AF:
NF:0
PS:10
SRH:1
SFN:
DSR:
MID:<20071025145312.70801937@ripper.onstor.net>
CFG:
PT:0
S:andy.sharp@onstor.com
RQ:
SSV:onstor-exch02.onstor.net
NSV:
SSH:
R:<rendell.fong@onstor.com>
MAID:1
X-Sylpheed-Privacy-System:
X-Sylpheed-Sign:0
SCF:#mh/Mailbox/sent
RMID:#imap/andys@onstor.net@onstor-exch02.onstor.net/INBOX	0	BB375AF679D4A34E9CA8DFA650E2B04E03B1BF2A@onstor-exch02.onstor.net
X-Sylpheed-End-Special-Headers: 1
Date: Thu, 25 Oct 2007 14:56:21 -0700
From: Andrew Sharp <andy.sharp@onstor.com>
To: "Rendell Fong" <rendell.fong@onstor.com>
Subject: Re: PERFORCE change 26045 for review
Message-ID: <20071025145621.0210f2d3@ripper.onstor.net>
In-Reply-To: <BB375AF679D4A34E9CA8DFA650E2B04E03B1BF2A@onstor-exch02.onstor.net>
References: <20071025143615.7ff05447@ripper.onstor.net>
	<BB375AF679D4A34E9CA8DFA650E2B04E03B1BF2A@onstor-exch02.onstor.net>
Organization: Onstor
X-Mailer: Sylpheed-Claws 2.6.0 (GTK+ 2.8.20; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Not only that, but that it actually makes matters worse: that additional
system call right there increases the likelyhood that the alarm might
happen, except then sshd will croak without the user knowing why.

On Thu, 25 Oct 2007 14:42:43 -0700 "Rendell Fong"
<rendell.fong@onstor.com> wrote:

> Are you saying that I don't need to unregister the signal handler?
> 
> 
> -----Original Message-----
> From: Andy Sharp 
> Sent: Thursday, October 25, 2007 2:36 PM
> To: Rendell Fong; Larry Scheer
> Subject: Re: PERFORCE change 26045 for review
> 
> On 25 Oct 2007 14:01:25 -0700 Rendell Fong <rendell.fong@onstor.com>
> wrote:
> 
> > Change 26045 by rendellf@rendellf on 2007/10/25 13:52:26
> > 
> > 	Changed sshd to shutdown RMC and disable the SIGALRM used
> > for the login grace timeout check after user login authentication is
> > completed. Reviewed By: LarryS
> > 
> > Affected files ...
> > 
> > ... //depot/dev/nfx-tree/code/ssc-sshd-kb5/session.c#4 edit
> > ... //depot/dev/nfx-tree/code/ssc-sshd-kb5/sshd.c#4 edit
> 
> p4 describe 26045
> 
> ...
> 
> ==== //depot/dev/nfx-tree/code/ssc-sshd-kb5/sshd.c#4 (text) ====
> 
> ...
> 
> 1759a1767,1774
> > #ifdef NFX
> >     /* Shutdown RMC since login authentication is done and it isn't
> >      * needed anymore.
> >      */
> >     rmc_shutdown();
> >     signal(SIGALRM, SIG_DFL);
> > #endif
> > 
> 
> FYI,
> 
> That call to signal doesn't disable the signal, it just sets the
> signal action to the default, which is to kill the thread when the
> signal comes in.  You should definitely remove it.
> 
> It is unneeded, as one might guess, as the sshd authors would not have
> been missing a bug this glaring for so long.  The signal is disabled
> in the immediate function call do_authenticated().  I think what
> confused you was the poor design of RMC to use sigalarm in the first
> place. However, the setitimers(2) family of system calls might not
> have been available on the 1999 version of openbsd the implementers
> of RMC were using.  Which is why sshd itself doesn't use them -- it
> runs on a zillion different *nix machines, many of which can only
> dream of having setitimers(2).
> 
> Cheers,
> 
> a
> 
> 
