Separate binary path from cfg path and log path (#263)

Separate binary path from cfg path and log path, test update

contrib/win32/openssh/FixHostFilePermissions.ps1

@@ -5,14 +5,14 @@ If ($PSVersiontable.PSVersion.Major -le 2) {$PSScriptRoot = Split-Path -Parent $
 Import-Module $PSScriptRoot\OpenSSHUtils -Force
 
 #check sshd config file
-$sshdConfigPath = join-path $PSScriptRoot "sshd_config"
+$sshdConfigPath = join-path $env:ProgramData\ssh "sshd_config"
 if(Test-Path $sshdConfigPath -PathType Leaf)
 {
     Repair-SshdConfigPermission -FilePath $sshdConfigPath @psBoundParameters
 }
 else
 {
-    Write-host "$FilePath does not exist"  -ForegroundColor Yellow
+    Write-host "$sshdConfigPath does not exist"  -ForegroundColor Yellow
 }
  
 #check host keys
@@ -36,7 +36,7 @@ If you choose not to register the keys with ssh-agent, please grant sshd read ac
     Write-Host " "
 }#>
 
-Get-ChildItem $PSScriptRoot\ssh_host_*_key -ErrorAction SilentlyContinue | % {    
+Get-ChildItem $env:ProgramData\ssh\ssh_host_*_key -ErrorAction SilentlyContinue | % {
     Repair-SshdHostKeyPermission -FilePath $_.FullName @psBoundParameters
 }
 

contrib/win32/openssh/OpenSSHBuildHelper.psm1

@@ -344,7 +344,7 @@ function Start-OpenSSHPackage
     $buildDir = Join-Path $repositoryRoot ("bin\" + $folderName + "\" + $Configuration)
     $payload = "sshd.exe", "ssh.exe", "ssh-agent.exe", "ssh-add.exe", "sftp.exe"
     $payload += "sftp-server.exe", "scp.exe", "ssh-shellhost.exe", "ssh-keygen.exe", "ssh-keyscan.exe" 
-    $payload += "sshd_config", "install-sshd.ps1", "uninstall-sshd.ps1"
+    $payload += "sshd_config_default", "install-sshd.ps1", "uninstall-sshd.ps1"
     $payload +="FixHostFilePermissions.ps1", "FixUserFilePermissions.ps1", "OpenSSHUtils.psm1", "OpenSSHUtils.psd1"
 
     $packageName = "OpenSSH-Win64"

contrib/win32/openssh/OpenSSHTestHelper.psm1

@@ -13,6 +13,7 @@ $PubKeyUser = "sshtest_pubkeyuser"
 $PasswdUser = "sshtest_passwduser"
 $OpenSSHTestAccountsPassword = "P@ssw0rd_1"
 $OpenSSHTestAccounts = $Script:SSOUser, $Script:PubKeyUser, $Script:PasswdUser
+$OpenSSHConfigPath = Join-Path $env:ProgramData "ssh"
 
 $Script:TestDataPath = "$env:SystemDrive\OpenSSHTests"
 $Script:E2ETestResultsFile = Join-Path $TestDataPath $E2ETestResultsFileName
@@ -162,25 +163,19 @@ WARNING: Following changes will be made to OpenSSH configuration
     }
 
     #Backup existing OpenSSH configuration
-    $backupConfigPath = Join-Path $script:OpenSSHBinPath sshd_config.ori
+    $backupConfigPath = Join-Path $OpenSSHConfigPath sshd_config.ori
     if (-not (Test-Path $backupConfigPath -PathType Leaf)) {
-        Copy-Item (Join-Path $script:OpenSSHBinPath sshd_config) $backupConfigPath -Force
+        Copy-Item (Join-Path $OpenSSHConfigPath sshd_config) $backupConfigPath -Force
     }
-    $targetsshdConfig = Join-Path $script:OpenSSHBinPath sshd_config
+    $targetsshdConfig = Join-Path $OpenSSHConfigPath sshd_config
     # copy new sshd_config
-    if($Script:WindowsInBox -and (Test-Path $targetsshdConfig))
-    {
-        $currentUser = New-Object System.Security.Principal.NTAccount($($env:USERDOMAIN), $($env:USERNAME))
-        Add-PermissionToFileACL -FilePath $targetsshdConfig -User $currentUser -Perm "Read,Write"
-    }
-    
     Copy-Item (Join-Path $Script:E2ETestDirectory sshd_config) $targetsshdConfig -Force
     
