Implementation of a generic wrap interface for bignum and diffie-hellman
based upon Damien's wrap code in openssh-openbsd. This commit adds the
generic interface along with the backing code for openssl, cng, and cng
with an openssl fallback. Currently, openssl is the only provider for
bignum and the diffie-hellman generic interface is only for static and
negotiated oakley groups..
ssh-agent.exe and ssh-add.exe code updated and fixed to work in Windows.
For convenience of users, ssh-agent.exe starts a cmd shell with the
"SSH_AUTH_SOCK" and "SSH_AGENT_PID" environment variables set.
ssh-add.exe can be run immediately from the cmd shell. 'ssh-add -L" and
"ssh-add id_rsa" and "ssh-add -d id_rsa" are 3 useful commands to list,
add and delete keys from ssh-agent cache.
Changed the code to bring back assertion popups for everyone, but turn
off assertions around the _get_osfhandle() call in allocate_sfd(). The
original port code was designed knowing that some of the passed
parameters would be invalid, but was expecting that the call would just
fail instead of generating an assert dialog. Turning off Asserts around
this call results in behavior similar to mingw.
Also, turn off Incremental Linking for ssh.exe since half the time, the
linker would trap on this project.
Lot of code had to be redone as scp.exe contains both the scp client and
scp server in the same binary working in Windows needs various file
system access related changes. sshd_config file needs to add "scp"
subsystem path like we do for sftp server.
Using a module definition file gives better support to handle symbol
decorations. This change adds ssh-lsa.def to define the functions
exported from ssh-lsa.dll.
Misc. changes to ssh-lsa project (warning level, sdl check, calling
convention).
The changes necessary to support visual studio fall into 2 basic groups.
1) reordering of header files, and 2) changes to support syntax
differences between mingw and visual studio and 3). All changes are
conditional upon the definition of the macro __VS_BUILD__ .
The sfds code blindly uses _get_osfhandle on values that may be file
descriptors, sockets or io handles. Under visual studio, _get_osfhandle
will call the invalid parameter handler for items that are not file
descriptors. Adding the handler allows us to call this in the same way
that mingw does. We will still get an assertion, but a prior change
sends those to stdiout instead of making the user click through a
dialog.
Functions not declared before use, are define as returning an int.
Under 64-bit this can result in corrupted pointers being returned.
Also, Visual studio doesn't like it when you use variables to declare
array sizes, static values always work though.
Negative of an unsigned value should just be the two's complement. Add
code to change code with negative unsigned values to two's compliment
values if compiling under visual studio.
KeyObject for cipher symmetric key was being allocated improperly due to
an error in getting the key object size. Also added code to free
keyobject in the event of a key creation failure.
Windows 7 improved the memory management in CNG. To support Vista we
need to manage memory for cryptographic objects ourselves. This change
adds a key object memory pointer to the cipher context and adds code to
allocate and free it along with the key handle.
ssh_digest_start was using a pointer to the algorithm handle instead of
the algorithm handle itself in the BCryptGetProperty call. It was also
querying for the hash length when it should have been querying for the
hash object length.
Typically LF is sent when Return key is hit. But for sshd servers that
sent us via ANSI escape sequence that CRLF is to be sent, ssh.exe client
will do so which is used commonly used by sshd servers in Windows - like
our own win32 port sshd.
Console API is now used for interactive tty mode. Thus ssh.exe client
can now pass each character to remote side as one types so that programs
like more works correctly. Control-c now will stop the remote program
instead of exiting the ssh.exe.
Fixes issues like cmd.exe shell not handling backspace, control-c.
Control-c is still a work in progress and will be fixed but backspace
processing works. This work when complete will make cmd.exe shell and
powershell work better for interactive users.
CAUTION: untested as my openssl installation has gone insane.
If the incoming "hScreen" parameter is NULL, a new PSCREEN_RECORD is
allocated to use in its place.
However, if the allocation of the "pScreenBuf" member variable fails,
the function returns, potentially leaking the newly allocated
PSCREEN_RECORD.
This fix first checks to see if the functions owns the "pScreenRec", and
if so, frees it before returning.
Pty mode code added so that sshd server can do remote echo, backspace
processing. etc and ssh.exe client does not have to do local echo. We
can enrich it in future for more features and allowing programs like
powershell to run interactive. Pty mode is central for interactive use
and will be built using Windows console instead of termios that
Linux/Unix uses.
Fixed this #3 problem ticket. We determine domain hostname which created
the authenticated token from the token and then pass it to
LoadUserProfile() Windows API which now correctly creates the user's
home directory name and profile folder.
pty and tty support was not enabled or working in the code. Without pty
support, ssh client was very non functional - e.g. openssh linux server
prompt would not come through. Now ssh client works much better in
interactive mode ( uses pty).
NoMachine did not finish coding child process ending detection logic.
Added the needed code so that child process handle is added to the
handles that WaitForMultipleObjects() waits for in nomachine select()
implementation in socket.c. Otherwise select() would be stuck in
read/write dectection even when the process of interest has exited.
sftp-server.exe code modified to work in Windows as NoMachine never
finished it to work. I/O handling to work as a subsystem and
openssh7.1p1 sshbuf_new() buffer system code had to be used. sshd_config
file need location of sftp subsystem to be specified.
ssh.exe client invoked underneath was not able to send password prompt
and read password from user as stdin and stdout handles were redirected
to sockets by sftp.exe ; stderr which is not redirected is used to show
prompt to users and data is read from console
