conntrackd: fix deadlock due to wrong nested signal blocking

The existing code may nest several signal blocking and unblocking
calls in different paths of the code. This may result in deadlocks
while receiving signals.

This patch simplifies the signal blocking approach. Now signals
are blocked in three paths:

1) Internal timers handling, while running timer callback
   for expired timers.

2) File descriptor handling, while running file descriptor
   callbacks.

3) While handling signals, to avoid that SIGINT and SIGTERM
   in a row results in a deadlock.

Thanks a lot to Ulrich Weber <ulrich.weber@sophos.com> for
discussing a fix for this problem.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

0 files changed, 0 insertions, 0 deletions