tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: Replace all calls to signal(2) with a wrapper around 

sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
This commit is contained in:
dtucker@openbsd.org 2020-01-23 07:10:22 +00:00 committed by Darren Tucker
parent e027c044c7
commit 3bf2a6ac79
25 changed files with 153 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
auth-pam.c
View File

@ -156,7 +156,7 @@ static mysig_t sshpam_oldsig;
static void
sshpam_sigchld_handler(int sig)
{
signal(SIGCHLD, SIG_DFL);
ssh_signal(SIGCHLD, SIG_DFL);
if (cleanup_ctxt == NULL)
return; /* handler called after PAM cleanup, shouldn't happen */
if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG)
@ -208,7 +208,7 @@ pthread_create(sp_pthread_t *thread, const void *attr,
*thread = pid;
close(ctx->pam_csock);
ctx->pam_csock = -1;
sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler);
sshpam_oldsig = ssh_signal(SIGCHLD, sshpam_sigchld_handler);
return (0);
}
}
@ -216,7 +216,7 @@ pthread_create(sp_pthread_t *thread, const void *attr,
static int
pthread_cancel(sp_pthread_t thread)
{
signal(SIGCHLD, sshpam_oldsig);
ssh_signal(SIGCHLD, sshpam_oldsig);
return (kill(thread, SIGTERM));
}
@ -228,7 +228,7 @@ pthread_join(sp_pthread_t thread, void **value)
if (sshpam_thread_status != -1)
return (sshpam_thread_status);
signal(SIGCHLD, sshpam_oldsig);
ssh_signal(SIGCHLD, sshpam_oldsig);
while (waitpid(thread, &status, 0) == -1) {
if (errno == EINTR)
continue;

4
auth.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth.c,v 1.144 2019/12/16 13:58:53 tobhe Exp $ */
/* $OpenBSD: auth.c,v 1.145 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -921,7 +921,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
child_set_env(&child_env, &envsize, "LANG", cp);
for (i = 0; i < NSIG; i++)
signal(i, SIG_DFL);
ssh_signal(i, SIG_DFL);
if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) {
error("%s: open %s: %s", tag, _PATH_DEVNULL,

10
auth2-pubkey.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-pubkey.c,v 1.97 2019/11/25 00:54:23 djm Exp $ */
/* $OpenBSD: auth2-pubkey.c,v 1.98 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -460,7 +460,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
* NB. all returns later this function should go via "out" to
* ensure the original SIGCHLD handler is restored properly.
*/
osigchld = signal(SIGCHLD, SIG_DFL);
osigchld = ssh_signal(SIGCHLD, SIG_DFL);
/* Prepare and verify the user for the command */
username = percent_expand(options.authorized_principals_command_user,
@ -548,7 +548,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw,
out:
if (f != NULL)
fclose(f);
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
for (i = 0; i < ac; i++)
free(av[i]);
free(av);
@ -898,7 +898,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw,
* NB. all returns later this function should go via "out" to
* ensure the original SIGCHLD handler is restored properly.
*/
osigchld = signal(SIGCHLD, SIG_DFL);
osigchld = ssh_signal(SIGCHLD, SIG_DFL);
/* Prepare and verify the user for the command */
username = percent_expand(options.authorized_keys_command_user,
@ -987,7 +987,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw,
out:
if (f != NULL)
fclose(f);
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
for (i = 0; i < ac; i++)
free(av[i]);
free(av);

