIGINT, &monitor_child_handler); |
399 | #ifdef SIGXFSZ | 399 | #ifdef SIGXFSZ |
400 | signal(SIGXFSZ, SIG_IGN); | 400 | ssh_signal(SIGXFSZ, SIG_IGN); |
401 | #endif | 401 | #endif |
402 | 402 | ||
403 | mon_dispatch = mon_dispatch_postauth20; | 403 | mon_dispatch = mon_dispatch_postauth20; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.80 2019/06/28 13:35:04 deraadt Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.81 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -1911,7 +1911,7 @@ mux_client_request_session(int fd) | |||
1911 | return -1; | 1911 | return -1; |
1912 | } | 1912 | } |
1913 | 1913 | ||
1914 | signal(SIGPIPE, SIG_IGN); | 1914 | ssh_signal(SIGPIPE, SIG_IGN); |
1915 | 1915 | ||
1916 | if (stdin_null_flag) { | 1916 | if (stdin_null_flag) { |
1917 | if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1) | 1917 | if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1) |
@@ -2012,10 +2012,10 @@ mux_client_request_session(int fd) | |||
2012 | fatal("%s pledge(): %s", __func__, strerror(errno)); | 2012 | fatal("%s pledge(): %s", __func__, strerror(errno)); |
2013 | platform_pledge_mux(); | 2013 | platform_pledge_mux(); |
2014 | 2014 | ||
2015 | signal(SIGHUP, control_client_sighandler); | 2015 | ssh_signal(SIGHUP, control_client_sighandler); |
2016 | signal(SIGINT, control_client_sighandler); | 2016 | ssh_signal(SIGINT, control_client_sighandler); |
2017 | signal(SIGTERM, control_client_sighandler); | 2017 | ssh_signal(SIGTERM, control_client_sighandler); |
2018 | signal(SIGWINCH, control_client_sigrelay); | 2018 | ssh_signal(SIGWINCH, control_client_sigrelay); |
2019 | 2019 | ||
2020 | rawmode = tty_flag; | 2020 | rawmode = tty_flag; |
2021 | if (tty_flag) | 2021 | if (tty_flag) |
@@ -2145,7 +2145,7 @@ mux_client_request_stdio_fwd(int fd) | |||
2145 | return -1; | 2145 | return -1; |
2146 | } | 2146 | } |
2147 | 2147 | ||
2148 | signal(SIGPIPE, SIG_IGN); | 2148 | ssh_signal(SIGPIPE, SIG_IGN); |
2149 | 2149 | ||
2150 | if (stdin_null_flag) { | 2150 | if (stdin_null_flag) { |
2151 | if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1) | 2151 | if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1) |
@@ -2219,10 +2219,10 @@ mux_client_request_stdio_fwd(int fd) | |||
2219 | } | 2219 | } |
2220 | muxclient_request_id++; | 2220 | muxclient_request_id++; |
2221 | 2221 | ||
2222 | signal(SIGHUP, control_client_sighandler); | 2222 | ssh_signal(SIGHUP, control_client_sighandler); |
2223 | signal(SIGINT, control_client_sighandler); | 2223 | ssh_signal(SIGINT, control_client_sighandler); |
2224 | signal(SIGTERM, control_client_sighandler); | 2224 | ssh_signal(SIGTERM, control_client_sighandler); |
2225 | signal(SIGWINCH, control_client_sigrelay); | 2225 | ssh_signal(SIGWINCH, control_client_sigrelay); |
2226 | 2226 | ||
2227 | /* | 2227 | /* |
2228 | * Stick around until the controlee closes the client_fd. | 2228 | * Stick around until the controlee closes the client_fd. |
diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c index 123a9be56..b6b5ab49b 100644 --- a/openbsd-compat/bsd-openpty.c +++ b/openbsd-compat/bsd-openpty.c | |||
@@ -103,10 +103,10 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp, | |||
103 | return (-1); | 103 | return (-1); |
104 | 104 | ||
105 | /* XXX: need to close ptm on error? */ | 105 | /* XXX: need to close ptm on error? */ |
106 | old_signal = signal(SIGCHLD, SIG_DFL); | 106 | old_signal = ssh_signal(SIGCHLD, SIG_DFL); |
107 | if (grantpt(ptm) < 0) | 107 | if (grantpt(ptm) < 0) |
108 | return (-1); | 108 | return (-1); |
109 | signal(SIGCHLD, old_signal); | 109 | ssh_signal(SIGCHLD, old_signal); |
110 | 110 | ||
111 | if (unlockpt(ptm) < 0) | 111 | if (unlockpt(ptm) < 0) |
112 | return (-1); | 112 | return (-1); |
