tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-30 01:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'latestw_all' into sync-with-upstream-2

Browse Source
This commit is contained in:
Tess Gauthier 2024-06-17 15:00:49 -04:00 committed by GitHub
commit 547baf4e29
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
13 changed files with 105 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/win32/install/client.wxs
View File

@ -3,7 +3,6 @@
<!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. --> <!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. -->
<ComponentGroup Id="Client" Directory="INSTALLFOLDER"> <ComponentGroup Id="Client" Directory="INSTALLFOLDER">
<ComponentGroupRef Id="Shared" /> <ComponentGroupRef Id="Shared" />
<ComponentGroupRef Id="Manifest" />
<Component> <Component>
<File Name="ssh.exe" KeyPath="yes" /> <File Name="ssh.exe" KeyPath="yes" />
</Component> </Component>

6
contrib/win32/install/product.wxs
View File

@ -38,11 +38,7 @@
<Directory Id="TARGETDIR" Name="SourceDir"> <Directory Id="TARGETDIR" Name="SourceDir">
<Directory Id="$(var.ProgramFilesFolder)" Name="Program Files"> <Directory Id="$(var.ProgramFilesFolder)" Name="Program Files">
<Directory Id="INSTALLFOLDER" Name="OpenSSH" > <Directory Id="INSTALLFOLDER" Name="OpenSSH" />
<Directory Id="MANIFESTFOLDER" Name="_manifest" >
<Directory Id="SPDXFOLDER" Name="spdx_2.2" />
</Directory>
</Directory>
</Directory> </Directory>
</Directory> </Directory>
</Product> </Product>

1
contrib/win32/install/server.wxs
View File

@ -3,7 +3,6 @@
<!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. --> <!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. -->
<ComponentGroup Id="Server" Directory="INSTALLFOLDER"> <ComponentGroup Id="Server" Directory="INSTALLFOLDER">
<ComponentGroupRef Id="Shared" /> <ComponentGroupRef Id="Shared" />
<ComponentGroupRef Id="Manifest" />
<Component> <Component>
<File Name="sftp-server.exe" KeyPath="yes" /> <File Name="sftp-server.exe" KeyPath="yes" />
</Component> </Component>

9
contrib/win32/install/shared.wxs
View File

@ -70,15 +70,6 @@
</Component> </Component>
</ComponentGroup> </ComponentGroup>
<ComponentGroup Id="Manifest" Directory="SPDXFOLDER">
<Component>
<File Name="manifest.spdx.json" Source="_manifest\spdx_2.2\manifest.spdx.json" KeyPath="yes" />
</Component>
<Component>
<File Name="manifest.spdx.json.sha256" Source="_manifest\spdx_2.2\manifest.spdx.json.sha256" KeyPath="yes" />
</Component>
</ComponentGroup>
<!-- Automatically add custom actions if referencing the Shared component group. --> <!-- Automatically add custom actions if referencing the Shared component group. -->
<SetProperty Id="SetPrivilegesOnSshAgent" Value="&quot;[SystemFolder]sc.exe&quot; privs ssh-agent SeAssignPrimaryTokenPrivilege/SeTcbPrivilege/SeBackupPrivilege/SeRestorePrivilege/SeImpersonatePrivilege" Sequence="execute" Before="SetPrivilegesOnSshAgent" /> <SetProperty Id="SetPrivilegesOnSshAgent" Value="&quot;[SystemFolder]sc.exe&quot; privs ssh-agent SeAssignPrimaryTokenPrivilege/SeTcbPrivilege/SeBackupPrivilege/SeRestorePrivilege/SeImpersonatePrivilege" Sequence="execute" Before="SetPrivilegesOnSshAgent" />
<CustomAction Id="SetPrivilegesOnSshAgent" BinaryKey="WixCA" DllEntry="WixQuietExec" Execute="deferred" Return="check" Impersonate="no" /> <CustomAction Id="SetPrivilegesOnSshAgent" BinaryKey="WixCA" DllEntry="WixQuietExec" Execute="deferred" Return="check" Impersonate="no" />

10
contrib/win32/openssh/DockerFile
View File

@ -1,10 +0,0 @@
# escape=`
#0.3.6 (no powershell 6)
FROM balu1202/openssh-dockerbuildimage-ltsc2019-new:latest
SHELL ["PowerShell.exe", "-command"]
RUN Set-ExecutionPolicy Unrestricted
COPY ./OpenSSH-build.ps1 /OpenSSH-build.ps1
ENTRYPOINT ["powershell", "-executionpolicy", "unrestricted"]