26
clientloop.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: clientloop.c,v 1.331 2020/01/23 02:46:49 dtucker Exp $ */
/* $OpenBSD: clientloop.c,v 1.332 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -785,7 +785,7 @@ process_cmdline(struct ssh *ssh)
memset(&fwd, 0, sizeof(fwd));
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
handler = signal(SIGINT, SIG_IGN);
handler = ssh_signal(SIGINT, SIG_IGN);
cmd = s = read_passphrase("\r\nssh> ", RP_ECHO);
if (s == NULL)
goto out;
@ -883,7 +883,7 @@ process_cmdline(struct ssh *ssh)
}
out:
signal(SIGINT, handler);
ssh_signal(SIGINT, handler);
enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
free(cmd);
free(fwd.listen_host);
@ -1306,15 +1306,15 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
* Set signal handlers, (e.g. to restore non-blocking mode)
* but don't overwrite SIG_IGN, matches behaviour from rsh(1)
*/
if (signal(SIGHUP, SIG_IGN) != SIG_IGN)
signal(SIGHUP, signal_handler);
if (signal(SIGINT, SIG_IGN) != SIG_IGN)
signal(SIGINT, signal_handler);
if (signal(SIGQUIT, SIG_IGN) != SIG_IGN)
signal(SIGQUIT, signal_handler);
if (signal(SIGTERM, SIG_IGN) != SIG_IGN)
signal(SIGTERM, signal_handler);
signal(SIGWINCH, window_change_handler);
if (ssh_signal(SIGHUP, SIG_IGN) != SIG_IGN)
ssh_signal(SIGHUP, signal_handler);
if (ssh_signal(SIGINT, SIG_IGN) != SIG_IGN)
ssh_signal(SIGINT, signal_handler);
if (ssh_signal(SIGQUIT, SIG_IGN) != SIG_IGN)
ssh_signal(SIGQUIT, signal_handler);
if (ssh_signal(SIGTERM, SIG_IGN) != SIG_IGN)
ssh_signal(SIGTERM, signal_handler);
ssh_signal(SIGWINCH, window_change_handler);
if (have_pty)
enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
@ -1413,7 +1413,7 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
/* Terminate the session. */
/* Stop watching for window change. */
signal(SIGWINCH, SIG_DFL);
ssh_signal(SIGWINCH, SIG_DFL);
if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
(r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_BY_APPLICATION)) != 0 ||

4
entropy.c
View File

@ -110,7 +110,7 @@ get_random_bytes_prngd(unsigned char *buf, int len,
strlen(socket_path) + 1;
}
old_sigpipe = signal(SIGPIPE, SIG_IGN);
old_sigpipe = ssh_signal(SIGPIPE, SIG_IGN);
errors = 0;
rval = -1;
@ -160,7 +160,7 @@ reopen:
rval = 0;
done:
signal(SIGPIPE, old_sigpipe);
ssh_signal(SIGPIPE, old_sigpipe);
if (fd != -1)
close(fd);
return rval;

19
misc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: misc.c,v 1.143 2019/11/22 06:50:30 dtucker Exp $ */
/* $OpenBSD: misc.c,v 1.144 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@ -2221,3 +2221,20 @@ opt_match(const char **opts, const char *term)
return 0;
}
sshsig_t
ssh_signal(int signum, sshsig_t handler)
{
struct sigaction sa, osa;
/* mask all other signals while in handler */
bzero(&sa, sizeof(sa));
sa.sa_handler = handler;
sigfillset(&sa.sa_mask);
if (signum != SIGALRM)
sa.sa_flags = SA_RESTART;
if (sigaction(signum, &sa, &osa) == -1) {
debug3("sigaction(%s): %s", strsignal(signum), strerror(errno));
return SIG_ERR;
}
return osa.sa_handler;
}

4
misc.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: misc.h,v 1.82 2019/11/12 22:34:20 djm Exp $ */
/* $OpenBSD: misc.h,v 1.83 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -190,4 +190,6 @@ void notify_complete(struct notifier_ctx *);
#define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b))
#define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y))
typedef void (*sshsig_t)(int);
sshsig_t ssh_signal(int, sshsig_t);
#endif /* _MISC_H */

10
monitor.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.c,v 1.206 2019/12/15 18:57:30 djm Exp $ */
/* $OpenBSD: monitor.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -393,11 +393,11 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor)
pmonitor->m_recvfd = -1;
monitor_set_child_handler(pmonitor->m_pid);
signal(SIGHUP, &monitor_child_handler);
signal(SIGTERM, &monitor_child_handler);
signal(SIGINT, &monitor_child_handler);
ssh_signal(SIGHUP, &monitor_child_handler);
ssh_signal(SIGTERM, &monitor_child_handler);
ssh_signal(SIGINT, &monitor_child_handler);
#ifdef SIGXFSZ
signal(SIGXFSZ, SIG_IGN);
ssh_signal(SIGXFSZ, SIG_IGN);
#endif
mon_dispatch = mon_dispatch_postauth20;