diff --git a/progressmeter.c b/progressmeter.c index 72f40f8f9..8baf798f1 100644 --- a/progressmeter.c +++ b/progressmeter.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: progressmeter.c,v 1.49 2019/10/29 07:47:27 dtucker Exp $ */ | 1 | /* $OpenBSD: progressmeter.c,v 1.50 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2003 Nils Nordman. All rights reserved. | 3 | * Copyright (c) 2003 Nils Nordman. All rights reserved. |
4 | * | 4 | * |
@@ -252,8 +252,8 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) | |||
252 | setscreensize(); | 252 | setscreensize(); |
253 | refresh_progress_meter(1); | 253 | refresh_progress_meter(1); |
254 | 254 | ||
255 | signal(SIGALRM, sig_alarm); | 255 | ssh_signal(SIGALRM, sig_alarm); |
256 | signal(SIGWINCH, sig_winch); | 256 | ssh_signal(SIGWINCH, sig_winch); |
257 | alarm(UPDATE_INTERVAL); | 257 | alarm(UPDATE_INTERVAL); |
258 | } | 258 | } |
259 | 259 | ||
diff --git a/readconf.c b/readconf.c index ff551c856..59443bfdb 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.320 2020/01/23 02:46:49 dtucker Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.321 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -528,7 +528,7 @@ execute_in_shell(const char *cmd) | |||
528 | execv(argv[0], argv); | 528 | execv(argv[0], argv); |
529 | error("Unable to execute '%.100s': %s", cmd, strerror(errno)); | 529 | error("Unable to execute '%.100s': %s", cmd, strerror(errno)); |
530 | /* Die with signal to make this error apparent to parent. */ | 530 | /* Die with signal to make this error apparent to parent. */ |
531 | signal(SIGTERM, SIG_DFL); | 531 | ssh_signal(SIGTERM, SIG_DFL); |
532 | kill(getpid(), SIGTERM); | 532 | kill(getpid(), SIGTERM); |
533 | _exit(1); | 533 | _exit(1); |
534 | } | 534 | } |
diff --git a/readpass.c b/readpass.c index 4172bbc56..974d67f0b 100644 --- a/readpass.c +++ b/readpass.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readpass.c,v 1.60 2019/12/06 03:06:08 djm Exp $ */ | 1 | /* $OpenBSD: readpass.c,v 1.61 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -65,10 +65,10 @@ ssh_askpass(char *askpass, const char *msg, const char *env_hint) | |||
65 | error("%s: pipe: %s", __func__, strerror(errno)); | 65 | error("%s: pipe: %s", __func__, strerror(errno)); |
66 | return NULL; | 66 | return NULL; |
67 | } | 67 | } |
68 | osigchld = signal(SIGCHLD, SIG_DFL); | 68 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); |
69 | if ((pid = fork()) == -1) { | 69 | if ((pid = fork()) == -1) { |
70 | error("%s: fork: %s", __func__, strerror(errno)); | 70 | error("%s: fork: %s", __func__, strerror(errno)); |
71 | signal(SIGCHLD, osigchld); | 71 | ssh_signal(SIGCHLD, osigchld); |
72 | return NULL; | 72 | return NULL; |
73 | } | 73 | } |
74 | if (pid == 0) { | 74 | if (pid == 0) { |
@@ -98,7 +98,7 @@ ssh_askpass(char *askpass, const char *msg, const char *env_hint) | |||
98 | while ((ret = waitpid(pid, &status, 0)) == -1) | 98 | while ((ret = waitpid(pid, &status, 0)) == -1) |
99 | if (errno != EINTR) | 99 | if (errno != EINTR) |
100 | break; | 100 | break; |
101 | signal(SIGCHLD, osigchld); | 101 | ssh_signal(SIGCHLD, osigchld); |
102 | if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) { | 102 | if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) { |
103 | explicit_bzero(buf, sizeof(buf)); | 103 | explicit_bzero(buf, sizeof(buf)); |
104 | return NULL; | 104 | return NULL; |
@@ -243,10 +243,10 @@ notify_start(int force_askpass, const char *fmt, ...) | |||
243 | free(prompt); | 243 | free(prompt); |
244 | return NULL; | 244 | return NULL; |
245 | } | 245 | } |
246 | osigchld = signal(SIGCHLD, SIG_DFL); | 246 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); |
247 | if ((pid = fork()) == -1) { | 247 | if ((pid = fork()) == -1) { |
248 | error("%s: fork: %s", __func__, strerror(errno)); | 248 | error("%s: fork: %s", __func__, strerror(errno)); |
249 | signal(SIGCHLD, osigchld); | 249 | ssh_signal(SIGCHLD, osigchld); |
250 | free(prompt); | 250 | free(prompt); |
251 | return NULL; | 251 | return NULL; |
252 | } | 252 | } |
