Separate binary path from cfg path and log path (#263)
Separate binary path from cfg path and log path, test update
This commit is contained in:
parent
88defae8c1
commit
c85ba2b8c3
contrib/win32
openssh
FixHostFilePermissions.ps1OpenSSHBuildHelper.psm1OpenSSHTestHelper.psm1config.h.vsconfig.vcxprojinstall-sshd.ps1
win32compat
regress
servconf.c
|
@ -5,14 +5,14 @@ If ($PSVersiontable.PSVersion.Major -le 2) {$PSScriptRoot = Split-Path -Parent $
|
||||||
Import-Module $PSScriptRoot\OpenSSHUtils -Force
|
Import-Module $PSScriptRoot\OpenSSHUtils -Force
|
||||||
|
|
||||||
#check sshd config file
|
#check sshd config file
|
||||||
$sshdConfigPath = join-path $PSScriptRoot "sshd_config"
|
$sshdConfigPath = join-path $env:ProgramData\ssh "sshd_config"
|
||||||
if(Test-Path $sshdConfigPath -PathType Leaf)
|
if(Test-Path $sshdConfigPath -PathType Leaf)
|
||||||
{
|
{
|
||||||
Repair-SshdConfigPermission -FilePath $sshdConfigPath @psBoundParameters
|
Repair-SshdConfigPermission -FilePath $sshdConfigPath @psBoundParameters
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
Write-host "$FilePath does not exist" -ForegroundColor Yellow
|
Write-host "$sshdConfigPath does not exist" -ForegroundColor Yellow
|
||||||
}
|
}
|
||||||
|
|
||||||
#check host keys
|
#check host keys
|
||||||
|
@ -36,7 +36,7 @@ If you choose not to register the keys with ssh-agent, please grant sshd read ac
|
||||||
Write-Host " "
|
Write-Host " "
|
||||||
}#>
|
}#>
|
||||||
|
|
||||||
Get-ChildItem $PSScriptRoot\ssh_host_*_key -ErrorAction SilentlyContinue | % {
|
Get-ChildItem $env:ProgramData\ssh\ssh_host_*_key -ErrorAction SilentlyContinue | % {
|
||||||
Repair-SshdHostKeyPermission -FilePath $_.FullName @psBoundParameters
|
Repair-SshdHostKeyPermission -FilePath $_.FullName @psBoundParameters
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -344,7 +344,7 @@ function Start-OpenSSHPackage
|
||||||
$buildDir = Join-Path $repositoryRoot ("bin\" + $folderName + "\" + $Configuration)
|
$buildDir = Join-Path $repositoryRoot ("bin\" + $folderName + "\" + $Configuration)
|
||||||
$payload = "sshd.exe", "ssh.exe", "ssh-agent.exe", "ssh-add.exe", "sftp.exe"
|
$payload = "sshd.exe", "ssh.exe", "ssh-agent.exe", "ssh-add.exe", "sftp.exe"
|
||||||
$payload += "sftp-server.exe", "scp.exe", "ssh-shellhost.exe", "ssh-keygen.exe", "ssh-keyscan.exe"
|
$payload += "sftp-server.exe", "scp.exe", "ssh-shellhost.exe", "ssh-keygen.exe", "ssh-keyscan.exe"
|
||||||
$payload += "sshd_config", "install-sshd.ps1", "uninstall-sshd.ps1"
|
$payload += "sshd_config_default", "install-sshd.ps1", "uninstall-sshd.ps1"
|
||||||
$payload +="FixHostFilePermissions.ps1", "FixUserFilePermissions.ps1", "OpenSSHUtils.psm1", "OpenSSHUtils.psd1"
|
$payload +="FixHostFilePermissions.ps1", "FixUserFilePermissions.ps1", "OpenSSHUtils.psm1", "OpenSSHUtils.psd1"
|
||||||
|
|
||||||
$packageName = "OpenSSH-Win64"
|
$packageName = "OpenSSH-Win64"
|
||||||
|
|
|
@ -13,6 +13,7 @@ $PubKeyUser = "sshtest_pubkeyuser"
|
||||||
$PasswdUser = "sshtest_passwduser"
|
$PasswdUser = "sshtest_passwduser"
|
||||||
$OpenSSHTestAccountsPassword = "P@ssw0rd_1"
|