22
mux.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: mux.c,v 1.80 2019/06/28 13:35:04 deraadt Exp $ */
/* $OpenBSD: mux.c,v 1.81 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
*
@ -1911,7 +1911,7 @@ mux_client_request_session(int fd)
return -1;
}
signal(SIGPIPE, SIG_IGN);
ssh_signal(SIGPIPE, SIG_IGN);
if (stdin_null_flag) {
if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1)
@ -2012,10 +2012,10 @@ mux_client_request_session(int fd)
fatal("%s pledge(): %s", __func__, strerror(errno));
platform_pledge_mux();
signal(SIGHUP, control_client_sighandler);
signal(SIGINT, control_client_sighandler);
signal(SIGTERM, control_client_sighandler);
signal(SIGWINCH, control_client_sigrelay);
ssh_signal(SIGHUP, control_client_sighandler);
ssh_signal(SIGINT, control_client_sighandler);
ssh_signal(SIGTERM, control_client_sighandler);
ssh_signal(SIGWINCH, control_client_sigrelay);
rawmode = tty_flag;
if (tty_flag)
@ -2145,7 +2145,7 @@ mux_client_request_stdio_fwd(int fd)
return -1;
}
signal(SIGPIPE, SIG_IGN);
ssh_signal(SIGPIPE, SIG_IGN);
if (stdin_null_flag) {
if ((devnull = open(_PATH_DEVNULL, O_RDONLY)) == -1)
@ -2219,10 +2219,10 @@ mux_client_request_stdio_fwd(int fd)
}
muxclient_request_id++;
signal(SIGHUP, control_client_sighandler);
signal(SIGINT, control_client_sighandler);
signal(SIGTERM, control_client_sighandler);
signal(SIGWINCH, control_client_sigrelay);
ssh_signal(SIGHUP, control_client_sighandler);
ssh_signal(SIGINT, control_client_sighandler);
ssh_signal(SIGTERM, control_client_sighandler);
ssh_signal(SIGWINCH, control_client_sigrelay);
/*
* Stick around until the controlee closes the client_fd.

4
openbsd-compat/bsd-openpty.c
View File

@ -103,10 +103,10 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp,
return (-1);
/* XXX: need to close ptm on error? */
old_signal = signal(SIGCHLD, SIG_DFL);
old_signal = ssh_signal(SIGCHLD, SIG_DFL);
if (grantpt(ptm) < 0)
return (-1);
signal(SIGCHLD, old_signal);
ssh_signal(SIGCHLD, old_signal);
if (unlockpt(ptm) < 0)
return (-1);

6
progressmeter.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: progressmeter.c,v 1.49 2019/10/29 07:47:27 dtucker Exp $ */
/* $OpenBSD: progressmeter.c,v 1.50 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2003 Nils Nordman. All rights reserved.
*
@ -252,8 +252,8 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr)
setscreensize();
refresh_progress_meter(1);
signal(SIGALRM, sig_alarm);
signal(SIGWINCH, sig_winch);
ssh_signal(SIGALRM, sig_alarm);
ssh_signal(SIGWINCH, sig_winch);
alarm(UPDATE_INTERVAL);
}

4
readconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.320 2020/01/23 02:46:49 dtucker Exp $ */
/* $OpenBSD: readconf.c,v 1.321 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -528,7 +528,7 @@ execute_in_shell(const char *cmd)
execv(argv[0], argv);
error("Unable to execute '%.100s': %s", cmd, strerror(errno));
/* Die with signal to make this error apparent to parent. */
signal(SIGTERM, SIG_DFL);
ssh_signal(SIGTERM, SIG_DFL);
kill(getpid(), SIGTERM);
_exit(1);
}

