[openssh-commits] [openssh] 10/15: upstream: sshd listener must not block if reexecd sshd exits

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 4b307faf2fb0e63e51a550b37652f7f972df9676
Author: markus at openbsd.org <markus at openbsd.org>
Date:   Fri May 15 08:34:03 2020 +0000

    upstream: sshd listener must not block if reexecd sshd exits
    
    in write(2) on config_s[0] if the forked child exits early before finishing
    recv_rexec_state (e.g. with fatal()) because config_s[1] stays open in the
    parent. this prevents the parent from accepting new connections. ok djm,
    deraadt
    
    OpenBSD-Commit-ID: 92ccfeb939ccd55bda914dc3fe84582158c4a9ef
---
 sshd.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sshd.c b/sshd.c
index a345bae7..4151e11f 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.553 2020/05/08 05:13:14 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.554 2020/05/15 08:34:03 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1270,6 +1270,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 				startup_pipe = -1;
 				pid = getpid();
 				if (rexec_flag) {
+					close(config_s[1]);
 					send_rexec_state(config_s[0], cfg);
 					close(config_s[0]);
 				}
@@ -1328,9 +1329,9 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 			close(startup_p[1]);
 
 			if (rexec_flag) {
+				close(config_s[1]);
 				send_rexec_state(config_s[0], cfg);
 				close(config_s[0]);
-				close(config_s[1]);
 			}
 			close(*newsock);
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.