$OpenSSHTestAccountsPassword = "P@ssw0rd_1"
|
||||||
$OpenSSHTestAccounts = $Script:SSOUser, $Script:PubKeyUser, $Script:PasswdUser
|
$OpenSSHTestAccounts = $Script:SSOUser, $Script:PubKeyUser, $Script:PasswdUser
|
||||||
|
$OpenSSHConfigPath = Join-Path $env:ProgramData "ssh"
|
||||||
|
|
||||||
$Script:TestDataPath = "$env:SystemDrive\OpenSSHTests"
|
$Script:TestDataPath = "$env:SystemDrive\OpenSSHTests"
|
||||||
$Script:E2ETestResultsFile = Join-Path $TestDataPath $E2ETestResultsFileName
|
$Script:E2ETestResultsFile = Join-Path $TestDataPath $E2ETestResultsFileName
|
||||||
|
@ -162,25 +163,19 @@ WARNING: Following changes will be made to OpenSSH configuration
|
||||||
}
|
}
|
||||||
|
|
||||||
#Backup existing OpenSSH configuration
|
#Backup existing OpenSSH configuration
|
||||||
$backupConfigPath = Join-Path $script:OpenSSHBinPath sshd_config.ori
|
$backupConfigPath = Join-Path $OpenSSHConfigPath sshd_config.ori
|
||||||
if (-not (Test-Path $backupConfigPath -PathType Leaf)) {
|
if (-not (Test-Path $backupConfigPath -PathType Leaf)) {
|
||||||
Copy-Item (Join-Path $script:OpenSSHBinPath sshd_config) $backupConfigPath -Force
|
Copy-Item (Join-Path $OpenSSHConfigPath sshd_config) $backupConfigPath -Force
|
||||||
}
|
}
|
||||||
$targetsshdConfig = Join-Path $script:OpenSSHBinPath sshd_config
|
$targetsshdConfig = Join-Path $OpenSSHConfigPath sshd_config
|
||||||
# copy new sshd_config
|
# copy new sshd_config
|
||||||
if($Script:WindowsInBox -and (Test-Path $targetsshdConfig))
|
|
||||||
{
|
|
||||||
$currentUser = New-Object System.Security.Principal.NTAccount($($env:USERDOMAIN), $($env:USERNAME))
|
|
||||||
Add-PermissionToFileACL -FilePath $targetsshdConfig -User $currentUser -Perm "Read,Write"
|
|
||||||
}
|
|
||||||
|
|
||||||
Copy-Item (Join-Path $Script:E2ETestDirectory sshd_config) $targetsshdConfig -Force
|
Copy-Item (Join-Path $Script:E2ETestDirectory sshd_config) $targetsshdConfig -Force
|
||||||
|
|
||||||
Start-Service ssh-agent
|
Start-Service ssh-agent
|
||||||
|
|
||||||
#copy sshtest keys
|
#copy sshtest keys
|
||||||
Copy-Item "$($Script:E2ETestDirectory)\sshtest*hostkey*" $script:OpenSSHBinPath -Force
|
Copy-Item "$($Script:E2ETestDirectory)\sshtest*hostkey*" $OpenSSHConfigPath -Force
|
||||||
Get-ChildItem "$($script:OpenSSHBinPath)\sshtest*hostkey*"| % {
|
Get-ChildItem "$($OpenSSHConfigPath)\sshtest*hostkey*"| % {
|
||||||
#workaround for the cariggage new line added by git before copy them
|
#workaround for the cariggage new line added by git before copy them
|
||||||
$filePath = "$($_.FullName)"
|
$filePath = "$($_.FullName)"
|
||||||
$con = (Get-Content $filePath | Out-String).Replace("`r`n","`n")
|
$con = (Get-Content $filePath | Out-String).Replace("`r`n","`n")
|
||||||
|
@ -191,8 +186,8 @@ WARNING: Following changes will be made to OpenSSH configuration
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#copy ca pubkey to SSHD bin path
|
#copy ca pubkey to ssh config path
|
||||||
Copy-Item "$($Script:E2ETestDirectory)\sshtest_ca_userkeys.pub" $script:OpenSSHBinPath -Force
|
Copy-Item "$($Script:E2ETestDirectory)\sshtest_ca_userkeys.pub" $OpenSSHConfigPath -Force