     Start-Service ssh-agent
 
     #copy sshtest keys
-    Copy-Item "$($Script:E2ETestDirectory)\sshtest*hostkey*" $script:OpenSSHBinPath -Force  
+    Copy-Item "$($Script:E2ETestDirectory)\sshtest*hostkey*" $OpenSSHConfigPath -Force  
-    Get-ChildItem "$($script:OpenSSHBinPath)\sshtest*hostkey*"| % {
+    Get-ChildItem "$($OpenSSHConfigPath)\sshtest*hostkey*"| % {
         #workaround for the cariggage new line added by git before copy them
         $filePath = "$($_.FullName)"
         $con = (Get-Content $filePath | Out-String).Replace("`r`n","`n")
@@ -191,8 +186,8 @@ WARNING: Following changes will be made to OpenSSH configuration
         }        
     }
 
-    #copy ca pubkey to SSHD bin path
+    #copy ca pubkey to ssh config path
-    Copy-Item "$($Script:E2ETestDirectory)\sshtest_ca_userkeys.pub"  $script:OpenSSHBinPath -Force 
+    Copy-Item "$($Script:E2ETestDirectory)\sshtest_ca_userkeys.pub"  $OpenSSHConfigPath -Force 
 
     #copy ca private key to test dir
     $ca_priv_key = (Join-Path $Global:OpenSSHTestInfo["TestDataPath"] sshtest_ca_userkeys)
@@ -249,7 +244,6 @@ WARNING: Following changes will be made to OpenSSH configuration
     $authorizedKeyPath = Join-Path $ssouserProfile .ssh\authorized_keys
     $testPubKeyPath = Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519.pub
     Copy-Item $testPubKeyPath $authorizedKeyPath -Force -ErrorAction SilentlyContinue
-    Repair-AuthorizedKeyPermission -FilePath $authorizedKeyPath -confirm:$false
     
     copy-item (Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519) $Global:OpenSSHTestInfo["TestDataPath"]
     $testPriKeypath = Join-Path $Global:OpenSSHTestInfo["TestDataPath"] sshtest_userssokey_ed25519
@@ -469,14 +463,14 @@ function Clear-OpenSSHTestEnvironment
         Remove-ItemProperty "HKLM:Software\Microsoft\Windows NT\CurrentVersion\AeDebug" -Name Auto -ErrorAction SilentlyContinue -Force | Out-Null
     }
     
-    Remove-Item "$sshBinPath\sshtest*hostkey*" -Force -ErrorAction SilentlyContinue   
+    Remove-Item "$OpenSSHConfigPath\sshtest*hostkey*" -Force -ErrorAction SilentlyContinue
-    Remove-Item "$sshBinPath\sshtest*ca_userkeys*" -Force -ErrorAction SilentlyContinue   
+    Remove-Item "$OpenSSHConfigPath\sshtest*ca_userkeys*" -Force -ErrorAction SilentlyContinue
      
     #Restore sshd_config
-    $backupConfigPath = Join-Path $sshBinPath sshd_config.ori
+    $backupConfigPath = Join-Path $OpenSSHConfigPath sshd_config.ori
     if (Test-Path $backupConfigPath -PathType Leaf) {        
-        Copy-Item $backupConfigPath (Join-Path $sshBinPath sshd_config) -Force -ErrorAction SilentlyContinue
+        Copy-Item $backupConfigPath (Join-Path $OpenSSHConfigPath sshd_config) -Force -ErrorAction SilentlyContinue
-        Remove-Item (Join-Path $sshBinPath sshd_config.ori) -Force -ErrorAction SilentlyContinue
+        Remove-Item (Join-Path $OpenSSHConfigPath sshd_config.ori) -Force -ErrorAction SilentlyContinue
         Restart-Service sshd
     }
     

contrib/win32/openssh/config.h.vs

@@ -1692,7 +1692,7 @@
 #define HAVE_MBLEN 1
 
 #define _PATH_PRIVSEP_CHROOT_DIR "."
-#define SSHDIR "."
+#define SSHDIR "__PROGRAMDATA__\\ssh"
 #define _PATH_SFTP_SERVER "sftp-server.exe"
 #define _PATH_SSH_PROGRAM "ssh.exe"
 #define _PATH_LS			"dir"

contrib/win32/openssh/config.vcxproj

@@ -196,7 +196,7 @@
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>
@@ -228,7 +228,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>
@@ -260,7 +260,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>
@@ -292,7 +292,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>
@@ -328,7 +328,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>
@@ -364,7 +364,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>
@@ -400,7 +400,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>
@@ -436,7 +436,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
 copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
 copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
 copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
-If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
+copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
       <Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1,  ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
     </PostBuildEvent>
   </ItemDefinitionGroup>