14
readpass.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readpass.c,v 1.60 2019/12/06 03:06:08 djm Exp $ */
/* $OpenBSD: readpass.c,v 1.61 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -65,10 +65,10 @@ ssh_askpass(char *askpass, const char *msg, const char *env_hint)
error("%s: pipe: %s", __func__, strerror(errno));
return NULL;
}
osigchld = signal(SIGCHLD, SIG_DFL);
osigchld = ssh_signal(SIGCHLD, SIG_DFL);
if ((pid = fork()) == -1) {
error("%s: fork: %s", __func__, strerror(errno));
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
return NULL;
}
if (pid == 0) {
@ -98,7 +98,7 @@ ssh_askpass(char *askpass, const char *msg, const char *env_hint)
while ((ret = waitpid(pid, &status, 0)) == -1)
if (errno != EINTR)
break;
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) {
explicit_bzero(buf, sizeof(buf));
return NULL;
@ -243,10 +243,10 @@ notify_start(int force_askpass, const char *fmt, ...)
free(prompt);
return NULL;
}
osigchld = signal(SIGCHLD, SIG_DFL);
osigchld = ssh_signal(SIGCHLD, SIG_DFL);
if ((pid = fork()) == -1) {
error("%s: fork: %s", __func__, strerror(errno));
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
free(prompt);
return NULL;
}
@ -289,6 +289,6 @@ notify_complete(struct notifier_ctx *ctx)
}
if (ret == -1)
fatal("%s: waitpid: %s", __func__, strerror(errno));
signal(SIGCHLD, ctx->osigchld);
ssh_signal(SIGCHLD, ctx->osigchld);
free(ctx);
}

6
sandbox-systrace.c
View File

@ -105,7 +105,7 @@ ssh_sandbox_init(struct monitor *monitor)
box = xcalloc(1, sizeof(*box));
box->systrace_fd = -1;
box->child_pid = 0;
box->osigchld = signal(SIGCHLD, SIG_IGN);
box->osigchld = ssh_signal(SIGCHLD, SIG_IGN);
return box;
}
@ -114,7 +114,7 @@ void
ssh_sandbox_child(struct ssh_sandbox *box)
{
debug3("%s: ready", __func__);
signal(SIGCHLD, box->osigchld);
ssh_signal(SIGCHLD, box->osigchld);
if (kill(getpid(), SIGSTOP) != 0)
fatal("%s: kill(%d, SIGSTOP)", __func__, getpid());
debug3("%s: started", __func__);
@ -133,7 +133,7 @@ ssh_sandbox_parent(struct ssh_sandbox *box, pid_t child_pid,
do {
pid = waitpid(child_pid, &status, WUNTRACED);
} while (pid == -1 && errno == EINTR);
signal(SIGCHLD, box->osigchld);
ssh_signal(SIGCHLD, box->osigchld);
if (!WIFSTOPPED(status)) {
if (WIFSIGNALED(status))
fatal("%s: child terminated with signal %d",

22
scp.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: scp.c,v 1.206 2019/09/09 02:31:19 dtucker Exp $ */
/* $OpenBSD: scp.c,v 1.207 2020/01/23 07:10:22 dtucker Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
* uses ssh to do the data transfer (instead of using rcmd).
@ -215,9 +215,9 @@ do_local_cmd(arglist *a)
}
do_cmd_pid = pid;
signal(SIGTERM, killchild);
signal(SIGINT, killchild);
signal(SIGHUP, killchild);
ssh_signal(SIGTERM, killchild);
ssh_signal(SIGINT, killchild);
ssh_signal(SIGHUP, killchild);
while (waitpid(pid, &status, 0) == -1)
if (errno != EINTR)
@ -268,9 +268,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout)
close(reserved[0]);
close(reserved[1]);
signal(SIGTSTP, suspchild);
signal(SIGTTIN, suspchild);
signal(SIGTTOU, suspchild);
ssh_signal(SIGTSTP, suspchild);
ssh_signal(SIGTTIN, suspchild);
ssh_signal(SIGTTOU, suspchild);
/* Fork a child to execute the command on the remote host using ssh. */
do_cmd_pid = fork();
@ -307,9 +307,9 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout)
*fdout = pin[1];
close(pout[1]);
*fdin = pout[0];
signal(SIGTERM, killchild);
signal(SIGINT, killchild);
signal(SIGHUP, killchild);
ssh_signal(SIGTERM, killchild);
ssh_signal(SIGINT, killchild);
ssh_signal(SIGHUP, killchild);
return 0;
}
@ -561,7 +561,7 @@ main(int argc, char **argv)
iamrecursive ? " -r" : "", pflag ? " -p" : "",
targetshouldbedirectory ? " -d" : "");
(void) signal(SIGPIPE, lostconn);
(void) ssh_signal(SIGPIPE, lostconn);
if (colon(argv[argc - 1])) /* Dest is remote host. */
toremote(argc, argv);