|
||||||
|
|
||||||
#copy ca private key to test dir
|
#copy ca private key to test dir
|
||||||
$ca_priv_key = (Join-Path $Global:OpenSSHTestInfo["TestDataPath"] sshtest_ca_userkeys)
|
$ca_priv_key = (Join-Path $Global:OpenSSHTestInfo["TestDataPath"] sshtest_ca_userkeys)
|
||||||
|
@ -249,7 +244,6 @@ WARNING: Following changes will be made to OpenSSH configuration
|
||||||
$authorizedKeyPath = Join-Path $ssouserProfile .ssh\authorized_keys
|
$authorizedKeyPath = Join-Path $ssouserProfile .ssh\authorized_keys
|
||||||
$testPubKeyPath = Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519.pub
|
$testPubKeyPath = Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519.pub
|
||||||
Copy-Item $testPubKeyPath $authorizedKeyPath -Force -ErrorAction SilentlyContinue
|
Copy-Item $testPubKeyPath $authorizedKeyPath -Force -ErrorAction SilentlyContinue
|
||||||
Repair-AuthorizedKeyPermission -FilePath $authorizedKeyPath -confirm:$false
|
|
||||||
|
|
||||||
copy-item (Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519) $Global:OpenSSHTestInfo["TestDataPath"]
|
copy-item (Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519) $Global:OpenSSHTestInfo["TestDataPath"]
|
||||||
$testPriKeypath = Join-Path $Global:OpenSSHTestInfo["TestDataPath"] sshtest_userssokey_ed25519
|
$testPriKeypath = Join-Path $Global:OpenSSHTestInfo["TestDataPath"] sshtest_userssokey_ed25519
|
||||||
|
@ -469,14 +463,14 @@ function Clear-OpenSSHTestEnvironment
|
||||||
Remove-ItemProperty "HKLM:Software\Microsoft\Windows NT\CurrentVersion\AeDebug" -Name Auto -ErrorAction SilentlyContinue -Force | Out-Null
|
Remove-ItemProperty "HKLM:Software\Microsoft\Windows NT\CurrentVersion\AeDebug" -Name Auto -ErrorAction SilentlyContinue -Force | Out-Null
|
||||||
}
|
}
|
||||||
|
|
||||||
Remove-Item "$sshBinPath\sshtest*hostkey*" -Force -ErrorAction SilentlyContinue
|
Remove-Item "$OpenSSHConfigPath\sshtest*hostkey*" -Force -ErrorAction SilentlyContinue
|
||||||
Remove-Item "$sshBinPath\sshtest*ca_userkeys*" -Force -ErrorAction SilentlyContinue
|
Remove-Item "$OpenSSHConfigPath\sshtest*ca_userkeys*" -Force -ErrorAction SilentlyContinue
|
||||||
|
|
||||||
#Restore sshd_config
|
#Restore sshd_config
|
||||||
$backupConfigPath = Join-Path $sshBinPath sshd_config.ori
|
$backupConfigPath = Join-Path $OpenSSHConfigPath sshd_config.ori
|
||||||
if (Test-Path $backupConfigPath -PathType Leaf) {
|
if (Test-Path $backupConfigPath -PathType Leaf) {
|
||||||
Copy-Item $backupConfigPath (Join-Path $sshBinPath sshd_config) -Force -ErrorAction SilentlyContinue
|
Copy-Item $backupConfigPath (Join-Path $OpenSSHConfigPath sshd_config) -Force -ErrorAction SilentlyContinue
|
||||||
Remove-Item (Join-Path $sshBinPath sshd_config.ori) -Force -ErrorAction SilentlyContinue
|
Remove-Item (Join-Path $OpenSSHConfigPath sshd_config.ori) -Force -ErrorAction SilentlyContinue
|
||||||
Restart-Service sshd
|
Restart-Service sshd
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1692,7 +1692,7 @@
|
||||||
#define HAVE_MBLEN 1
|
#define HAVE_MBLEN 1
|
||||||
|
|
||||||
#define _PATH_PRIVSEP_CHROOT_DIR "."
