Merge branch 'latestw_all' into sync-with-upstream-2
This commit is contained in:
Tess Gauthier
GitHub
commit
547baf4e29
|
|
@ -3,7 +3,6 @@
|
|||
<!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. -->
|
||||
<ComponentGroup Id="Client" Directory="INSTALLFOLDER">
|
||||
<ComponentGroupRef Id="Shared" />
|
||||
<ComponentGroupRef Id="Manifest" />
|
||||
<Component>
|
||||
<File Name="ssh.exe" KeyPath="yes" />
|
||||
</Component>
|
||||
|
|
|
|||
|
|
@ -38,11 +38,7 @@
|
|||
|
||||
<Directory Id="TARGETDIR" Name="SourceDir">
|
||||
<Directory Id="$(var.ProgramFilesFolder)" Name="Program Files">
|
||||
<Directory Id="INSTALLFOLDER" Name="OpenSSH" >
|
||||
<Directory Id="MANIFESTFOLDER" Name="_manifest" >
|
||||
<Directory Id="SPDXFOLDER" Name="spdx_2.2" />
|
||||
</Directory>
|
||||
</Directory>
|
||||
<Directory Id="INSTALLFOLDER" Name="OpenSSH" />
|
||||
</Directory>
|
||||
</Directory>
|
||||
</Product>
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
<!-- KeyPath is necessary for multi-file components to identify the key file - preferrably versioned. -->
|
||||
<ComponentGroup Id="Server" Directory="INSTALLFOLDER">
|
||||
<ComponentGroupRef Id="Shared" />
|
||||
<ComponentGroupRef Id="Manifest" />
|
||||
<Component>
|
||||
<File Name="sftp-server.exe" KeyPath="yes" />
|
||||
</Component>
|
||||
|
|
|
|||
|
|
@ -70,15 +70,6 @@
|
|||
</Component>
|
||||
</ComponentGroup>
|
||||
|
||||
<ComponentGroup Id="Manifest" Directory="SPDXFOLDER">
|
||||
<Component>
|
||||
<File Name="manifest.spdx.json" Source="_manifest\spdx_2.2\manifest.spdx.json" KeyPath="yes" />
|
||||
</Component>
|
||||
<Component>
|
||||
<File Name="manifest.spdx.json.sha256" Source="_manifest\spdx_2.2\manifest.spdx.json.sha256" KeyPath="yes" />
|
||||
</Component>
|
||||
</ComponentGroup>
|
||||
|
||||
<!-- Automatically add custom actions if referencing the Shared component group. -->
|
||||
<SetProperty Id="SetPrivilegesOnSshAgent" Value=""[SystemFolder]sc.exe" privs ssh-agent SeAssignPrimaryTokenPrivilege/SeTcbPrivilege/SeBackupPrivilege/SeRestorePrivilege/SeImpersonatePrivilege" Sequence="execute" Before="SetPrivilegesOnSshAgent" />
|
||||
<CustomAction Id="SetPrivilegesOnSshAgent" BinaryKey="WixCA" DllEntry="WixQuietExec" Execute="deferred" Return="check" Impersonate="no" />
|
||||
|
|
|
|||
|
|
@ -1,10 +0,0 @@
|
|||
# escape=`
|
||||
#0.3.6 (no powershell 6)
|
||||
FROM balu1202/openssh-dockerbuildimage-ltsc2019-new:latest
|
||||
|
||||
SHELL ["PowerShell.exe", "-command"]
|
||||
RUN Set-ExecutionPolicy Unrestricted
|
||||
|
||||
COPY ./OpenSSH-build.ps1 /OpenSSH-build.ps1
|
||||
|
||||
ENTRYPOINT ["powershell", "-executionpolicy", "unrestricted"]
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
[cmdletbinding()]
|
||||
# PowerShell Script to clone, build and package PowerShell from specified fork and branch
|
||||
param (
|
||||
[string] $repolocation = "$pwd\openssh-portable",
|
||||
[string] $repolocation = "$PSScriptRoot\..\..\..",
|
||||
[string] $destination = "$env:WORKSPACE",
|
||||
[ValidateSet('x86', 'x64', 'arm64', 'arm')]
|
||||
[String]$NativeHostArch = 'x64',
|
||||
|
|
|
|||
|
|
@ -1727,7 +1727,6 @@
|
|||
#define _PATH_LS "dir"
|
||||
#define _PATH_DEVNULL "NUL"
|
||||
