From e6ebc744f45a1773cac2b3764142595d9cd895c8 Mon Sep 17 00:00:00 2001
From: claudio <claudio@openbsd.org>
Date: Tue, 11 May 2021 11:43:21 +0000
Subject: [PATCH] Arm the alarms in all childs so they terminate if the timeout
 is hit. Also install the special signal handler around the main poll() loop.
 The main process handles SIGALRM so it can log an error to the operator
 before exiting. With and OK deraadt@

---
 usr.sbin/rpki-client/main.c | 30 +++++++++++++++++++++++-------
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c
index 5c862a90e4e..5645c398963 100644
--- a/usr.sbin/rpki-client/main.c
+++ b/usr.sbin/rpki-client/main.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: main.c,v 1.139 2021/04/19 17:04:35 deraadt Exp $ */
+/*	$OpenBSD: main.c,v 1.140 2021/05/11 11:43:21 claudio Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -692,12 +692,6 @@ main(int argc, char *argv[])
 
 	signal(SIGPIPE, SIG_IGN);
 
-	if (timeout) {
-		signal(SIGALRM, suicide);
-		/* Commit suicide eventually - cron will normally start a new one */
-		alarm(timeout);
-	}
-
 	if (cachedir == NULL) {
 		warnx("cache directory required");
 		goto usage;
@@ -739,6 +733,9 @@ main(int argc, char *argv[])
 		if (fchdir(cachefd) == -1)
 			err(1, "fchdir");
 
+		if (timeout)
+			alarm(timeout);
+
 		/* Only allow access to the cache directory. */
 		if (unveil(".", "r") == -1)
 			err(1, "%s: unveil", cachedir);
@@ -773,6 +770,9 @@ main(int argc, char *argv[])
 			if (fchdir(cachefd) == -1)
 				err(1, "fchdir");
 
+			if (timeout)
+				alarm(timeout);
+
 			if (pledge("stdio rpath proc exec unveil", NULL) == -1)
 				err(1, "pledge");
 
@@ -809,6 +809,9 @@ main(int argc, char *argv[])
 			if (fchdir(cachefd) == -1)
 				err(1, "fchdir");
 
+			if (timeout)
+				alarm(timeout);
+
 			if (pledge("stdio rpath inet dns recvfd", NULL) == -1)
 				err(1, "pledge");
 
@@ -846,6 +849,9 @@ main(int argc, char *argv[])
 			if (fchdir(cachefd) == -1)
 				err(1, "fchdir");
 
+			if (timeout)
+				alarm(timeout);
+
 			if (pledge("stdio recvfd", NULL) == -1)
 				err(1, "pledge");
 
@@ -858,6 +864,15 @@ main(int argc, char *argv[])
 	} else
 		rrdp = -1;
 
+	if (timeout) {
+		/*
+		 * Commit suicide eventually
+		 * cron will normally start a new one
+		 */
+		alarm(timeout);
+		signal(SIGALRM, suicide);
+	}
+
 	/* TODO unveil cachedir and outputdir, no other access allowed */
 	if (pledge("stdio rpath wpath cpath fattr sendfd", NULL) == -1)
 		err(1, "pledge");
@@ -1027,6 +1042,7 @@ main(int argc, char *argv[])
 		}
 	}
 
+	signal(SIGALRM, SIG_DFL);
 	if (killme) {
 		syslog(LOG_CRIT|LOG_DAEMON,
 		    "excessive runtime (%d seconds), giving up", timeout);
-- 
2.20.1