|
#define _PATH_PRIVSEP_CHROOT_DIR "."
|
||||||
#define SSHDIR "."
|
#define SSHDIR "__PROGRAMDATA__\\ssh"
|
||||||
#define _PATH_SFTP_SERVER "sftp-server.exe"
|
#define _PATH_SFTP_SERVER "sftp-server.exe"
|
||||||
#define _PATH_SSH_PROGRAM "ssh.exe"
|
#define _PATH_SSH_PROGRAM "ssh.exe"
|
||||||
#define _PATH_LS "dir"
|
#define _PATH_LS "dir"
|
||||||
|
|
|
@ -196,7 +196,7 @@
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
@ -228,7 +228,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
@ -260,7 +260,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
@ -292,7 +292,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
@ -328,7 +328,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
@ -364,7 +364,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
@ -400,7 +400,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
@ -436,7 +436,7 @@ If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir
|
||||||
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)uninstall-ssh*ps1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
copy /Y "$(SolutionDir)OpenSSHUtils.ps*1" "$(OutDir)"
|
||||||
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
copy /Y "$(SolutionDir)Fix*FilePermissions.ps1" "$(OutDir)"
|
||||||
If NOT exist "$(OutDir)\sshd_config" (copy "$(SolutionDir)sshd_config" "$(OutDir)")</Command>
|
copy /Y "$(SolutionDir)sshd_config" "$(OutDir)sshd_config_default"</Command>
|
||||||
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
<Message>Copy install-sshd.ps1, uninstall-sshd.ps1, OpenSSHUtils.psm1, OpenSSHUtils.psd1, FixHostFilePermissions.ps1, FixUserFilePermissions.ps1, ssh-add-hostkey.ps1, and sshd_config (if not already present) to build directory</Message>
|
||||||
</PostBuildEvent>
|
</PostBuildEvent>
|
||||||
</ItemDefinitionGroup>
|
</ItemDefinitionGroup>
|
||||||
|
|
|
@ -8,7 +8,8 @@ $scriptdir = Split-Path $scriptpath
|
||||||
|
|
||||||
$sshdpath = Join-Path $scriptdir "sshd.exe"
|
$sshdpath = Join-Path $scriptdir "sshd.exe"
|
||||||
$sshagentpath = Join-Path $scriptdir "ssh-agent.exe"
|
$sshagentpath = Join-Path $scriptdir "ssh-agent.exe"
|
||||||
$logsdir = Join-Path $scriptdir "logs"
|
$sshdir = Join-Path $env:ProgramData "\ssh"
|
||||||
|
$logsdir = Join-Path $sshdir "logs"
|
||||||
|
|
||||||
if (-not (Test-Path $sshdpath)) {
|
if (-not (Test-Path $sshdpath)) {
|
||||||
throw "sshd.exe is not present in script path"
|
throw "sshd.exe is not present in script path"
|
||||||
|
@ -31,6 +32,20 @@ cmd.exe /c 'sc.exe sdset ssh-agent D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPW
|
||||||
|
|
||||||
New-Service -Name sshd -BinaryPathName `"$sshdpath`" -Description "SSH Daemon" -StartupType Manual | Out-Null
|
New-Service -Name sshd -BinaryPathName `"$sshdpath`" -Description "SSH Daemon" -StartupType Manual | Out-Null
|
||||||
|
|
||||||
|
#create the ssh config folder and set its permissions
|
||||||
|
if(-not (test-path $sshdir -PathType Container))
|
||||||
|
{
|
||||||
|
$null = New-Item $sshdir -ItemType Directory -Force -ErrorAction Stop
|
||||||
|
}
|
||||||
|
$acl = Get-Acl -Path $sshdir
|
||||||
|
# following SDDL implies
|
||||||
|
# - owner - built in Administrators
|
||||||
|
# - disabled inheritance
|
||||||
|
# - Full access to System
|
||||||
|
# - Full access to built in Administrators
|
||||||
|
$acl.SetSecurityDescriptorSddlForm("O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)")
