add prototypes for -Wall; ok djm
- djm@cvs.openbsd.org 2004/05/21 11:33:11
[channels.c channels.h clientloop.c serverloop.c ssh.1]
- bz #756: add support for the cancel-tcpip-forward request for the server and
- the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
- ok markus@
+ bz #756: add support for the cancel-tcpip-forward request for the server
+ and the client (through the ~C commandline). reported by z3p AT
+ twistedmatrix.com; ok markus@
- djm@cvs.openbsd.org 2004/05/22 06:32:12
[clientloop.c ssh.1]
use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@
[ssh.1]
kill whitespace at eol;
- dtucker@cvs.openbsd.org 2004/05/23 23:59:53
- [auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config sshd_config.5]
+ [auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config
+ sshd_config.5]
Add MaxAuthTries sshd config option; ok markus@
+ - (dtucker) [auth-pam.c] Bug #839: Ensure that pam authentication "thread"
+ is terminated if the privsep slave exits during keyboard-interactive
+ authentication. ok djm@
20040523
- (djm) [sshd_config] Explain consequences of UsePAM=yes a little better in
static void
sshpam_sigchld_handler(int sig)
{
+ signal(SIGCHLD, SIG_DFL);
if (cleanup_ctxt == NULL)
return; /* handler called after PAM cleanup, shouldn't happen */
- if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0) == -1)
- return; /* couldn't wait for process */
+ if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG)
+ == -1) {
+ /* PAM thread has not exitted, privsep slave must have */
+ kill(cleanup_ctxt->pam_thread, SIGTERM);
+ if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0)
+ == -1)
+ return; /* could not wait */
+ }
if (WIFSIGNALED(sshpam_thread_status) &&
WTERMSIG(sshpam_thread_status) == SIGTERM)
return; /* terminated by pthread_cancel */