[Bug 2953] Race during daemon reload may cause to fail to listen on configured ports

Fri Mar 1 13:34:39 AEDT 2019

https://bugzilla.mindrot.org/show_bug.cgi?id=2953

--- Comment #4 from Damien Miller <djm at mindrot.org> ---
This patch (with a couple of tweaks) has been committed as
76a24b3fa193a and will be in openssh-8.0. Thanks!

commit 76a24b3fa193a9ca3e47a8779d497cb06500798b (HEAD -> master,
origin/master, origin/HEAD)
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Mar 1 02:32:39 2019 +0000

    upstream: Fix two race conditions in sshd relating to SIGHUP:

    1. Recently-forked child processes will briefly remain listening to
      listen_socks. If the main server sshd process completes its
restart
      via execv() before these sockets are closed by the child
processes
      then it can fail to listen at the desired addresses/ports and/or
      fail to restart.

    2. When a SIGHUP is received, there may be forked child processes
that
      are awaiting their reexecution state. If the main server sshd
      process restarts before passing this state, these child processes
      will yield errors and use a fallback path of reading the current
      sshd_config from the filesystem rather than use the one that sshd
      was started with.

    To fix both of these cases, we reuse the startup_pipes that are
shared
    between the main server sshd and forked children. Previously this
was
    used solely to implement tracking of pre-auth child processes for
    MaxStartups, but this extends the messaging over these pipes to
include
    a child->parent message that the parent process is safe to restart.
This
    message is sent from the child after it has completed its
preliminaries:
    closing listen_socks and receiving its reexec state.

    bz#2953, reported by Michal Koutný; ok markus@ dtucker@

    OpenBSD-Commit-ID: 7df09eacfa3ce13e9a7b1e9f17276ecc924d65ab

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.