From nobody Tue Aug 06 19:18:10 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wdjkp4sgCz5STq9; Tue, 06 Aug 2024 19:18:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wdjkp4FjVz4K8J; Tue, 6 Aug 2024 19:18:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1722971890; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gaODOj1WPCzjlI1maVYB5ehnYJYcBNHSJYkZRlW+15k=; b=jsRGXKFVyC62Icx9ou05sQ52pLH7gNbCLeZwnI2whpxKvr2a3HjAlmfqa8tNQW6rcwNU++ RqrsP+iCoia7h4IoRHFY8xR1C/9DqP+FtBZ4AEByLUjJ7Z0VChKav38VnHJufV3GaWfkIk oH3diLnfS96AEoOlIF/AEM14jVDRf0X+w1XmcgcWUS6UeAgx7dY09w925uGBj8sSOmqJE2 EEJJT7qdj3GMXo7oEErYrUflMSpx9gLy9U368ZArMj5TBBFbFTqafh9kBzczuJN/51tBOE kxyUeksFTFsOayx1SoGA/9SlsvIND6JdDXg1DJPTs4+F8FC+lXmEE1tszl9tFA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722971890; a=rsa-sha256; cv=none; b=lMXaJBU70qDbohhiWVNlvRlleN5Pz77A4EDHl3xdgrrpnw3XjBaQbnJWHBpITj446zc/88 E1S1yxNcFE1X1/jZ6TFTSxiY7ypuVz2CEyJOsE1QchviaUSpmQrfYNFivJTuGZf/njUU3V pRssjMfArUJYxeMQB8ONaZ3yVlK59EMsWj/aV8zZAvaD/5jHKS6DpXdZZUJ8IFatLmq9S2 v5UDD/AMTqRZuc9TtUTIw/iouZWpvM+FKy6DFql/sh82sN0Tst6teVOLO9/BvQx9qETaGc tRkq19yhSnfIhPGgmeDvMqpoKhq6pB40Ocy6dKfL6MRIdVoipV/zVmDN8bkr0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1722971890; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gaODOj1WPCzjlI1maVYB5ehnYJYcBNHSJYkZRlW+15k=; b=J058x7/ikIP+oNW2wO8I21vHbPd9+X5S9nKZbdv+qBltS2UjMtWjliGYix4lXjk2xEo4+M Sx1zI2U+hyShyUGZUKOm2L9lNBXOpIVZHCFp8RUT+JDAm/Ou71ZknZZp1Bf/O5B/uHunxK dL/02SuPlxPGFjueV7SypsMEZSf0IlnxdcfFkzFgvoBORfueI+xkunenLUJyHoD5aRIEmq X1KfBUKnUh0X+1DfC1ivsqAe70NDlxXNVznDth/OtVbDupLtEgj5NH24mBTtuol4zd6dRr xj657LYTjIWqh5esUJXf3RQFlmQjz+8zASWSuQ56UB1B6MygdaFNumGTo0Nmrg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wdjkp3tBGzKLh; Tue, 6 Aug 2024 19:18:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476JIAhv046773; Tue, 6 Aug 2024 19:18:10 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476JIAn2046770; Tue, 6 Aug 2024 19:18:10 GMT (envelope-from git) Date: Tue, 6 Aug 2024 19:18:10 GMT Message-Id: <202408061918.476JIAn2046770@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: 2739a6845031 - main - sshd: remove blacklist call from grace_alarm_timer List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 2739a6845031e69be7c03461a9335d8bbb9f59bd Auto-Submitted: auto-generated The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=2739a6845031e69be7c03461a9335d8bbb9f59bd commit 2739a6845031e69be7c03461a9335d8bbb9f59bd Author: Ed Maste AuthorDate: 2024-08-01 00:04:46 +0000 Commit: Ed Maste CommitDate: 2024-08-06 19:14:00 +0000 sshd: remove blacklist call from grace_alarm_timer Under certain circumstances it may call log(3), which is not async- signal-safe. For now just remove the blacklist integration from this path, which means that blacklistd will not detect and firewall hosts that establish a connection but do nothing further. Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D46203 --- crypto/openssh/sshd.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 0c83e0ea468e..889f2056bc75 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -377,8 +377,6 @@ grace_alarm_handler(int sig) kill(0, SIGTERM); } - BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh"); - /* Log error and exit. */ sigdie("Timeout before authentication for %s port %d", ssh_remote_ipaddr(the_active_state),