mirror of git://anongit.mindrot.org/openssh.git
upstream: Clear signal mask early in main(); sshd may have been
started with one or more signals masked (sigprocmask(2) is not cleared on fork/exec) and this could interfere with various things, e.g. the login grace timer. Execution environments that fail to clear the signal mask before running sshd are clearly broken, but apparently they do exist. Reported by Sreedhar Balasubramanian; ok dtucker@ OpenBSD-Commit-ID: 77078c0b1c53c780269fc0c416f121d05e3010ae
This commit is contained in:
parent
4acfaabfae
commit
93f2ce8c05
6
sshd.c
6
sshd.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: sshd.c,v 1.593 2022/12/04 23:50:49 cheloha Exp $ */
|
/* $OpenBSD: sshd.c,v 1.594 2022/12/16 06:56:47 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -1546,12 +1546,16 @@ main(int ac, char **av)
|
||||||
int keytype;
|
int keytype;
|
||||||
Authctxt *authctxt;
|
Authctxt *authctxt;
|
||||||
struct connection_info *connection_info = NULL;
|
struct connection_info *connection_info = NULL;
|
||||||
|
sigset_t sigmask;
|
||||||
|
|
||||||
#ifdef HAVE_SECUREWARE
|
#ifdef HAVE_SECUREWARE
|
||||||
(void)set_auth_parameters(ac, av);
|
(void)set_auth_parameters(ac, av);
|
||||||
#endif
|
#endif
|
||||||
__progname = ssh_get_progname(av[0]);
|
__progname = ssh_get_progname(av[0]);
|
||||||
|
|
||||||
|
sigemptyset(&sigmask);
|
||||||
|
sigprocmask(SIG_SETMASK, &sigmask, NULL);
|
||||||
|
|
||||||
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
|
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
|
||||||
saved_argc = ac;
|
saved_argc = ac;
|
||||||
rexec_argc = ac;
|
rexec_argc = ac;
|
||||||
|
|
Loading…
Reference in New Issue