contrib/win32/openssh/install-sshd.ps1

@@ -8,7 +8,8 @@ $scriptdir = Split-Path $scriptpath
 
 $sshdpath = Join-Path $scriptdir "sshd.exe"
 $sshagentpath = Join-Path $scriptdir "ssh-agent.exe"
-$logsdir = Join-Path $scriptdir "logs"
+$sshdir = Join-Path $env:ProgramData "\ssh"
+$logsdir = Join-Path $sshdir "logs"
 
 if (-not (Test-Path $sshdpath)) {
     throw "sshd.exe is not present in script path"
@@ -31,6 +32,20 @@ cmd.exe /c 'sc.exe sdset ssh-agent D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPW
 
 New-Service -Name sshd -BinaryPathName `"$sshdpath`" -Description "SSH Daemon" -StartupType Manual | Out-Null
 
+#create the ssh config folder and set its permissions
+if(-not (test-path $sshdir -PathType Container))
+{
+    $null = New-Item $sshdir -ItemType Directory -Force -ErrorAction Stop
+}
+$acl = Get-Acl -Path $sshdir
+# following SDDL implies 
+# - owner - built in Administrators
+# - disabled inheritance
+# - Full access to System
+# - Full access to built in Administrators
+$acl.SetSecurityDescriptorSddlForm("O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)")
+Set-Acl -Path $sshdir -AclObject $acl
+
 # create logs folder and set its permissions
 if(-not (test-path $logsdir -PathType Container))
 {
@@ -45,4 +60,12 @@ $acl = Get-Acl -Path $logsdir
 $acl.SetSecurityDescriptorSddlForm("O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)")
 Set-Acl -Path $logsdir -AclObject $acl
 
+#copy sshd_config_default to $sshdir\sshd_config
+$sshdconfigpath = Join-Path $sshdir "sshd_config"
+$sshddefaultconfigpath = Join-Path $scriptdir "sshd_config_default"
+if(-not (test-path $sshdconfigpath -PathType Leaf))
+{
+    $null = Copy-Item $sshddefaultconfigpath -Destination $sshdconfigpath  -ErrorAction Stop
+}
+
 Write-Host -ForegroundColor Green "sshd and ssh-agent services successfully installed"

contrib/win32/win32compat/inc/stdio.h

@@ -20,3 +20,5 @@ FILE* w32_fdopen(int fd, const char *mode);
 
 int w32_rename(const char *old_name, const char *new_name);
 #define rename w32_rename
+
+int is_absolute_path(char *);

contrib/win32/win32compat/misc.c

@@ -241,7 +241,7 @@ dlsym(HMODULE handle, const char *symbol)
 * only r, w, a are supported for now
 */
 FILE *
-w32_fopen_utf8(const char *path, const char *mode)
+w32_fopen_utf8(const char *input_path, const char *mode)
 {
 	wchar_t wpath[PATH_MAX], wmode[5];
 	FILE* f;
@@ -249,18 +249,21 @@ w32_fopen_utf8(const char *path, const char *mode)
 	char first3_bytes[3];
 	int status = 1;
 	errno_t r = 0;	
+	char *path = NULL;
 
 	if (mode[1] != '\0') {
 		errno = ENOTSUP;
 		return NULL;
 	}
 
-	if(NULL == path) { 
+	if(NULL == input_path) { 
 		errno = EINVAL;
 		debug3("fopen - ERROR:%d", errno);
 		return NULL; 
 	}
 
+	path = resolved_path(input_path);
+
 	/* if opening null device, point to Windows equivalent */
 	if (0 == strncmp(path, NULL_DEVICE, strlen(NULL_DEVICE)+1)) {
 		if ((r = wcsncpy_s(wpath, PATH_MAX, L"NUL", 3)) != 0) {
@@ -518,7 +521,7 @@ int
 w32_chmod(const char *pathname, mode_t mode)
 {
 	int ret;
-	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(pathname));
+	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(pathname));
 	if (resolvedPathName_utf16 == NULL) {
 		errno = ENOMEM;
 		return -1;
@@ -646,7 +649,7 @@ w32_utimes(const char *filename, struct timeval *tvp)
 {
 	int ret;
 	FILETIME acttime, modtime;
-	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(filename));
+	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(filename));
 	if (resolvedPathName_utf16 == NULL) {
 		errno = ENOMEM;
 		return -1;
@@ -680,8 +683,14 @@ link(const char *oldpath, const char *newpath)
 int
 w32_rename(const char *old_name, const char *new_name)
 {
-	wchar_t *resolvedOldPathName_utf16 = utf8_to_utf16(sanitized_path(old_name));
+	char old_name_resolved[PATH_MAX] = {0, };
-	wchar_t *resolvedNewPathName_utf16 = utf8_to_utf16(sanitized_path(new_name));
+	char new_name_resolved[PATH_MAX] = {0, };
+
+	strcpy_s(old_name_resolved, _countof(old_name_resolved), resolved_path(old_name));
+	strcpy_s(new_name_resolved, _countof(new_name_resolved), resolved_path(new_name));
+
+	wchar_t *resolvedOldPathName_utf16 = utf8_to_utf16(old_name_resolved);
+	wchar_t *resolvedNewPathName_utf16 = utf8_to_utf16(new_name_resolved);
 
