Clear signal mask early in main(); sshd may have been started with

one or more signals masked (sigprocmask(2) is not cleared on fork/exec)
and this could interfere with various things, e.g. the login grace timer.

Execution environments that fail to clear the signal mask before running
sshd are clearly broken, but apparently they do exist.

Reported by Sreedhar Balasubramanian; ok dtucker@

diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index fd096dc..b4451f5 100644 (file)
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.593 2022/12/04 23:50:49 cheloha Exp $ */
+/* $OpenBSD: sshd.c,v 1.594 2022/12/16 06:56:47 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1466,6 +1466,10 @@ main(int ac, char **av)
        int keytype;
        Authctxt *authctxt;
        struct connection_info *connection_info = NULL;
+       sigset_t sigmask;
+
+       sigemptyset(&sigmask);
+       sigprocmask(SIG_SETMASK, &sigmask, NULL);
 
        /* Save argv. */
        saved_argv = av;