@@ -289,6 +289,6 @@ notify_complete(struct notifier_ctx *ctx) | |||
289 | } | 289 | } |
290 | if (ret == -1) | 290 | if (ret == -1) |
291 | fatal("%s: waitpid: %s", __func__, strerror(errno)); | 291 | fatal("%s: waitpid: %s", __func__, strerror(errno)); |
292 | signal(SIGCHLD, ctx->osigchld); | 292 | ssh_signal(SIGCHLD, ctx->osigchld); |
293 | free(ctx); | 293 | free(ctx); |
294 | } | 294 | } |
diff --git a/sandbox-systrace.c b/sandbox-systrace.c index 93e63b8e0..e61d581ae 100644 --- a/sandbox-systrace.c +++ b/sandbox-systrace.c | |||
@@ -105,7 +105,7 @@ ssh_sandbox_init(struct monitor *monitor) | |||
105 | box = xcalloc(1, sizeof(*box)); | 105 | box = xcalloc(1, sizeof(*box)); |
106 | box->systrace_fd = -1; | 106 | box->systrace_fd = -1; |
107 | box->child_pid = 0; | 107 | box->child_pid = 0; |
108 | box->osigchld = signal(SIGCHLD, SIG_IGN); | 108 | box->osigchld = ssh_signal(SIGCHLD, SIG_IGN); |
109 | 109 | ||
110 | return box; | 110 | return box; |
111 | } | 111 | } |
@@ -114,7 +114,7 @@ void | |||
114 | ssh_sandbox_child(struct ssh_sandbox *box) | 114 | ssh_sandbox_child(struct ssh_sandbox *box) |
115 | { | 115 | { |
116 | debug3("%s: ready", __func__); | 116 | debug3("%s: ready", __func__); |
117 | signal(SIGCHLD, box->osigchld); | 117 | ssh_signal(SIGCHLD, box->osigchld); |
118 | if (kill(getpid(), SIGSTOP) != 0) | 118 | if (kill(getpid(), SIGSTOP) != 0) |
119 | fatal("%s: kill(%d, SIGSTOP)", __func__, getpid()); | 119 | fatal("%s: kill(%d, SIGSTOP)", __func__, getpid()); |
120 | debug3("%s: started", __func__); | 120 | debug3("%s: started", __func__); |
@@ -133,7 +133,7 @@ ssh_sandbox_parent(struct ssh_sandbox *box, pid_t child_pid, | |||
133 | do { | 133 | do { |
134 | pid = waitpid(child_pid, &status, WUNTRACED); | 134 | pid = waitpid(child_pid, &status, WUNTRACED); |
135 | } while (pid == -1 && errno == EINTR); | 135 | } while (pid == -1 && errno == EINTR); |
136 | signal(SIGCHLD, box->osigchld); | 136 | ssh_signal(SIGCHLD, box->osigchld); |
137 | if (!WIFSTOPPED(status)) { | 137 | if (!WIFSTOPPED(status)) { |
138 | if (WIFSIGNALED(status)) | 138 | if (WIFSIGNALED(status)) |
139 | fatal("%s: child terminated with signal %d", | 139 | fatal("%s: child terminated with signal %d", |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: scp.c,v 1.206 2019/09/09 02:31:19 dtucker Exp $ */ | 1 | /* $OpenBSD: scp.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * scp - secure remote copy. This is basically patched BSD rcp which | 3 | * scp - secure remote copy. This is basically patched BSD rcp which |
4 | * uses ssh to do the data transfer (instead of using rcmd). | 4 | * uses ssh to do the data transfer (instead of using rcmd). |
@@ -215,9 +215,9 @@ do_local_cmd(arglist *a) | |||
215 | } | 215 | } |
216 | 216 | ||
217 | do_cmd_pid = pid; | 217 | do_cmd_pid = pid; |
218 | signal(SIGTERM, killchild); | 218 | ssh_signal(SIGTERM, killchild); |
219 | signal(SIGINT, killchild); | 219 | ssh_signal(SIGINT, killchild); |
220 | signal(SIGHUP, killchild); | 220 | ssh_signal(SIGHUP, killchild); |
221 | 221 | ||
222 | while (waitpid(pid, &status, 0) == -1) | 222 | while (waitpid(pid, &status, 0) == -1) |
223 | if (errno != EINTR) | 223 | if (errno != EINTR) |
@@ -268,9 +268,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout) | |||
268 | close(reserved[0]); | 268 | close(reserved[0]); |
269 | close(reserved[1]); | 269 | close(reserved[1]); |
270 | 270 | ||
271 | signal(SIGTSTP, suspchild); | 271 | ssh_signal(SIGTSTP, suspchild); |
272 | signal(SIGTTIN, suspchild); | 272 | ssh_signal(SIGTTIN, suspchild); |
273 | signal(SIGTTOU, suspchild); | 273 | ssh_signal(SIGTTOU, suspchild); |
274 | 274 | ||
275 | /* Fork a child to execute the command on the remote host using ssh. */ | 275 | /* Fork a child to execute the command on the remote host using ssh. */ |
276 | do_cmd_pid = fork(); | 276 | do_cmd_pid = fork(); |
@@ -307,9 +307,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout) | |||