 	if (NULL == resolvedOldPathName_utf16 || NULL == resolvedNewPathName_utf16) {
 		errno = ENOMEM;
@@ -694,17 +703,17 @@ w32_rename(const char *old_name, const char *new_name)
 	 * 2) if the new_name is directory and it is empty then delete it so that _wrename will succeed.
 	 */
 	struct _stat64 st;
-	if (fileio_stat(sanitized_path(new_name), &st) != -1) {
+	if (fileio_stat(resolved_path(new_name_resolved), &st) != -1) {
 		if (((st.st_mode & _S_IFMT) == _S_IFREG))
-			w32_unlink(new_name);
+			w32_unlink(new_name_resolved);
 		else {
-			DIR *dirp = opendir(new_name);
+			DIR *dirp = opendir(new_name_resolved);
 			if (NULL != dirp) {
 				struct dirent *dp = readdir(dirp);
 				closedir(dirp);
 
 				if (dp == NULL)
-					w32_rmdir(new_name);
+					w32_rmdir(new_name_resolved);
 			}
 		}
 	}
@@ -719,7 +728,7 @@ w32_rename(const char *old_name, const char *new_name)
 int
 w32_unlink(const char *path)
 {
-	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(path));
+	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(path));
 	if (NULL == resolvedPathName_utf16) {
 		errno = ENOMEM;
 		return -1;
@@ -734,7 +743,7 @@ w32_unlink(const char *path)
 int
 w32_rmdir(const char *path)
 {
-	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(path));
+	wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(path));
 	if (NULL == resolvedPathName_utf16) {
 		errno = ENOMEM;
 		return -1;
@@ -794,7 +803,7 @@ int
 w32_mkdir(const char *path_utf8, unsigned short mode)
 {
 	int curmask;
-	wchar_t *path_utf16 = utf8_to_utf16(sanitized_path(path_utf8));
+	wchar_t *path_utf16 = utf8_to_utf16(resolved_path(path_utf8));
 	if (path_utf16 == NULL) {
 		errno = ENOMEM;
 		return -1;
@@ -816,16 +825,16 @@ w32_mkdir(const char *path_utf8, unsigned short mode)
 }
 
 int
-w32_stat(const char *path, struct w32_stat *buf)
+w32_stat(const char *input_path, struct w32_stat *buf)
 {
-	return fileio_stat(sanitized_path(path), (struct _stat64*)buf);
+	return fileio_stat(resolved_path(input_path), (struct _stat64*)buf);
 }
 
 /* if file is symbolic link, copy its link into "link" */
 int
 readlink(const char *path, char *link, int linklen)
 {
-	if(strcpy_s(link, linklen, sanitized_path(path)))
+	if(strcpy_s(link, linklen, resolved_path(path)))
 		return -1;
 	return 0;
 }
@@ -909,31 +918,44 @@ realpath(const char *path, char resolved[PATH_MAX])
 	return resolved;
 }
 
+/* This function is not thread safe. 
+* TODO - It uses static memory. Is this a good design?
+*/
 char*
-sanitized_path(const char *path)
+resolved_path(const char *input_path)
 {
-	if(!path) return NULL;
+	static char resolved_path[PATH_MAX] = {0,};
-
 	static char newPath[PATH_MAX] = { '\0', };
 	errno_t r = 0;
 
-	if (path[0] == '/' && path[1]) {
+	if (!input_path) return NULL;
-		if (path[2] == ':') {
-			if (path[3] == '\0') { /* make "/x:" as "x:\\" */
-				if((r = strncpy_s(newPath, sizeof(newPath), path + 1, strlen(path) - 1)) != 0 ) {
-					debug3("memcpy_s failed with error: %d.", r);
-					return NULL;
-				}
-				newPath[2] = '\\';
-				newPath[3] = '\0';
 
