From 4b39eff79762716c2a1928fd3b66f7d700d3da27 Mon Sep 17 00:00:00 2001
From: Michael Kropat <michael.can.code@kropat.email>
Date: Thu, 4 Apr 2024 00:02:58 -0400
Subject: [PATCH] POC: Allow SIGINT while waiting for fido

This is a bad idea. This *might* work for sudo, since the sudo process
blocks SIGINT and this change overrides that temporarily. However:

a) There is no guarantee the pam-u2f plugin is being invoked by sudo
b) Even when we are running in sudo, I'm guessing sudo is not expecting
   a plugin to change the signal handlers, which invites problems

Even if we wanted to do something like this, the change is incomplete
since no cleanup of the pam-u2f resources is done when a SIGINT happens.
---
 util.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/util.c b/util.c
index 10476b2..6f8f3be 100644
--- a/util.c
+++ b/util.c
@@ -20,6 +20,7 @@
 #include <unistd.h>
 #include <string.h>
 #include <arpa/inet.h>
+#include <signal.h>
 
 #include "b64.h"
 #include "debug.h"
@@ -1146,6 +1147,7 @@ int do_authentication(const cfg_t *cfg, const device_t *devices,
   struct opts opts;
   struct pk pk;
   char *pin = NULL;
+  sigset_t mask, omask;
 
   init_opts(&opts);
 #ifndef WITH_FUZZING
@@ -1238,7 +1240,16 @@ int do_authentication(const cfg_t *cfg, const device_t *devices,
                      cfg->cue_prompt != NULL ? cfg->cue_prompt : DEFAULT_CUE);
           }
         }
+
+        sigemptyset(&mask);
+        sigaddset(&mask, SIGINT);
+        sigaddset(&mask, SIGQUIT);
+        (void) sigprocmask(SIG_UNBLOCK, &mask, &omask);
+
         r = fido_dev_get_assert(authlist[j], assert, pin);
+
+        (void) sigprocmask(SIG_SETMASK, &omask, NULL);
+
         if (pin) {
           explicit_bzero(pin, strlen(pin));
           free(pin);