Diffusion FreeBSD src repository c4ade13d5498

sshd: remove blacklist call from grace_alarm_timer
c4ade13d5498
Actions

Description

sshd: remove blacklist call from grace_alarm_timer

Under certain circumstances it may call log(3), which is not async-
signal-safe.

For now just remove the blacklist integration from this path, which
means that blacklistd will not detect and firewall hosts that establish
a connection but do nothing further.

Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46203

(cherry picked from commit 2739a6845031e69be7c03461a9335d8bbb9f59bd)
(cherry picked from commit 3d3bae9b95388169d396adc8007585699c5a23e0)

Approved by: so
Security: FreeBSD-SA-24:08.openssh
Security: CVE-2024-7589

(cherry picked from commit 73466449a9bf1888147c53d622236cebc0aa591b)

Details

Provenance

emaste	Authored on Aug 1 2024, 12:04 AM
markj	Committed on Aug 7 2024, 1:25 PM

Differential Revision

Restricted Differential Revision

Parents

rG4e7bf17e9db8: nfscl: Scan readdir reply filenames for invalid characters

Branches

Unknown

Tags

Unknown

Event Timeline

markj committed rGc4ade13d5498: sshd: remove blacklist call from grace_alarm_timer (authored by emaste).Aug 7 2024, 1:25 PM

markj added an edge: Restricted Differential Revision.Aug 7 2024, 1:45 PM

Changes (2)

Path

Size

crypto/

openssh/

sshd.c

version.h

rGc4ade13d5498

View Options

crypto/openssh/sshd.c