-				return newPath;
+	/* If filename contains __PROGRAMDATA__ then expand it to %programData% and return the resolved path */
+	if ((strlen(input_path) >= strlen(PROGRAM_DATA)) && (memcmp(input_path, PROGRAM_DATA, strlen(PROGRAM_DATA)) == 0)) {
+		resolved_path[0] = '\0';
+		strcat_s(resolved_path, _countof(resolved_path), get_program_data_path());
+		strcat_s(resolved_path, _countof(resolved_path), &input_path[strlen(PROGRAM_DATA)]);
+
+		return resolved_path; /* return here as its doesn't start with "/" */
+	}
+
+	strcpy_s(resolved_path, _countof(resolved_path), input_path);
+	if (resolved_path[0] == '/' && resolved_path[1]) {
+		if (resolved_path[2] == ':') {
+			if (resolved_path[3] == '\0') { 
+				/* make "/x:" as "x:\\" */
+				resolved_path[0] = resolved_path[1];
+				resolved_path[1] = resolved_path[2];
+				resolved_path[2] = '\\';
+				resolved_path[3] = '\0';
+
+				return resolved_path;
 			} else
-				return (char *)(path + 1); /* skip the first "/" */
+				return (char *)(resolved_path + 1); /* skip the first "/" */
 		}
 	}
 
-	return (char *)path;
+	return (char *)resolved_path;
 }
 
 int
@@ -944,7 +966,7 @@ statvfs(const char *path, struct statvfs *buf)
 	DWORD freeClusters;
 	DWORD totalClusters;
 
-	wchar_t* path_utf16 = utf8_to_utf16(sanitized_path(path));
+	wchar_t* path_utf16 = utf8_to_utf16(resolved_path(path));
 	if (path_utf16 && (GetDiskFreeSpaceW(path_utf16, &sectorsPerCluster, &bytesPerSector,
 	    &freeClusters, &totalClusters) == TRUE)) {
 		debug5("path              : [%s]", path);
@@ -1413,3 +1435,34 @@ cleanup:
 		LocalFree(pSD);
 	return ret;
 }
+
+char*
+get_program_data_path()
+{
+	if (ssh_cfg_dir_path) return ssh_cfg_dir_path;
+
+	wchar_t ssh_cfg_dir_path_w[PATH_MAX] = {0, };
+	int return_val = ExpandEnvironmentStringsW(L"%programData%", ssh_cfg_dir_path_w, PATH_MAX);
+	if (return_val > PATH_MAX)
+		fatal("%s, buffer too small to expand:%s", __func__, "%programData%");
+	else if (!return_val)
+		fatal("%s, failed to expand:%s error:%s", __func__, "%programData%", GetLastError());
+	
+	ssh_cfg_dir_path = utf16_to_utf8(ssh_cfg_dir_path_w);
+	if(!ssh_cfg_dir_path)
+		fatal("%s utf16_to_utf8 failed", __func__);
+
+	return ssh_cfg_dir_path;
+}
+
+/* Windows absolute paths - \abc, /abc, c:\abc, c:/abc, __PROGRAMDATA__\openssh\sshd_config */
+int
+is_absolute_path(char *path)
+{
+	int retVal = 0;
+	if (*path == '/' || *path == '\\' || (*path != '\0' && path[1] == ':') ||
+	    ((strlen(path) >= strlen(PROGRAM_DATA)) && (memcmp(path, PROGRAM_DATA, strlen(PROGRAM_DATA)) == 0)))
+		retVal = 1;
+	
+	return retVal;
+}

contrib/win32/win32compat/misc_internal.h

@@ -15,28 +15,28 @@
 
 #define IS_INVALID_HANDLE(h) ( ((NULL == h) || (INVALID_HANDLE_VALUE == h)) ? 1 : 0 )
 #define IS_VALID_HANDLE(h) (!IS_INVALID_HANDLE(h))
+#define PROGRAM_DATA "__PROGRAMDATA__"
+
+#define errno_from_Win32LastError() errno_from_Win32Error(GetLastError())
+
+static char *machine_domain_name;
+static char *ssh_cfg_dir_path = NULL;
 