|
||||||
|
Set-Acl -Path $sshdir -AclObject $acl
|
||||||
|
|
||||||
# create logs folder and set its permissions
|
# create logs folder and set its permissions
|
||||||
if(-not (test-path $logsdir -PathType Container))
|
if(-not (test-path $logsdir -PathType Container))
|
||||||
{
|
{
|
||||||
|
@ -45,4 +60,12 @@ $acl = Get-Acl -Path $logsdir
|
||||||
$acl.SetSecurityDescriptorSddlForm("O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)")
|
$acl.SetSecurityDescriptorSddlForm("O:BAD:PAI(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)")
|
||||||
Set-Acl -Path $logsdir -AclObject $acl
|
Set-Acl -Path $logsdir -AclObject $acl
|
||||||
|
|
||||||
|
#copy sshd_config_default to $sshdir\sshd_config
|
||||||
|
$sshdconfigpath = Join-Path $sshdir "sshd_config"
|
||||||
|
$sshddefaultconfigpath = Join-Path $scriptdir "sshd_config_default"
|
||||||
|
if(-not (test-path $sshdconfigpath -PathType Leaf))
|
||||||
|
{
|
||||||
|
$null = Copy-Item $sshddefaultconfigpath -Destination $sshdconfigpath -ErrorAction Stop
|
||||||
|
}
|
||||||
|
|
||||||
Write-Host -ForegroundColor Green "sshd and ssh-agent services successfully installed"
|
Write-Host -ForegroundColor Green "sshd and ssh-agent services successfully installed"
|
||||||
|
|
|
@ -20,3 +20,5 @@ FILE* w32_fdopen(int fd, const char *mode);
|
||||||
|
|
||||||
int w32_rename(const char *old_name, const char *new_name);
|
int w32_rename(const char *old_name, const char *new_name);
|
||||||
#define rename w32_rename
|
#define rename w32_rename
|
||||||
|
|
||||||
|
int is_absolute_path(char *);
|
|
@ -241,7 +241,7 @@ dlsym(HMODULE handle, const char *symbol)
|
||||||
* only r, w, a are supported for now
|
* only r, w, a are supported for now
|
||||||
*/
|
*/
|
||||||
FILE *
|
FILE *
|
||||||
w32_fopen_utf8(const char *path, const char *mode)
|
w32_fopen_utf8(const char *input_path, const char *mode)
|
||||||
{
|
{
|
||||||
wchar_t wpath[PATH_MAX], wmode[5];
|
wchar_t wpath[PATH_MAX], wmode[5];
|
||||||
FILE* f;
|
FILE* f;
|
||||||
|
@ -249,18 +249,21 @@ w32_fopen_utf8(const char *path, const char *mode)
|
||||||
char first3_bytes[3];
|
char first3_bytes[3];
|
||||||
int status = 1;
|
int status = 1;
|
||||||
errno_t r = 0;
|
errno_t r = 0;
|
||||||
|
char *path = NULL;
|
||||||
|
|
||||||
if (mode[1] != '\0') {
|
if (mode[1] != '\0') {
|
||||||
errno = ENOTSUP;
|
errno = ENOTSUP;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(NULL == path) {
|
if(NULL == input_path) {
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
debug3("fopen - ERROR:%d", errno);
|
debug3("fopen - ERROR:%d", errno);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
path = resolved_path(input_path);
|
||||||
|
|
||||||
/* if opening null device, point to Windows equivalent */
|
/* if opening null device, point to Windows equivalent */
|
||||||
if (0 == strncmp(path, NULL_DEVICE, strlen(NULL_DEVICE)+1)) {
|
if (0 == strncmp(path, NULL_DEVICE, strlen(NULL_DEVICE)+1)) {
|
||||||
if ((r = wcsncpy_s(wpath, PATH_MAX, L"NUL", 3)) != 0) {
|
if ((r = wcsncpy_s(wpath, PATH_MAX, L"NUL", 3)) != 0) {
|
||||||
|
@ -518,7 +521,7 @@ int
|
||||||
w32_chmod(const char *pathname, mode_t mode)
|
w32_chmod(const char *pathname, mode_t mode)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(pathname));
|
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(pathname));
|
||||||
