Bugzilla – Attachment 2432 Details for
Bug 2236
ssh-agent: fix unintended UNIX-domain socket removal
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed fix
ssh-agent-fix-unintended-UNIX-domain-socket-removal.patch (text/plain), 1.51 KB, created by
Dmitry V. Levin
on 2014-04-25 06:39:50 AEST
(
hide
)
Description:
proposed fix
Filename:
MIME Type:
Creator:
Dmitry V. Levin
Created:
2014-04-25 06:39:50 AEST
Size:
1.51 KB
patch
obsolete
>From 7f82e8f3355d8566bfe19265dd08f5f06343baee Mon Sep 17 00:00:00 2001 >From: "Dmitry V. Levin" <ldv@altlinux.org> >Date: Thu, 24 Apr 2014 15:21:59 +0000 >Subject: [PATCH] ssh-agent: fix unintended UNIX-domain socket removal > (ALT#30029) > >ssh-agent sometimes forks child processes. For example, >ask_permission() may fork a child process to execute an askpass program. >If it fails to execute, the child process exits using fatal(), which in >turn calls cleanup_exit(), and the latter calls cleanup_socket(). As >result, an error in child process causes unintended UNIX-domain socket >removal. The fix is to record pid of the process that is responsible >for socket cleanup, and skip this cleanup for other processes. >--- > ssh-agent.c | 7 +++++++ > 1 file changed, 7 insertions(+) > >diff --git a/ssh-agent.c b/ssh-agent.c >index f4c0524..835957c 100644 >--- a/ssh-agent.c >+++ b/ssh-agent.c >@@ -124,6 +124,9 @@ int max_fd = 0; > pid_t parent_pid = -1; > time_t parent_alive_interval = 0; > >+/* pid of process for which cleanup_socket is applicable */ >+pid_t cleanup_pid = -1; >+ > /* pathname and directory for AUTH_SOCKET */ > char socket_name[MAXPATHLEN]; > char socket_dir[MAXPATHLEN]; >@@ -960,6 +963,8 @@ after_select(fd_set *readset, fd_set *writeset) > static void > cleanup_socket(void) > { >+ if (cleanup_pid != -1 && getpid() != cleanup_pid) >+ return; > if (socket_name[0]) > unlink(socket_name); > if (socket_dir[0]) >@@ -1226,6 +1231,8 @@ main(int ac, char **av) > > skip: > >+ cleanup_pid = getpid(); >+ > #ifdef ENABLE_PKCS11 > pkcs11_init(0); > #endif >-- >ldv >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2236
: 2432