10
serverloop.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: serverloop.c,v 1.218 2019/11/27 05:38:43 dtucker Exp $ */
/* $OpenBSD: serverloop.c,v 1.219 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -402,15 +402,15 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
debug("Entering interactive session for SSH2.");
signal(SIGCHLD, sigchld_handler);
ssh_signal(SIGCHLD, sigchld_handler);
child_terminated = 0;
connection_in = ssh_packet_get_connection_in(ssh);
connection_out = ssh_packet_get_connection_out(ssh);
if (!use_privsep) {
signal(SIGTERM, sigterm_handler);
signal(SIGINT, sigterm_handler);
signal(SIGQUIT, sigterm_handler);
ssh_signal(SIGTERM, sigterm_handler);
ssh_signal(SIGINT, sigterm_handler);
ssh_signal(SIGQUIT, sigterm_handler);
}
notify_setup();

4
session.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: session.c,v 1.317 2019/11/13 04:47:52 deraadt Exp $ */
/* $OpenBSD: session.c,v 1.318 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@ -1642,7 +1642,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
do_rc_files(ssh, s, shell);
/* restore SIGPIPE for child */
signal(SIGPIPE, SIG_DFL);
ssh_signal(SIGPIPE, SIG_DFL);
if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) {
error("Connection from %s: refusing non-sftp session",

26
sftp.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sftp.c,v 1.196 2019/11/01 03:54:33 djm Exp $ */
/* $OpenBSD: sftp.c,v 1.197 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
*
@ -2243,7 +2243,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
interactive = !batchmode && isatty(STDIN_FILENO);
err = 0;
for (;;) {
signal(SIGINT, SIG_IGN);
ssh_signal(SIGINT, SIG_IGN);
if (el == NULL) {
if (interactive)
@ -2275,14 +2275,14 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
/* Handle user interrupts gracefully during commands */
interrupted = 0;
signal(SIGINT, cmd_interrupt);
ssh_signal(SIGINT, cmd_interrupt);
err = parse_dispatch_command(conn, cmd, &remote_path,
startdir, batchmode, !interactive && el == NULL);
if (err != 0)
break;
}
signal(SIGCHLD, SIG_DFL);
ssh_signal(SIGCHLD, SIG_DFL);
free(remote_path);
free(startdir);
free(conn);
@ -2339,20 +2339,20 @@ connect_to_server(char *path, char **args, int *in, int *out)
* kill it too. Contrawise, since sftp sends SIGTERMs to the
* underlying ssh, it must *not* ignore that signal.
*/
signal(SIGINT, SIG_IGN);
signal(SIGTERM, SIG_DFL);
ssh_signal(SIGINT, SIG_IGN);
ssh_signal(SIGTERM, SIG_DFL);
execvp(path, args);
fprintf(stderr, "exec: %s: %s\n", path, strerror(errno));
_exit(1);
}
signal(SIGTERM, killchild);
signal(SIGINT, killchild);
signal(SIGHUP, killchild);
signal(SIGTSTP, suspchild);
signal(SIGTTIN, suspchild);
signal(SIGTTOU, suspchild);
signal(SIGCHLD, sigchld_handler);
ssh_signal(SIGTERM, killchild);
ssh_signal(SIGINT, killchild);
ssh_signal(SIGHUP, killchild);
ssh_signal(SIGTSTP, suspchild);
ssh_signal(SIGTTIN, suspchild);
ssh_signal(SIGTTOU, suspchild);
ssh_signal(SIGCHLD, sigchld_handler);
close(c_in);
close(c_out);
}

10
ssh-agent.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-agent.c,v 1.251 2019/12/13 19:09:10 djm Exp $ */
/* $OpenBSD: ssh-agent.c,v 1.252 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1404,10 +1404,10 @@ skip:
if (ac > 0)
parent_alive_interval = 10;
idtab_init();
signal(SIGPIPE, SIG_IGN);
signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN);
signal(SIGHUP, cleanup_handler);
signal(SIGTERM, cleanup_handler);
ssh_signal(SIGPIPE, SIG_IGN);
ssh_signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN);
ssh_signal(SIGHUP, cleanup_handler);
ssh_signal(SIGTERM, cleanup_handler);
if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1)
fatal("%s: pledge: %s", __progname, strerror(errno));