if (resolvedPathName_utf16 == NULL) {
|
if (resolvedPathName_utf16 == NULL) {
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -646,7 +649,7 @@ w32_utimes(const char *filename, struct timeval *tvp)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
FILETIME acttime, modtime;
|
FILETIME acttime, modtime;
|
||||||
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(filename));
|
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(filename));
|
||||||
if (resolvedPathName_utf16 == NULL) {
|
if (resolvedPathName_utf16 == NULL) {
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -680,8 +683,14 @@ link(const char *oldpath, const char *newpath)
|
||||||
int
|
int
|
||||||
w32_rename(const char *old_name, const char *new_name)
|
w32_rename(const char *old_name, const char *new_name)
|
||||||
{
|
{
|
||||||
wchar_t *resolvedOldPathName_utf16 = utf8_to_utf16(sanitized_path(old_name));
|
char old_name_resolved[PATH_MAX] = {0, };
|
||||||
wchar_t *resolvedNewPathName_utf16 = utf8_to_utf16(sanitized_path(new_name));
|
char new_name_resolved[PATH_MAX] = {0, };
|
||||||
|
|
||||||
|
strcpy_s(old_name_resolved, _countof(old_name_resolved), resolved_path(old_name));
|
||||||
|
strcpy_s(new_name_resolved, _countof(new_name_resolved), resolved_path(new_name));
|
||||||
|
|
||||||
|
wchar_t *resolvedOldPathName_utf16 = utf8_to_utf16(old_name_resolved);
|
||||||
|
wchar_t *resolvedNewPathName_utf16 = utf8_to_utf16(new_name_resolved);
|
||||||
|
|
||||||
if (NULL == resolvedOldPathName_utf16 || NULL == resolvedNewPathName_utf16) {
|
if (NULL == resolvedOldPathName_utf16 || NULL == resolvedNewPathName_utf16) {
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
|
@ -694,17 +703,17 @@ w32_rename(const char *old_name, const char *new_name)
|
||||||
* 2) if the new_name is directory and it is empty then delete it so that _wrename will succeed.
|
* 2) if the new_name is directory and it is empty then delete it so that _wrename will succeed.
|
||||||
*/
|
*/
|
||||||
struct _stat64 st;
|
struct _stat64 st;
|
||||||
if (fileio_stat(sanitized_path(new_name), &st) != -1) {
|
if (fileio_stat(resolved_path(new_name_resolved), &st) != -1) {
|
||||||
if (((st.st_mode & _S_IFMT) == _S_IFREG))
|
if (((st.st_mode & _S_IFMT) == _S_IFREG))
|
||||||
w32_unlink(new_name);
|
w32_unlink(new_name_resolved);
|
||||||
else {
|
else {
|
||||||
DIR *dirp = opendir(new_name);
|
DIR *dirp = opendir(new_name_resolved);
|
||||||
if (NULL != dirp) {
|
if (NULL != dirp) {
|
||||||
struct dirent *dp = readdir(dirp);
|
struct dirent *dp = readdir(dirp);
|
||||||
closedir(dirp);
|
closedir(dirp);
|
||||||
|
|
||||||
if (dp == NULL)
|
if (dp == NULL)
|
||||||
w32_rmdir(new_name);
|
w32_rmdir(new_name_resolved);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -719,7 +728,7 @@ w32_rename(const char *old_name, const char *new_name)
|
||||||
int
|
int
|
||||||
w32_unlink(const char *path)
|
w32_unlink(const char *path)
|
||||||
{
|
{
|
||||||
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(path));
|
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(path));
|
||||||
if (NULL == resolvedPathName_utf16) {
|
if (NULL == resolvedPathName_utf16) {
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -734,7 +743,7 @@ w32_unlink(const char *path)
|
||||||
int
|
int
|
||||||
w32_rmdir(const char *path)
|
w32_rmdir(const char *path)
|
||||||
{
|
{
|
||||||