 /* removes first '/' for Windows paths that are unix styled. Ex: /c:/ab.cd */
-char * sanitized_path(const char *);
+char * resolved_path(const char *);
-
 void w32posix_initialize();
 void w32posix_done();
-
 char* w32_programdir();
-
 void convertToBackslash(char *str);
 void convertToBackslashW(wchar_t *str);
 void convertToForwardslash(char *str);
-
-#define errno_from_Win32LastError() errno_from_Win32Error(GetLastError())
 int errno_from_Win32Error(int);
 void unix_time_to_file_time(ULONG, LPFILETIME);
 void file_time_to_unix_time(const LPFILETIME, time_t *);
 int file_attr_to_st_mode(wchar_t * path, DWORD attributes);
 void invalid_parameter_handler(const wchar_t *, const wchar_t *, const wchar_t *, unsigned int, uintptr_t);
-static char *machine_domain_name;
 void to_lower_case(char *s);
 int get_machine_domain_name(wchar_t *domain, int size);
-
+char* get_program_data_path();
 HANDLE get_user_token(char* user);
 int load_user_profile(HANDLE user_token, char* user);

contrib/win32/win32compat/socketio.c

@@ -423,7 +423,7 @@ socketio_recv(struct w32_io* pio, void *buf, size_t len, int flags)
 		}
 	}
 
-	if (0 != socketio_WSARecv(pio, &completed, len))
+	if (0 != socketio_WSARecv(pio, &completed, (int)len))
 		return -1;
 
 	if (completed) {

contrib/win32/win32compat/w32-sshfileperm.c

@@ -34,6 +34,8 @@
 #include "inc\pwd.h"
 #include "sshfileperm.h"
 #include "debug.h"
+#include "misc_internal.h"
+#include "config.h"
 
 /*
 * The function is to check if current user is secure to access to the file. 
@@ -44,10 +46,10 @@
 * Returns 0 on success and -1 on failure
 */
 int
-check_secure_file_permission(const char *name, struct passwd * pw)
+check_secure_file_permission(const char *input_path, struct passwd * pw)
 {	
 	PSECURITY_DESCRIPTOR pSD = NULL;
-	wchar_t * name_utf16 = NULL;
+	wchar_t * path_utf16 = NULL;
 	PSID owner_sid = NULL, user_sid = NULL;
 	PACL dacl = NULL;
 	DWORD error_code = ERROR_SUCCESS; 
@@ -55,6 +57,7 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 	struct passwd * pwd = pw;
 	char *bad_user = NULL;
 	int ret = 0;
+	char *path = NULL;
 
 	if (pwd == NULL)
 		if ((pwd = getpwuid(0)) == NULL) 
@@ -66,17 +69,19 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 		ret = -1;
 		goto cleanup;
 	}
-	if ((name_utf16 = utf8_to_utf16(name)) == NULL) {
+
+	path = resolved_path(input_path);
+	if ((path_utf16 = utf8_to_utf16(path)) == NULL) {
 		ret = -1;
 		errno = ENOMEM;
 		goto cleanup;
 	}
 
 	/*Get the owner sid of the file.*/
-	if ((error_code = GetNamedSecurityInfoW(name_utf16, SE_FILE_OBJECT,
+	if ((error_code = GetNamedSecurityInfoW(path_utf16, SE_FILE_OBJECT,
 		OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
 		&owner_sid, NULL, &dacl, NULL, &pSD)) != ERROR_SUCCESS) {
-		debug3("failed to retrieve the owner sid and dacl of file %s with error code: %d", name, error_code);
+		debug3("failed to retrieve the owner sid and dacl of file %s with error code: %d", path, error_code);
 		errno = EOTHER;
 		ret = -1;
 		goto cleanup;
@@ -89,7 +94,7 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 	if (!IsWellKnownSid(owner_sid, WinBuiltinAdministratorsSid) &&
 		!IsWellKnownSid(owner_sid, WinLocalSystemSid) &&
 		!EqualSid(owner_sid, user_sid)) {
-		debug3("Bad owner on %s", name);
+		debug3("Bad owner on %s", path);
 		ret = -1;
 		goto cleanup;
 	}
@@ -131,7 +136,7 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 				debug3("ConvertSidToSidString failed with %d. ", GetLastError());
 				break;
 			}
-			debug3("Bad permissions. Try removing permissions for user: %s on file %s.", bad_user, name);
+			debug3("Bad permissions. Try removing permissions for user: %s on file %s.", bad_user, path);
 			break;
 		}
 	}	
@@ -142,8 +147,8 @@ cleanup:
 		LocalFree(pSD);
 	if (user_sid)
 		LocalFree(user_sid);
-	if(name_utf16)
+	if(path_utf16)
-		free(name_utf16);
+		free(path_utf16);
 	return ret;
 }
 

contrib/win32/win32compat/w32fd.c

@@ -442,7 +442,7 @@ w32_open(const char *pathname, int flags, ... /* arg */)
 		va_end(valist);
 	}
 