307 | *fdout = pin[1]; | 307 | *fdout = pin[1]; |
308 | close(pout[1]); | 308 | close(pout[1]); |
309 | *fdin = pout[0]; | 309 | *fdin = pout[0]; |
310 | signal(SIGTERM, killchild); | 310 | ssh_signal(SIGTERM, killchild); |
311 | signal(SIGINT, killchild); | 311 | ssh_signal(SIGINT, killchild); |
312 | signal(SIGHUP, killchild); | 312 | ssh_signal(SIGHUP, killchild); |
313 | return 0; | 313 | return 0; |
314 | } | 314 | } |
315 | 315 | ||
@@ -561,7 +561,7 @@ main(int argc, char **argv) | |||
561 | iamrecursive ? " -r" : "", pflag ? " -p" : "", | 561 | iamrecursive ? " -r" : "", pflag ? " -p" : "", |
562 | targetshouldbedirectory ? " -d" : ""); | 562 | targetshouldbedirectory ? " -d" : ""); |
563 | 563 | ||
564 | (void) signal(SIGPIPE, lostconn); | 564 | (void) ssh_signal(SIGPIPE, lostconn); |
565 | 565 | ||
566 | if (colon(argv[argc - 1])) /* Dest is remote host. */ | 566 | if (colon(argv[argc - 1])) /* Dest is remote host. */ |
567 | toremote(argc, argv); | 567 | toremote(argc, argv); |
diff --git a/serverloop.c b/serverloop.c index 99d259201..1babc7a51 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: serverloop.c,v 1.218 2019/11/27 05:38:43 dtucker Exp $ */ | 1 | /* $OpenBSD: serverloop.c,v 1.219 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -402,15 +402,15 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) | |||
402 | 402 | ||
403 | debug("Entering interactive session for SSH2."); | 403 | debug("Entering interactive session for SSH2."); |
404 | 404 | ||
405 | signal(SIGCHLD, sigchld_handler); | 405 | ssh_signal(SIGCHLD, sigchld_handler); |
406 | child_terminated = 0; | 406 | child_terminated = 0; |
407 | connection_in = ssh_packet_get_connection_in(ssh); | 407 | connection_in = ssh_packet_get_connection_in(ssh); |
408 | connection_out = ssh_packet_get_connection_out(ssh); | 408 | connection_out = ssh_packet_get_connection_out(ssh); |
409 | 409 | ||
410 | if (!use_privsep) { | 410 | if (!use_privsep) { |
411 | signal(SIGTERM, sigterm_handler); | 411 | ssh_signal(SIGTERM, sigterm_handler); |
412 | signal(SIGINT, sigterm_handler); | 412 | ssh_signal(SIGINT, sigterm_handler); |
413 | signal(SIGQUIT, sigterm_handler); | 413 | ssh_signal(SIGQUIT, sigterm_handler); |
414 | } | 414 | } |
415 | 415 | ||
416 | notify_setup(); | 416 | notify_setup(); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.317 2019/11/13 04:47:52 deraadt Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.318 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -1642,7 +1642,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1642 | do_rc_files(ssh, s, shell); | 1642 | do_rc_files(ssh, s, shell); |
1643 | 1643 | ||
1644 | /* restore SIGPIPE for child */ | 1644 | /* restore SIGPIPE for child */ |
1645 | signal(SIGPIPE, SIG_DFL); | 1645 | ssh_signal(SIGPIPE, SIG_DFL); |
1646 | 1646 | ||
1647 | if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) { | 1647 | if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) { |
1648 | error("Connection from %s: refusing non-sftp session", | 1648 | error("Connection from %s: refusing non-sftp session", |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp.c,v 1.196 2019/11/01 03:54:33 djm Exp $ */ | 1 | /* $OpenBSD: sftp.c,v 1.197 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -2243,7 +2243,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2243 | interactive = !batchmode && isatty(STDIN_FILENO); | 2243 | interactive = !batchmode && isatty(STDIN_FILENO); |
2244 | err = 0; | 2244 | err = 0; |
2245 | for (;;) { | 2245 | for (;;) { |
2246 | signal(SIGINT, SIG_IGN); | 2246 | ssh_signal(SIGINT, SIG_IGN); |
2247 | 2247 | ||
2248 | if (el == NULL) { | 2248 | if (el == NULL) { |
2249 | if (interactive) | 2249 | if (interactive) |
@@ -2275,14 +2275,14 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) | |||
2275 | 2275 | ||
2276 | /* Handle user interrupts gracefully during commands */ | 2276 | /* Handle user interrupts gracefully during commands */ |
