merge latestw_all

This commit is contained in:
Tess Gauthier 2024-09-13 16:34:42 -04:00
commit 718738b783
5 changed files with 15 additions and 52 deletions

View File

@ -10,13 +10,6 @@ pr:
include:
- latestw_all
resources:
repositories:
- repository: ComplianceRepo
type: github
endpoint: ComplianceGHRepo
name: PowerShell/compliance
stages:
- stage: Build
displayName: Build Win32-OpenSSH
@ -88,36 +81,6 @@ stages:
Write-Host "##vso[artifact.upload containerfolder=$artifactName;artifactname=$artifactName;]$configFilePath"
displayName: Upload Win32-OpenSSH build artifacts
- stage: Compliance
displayName: Compliance
dependsOn: Build
jobs:
- job: ComplianceJob
pool:
vmImage: windows-latest
steps:
- checkout: self
clean: true
- checkout: ComplianceRepo
clean: true
- download: current
artifact: 'Win32-OpenSSH'
- template: ci-compliance.yml@ComplianceRepo
parameters:
# credscan
suppressionsFile: ''
# Documentation: https://eng.ms/docs/security-compliance-identity-and-management-scim/security/azure-security/cloudai-security-fundamentals-engineering/security-integration/guardian-wiki/sdl-azdo-extension/security-analysis-report-build-task
- task: securedevelopmentteam.vss-secure-development-tools.build-task-report.SdtReport@2
continueOnError: true
displayName: 'Guardian Export'
inputs:
GdnExportVstsConsole: true
GdnExportSarifFile: true
GdnExportHtmlFile: true
GdnExportAllTools: false
GdnExportGdnToolCredScan: true
#this didn't do anything GdnExportCustomLogsFolder: '$(Build.ArtifactStagingDirectory)/Guardian'
- stage: Test
displayName: Test Win32-OpenSSH
dependsOn: Build

View File

@ -349,7 +349,7 @@
/* #undef HAVE_DEV_PTS_AND_PTC */
/* Define to 1 if you have the <dirent.h> header file. */
/* #undef HAVE_DIRENT_H
/* #undef HAVE_DIRENT_H */
/* Define to 1 if you have the `dirfd' function. */
/* #undef HAVE_DIRFD */

View File

@ -248,18 +248,17 @@ ga_init(const char *user, gid_t base)
if ((user_token = get_user_token(user_name, 0)) == NULL) {
/*
* TODO - We need to fatal() all the times when we fail to generate the user token.
* No fatal call here so experience when called by servconf parsing Match block
* is consistent for an invalid user (does not find password, but is not fatal yet)
* and a valid user without a token (ex: group policy forbidding login)
*/
if (get_custom_lsa_package()) {
error("%s, unable to resolve user %s", __func__, user_name);
return 0;
} else {
fatal("%s, unable to resolve user %s", __func__, user_name);
}
get_custom_lsa_package();
error("%s, unable to resolve user %s", __func__, user_name);
return 0;
}
/*
* supposed to retun number of groups associated with user
* supposed to return number of groups associated with user
* since we do lazy group evaluation, returning 1 here
*/

4
misc.c
View File

@ -22,7 +22,9 @@
#include <sys/types.h>
#include <sys/ioctl.h>
//#include <sys/mman.h>
#ifndef WINDOWS
#include <sys/mman.h>
#endif /* WINDOWS */
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/time.h>

View File

@ -1871,6 +1871,10 @@ process_server_config_line_depth(ServerOptions *options, char *line,
/* XXX appends to list; doesn't respect first-match-wins */
parse_allowdenygroups:
while ((arg = argv_next(&ac, &av)) != NULL) {
if (*arg == '\0')
fatal("%s line %d: empty %s pattern",
filename, linenum, keyword);
found = 1;
#ifdef WINDOWS
// it can be a SID string; if it is - use localized name for that SID
PSID Sid = NULL;
@ -1899,11 +1903,6 @@ process_server_config_line_depth(ServerOptions *options, char *line,
debug3_f("'%s' not recognized as SID", arg);
}
#endif // WINDOWS
if (*arg == '\0' ||
match_user(NULL, NULL, NULL, arg) == -1)
fatal("%s line %d: empty %s pattern",
filename, linenum, keyword);
found = 1;
if (!*activep)
continue;
opt_array_append(filename, linenum, keyword,