-	pio = fileio_open(sanitized_path(pathname), flags, mode);
+	pio = fileio_open(resolved_path(pathname), flags, mode);
 	
 	if (pio == NULL)
 		return -1;

contrib/win32/win32compat/w32log.c

@@ -35,46 +35,48 @@
 
 #include "inc\syslog.h"
 #include "misc_internal.h"
+#include "inc\utf.h"
 
 #define MSGBUFSIZ 1024
 static int logfd = -1;
 
 /*
- * open a log file using the name of executable under logs folder
+ * log file location will be - "%programData%\\openssh\\logs\\<module_name>.log"
- * Ex. if called from c:\windows\system32\openssh\sshd.exe
- * logfile - c:\windows\system32\openssh\logs\sshd.log
  */
 void
 openlog(char *ident, unsigned int option, int facility)
 {	
-	wchar_t *logs_dir = L"\\logs\\";
 	if (logfd != -1 || ident == NULL)
 		return;
 
-	wchar_t path[PATH_MAX] = { 0 }, log_file[PATH_MAX + 12] = { 0 };
+	wchar_t *logs_dir = L"\\logs\\";
-	errno_t r = 0;
+	wchar_t module_path[PATH_MAX] = { 0 }, log_file[PATH_MAX + 12] = { 0 };
-	if (GetModuleFileNameW(NULL, path, PATH_MAX) == 0)
+
+	if (GetModuleFileNameW(NULL, module_path, PATH_MAX) == 0)
 		return;
 
-	path[PATH_MAX - 1] = L'\0';
+	if (wcsnlen(module_path, MAX_PATH) > MAX_PATH - wcslen(logs_dir))
-
-	if (wcsnlen(path, MAX_PATH) > MAX_PATH - wcslen(logs_dir))
 		return;
 
 	/* split path root and module */
 	{
-		wchar_t* tail = path + wcsnlen(path, MAX_PATH);
+		wchar_t* tail = module_path + wcsnlen(module_path, MAX_PATH);
-		while (tail > path && *tail != L'\\' && *tail != L'/')
+		while (tail > module_path && *tail != L'\\' && *tail != L'/')
 			tail--;
 		
-		if (((r = wcsncat_s(log_file, PATH_MAX + 12, path, tail - path)) != 0 ) ||
+		char ssh_cfg_path[PATH_MAX] = {0 ,};
-			(r = wcsncat_s(log_file, PATH_MAX + 12, logs_dir, 6) != 0 )||
+		strcat_s(ssh_cfg_path, _countof(ssh_cfg_path), get_program_data_path()); /* "%programData%" */
-			(r = wcsncat_s(log_file, PATH_MAX + 12, tail + 1, wcslen(tail + 1) - 3) != 0 ) ||
+		strcat_s(ssh_cfg_path, _countof(ssh_cfg_path), "\\ssh"); /* "%programData%\\ssh" */
-			(r = wcsncat_s(log_file, PATH_MAX + 12, L"log", 3) != 0 ))
+
+		wchar_t* ssh_root_path_w = utf8_to_utf16(ssh_cfg_path); /* "%programData%\\ssh" */
+
+		if ((wcsncat_s(log_file, PATH_MAX + 12, ssh_root_path_w, wcslen(ssh_root_path_w)) != 0) ||
+		    (wcsncat_s(log_file, PATH_MAX + 12, logs_dir, 6) != 0) ||
+		    (wcsncat_s(log_file, PATH_MAX + 12, tail + 1, wcslen(tail + 1) - 3) != 0 ) ||
+		    (wcsncat_s(log_file, PATH_MAX + 12, L"log", 3) != 0))
 			return;
 	}
 	
-	
 	errno_t err = _wsopen_s(&logfd, log_file, O_WRONLY | O_CREAT | O_APPEND, SH_DENYNO, S_IREAD | S_IWRITE);
 		
 	if (logfd != -1)

contrib/win32/win32compat/win32_dirent.c

@@ -108,7 +108,7 @@ opendir(const char *name)
 	if (name && strcmp(name, "/") == 0)
 		return openrootdir(name);
 
-	if ((wname = utf8_to_utf16(sanitized_path(name))) == NULL) {
+	if ((wname = utf8_to_utf16(resolved_path(name))) == NULL) {
 		errno = ENOMEM;
 		return NULL;
 	}

contrib/win32/win32compat/wmain_sshd.c

@@ -108,7 +108,7 @@ prereq_setup()
 	RPC_CWSTR rpc_str;
 	USER_INFO_1 ui;
 	NET_API_STATUS nStatus;
-	STARTUPINFO si;
+	STARTUPINFOW si;
 	PROCESS_INFORMATION pi;
 	wchar_t cmdline[MAX_PATH];
 