2277 | interrupted = 0; | 2277 | interrupted = 0; |
2278 | signal(SIGINT, cmd_interrupt); | 2278 | ssh_signal(SIGINT, cmd_interrupt); |
2279 | 2279 | ||
2280 | err = parse_dispatch_command(conn, cmd, &remote_path, | 2280 | err = parse_dispatch_command(conn, cmd, &remote_path, |
2281 | startdir, batchmode, !interactive && el == NULL); | 2281 | startdir, batchmode, !interactive && el == NULL); |
2282 | if (err != 0) | 2282 | if (err != 0) |
2283 | break; | 2283 | break; |
2284 | } | 2284 | } |
2285 | signal(SIGCHLD, SIG_DFL); | 2285 | ssh_signal(SIGCHLD, SIG_DFL); |
2286 | free(remote_path); | 2286 | free(remote_path); |
2287 | free(startdir); | 2287 | free(startdir); |
2288 | free(conn); | 2288 | free(conn); |
@@ -2339,20 +2339,20 @@ connect_to_server(char *path, char **args, int *in, int *out) | |||
2339 | * kill it too. Contrawise, since sftp sends SIGTERMs to the | 2339 | * kill it too. Contrawise, since sftp sends SIGTERMs to the |
2340 | * underlying ssh, it must *not* ignore that signal. | 2340 | * underlying ssh, it must *not* ignore that signal. |
2341 | */ | 2341 | */ |
2342 | signal(SIGINT, SIG_IGN); | 2342 | ssh_signal(SIGINT, SIG_IGN); |
2343 | signal(SIGTERM, SIG_DFL); | 2343 | ssh_signal(SIGTERM, SIG_DFL); |
2344 | execvp(path, args); | 2344 | execvp(path, args); |
2345 | fprintf(stderr, "exec: %s: %s\n", path, strerror(errno)); | 2345 | fprintf(stderr, "exec: %s: %s\n", path, strerror(errno)); |
2346 | _exit(1); | 2346 | _exit(1); |
2347 | } | 2347 | } |
2348 | 2348 | ||
2349 | signal(SIGTERM, killchild); | 2349 | ssh_signal(SIGTERM, killchild); |
2350 | signal(SIGINT, killchild); | 2350 | ssh_signal(SIGINT, killchild); |
2351 | signal(SIGHUP, killchild); | 2351 | ssh_signal(SIGHUP, killchild); |
2352 | signal(SIGTSTP, suspchild); | 2352 | ssh_signal(SIGTSTP, suspchild); |
2353 | signal(SIGTTIN, suspchild); | 2353 | ssh_signal(SIGTTIN, suspchild); |
2354 | signal(SIGTTOU, suspchild); | 2354 | ssh_signal(SIGTTOU, suspchild); |
2355 | signal(SIGCHLD, sigchld_handler); | 2355 | ssh_signal(SIGCHLD, sigchld_handler); |
2356 | close(c_in); | 2356 | close(c_in); |
2357 | close(c_out); | 2357 | close(c_out); |
2358 | } | 2358 | } |
diff --git a/ssh-agent.c b/ssh-agent.c index 09d12dc3f..dd5d21d5a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.251 2019/12/13 19:09:10 djm Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.252 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1404,10 +1404,10 @@ skip: | |||
1404 | if (ac > 0) | 1404 | if (ac > 0) |
1405 | parent_alive_interval = 10; | 1405 | parent_alive_interval = 10; |
1406 | idtab_init(); | 1406 | idtab_init(); |
1407 | signal(SIGPIPE, SIG_IGN); | 1407 | ssh_signal(SIGPIPE, SIG_IGN); |
1408 | signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN); | 1408 | ssh_signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN); |
1409 | signal(SIGHUP, cleanup_handler); | 1409 | ssh_signal(SIGHUP, cleanup_handler); |
1410 | signal(SIGTERM, cleanup_handler); | 1410 | ssh_signal(SIGTERM, cleanup_handler); |
1411 | 1411 | ||
1412 | if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1) | 1412 | if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1) |
1413 | fatal("%s: pledge: %s", __progname, strerror(errno)); | 1413 | fatal("%s: pledge: %s", __progname, strerror(errno)); |
diff --git a/ssh-sk-client.c b/ssh-sk-client.c index 359327b68..8d7e6c305 100644 --- a/ssh-sk-client.c +++ b/ssh-sk-client.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-sk-client.c,v 1.6 2020/01/21 07:07:31 djm Exp $ */ | 1 | /* $OpenBSD: ssh-sk-client.c,v 1.7 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2019 Google LLC | 3 | * Copyright (c) 2019 Google LLC |
4 | * | 4 | * |
@@ -39,6 +39,7 @@ | |||
39 | #include "digest.h" | 39 | #include "digest.h" |
40 | #include "pathnames.h" | 40 | #include "pathnames.h" |
41 | #include "ssh-sk.h" | 41 | #include "ssh-sk.h" |