9
ssh-sk-client.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-sk-client.c,v 1.6 2020/01/21 07:07:31 djm Exp $ */
/* $OpenBSD: ssh-sk-client.c,v 1.7 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
@ -39,6 +39,7 @@
#include "digest.h"
#include "pathnames.h"
#include "ssh-sk.h"
#include "misc.h"
/* #define DEBUG_SK 1 */
@ -73,13 +74,13 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int))
error("socketpair: %s", strerror(errno));
return SSH_ERR_SYSTEM_ERROR;
}
osigchld = signal(SIGCHLD, SIG_DFL);
osigchld = ssh_signal(SIGCHLD, SIG_DFL);
if ((pid = fork()) == -1) {
oerrno = errno;
error("fork: %s", strerror(errno));
close(pair[0]);
close(pair[1]);
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
errno = oerrno;
return SSH_ERR_SYSTEM_ERROR;
}
@ -220,7 +221,7 @@ client_converse(struct sshbuf *msg, struct sshbuf **respp, u_int type)
}
sshbuf_free(req);
sshbuf_free(resp);
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
errno = oerrno;
return r;

6
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.511 2020/01/05 16:28:22 beck Exp $ */
/* $OpenBSD: ssh.c,v 1.512 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1535,8 +1535,8 @@ main(int ac, char **av)
options.num_system_hostfiles);
tilde_expand_paths(options.user_hostfiles, options.num_user_hostfiles);
signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
signal(SIGCHLD, main_sigchld_handler);
ssh_signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
ssh_signal(SIGCHLD, main_sigchld_handler);
/* Log into the remote system. Never returns if the login fails. */
ssh_login(ssh, &sensitive_data, host, (struct sockaddr *)&hostaddr,

4
sshbuf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshbuf.c,v 1.13 2018/11/16 06:10:29 djm Exp $ */
/* $OpenBSD: sshbuf.c,v 1.14 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2011 Damien Miller
*
@ -42,7 +42,7 @@ sshbuf_check_sanity(const struct sshbuf *buf)
buf->off > buf->size)) {
/* Do not try to recover from corrupted buffer internals */
SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));
signal(SIGSEGV, SIG_DFL);
ssh_signal(SIGSEGV, SIG_DFL);
raise(SIGSEGV);
return SSH_ERR_INTERNAL_ERROR;
}

10
sshconnect.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect.c,v 1.326 2020/01/22 07:38:30 dtucker Exp $ */
/* $OpenBSD: sshconnect.c,v 1.327 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -259,7 +259,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg,
/* Execute the proxy command. Note that we gave up any
extra privileges above. */
signal(SIGPIPE, SIG_DFL);
ssh_signal(SIGPIPE, SIG_DFL);
execv(argv[0], argv);
perror(argv[0]);
exit(1);
@ -1383,10 +1383,10 @@ ssh_local_cmd(const char *args)
if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
shell = _PATH_BSHELL;
osighand = signal(SIGCHLD, SIG_DFL);
osighand = ssh_signal(SIGCHLD, SIG_DFL);
pid = fork();
if (pid == 0) {
signal(SIGPIPE, SIG_DFL);
ssh_signal(SIGPIPE, SIG_DFL);
debug3("Executing %s -c \"%s\"", shell, args);
execl(shell, shell, "-c", args, (char *)NULL);
error("Couldn't execute %s -c \"%s\": %s",
@ -1397,7 +1397,7 @@ ssh_local_cmd(const char *args)
while (waitpid(pid, &status, 0) == -1)
if (errno != EINTR)
fatal("Couldn't wait for child: %s", strerror(errno));
signal(SIGCHLD, osighand);
ssh_signal(SIGCHLD, osighand);
if (!WIFEXITED(status))
return (1);

