diff options
| author | CoprDistGit <infra@openeuler.org> | 2024-07-03 02:42:38 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2024-07-03 02:42:38 +0000 |
| commit | 3c362eae690284f325824e38431881825e32ffdd (patch) | |
| tree | d2d0e11b92bf88d35c270559d268845d391a4703 /backport-upstream-Clear-signal-mask-early-in-main-sshd-may-ha.patch | |
| parent | 62f0a34c39a6846b6a86f2bbc7fb8c319bd46d94 (diff) | |
automatic import of openssh
Diffstat (limited to 'backport-upstream-Clear-signal-mask-early-in-main-sshd-may-ha.patch')
| -rw-r--r-- | backport-upstream-Clear-signal-mask-early-in-main-sshd-may-ha.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/backport-upstream-Clear-signal-mask-early-in-main-sshd-may-ha.patch b/backport-upstream-Clear-signal-mask-early-in-main-sshd-may-ha.patch new file mode 100644 index 0000000..22db428 --- /dev/null +++ b/backport-upstream-Clear-signal-mask-early-in-main-sshd-may-ha.patch @@ -0,0 +1,53 @@ +From 93f2ce8c050a7a2a628646c00b40b9b53fef93ef Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" <djm@openbsd.org> +Date: Fri, 16 Dec 2022 06:56:47 +0000 +Subject: [PATCH] upstream: Clear signal mask early in main(); sshd may have + been + +started with one or more signals masked (sigprocmask(2) is not cleared +on fork/exec) and this could interfere with various things, e.g. the +login grace timer. + +Execution environments that fail to clear the signal mask before running +sshd are clearly broken, but apparently they do exist. + +Reported by Sreedhar Balasubramanian; ok dtucker@ + +OpenBSD-Commit-ID: 77078c0b1c53c780269fc0c416f121d05e3010ae +Conflict:NA +Reference:https://anongit.mindrot.org/openssh.git/commit?id=93f2ce8c050a7a2a628646c00b40b9b53fef93ef +--- + sshd.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/sshd.c b/sshd.c +index 6bb3a962..72525525 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: sshd.c,v 1.589 2022/07/01 03:39:44 dtucker Exp $ */ ++/* $OpenBSD: sshd.c,v 1.594 2022/12/16 06:56:47 djm Exp $ */ + /* + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland +@@ -1546,13 +1546,17 @@ main(int ac, char **av) + int keytype; + Authctxt *authctxt; + struct connection_info *connection_info = NULL; ++ sigset_t sigmask; + + #ifdef HAVE_SECUREWARE + (void)set_auth_parameters(ac, av); + #endif + __progname = ssh_get_progname(av[0]); + ++ sigemptyset(&sigmask); ++ sigprocmask(SIG_SETMASK, &sigmask, NULL); ++ + OpenSSL_add_all_algorithms(); + /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */ + saved_argc = ac; + rexec_argc = ac; +-- +2.27.0 + |