2
contrib/win32/openssh/OpenSSH-build.ps1
View File

@ -1,7 +1,7 @@
[cmdletbinding()] [cmdletbinding()]
# PowerShell Script to clone, build and package PowerShell from specified fork and branch # PowerShell Script to clone, build and package PowerShell from specified fork and branch
param ( param (
[string] $repolocation = "$pwd\openssh-portable", [string] $repolocation = "$PSScriptRoot\..\..\..",
[string] $destination = "$env:WORKSPACE", [string] $destination = "$env:WORKSPACE",
[ValidateSet('x86', 'x64', 'arm64', 'arm')] [ValidateSet('x86', 'x64', 'arm64', 'arm')]
[String]$NativeHostArch = 'x64', [String]$NativeHostArch = 'x64',

1
contrib/win32/openssh/config.h.vs
View File

@ -1727,7 +1727,6 @@
#define _PATH_LS "dir" #define _PATH_LS "dir"
#define _PATH_DEVNULL "NUL" #define _PATH_DEVNULL "NUL"
#define FORK_NOT_SUPPORTED #define FORK_NOT_SUPPORTED
#define HAVE_FREEZERO
#define FILESYSTEM_NO_BACKSLASH #define FILESYSTEM_NO_BACKSLASH
#define HAVE_LOCALTIME_R #define HAVE_LOCALTIME_R
#define HAVE_DECL_MEMMEM 0 #define HAVE_DECL_MEMMEM 0

1
contrib/win32/openssh/openbsd_compat.vcxproj
View File

@ -58,6 +58,7 @@
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\bsd-waitpid.c" /> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\bsd-waitpid.c" />
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\daemon.c" /> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\daemon.c" />
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\dirname.c" /> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\dirname.c" />
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\freezero.c" />
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\explicit_bzero.c" /> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\explicit_bzero.c" />
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\fake-rfc2553.c" /> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\fake-rfc2553.c" />
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\fmt_scaled.c" /> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\fmt_scaled.c" />

3
contrib/win32/openssh/openbsd_compat.vcxproj.filters
View File

@ -75,6 +75,9 @@
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\dirname.c"> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\dirname.c">
<Filter>Source Files</Filter> <Filter>Source Files</Filter>
</ClCompile> </ClCompile>
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\freezero.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\explicit_bzero.c"> <ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\explicit_bzero.c">
<Filter>Source Files</Filter> <Filter>Source Files</Filter>
</ClCompile> </ClCompile>

BIN
contrib/win32/openssh/resource.h
View File

Binary file not shown.

9
contrib/win32/win32compat/misc.c
View File

@ -1512,15 +1512,6 @@ w32_ctime(const time_t* sourceTime)
return ctime_s(destTime, 26, sourceTime) == 0 ? destTime : NULL; return ctime_s(destTime, 26, sourceTime) == 0 ? destTime : NULL;
} }
void
freezero(void *ptr, size_t sz)
{
if (ptr == NULL)
return;
explicit_bzero(ptr, sz);
free(ptr);
}
int int
setenv(const char *name, const char *value, int rewrite) setenv(const char *name, const char *value, int rewrite)
{ {

27
contrib/win32/win32compat/win32_groupaccess.c
View File

@ -190,6 +190,29 @@ check_group_membership(const char* group)
{ {
PSID sid = NULL; PSID sid = NULL;
BOOL is_member = 0; BOOL is_member = 0;
char* utf8_group_name = NULL;
// it can be a SID string; if it is - use localized name for that SID
wchar_t* group_utf16 = utf8_to_utf16(group);
if (ConvertStringSidToSidW(group_utf16, &sid) != 0) {
WCHAR group_name[UNLEN + 1];
DWORD group_name_length = UNLEN + 1;
WCHAR domain_name[DNLEN + 1] = L"";
DWORD domain_name_size = DNLEN + 1;
SID_NAME_USE account_type = 0;
if (LookupAccountSidW(NULL, sid, group_name, &group_name_length,
domain_name, &domain_name_size, &account_type) != 0) {
utf8_group_name = utf16_to_utf8(group_name);
debug3_f("'%s' is translated to '%s'", group, utf8_group_name);
group = utf8_group_name;
} else {
debug3_f("LookupAccountSid failed for '%s'", group);
}
}
else
{
debug3_f("'%s' not recognized as SID", group);
}
if ((sid = get_sid(group)) == NULL) { if ((sid = get_sid(group)) == NULL) {
error("unable to resolve group %s", group); error("unable to resolve group %s", group);
@ -202,6 +225,10 @@ check_group_membership(const char* group)
cleanup: cleanup:
if (sid) if (sid)
free(sid); free(sid);
if (group_utf16)
free(group_utf16);
if (utf8_group_name)
free(utf8_group_name);
return is_member? 1: 0; return is_member? 1: 0;
} }

