upstream: don't sigdie() in signal handler in privsep child process;

this can end up causing sandbox violations per bz3286; ok dtucker@ OpenBSD-Commit-ID: a7f40b2141dca4287920da68ede812bff7ccfdda
author: djm@openbsd.org <djm@openbsd.org> 2021-05-07 03:09:38 +0000
committer: Damien Miller <djm@mindrot.org> 2021-05-10 10:57:58 +1000
commit: e3c032333be5fdbbaf2751f6f478e044922b4ec4 (patch)
tree: 043392ae449b397c366e7e8f83d0b703ddd74ced /sshd.c
parent: a4039724a3f2abac810735fc95cf9114a3856049 (diff)
download: openssh-git-e3c032333be5fdbbaf2751f6f478e044922b4ec4.tar.gz
1 files changed, 8 insertions, 5 deletions
diff --git a/sshd.c b/sshd.c
index 5aa04d05..88497f5f 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.572 2021/04/03 06:18:41 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.573 2021/05/07 03:09:38 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -366,11 +366,14 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	/* XXX pre-format ipaddr/port so we don't need to access active_state */
 	/* Log error and exit. */
-	sigdie("Timeout before authentication for %s port %d",
-	    ssh_remote_ipaddr(the_active_state),
-	    ssh_remote_port(the_active_state));
+	if (use_privsep && pmonitor != NULL && pmonitor->m_pid <= 0)
+		cleanup_exit(255); /* don't log in privsep child */
+	else {
+		sigdie("Timeout before authentication for %s port %d",
+		    ssh_remote_ipaddr(the_active_state),
+		    ssh_remote_port(the_active_state));
+	}
 }
 
 /* Destroy the host and server keys.  They will no longer be needed. */
author	djm@openbsd.org <djm@openbsd.org>	2021-05-07 03:09:38 +0000
committer	Damien Miller <djm@mindrot.org>	2021-05-10 10:57:58 +1000
commit	e3c032333be5fdbbaf2751f6f478e044922b4ec4 (patch)
tree	043392ae449b397c366e7e8f83d0b703ddd74ced /sshd.c
parent	a4039724a3f2abac810735fc95cf9114a3856049 (diff)
download	openssh-git-e3c032333be5fdbbaf2751f6f478e044922b4ec4.tar.gz