#define FORK_NOT_SUPPORTED
|
||||
#define HAVE_FREEZERO
|
||||
#define FILESYSTEM_NO_BACKSLASH
|
||||
#define HAVE_LOCALTIME_R
|
||||
#define HAVE_DECL_MEMMEM 0
|
||||
|
|
|
|||
|
|
@ -58,6 +58,7 @@
|
|||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\bsd-waitpid.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\daemon.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\dirname.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\freezero.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\explicit_bzero.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\fake-rfc2553.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\fmt_scaled.c" />
|
||||
|
|
|
|||
|
|
@ -75,6 +75,9 @@
|
|||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\dirname.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\freezero.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)openbsd-compat\explicit_bzero.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -1512,15 +1512,6 @@ w32_ctime(const time_t* sourceTime)
|
|||
return ctime_s(destTime, 26, sourceTime) == 0 ? destTime : NULL;
|
||||
}
|
||||
|
||||
void
|
||||
freezero(void *ptr, size_t sz)
|
||||
{
|
||||
if (ptr == NULL)
|
||||
return;
|
||||
explicit_bzero(ptr, sz);
|
||||
free(ptr);
|
||||
}
|
||||
|
||||
int
|
||||
setenv(const char *name, const char *value, int rewrite)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -190,6 +190,29 @@ check_group_membership(const char* group)
|
|||
{
|
||||
PSID sid = NULL;
|
||||
BOOL is_member = 0;
|
||||
char* utf8_group_name = NULL;
|
||||
|
||||
// it can be a SID string; if it is - use localized name for that SID
|
||||
wchar_t* group_utf16 = utf8_to_utf16(group);
|
||||
if (ConvertStringSidToSidW(group_utf16, &sid) != 0) {
|
||||
WCHAR group_name[UNLEN + 1];
|
||||
DWORD group_name_length = UNLEN + 1;
|
||||
WCHAR domain_name[DNLEN + 1] = L"";
|
||||
DWORD domain_name_size = DNLEN + 1;
|
||||
SID_NAME_USE account_type = 0;
|
||||
if (LookupAccountSidW(NULL, sid, group_name, &group_name_length,
|
||||
domain_name, &domain_name_size, &account_type) != 0) {
|
||||
utf8_group_name = utf16_to_utf8(group_name);
|
||||
debug3_f("'%s' is translated to '%s'", group, utf8_group_name);
|
||||
group = utf8_group_name;
|
||||
} else {
|
||||
debug3_f("LookupAccountSid failed for '%s'", group);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
debug3_f("'%s' not recognized as SID", group);
|
||||
}
|
||||
|
||||
if ((sid = get_sid(group)) == NULL) {
|
||||
error("unable to resolve group %s", group);
|
||||
|
|
@ -202,6 +225,10 @@ check_group_membership(const char* group)
|
|||
cleanup:
|
||||
if (sid)
|
||||
free(sid);
|
||||
if (group_utf16)
|
||||
free(group_utf16);
|
||||
if (utf8_group_name)
|
||||
free(utf8_group_name);
|
||||
return is_member? 1: 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
72
servconf.c
72
servconf.c
|
|
@ -11,6 +11,10 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
#ifdef WINDOWS
|
||||
#include <LM.h>
|
||||
#include <Sddl.h>
|
||||
#endif // WINDOWS
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
|
|
@ -1835,6 +1839,34 @@ process_server_config_line_depth(ServerOptions *options, char *line,
|
|||
parse_allowdenyusers:
|
||||
