X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: by onstor-exch02.onstor.net 
	id <01C81752.CB3148F1@onstor-exch02.onstor.net>; Thu, 25 Oct 2007 14:02:54 -0800
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-class: urn:content-classes:message
Subject: RE: PERFORCE change 26045 for review
Date: Thu, 25 Oct 2007 14:02:54 -0800
Message-ID: <BB375AF679D4A34E9CA8DFA650E2B04E03B1BF2B@onstor-exch02.onstor.net>
In-Reply-To: <20071025145621.0210f2d3@ripper.onstor.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: PERFORCE change 26045 for review
Thread-Index: AcgXUeF+eH51e/7xTPGG/QIcphmBsgAABe0g
From: "Rendell Fong" <rendell.fong@onstor.com>
To: "Andy Sharp" <andy.sharp@onstor.com>

Okay, I'll remove it.


-----Original Message-----
From: Andy Sharp=20
Sent: Thursday, October 25, 2007 2:56 PM
To: Rendell Fong
Subject: Re: PERFORCE change 26045 for review

Not only that, but that it actually makes matters worse: that additional
system call right there increases the likelyhood that the alarm might
happen, except then sshd will croak without the user knowing why.

On Thu, 25 Oct 2007 14:42:43 -0700 "Rendell Fong"
<rendell.fong@onstor.com> wrote:

> Are you saying that I don't need to unregister the signal handler?
>=20
>=20
> -----Original Message-----
> From: Andy Sharp=20
> Sent: Thursday, October 25, 2007 2:36 PM
> To: Rendell Fong; Larry Scheer
> Subject: Re: PERFORCE change 26045 for review
>=20
> On 25 Oct 2007 14:01:25 -0700 Rendell Fong <rendell.fong@onstor.com>
> wrote:
>=20
> > Change 26045 by rendellf@rendellf on 2007/10/25 13:52:26
> >=20
> > 	Changed sshd to shutdown RMC and disable the SIGALRM used
> > for the login grace timeout check after user login authentication is
> > completed. Reviewed By: LarryS
> >=20
> > Affected files ...
> >=20
> > ... //depot/dev/nfx-tree/code/ssc-sshd-kb5/session.c#4 edit
> > ... //depot/dev/nfx-tree/code/ssc-sshd-kb5/sshd.c#4 edit
>=20
> p4 describe 26045
>=20
> ...
>=20
> =3D=3D=3D=3D //depot/dev/nfx-tree/code/ssc-sshd-kb5/sshd.c#4 (text) =
=3D=3D=3D=3D
>=20
> ...
>=20
> 1759a1767,1774
> > #ifdef NFX
> >     /* Shutdown RMC since login authentication is done and it isn't
> >      * needed anymore.
> >      */
> >     rmc_shutdown();
> >     signal(SIGALRM, SIG_DFL);
> > #endif
> >=20
>=20
> FYI,
>=20
> That call to signal doesn't disable the signal, it just sets the
> signal action to the default, which is to kill the thread when the
> signal comes in.  You should definitely remove it.
>=20
> It is unneeded, as one might guess, as the sshd authors would not have
> been missing a bug this glaring for so long.  The signal is disabled
> in the immediate function call do_authenticated().  I think what
> confused you was the poor design of RMC to use sigalarm in the first
> place. However, the setitimers(2) family of system calls might not
> have been available on the 1999 version of openbsd the implementers
> of RMC were using.  Which is why sshd itself doesn't use them -- it
> runs on a zillion different *nix machines, many of which can only
> dream of having setitimers(2).
>=20
> Cheers,
>=20
> a
>=20
>=20