72
servconf.c
View File

@ -11,6 +11,10 @@
*/ */
#include "includes.h" #include "includes.h"
#ifdef WINDOWS
#include <LM.h>
#include <Sddl.h>
#endif // WINDOWS
#include <sys/types.h> #include <sys/types.h>
#include <sys/socket.h> #include <sys/socket.h>
@ -1835,6 +1839,34 @@ process_server_config_line_depth(ServerOptions *options, char *line,
parse_allowdenyusers: parse_allowdenyusers:
/* XXX appends to list; doesn't respect first-match-wins */ /* XXX appends to list; doesn't respect first-match-wins */
while ((arg = argv_next(&ac, &av)) != NULL) { while ((arg = argv_next(&ac, &av)) != NULL) {
#ifdef WINDOWS
// it can be a SID string; if it is - use localized name for that SID
PSID Sid = NULL;
char* utf8_user_name = NULL;
wchar_t* arg_utf16 = utf8_to_utf16(arg);
if (ConvertStringSidToSidW(arg_utf16, &Sid) != 0) {
WCHAR user_name[UNLEN + 1];
DWORD user_name_length = UNLEN + 1;
WCHAR domain_name[DNLEN + 1] = L"";
DWORD domain_name_size = DNLEN + 1;
SID_NAME_USE account_type = 0;
if (LookupAccountSidW(NULL, Sid, user_name, &user_name_length,
domain_name, &domain_name_size, &account_type) != 0) {
utf8_user_name = utf16_to_utf8(user_name);
debug3_f("'%s' is translated to '%s'", arg, utf8_user_name);
arg = utf8_user_name;
} else {
debug3_f("LookupAccountSid failed for '%s'", arg);
}
if (Sid)
LocalFree(Sid);
}
else
{
debug3_f("'%s' not recognized as SID", arg);
}
#endif // WINDOWS
if (*arg == '\0' || if (*arg == '\0' ||
match_user(NULL, NULL, NULL, arg) == -1) match_user(NULL, NULL, NULL, arg) == -1)
fatal("%s line %d: invalid %s pattern: \"%s\"", fatal("%s line %d: invalid %s pattern: \"%s\"",
@ -1844,6 +1876,12 @@ process_server_config_line_depth(ServerOptions *options, char *line,
continue; continue;
opt_array_append(filename, linenum, keyword, opt_array_append(filename, linenum, keyword,
chararrayptr, uintptr, arg); chararrayptr, uintptr, arg);
#ifdef WINDOWS
if (utf8_user_name)
free(utf8_user_name);
if (arg_utf16)
free(arg_utf16);
#endif // WINDOWS
} }
if (!found) { if (!found) {
fatal("%s line %d: no %s specified", fatal("%s line %d: no %s specified",
@ -1866,10 +1904,44 @@ process_server_config_line_depth(ServerOptions *options, char *line,
fatal("%s line %d: empty %s pattern", fatal("%s line %d: empty %s pattern",
filename, linenum, keyword); filename, linenum, keyword);
found = 1; found = 1;
#ifdef WINDOWS
// it can be a SID string; if it is - use localized name for that SID
PSID Sid = NULL;
char* utf8_group_name = NULL;
wchar_t* arg_utf16 = utf8_to_utf16(arg);
if (ConvertStringSidToSidW(arg_utf16, &Sid) != 0) {
WCHAR group_name[UNLEN + 1];
DWORD group_name_length = UNLEN + 1;
WCHAR domain_name[DNLEN + 1] = L"";
DWORD domain_name_size = DNLEN + 1;
SID_NAME_USE account_type = 0;
if (LookupAccountSidW(NULL, Sid, group_name, &group_name_length,
domain_name, &domain_name_size, &account_type) != 0) {
utf8_group_name = utf16_to_utf8(group_name);
debug3_f("'%s' is translated to '%s'", arg, utf8_group_name);
arg = utf8_group_name;
} else {
debug3_f("LookupAccountSid failed for '%s'", arg);
}
if (Sid)
LocalFree(Sid);
}
else
{
debug3_f("'%s' not recognized as SID", arg);
}
#endif // WINDOWS
if (!*activep) if (!*activep)
continue; continue;
opt_array_append(filename, linenum, keyword, opt_array_append(filename, linenum, keyword,
chararrayptr, uintptr, arg); chararrayptr, uintptr, arg);
#ifdef WINDOWS
if (utf8_group_name)
free(utf8_group_name);
if (arg_utf16)
free(arg_utf16);
#endif // WINDOWS
} }
if (!found) { if (!found) {
fatal("%s line %d: no %s specified", fatal("%s line %d: no %s specified",