42 | #include "misc.h" | ||
42 | 43 | ||
43 | /* #define DEBUG_SK 1 */ | 44 | /* #define DEBUG_SK 1 */ |
44 | 45 | ||
@@ -73,13 +74,13 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int)) | |||
73 | error("socketpair: %s", strerror(errno)); | 74 | error("socketpair: %s", strerror(errno)); |
74 | return SSH_ERR_SYSTEM_ERROR; | 75 | return SSH_ERR_SYSTEM_ERROR; |
75 | } | 76 | } |
76 | osigchld = signal(SIGCHLD, SIG_DFL); | 77 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); |
77 | if ((pid = fork()) == -1) { | 78 | if ((pid = fork()) == -1) { |
78 | oerrno = errno; | 79 | oerrno = errno; |
79 | error("fork: %s", strerror(errno)); | 80 | error("fork: %s", strerror(errno)); |
80 | close(pair[0]); | 81 | close(pair[0]); |
81 | close(pair[1]); | 82 | close(pair[1]); |
82 | signal(SIGCHLD, osigchld); | 83 | ssh_signal(SIGCHLD, osigchld); |
83 | errno = oerrno; | 84 | errno = oerrno; |
84 | return SSH_ERR_SYSTEM_ERROR; | 85 | return SSH_ERR_SYSTEM_ERROR; |
85 | } | 86 | } |
@@ -220,7 +221,7 @@ client_converse(struct sshbuf *msg, struct sshbuf **respp, u_int type) | |||
220 | } | 221 | } |
221 | sshbuf_free(req); | 222 | sshbuf_free(req); |
222 | sshbuf_free(resp); | 223 | sshbuf_free(resp); |
223 | signal(SIGCHLD, osigchld); | 224 | ssh_signal(SIGCHLD, osigchld); |
224 | errno = oerrno; | 225 | errno = oerrno; |
225 | return r; | 226 | return r; |
226 | 227 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.511 2020/01/05 16:28:22 beck Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.512 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1535,8 +1535,8 @@ main(int ac, char **av) | |||
1535 | options.num_system_hostfiles); | 1535 | options.num_system_hostfiles); |
1536 | tilde_expand_paths(options.user_hostfiles, options.num_user_hostfiles); | 1536 | tilde_expand_paths(options.user_hostfiles, options.num_user_hostfiles); |
1537 | 1537 | ||
1538 | signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */ | 1538 | ssh_signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */ |
1539 | signal(SIGCHLD, main_sigchld_handler); | 1539 | ssh_signal(SIGCHLD, main_sigchld_handler); |
1540 | 1540 | ||
1541 | /* Log into the remote system. Never returns if the login fails. */ | 1541 | /* Log into the remote system. Never returns if the login fails. */ |
1542 | ssh_login(ssh, &sensitive_data, host, (struct sockaddr *)&hostaddr, | 1542 | ssh_login(ssh, &sensitive_data, host, (struct sockaddr *)&hostaddr, |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf.c,v 1.13 2018/11/16 06:10:29 djm Exp $ */ | 1 | /* $OpenBSD: sshbuf.c,v 1.14 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -42,7 +42,7 @@ sshbuf_check_sanity(const struct sshbuf *buf) | |||
42 | buf->off > buf->size)) { | 42 | buf->off > buf->size)) { |
43 | /* Do not try to recover from corrupted buffer internals */ | 43 | /* Do not try to recover from corrupted buffer internals */ |
44 | SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); | 44 | SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR")); |
45 | signal(SIGSEGV, SIG_DFL); | 45 | ssh_signal(SIGSEGV, SIG_DFL); |
46 | raise(SIGSEGV); | 46 | raise(SIGSEGV); |
47 | return SSH_ERR_INTERNAL_ERROR; | 47 | return SSH_ERR_INTERNAL_ERROR; |
48 | } | 48 | } |
diff --git a/sshconnect.c b/sshconnect.c index a2d759819..690240716 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.c,v 1.326 2020/01/22 07:38:30 dtucker Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.327 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -259,7 +259,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg, | |||
259 | 259 | ||
260 | /* Execute the proxy command. Note that we gave up any | 260 | /* Execute the proxy command. Note that we gave up any |
261 | extra privileges above. */ | 261 | extra privileges above. */ |
262 | signal(SIGPIPE, SIG_DFL); | 262 | ssh_signal(SIGPIPE, SIG_DFL); |
263 | execv(argv[0], argv); | 263 | execv(argv[0], argv); |
