sshd: remove blacklist call from grace_alarm_timer

Under certain circumstances it may call log(3), which is not async- signal-safe. For now just remove the blacklist integration from this path, which means that blacklistd will not detect and firewall hosts that establish a connection but do nothing further. Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D46203
emaste · Aug 6, 2024 · 2739a68 · 2739a68
1 parent e4d064e
commit 2739a68
Showing 1 changed file with 0 additions and 2 deletions.
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
@@ -377,8 +377,6 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh");
-
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s port %d",
 	    ssh_remote_ipaddr(the_active_state),