@@ -135,7 +135,7 @@ prereq_setup()
 
 		/* create host keys if they dont already exist */
 		ZeroMemory(&si, sizeof(si));
-		si.cb = sizeof(si);
+		si.cb = sizeof(STARTUPINFOW);
 		ZeroMemory(&pi, sizeof(pi));
 		memcpy(cmdline, SSH_HOSTKEY_GEN_CMDLINE, wcslen(SSH_HOSTKEY_GEN_CMDLINE) * 2 + 2);
 		if (CreateProcessW(NULL, cmdline, NULL, NULL, FALSE, CREATE_NEW_CONSOLE, NULL, NULL, &si, &pi)) {

regress/pesterTests/SSHD_Config

@@ -21,10 +21,10 @@ Port 47002
 # HostKey for protocol version 1
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
-HostKey sshtest_hostkey_rsa
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_rsa
-HostKey sshtest_hostkey_dsa
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_dsa
-HostKey sshtest_hostkey_ecdsa
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ecdsa
-HostKey sshtest_hostkey_ed25519
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ed25519
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h
@@ -126,4 +126,4 @@ PubkeyAcceptedKeyTypes ssh-ed25519*
 #AllowUsers allowuser1 allowu*r2 allow?se?3 allowuser4 localuser1 localu*r2 loc?lu?er3 localadmin
 #DenyGroups denygroup1 denygr*p2 deny?rou?3
 #AllowGroups allowgroup1 allowg*2 allowg?ou?3 Adm*
-TrustedUserCAKeys sshtest_ca_userkeys.pub
+TrustedUserCAKeys __PROGRAMDATA__\ssh\sshtest_ca_userkeys.pub

regress/pesterTests/testdata/SSHD_Config

@@ -11,10 +11,10 @@ Port 47003
 # HostKey for protocol version 1
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
-HostKey sshtest_hostkey_rsa
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_rsa
-HostKey sshtest_hostkey_dsa
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_dsa
-HostKey sshtest_hostkey_ecdsa
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ecdsa
-HostKey sshtest_hostkey_ed25519
+HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ed25519
 
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h

regress/unittests/win32compat/miscellaneous_tests.c

@@ -67,9 +67,9 @@ test_sanitizedpath()
 	char *win32prgdir = w32_programdir();
 	ASSERT_PTR_NE(win32prgdir, NULL);
 
-	ASSERT_PTR_EQ(sanitized_path(NULL), NULL);
+	ASSERT_PTR_EQ(resolved_path(NULL), NULL);
 
-	char *ret = sanitized_path(win32prgdir);
+	char *ret = resolved_path(win32prgdir);
 	retValue = strcmp(win32prgdir, ret);
 	ASSERT_INT_EQ(retValue, 0);
 
@@ -79,14 +79,14 @@ test_sanitizedpath()
 	strncpy(tmp_path+1, win32prgdir, win32prgdir_len);
 	tmp_path[win32prgdir_len+1] = '\0';
 
-	ret = sanitized_path(tmp_path);
+	ret = resolved_path(tmp_path);
 	retValue = strcmp(win32prgdir, ret);
 	ASSERT_INT_EQ(retValue, 0);
 
 	char *s1 = malloc(4), *s2 = malloc(4);
 	s1[0] = '/', s1[1] = win32prgdir[0],  s1[2] = ':', s1[3] = '\0';
 	s2[0] = win32prgdir[0], s2[1] = ':', s2[2] = '\\', s2[3] = '\0';
-	ret = sanitized_path(s1);
+	ret = resolved_path(s1);
 	retValue = strcmp(ret, s2);
 	ASSERT_INT_EQ(retValue, 0);
 

servconf.c

@@ -661,9 +661,7 @@ derelativise_path(const char *path)
 		return xstrdup("none");
 	expanded = tilde_expand_filename(path, getuid());
 #ifdef WINDOWS        
-        /* Windows absolute paths - \abc, /abc, c:\abc, c:/abc*/
+	if (is_absolute_path(expanded))
-	if (*expanded == '/' || *expanded == '\\' ||
-	    (*expanded != '\0' && expanded[1] == ':'))
 #else  /* !WINDOWS */
 	if (*expanded == '/')
 #endif  /* !WINDOWS */