264 | perror(argv[0]); | 264 | perror(argv[0]); |
265 | exit(1); | 265 | exit(1); |
@@ -1383,10 +1383,10 @@ ssh_local_cmd(const char *args) | |||
1383 | if ((shell = getenv("SHELL")) == NULL || *shell == '\0') | 1383 | if ((shell = getenv("SHELL")) == NULL || *shell == '\0') |
1384 | shell = _PATH_BSHELL; | 1384 | shell = _PATH_BSHELL; |
1385 | 1385 | ||
1386 | osighand = signal(SIGCHLD, SIG_DFL); | 1386 | osighand = ssh_signal(SIGCHLD, SIG_DFL); |
1387 | pid = fork(); | 1387 | pid = fork(); |
1388 | if (pid == 0) { | 1388 | if (pid == 0) { |
1389 | signal(SIGPIPE, SIG_DFL); | 1389 | ssh_signal(SIGPIPE, SIG_DFL); |
1390 | debug3("Executing %s -c \"%s\"", shell, args); | 1390 | debug3("Executing %s -c \"%s\"", shell, args); |
1391 | execl(shell, shell, "-c", args, (char *)NULL); | 1391 | execl(shell, shell, "-c", args, (char *)NULL); |
1392 | error("Couldn't execute %s -c \"%s\": %s", | 1392 | error("Couldn't execute %s -c \"%s\": %s", |
@@ -1397,7 +1397,7 @@ ssh_local_cmd(const char *args) | |||
1397 | while (waitpid(pid, &status, 0) == -1) | 1397 | while (waitpid(pid, &status, 0) == -1) |
1398 | if (errno != EINTR) | 1398 | if (errno != EINTR) |
1399 | fatal("Couldn't wait for child: %s", strerror(errno)); | 1399 | fatal("Couldn't wait for child: %s", strerror(errno)); |
1400 | signal(SIGCHLD, osighand); | 1400 | ssh_signal(SIGCHLD, osighand); |
1401 | 1401 | ||
1402 | if (!WIFEXITED(status)) | 1402 | if (!WIFEXITED(status)) |
1403 | return (1); | 1403 | return (1); |
diff --git a/sshconnect2.c b/sshconnect2.c index 7f52cc55e..8d13310f2 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.317 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -1924,7 +1924,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, | |||
1924 | error("%s: fork: %s", __func__, strerror(errno)); | 1924 | error("%s: fork: %s", __func__, strerror(errno)); |
1925 | return -1; | 1925 | return -1; |
1926 | } | 1926 | } |
1927 | osigchld = signal(SIGCHLD, SIG_DFL); | 1927 | osigchld = ssh_signal(SIGCHLD, SIG_DFL); |
1928 | if (pid == 0) { | 1928 | if (pid == 0) { |
1929 | close(from[0]); | 1929 | close(from[0]); |
1930 | if (dup2(from[1], STDOUT_FILENO) == -1) | 1930 | if (dup2(from[1], STDOUT_FILENO) == -1) |
@@ -1996,11 +1996,11 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, | |||
1996 | if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) { | 1996 | if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) { |
1997 | error("%s: buffer error: %s", __func__, ssh_err(r)); | 1997 | error("%s: buffer error: %s", __func__, ssh_err(r)); |
1998 | fail: | 1998 | fail: |
1999 | signal(SIGCHLD, osigchld); | 1999 | ssh_signal(SIGCHLD, osigchld); |
2000 | sshbuf_free(b); | 2000 | sshbuf_free(b); |
2001 | return -1; | 2001 | return -1; |
2002 | } | 2002 | } |
2003 | signal(SIGCHLD, osigchld); | 2003 | ssh_signal(SIGCHLD, osigchld); |
2004 | sshbuf_free(b); | 2004 | sshbuf_free(b); |
2005 | 2005 | ||
2006 | return 0; | 2006 | return 0; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.543 2020/01/21 22:39:57 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.544 2020/01/23 07:10:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -313,7 +313,7 @@ sighup_restart(void) | |||
313 | close_listen_socks(); | 313 | close_listen_socks(); |
314 | close_startup_pipes(); | 314 | close_startup_pipes(); |
315 | alarm(0); /* alarm timer persists across exec */ | 315 | alarm(0); /* alarm timer persists across exec */ |
316 | signal(SIGHUP, SIG_IGN); /* will be restored after exec */ | 316 | ssh_signal(SIGHUP, SIG_IGN); /* will be restored after exec */ |
317 | execv(saved_argv[0], saved_argv); | 317 | execv(saved_argv[0], saved_argv); |
318 | logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], | 318 | logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], |
319 | strerror(errno)); | 319 | strerror(errno)); |
@@ -342,6 +342,8 @@ main_sigchld_handler(int sig) | |||