/* XXX appends to list; doesn't respect first-match-wins */
|
||||
while ((arg = argv_next(&ac, &av)) != NULL) {
|
||||
#ifdef WINDOWS
|
||||
// it can be a SID string; if it is - use localized name for that SID
|
||||
PSID Sid = NULL;
|
||||
char* utf8_user_name = NULL;
|
||||
wchar_t* arg_utf16 = utf8_to_utf16(arg);
|
||||
if (ConvertStringSidToSidW(arg_utf16, &Sid) != 0) {
|
||||
WCHAR user_name[UNLEN + 1];
|
||||
DWORD user_name_length = UNLEN + 1;
|
||||
WCHAR domain_name[DNLEN + 1] = L"";
|
||||
DWORD domain_name_size = DNLEN + 1;
|
||||
SID_NAME_USE account_type = 0;
|
||||
if (LookupAccountSidW(NULL, Sid, user_name, &user_name_length,
|
||||
domain_name, &domain_name_size, &account_type) != 0) {
|
||||
utf8_user_name = utf16_to_utf8(user_name);
|
||||
debug3_f("'%s' is translated to '%s'", arg, utf8_user_name);
|
||||
arg = utf8_user_name;
|
||||
} else {
|
||||
debug3_f("LookupAccountSid failed for '%s'", arg);
|
||||
}
|
||||
|
||||
if (Sid)
|
||||
LocalFree(Sid);
|
||||
}
|
||||
else
|
||||
{
|
||||
debug3_f("'%s' not recognized as SID", arg);
|
||||
}
|
||||
#endif // WINDOWS
|
||||
if (*arg == '\0' ||
|
||||
match_user(NULL, NULL, NULL, arg) == -1)
|
||||
fatal("%s line %d: invalid %s pattern: \"%s\"",
|
||||
|
|
@ -1844,6 +1876,12 @@ process_server_config_line_depth(ServerOptions *options, char *line,
|
|||
continue;
|
||||
opt_array_append(filename, linenum, keyword,
|
||||
chararrayptr, uintptr, arg);
|
||||
#ifdef WINDOWS
|
||||
if (utf8_user_name)
|
||||
free(utf8_user_name);
|
||||
if (arg_utf16)
|
||||
free(arg_utf16);
|
||||
#endif // WINDOWS
|
||||
}
|
||||
if (!found) {
|
||||
fatal("%s line %d: no %s specified",
|
||||
|
|
@ -1866,10 +1904,44 @@ process_server_config_line_depth(ServerOptions *options, char *line,
|
|||
fatal("%s line %d: empty %s pattern",
|
||||
filename, linenum, keyword);
|
||||
found = 1;
|
||||
#ifdef WINDOWS
|
||||
// it can be a SID string; if it is - use localized name for that SID
|
||||
PSID Sid = NULL;
|
||||
char* utf8_group_name = NULL;
|
||||
wchar_t* arg_utf16 = utf8_to_utf16(arg);
|
||||
if (ConvertStringSidToSidW(arg_utf16, &Sid) != 0) {
|
||||
WCHAR group_name[UNLEN + 1];
|
||||
DWORD group_name_length = UNLEN + 1;
|
||||
WCHAR domain_name[DNLEN + 1] = L"";
|
||||
DWORD domain_name_size = DNLEN + 1;
|
||||
SID_NAME_USE account_type = 0;
|
||||
if (LookupAccountSidW(NULL, Sid, group_name, &group_name_length,
|
||||
domain_name, &domain_name_size, &account_type) != 0) {
|
||||
utf8_group_name = utf16_to_utf8(group_name);
|
||||
debug3_f("'%s' is translated to '%s'", arg, utf8_group_name);
|
||||
arg = utf8_group_name;
|
||||
} else {
|
||||
debug3_f("LookupAccountSid failed for '%s'", arg);
|
||||
}
|
||||
|
||||
if (Sid)
|
||||
LocalFree(Sid);
|
||||
}
|
||||
else
|
||||
{
|
||||
debug3_f("'%s' not recognized as SID", arg);
|
||||
}
|
||||
#endif // WINDOWS
|
||||
if (!*activep)
|
||||
continue;
|
||||
opt_array_append(filename, linenum, keyword,
|
||||
chararrayptr, uintptr, arg);
|
||||
#ifdef WINDOWS
|
||||
if (utf8_group_name)
|
||||
free(utf8_group_name);
|
||||
if (arg_utf16)
|
||||
free(arg_utf16);
|
||||
#endif // WINDOWS
|
||||
}
|
||||
if (!found) {
|
||||
fatal("%s line %d: no %s specified",
|
||||
|
|
|
|||
Loading…
Reference in New Issue