8
sshconnect2.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect2.c,v 1.316 2020/01/23 02:46:49 dtucker Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.317 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@ -1924,7 +1924,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
error("%s: fork: %s", __func__, strerror(errno));
return -1;
}
osigchld = signal(SIGCHLD, SIG_DFL);
osigchld = ssh_signal(SIGCHLD, SIG_DFL);
if (pid == 0) {
close(from[0]);
if (dup2(from[1], STDOUT_FILENO) == -1)
@ -1996,11 +1996,11 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
if ((r = sshbuf_get_string(b, sigp, lenp)) != 0) {
error("%s: buffer error: %s", __func__, ssh_err(r));
fail:
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
sshbuf_free(b);
return -1;
}
signal(SIGCHLD, osigchld);
ssh_signal(SIGCHLD, osigchld);
sshbuf_free(b);
return 0;

34
sshd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshd.c,v 1.543 2020/01/21 22:39:57 djm Exp $ */
/* $OpenBSD: sshd.c,v 1.544 2020/01/23 07:10:22 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -313,7 +313,7 @@ sighup_restart(void)
close_listen_socks();
close_startup_pipes();
alarm(0); /* alarm timer persists across exec */
signal(SIGHUP, SIG_IGN); /* will be restored after exec */
ssh_signal(SIGHUP, SIG_IGN); /* will be restored after exec */
execv(saved_argv[0], saved_argv);
logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
strerror(errno));
@ -342,6 +342,8 @@ main_sigchld_handler(int sig)
pid_t pid;
int status;
debug("main_sigchld_handler: %s", strsignal(sig));
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
(pid == -1 && errno == EINTR))
;
@ -363,7 +365,7 @@ grace_alarm_handler(int sig)
* keys command helpers.
*/
if (getpgid(0) == getpid()) {
signal(SIGTERM, SIG_IGN);
ssh_signal(SIGTERM, SIG_IGN);
kill(0, SIGTERM);
}
@ -1941,7 +1943,7 @@ main(int ac, char **av)
error("chdir(\"/\"): %s", strerror(errno));
/* ignore SIGPIPE */
signal(SIGPIPE, SIG_IGN);
ssh_signal(SIGPIPE, SIG_IGN);
/* Get a connection, either from inetd or a listening TCP socket */
if (inetd_flag) {
@ -1950,10 +1952,10 @@ main(int ac, char **av)
platform_pre_listen();
server_listen();
signal(SIGHUP, sighup_handler);
signal(SIGCHLD, main_sigchld_handler);
signal(SIGTERM, sigterm_handler);
signal(SIGQUIT, sigterm_handler);
ssh_signal(SIGHUP, sighup_handler);
ssh_signal(SIGCHLD, main_sigchld_handler);
ssh_signal(SIGTERM, sigterm_handler);
ssh_signal(SIGQUIT, sigterm_handler);
/*
* Write out the pid file after the sigterm handler
@ -2043,12 +2045,12 @@ main(int ac, char **av)
* will not restart on SIGHUP since it no longer makes sense.
*/
alarm(0);
signal(SIGALRM, SIG_DFL);
signal(SIGHUP, SIG_DFL);
signal(SIGTERM, SIG_DFL);
signal(SIGQUIT, SIG_DFL);
signal(SIGCHLD, SIG_DFL);
signal(SIGINT, SIG_DFL);
ssh_signal(SIGALRM, SIG_DFL);
ssh_signal(SIGHUP, SIG_DFL);
ssh_signal(SIGTERM, SIG_DFL);
ssh_signal(SIGQUIT, SIG_DFL);
ssh_signal(SIGCHLD, SIG_DFL);
ssh_signal(SIGINT, SIG_DFL);
/*
* Register our connection. This turns encryption off because we do
@ -2109,7 +2111,7 @@ main(int ac, char **av)
* mode; it is just annoying to have the server exit just when you
* are about to discover the bug.
*/
signal(SIGALRM, grace_alarm_handler);
ssh_signal(SIGALRM, grace_alarm_handler);
if (!debug_flag)
alarm(options.login_grace_time);
@ -2167,7 +2169,7 @@ main(int ac, char **av)
* authentication.
*/
alarm(0);
signal(SIGALRM, SIG_DFL);
ssh_signal(SIGALRM, SIG_DFL);
authctxt->authenticated = 1;
if (startup_pipe != -1) {
close(startup_pipe);