342 | pid_t pid; | 342 | pid_t pid; |
343 | int status; | 343 | int status; |
344 | 344 | ||
345 | debug("main_sigchld_handler: %s", strsignal(sig)); | ||
346 | |||
345 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 347 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
346 | (pid == -1 && errno == EINTR)) | 348 | (pid == -1 && errno == EINTR)) |
347 | ; | 349 | ; |
@@ -363,7 +365,7 @@ grace_alarm_handler(int sig) | |||
363 | * keys command helpers. | 365 | * keys command helpers. |
364 | */ | 366 | */ |
365 | if (getpgid(0) == getpid()) { | 367 | if (getpgid(0) == getpid()) { |
366 | signal(SIGTERM, SIG_IGN); | 368 | ssh_signal(SIGTERM, SIG_IGN); |
367 | kill(0, SIGTERM); | 369 | kill(0, SIGTERM); |
368 | } | 370 | } |
369 | 371 | ||
@@ -1941,7 +1943,7 @@ main(int ac, char **av) | |||
1941 | error("chdir(\"/\"): %s", strerror(errno)); | 1943 | error("chdir(\"/\"): %s", strerror(errno)); |
1942 | 1944 | ||
1943 | /* ignore SIGPIPE */ | 1945 | /* ignore SIGPIPE */ |
1944 | signal(SIGPIPE, SIG_IGN); | 1946 | ssh_signal(SIGPIPE, SIG_IGN); |
1945 | 1947 | ||
1946 | /* Get a connection, either from inetd or a listening TCP socket */ | 1948 | /* Get a connection, either from inetd or a listening TCP socket */ |
1947 | if (inetd_flag) { | 1949 | if (inetd_flag) { |
@@ -1950,10 +1952,10 @@ main(int ac, char **av) | |||
1950 | platform_pre_listen(); | 1952 | platform_pre_listen(); |
1951 | server_listen(); | 1953 | server_listen(); |
1952 | 1954 | ||
1953 | signal(SIGHUP, sighup_handler); | 1955 | ssh_signal(SIGHUP, sighup_handler); |
1954 | signal(SIGCHLD, main_sigchld_handler); | 1956 | ssh_signal(SIGCHLD, main_sigchld_handler); |
1955 | signal(SIGTERM, sigterm_handler); | 1957 | ssh_signal(SIGTERM, sigterm_handler); |
1956 | signal(SIGQUIT, sigterm_handler); | 1958 | ssh_signal(SIGQUIT, sigterm_handler); |
1957 | 1959 | ||
1958 | /* | 1960 | /* |
1959 | * Write out the pid file after the sigterm handler | 1961 | * Write out the pid file after the sigterm handler |
@@ -2043,12 +2045,12 @@ main(int ac, char **av) | |||
2043 | * will not restart on SIGHUP since it no longer makes sense. | 2045 | * will not restart on SIGHUP since it no longer makes sense. |
2044 | */ | 2046 | */ |
2045 | alarm(0); | 2047 | alarm(0); |
2046 | signal(SIGALRM, SIG_DFL); | 2048 | ssh_signal(SIGALRM, SIG_DFL); |
2047 | signal(SIGHUP, SIG_DFL); | 2049 | ssh_signal(SIGHUP, SIG_DFL); |
2048 | signal(SIGTERM, SIG_DFL); | 2050 | ssh_signal(SIGTERM, SIG_DFL); |
2049 | signal(SIGQUIT, SIG_DFL); | 2051 | ssh_signal(SIGQUIT, SIG_DFL); |
2050 | signal(SIGCHLD, SIG_DFL); | 2052 | ssh_signal(SIGCHLD, SIG_DFL); |
2051 | signal(SIGINT, SIG_DFL); | 2053 | ssh_signal(SIGINT, SIG_DFL); |
2052 | 2054 | ||
2053 | /* | 2055 | /* |
2054 | * Register our connection. This turns encryption off because we do | 2056 | * Register our connection. This turns encryption off because we do |
@@ -2109,7 +2111,7 @@ main(int ac, char **av) | |||
2109 | * mode; it is just annoying to have the server exit just when you | 2111 | * mode; it is just annoying to have the server exit just when you |
2110 | * are about to discover the bug. | 2112 | * are about to discover the bug. |
2111 | */ | 2113 | */ |
2112 | signal(SIGALRM, grace_alarm_handler); | 2114 | ssh_signal(SIGALRM, grace_alarm_handler); |
2113 | if (!debug_flag) | 2115 | if (!debug_flag) |
2114 | alarm(options.login_grace_time); | 2116 | alarm(options.login_grace_time); |
2115 | 2117 | ||
@@ -2167,7 +2169,7 @@ main(int ac, char **av) | |||
2167 | * authentication. | 2169 | * authentication. |
2168 | */ | 2170 | */ |
2169 | alarm(0); | 2171 | alarm(0); |
2170 | signal(SIGALRM, SIG_DFL); | 2172 | ssh_signal(SIGALRM, SIG_DFL); |
2171 | authctxt->authenticated = 1; | 2173 | authctxt->authenticated = 1; |
2172 | if (startup_pipe != -1) { | 2174 | if (startup_pipe != -1) { |
2173 | close(startup_pipe); | 2175 | close(startup_pipe); |