propagate PAM crashes to PerSourcePenalties

If the PAM subprocess crashes, exit with a crash status that will be
picked up by the sshd(8) listener process where it can be used by
PerSourcePenalties to block the client. This is similar handling to
the privsep preauth process.
This commit is contained in:
Damien Miller 2024-06-17 17:02:18 +10:00
parent 1c207f456a
commit b00331402f
No known key found for this signature in database
1 changed files with 8 additions and 7 deletions

View File

@ -100,6 +100,7 @@
#include "ssh-gss.h" #include "ssh-gss.h"
#endif #endif
#include "monitor_wrap.h" #include "monitor_wrap.h"
#include "srclimit.h"
extern ServerOptions options; extern ServerOptions options;
extern struct sshbuf *loginmsg; extern struct sshbuf *loginmsg;
@ -166,13 +167,13 @@ sshpam_sigchld_handler(int sig)
return; return;
} }
} }
if (WIFSIGNALED(sshpam_thread_status) && if (sshpam_thread_status == -1)
WTERMSIG(sshpam_thread_status) == SIGTERM) return;
return; /* terminated by pthread_cancel */ if (WIFSIGNALED(sshpam_thread_status)) {
if (!WIFEXITED(sshpam_thread_status)) if (signal_is_crash(WTERMSIG(sshpam_thread_status)))
sigdie("PAM: authentication thread exited unexpectedly"); _exit(EXIT_CHILD_CRASH);
if (WEXITSTATUS(sshpam_thread_status) != 0) } else if (!WIFEXITED(sshpam_thread_status))
sigdie("PAM: authentication thread exited uncleanly"); _exit(EXIT_CHILD_CRASH);
} }
/* ARGSUSED */ /* ARGSUSED */