diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2001-12-07 17:16:19 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2001-12-07 17:16:19 +0000 |
commit | d68e3853231298c4f3147f7068df11f6512119d6 (patch) | |
tree | f5806b69f8026948d043caa99246554b9bff8928 | |
parent | 6bdd04dc72330bd2c9d341c31917ddac729c12a2 (diff) |
Block keyboard-generated signals during database accesses.
-rw-r--r-- | libexec/login_token/login_token.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/libexec/login_token/login_token.c b/libexec/login_token/login_token.c index 37bbd0f3cf6..882db5fd3f4 100644 --- a/libexec/login_token/login_token.c +++ b/libexec/login_token/login_token.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_token.c,v 1.4 2001/12/06 05:37:04 millert Exp $ */ +/* $OpenBSD: login_token.c,v 1.5 2001/12/07 17:16:18 millert Exp $ */ /*- * Copyright (c) 1995, 1996 Berkeley Software Design, Inc. All rights reserved. @@ -41,6 +41,7 @@ #include <err.h> #include <readpassphrase.h> +#include <signal.h> #include <stdio.h> #include <syslog.h> #include <stdlib.h> @@ -66,9 +67,16 @@ main(argc, argv) int c; int mode = 0; struct rlimit cds; + sigset_t blockset; (void)setpriority(PRIO_PROCESS, 0, 0); + /* We block keyboard-generated signals during database accesses. */ + sigemptyset(&blockset); + sigaddset(&blockset, SIGINT); + sigaddset(&blockset, SIGQUIT); + sigaddset(&blockset, SIGTSTP); + openlog(NULL, LOG_ODELAY, LOG_AUTH); cds.rlim_cur = 0; @@ -76,10 +84,12 @@ main(argc, argv) if (setrlimit(RLIMIT_CORE, &cds) < 0) syslog(LOG_ERR, "couldn't set core dump size to 0: %m"); + (void)sigprocmask(SIG_BLOCK, &blockset, NULL); if (token_init(argv[0]) < 0) { syslog(LOG_ERR, "unknown token type"); errx(1, "unknown token type"); } + (void)sigprocmask(SIG_UNBLOCK, &blockset, NULL); while ((c = getopt(argc, argv, "ds:v:")) != -1) switch(c) { @@ -136,8 +146,10 @@ main(argc, argv) exit(1); } } else { + (void)sigprocmask(SIG_BLOCK, &blockset, NULL); tokenchallenge(username, challenge, sizeof(challenge), tt->proper); + (void)sigprocmask(SIG_UNBLOCK, &blockset, NULL); if (mode == 1) { fprintf(back, BI_VALUE " challenge %s\n", auth_mkvalue(challenge)); @@ -155,6 +167,7 @@ main(argc, argv) } } + (void)sigprocmask(SIG_BLOCK, &blockset, NULL); if (tokenverify(username, challenge, pp) == 0) { fprintf(back, BI_AUTH "\n"); |