From a9b33b95ab997885b8f8cea94901ef65f3e0c228 Mon Sep 17 00:00:00 2001
From: dtucker <dtucker>
Date: Fri, 6 Feb 2004 05:40:27 +0000
Subject: [PATCH]    - dtucker@cvs.openbsd.org 2004/02/05 05:37:17     
 [monitor.c sshd.c]      Pass SIGALRM through to privsep child if
 LoginGraceTime expires. ok markus@

---
 ChangeLog | 3 +++
 monitor.c | 3 ++-
 sshd.c    | 8 ++++++--
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 367fce45..3044e3f3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,9 @@
      support for password change; ok dtucker@
      (set password-dead=1w in login.conf to use this).
      In -Portable, this is currently only platforms using bsdauth.
+   - dtucker@cvs.openbsd.org 2004/02/05 05:37:17
+     [monitor.c sshd.c]
+     Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@
 
 20040129
  - (dtucker) OpenBSD CVS Sync regress/
diff --git a/monitor.c b/monitor.c
index 46e8d16e..009dcf18 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.54 2003/11/21 11:57:03 djm Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.55 2004/02/05 05:37:17 dtucker Exp $");
 
 #include <openssl/dh.h>
 
@@ -1708,6 +1708,7 @@ monitor_init(void)
 
 	mon = xmalloc(sizeof(*mon));
 
+	mon->m_pid = 0;
 	monitor_socketpair(pair);
 
 	mon->m_recvfd = pair[0];
diff --git a/sshd.c b/sshd.c
index ebb44db7..42484c06 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.284 2003/12/09 21:53:37 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.285 2004/02/05 05:37:17 dtucker Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -200,7 +200,7 @@ int startup_pipe;		/* in child */
 
 /* variables used for privilege separation */
 int use_privsep;
-struct monitor *pmonitor;
+struct monitor *pmonitor = NULL;
 
 /* message to be displayed after login */
 Buffer loginmsg;
@@ -306,6 +306,9 @@ grace_alarm_handler(int sig)
 {
 	/* XXX no idea how fix this signal handler */
 
+	if (use_privsep && pmonitor != NULL && pmonitor->m_pid > 0)
+		kill(pmonitor->m_pid, SIGALRM);
+
 	/* Log error and exit. */
 	fatal("Timeout before authentication for %s", get_remote_ipaddr());
 }
@@ -593,6 +596,7 @@ privsep_preauth(Authctxt *authctxt)
 		debug2("Network child is on pid %ld", (long)pid);
 
 		close(pmonitor->m_recvfd);
+		pmonitor->m_pid = pid;
 		monitor_child_preauth(authctxt, pmonitor);
 		close(pmonitor->m_sendfd);
 
-- 
2.45.1