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(sanitized_path(path));
|
wchar_t *resolvedPathName_utf16 = utf8_to_utf16(resolved_path(path));
|
||||||
if (NULL == resolvedPathName_utf16) {
|
if (NULL == resolvedPathName_utf16) {
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -794,7 +803,7 @@ int
|
||||||
w32_mkdir(const char *path_utf8, unsigned short mode)
|
w32_mkdir(const char *path_utf8, unsigned short mode)
|
||||||
{
|
{
|
||||||
int curmask;
|
int curmask;
|
||||||
wchar_t *path_utf16 = utf8_to_utf16(sanitized_path(path_utf8));
|
wchar_t *path_utf16 = utf8_to_utf16(resolved_path(path_utf8));
|
||||||
if (path_utf16 == NULL) {
|
if (path_utf16 == NULL) {
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -816,16 +825,16 @@ w32_mkdir(const char *path_utf8, unsigned short mode)
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
w32_stat(const char *path, struct w32_stat *buf)
|
w32_stat(const char *input_path, struct w32_stat *buf)
|
||||||
{
|
{
|
||||||
return fileio_stat(sanitized_path(path), (struct _stat64*)buf);
|
return fileio_stat(resolved_path(input_path), (struct _stat64*)buf);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* if file is symbolic link, copy its link into "link" */
|
/* if file is symbolic link, copy its link into "link" */
|
||||||
int
|
int
|
||||||
readlink(const char *path, char *link, int linklen)
|
readlink(const char *path, char *link, int linklen)
|
||||||
{
|
{
|
||||||
if(strcpy_s(link, linklen, sanitized_path(path)))
|
if(strcpy_s(link, linklen, resolved_path(path)))
|
||||||
return -1;
|
return -1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -909,31 +918,44 @@ realpath(const char *path, char resolved[PATH_MAX])
|
||||||
return resolved;
|
return resolved;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* This function is not thread safe.
|
||||||
|
* TODO - It uses static memory. Is this a good design?
|
||||||
|
*/
|
||||||
char*
|
char*
|
||||||
sanitized_path(const char *path)
|
resolved_path(const char *input_path)
|
||||||
{
|
{
|
||||||
if(!path) return NULL;
|
static char resolved_path[PATH_MAX] = {0,};
|
||||||
|
|
||||||
static char newPath[PATH_MAX] = { '\0', };
|
static char newPath[PATH_MAX] = { '\0', };
|
||||||
errno_t r = 0;
|
errno_t r = 0;
|
||||||
|
|
||||||
if (path[0] == '/' && path[1]) {
|
if (!input_path) return NULL;
|
||||||
if (path[2] == ':') {
|
|
||||||
if (path[3] == '\0') { /* make "/x:" as "x:\\" */
|
|
||||||
if((r = strncpy_s(newPath, sizeof(newPath), path + 1, strlen(path) - 1)) != 0 ) {
|
|
||||||
debug3("memcpy_s failed with error: %d.", r);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
newPath[2] = '\\';
|
|
||||||
newPath[3] = '\0';
|
|
||||||
|
|
||||||
return newPath;
|
/* If filename contains __PROGRAMDATA__ then expand it to %programData% and return the resolved path */
|
||||||
|
if ((strlen(input_path) >= strlen(PROGRAM_DATA)) && (memcmp(input_path, PROGRAM_DATA, strlen(PROGRAM_DATA)) == 0)) {
|
||||||
|
resolved_path[0] = '\0';
|
||||||
|
strcat_s(resolved_path, _countof(resolved_path), get_program_data_path());
|
||||||
|
strcat_s(resolved_path, _countof(resolved_path), &input_path[strlen(PROGRAM_DATA)]);
|
||||||
|
|
||||||
|
return resolved_path; /* return here as its doesn't start with "/" */
|
||||||
|
}
|
||||||
|
|
||||||
|
strcpy_s(resolved_path, _countof(resolved_path), input_path);
|
||||||
|
if (resolved_path[0] == '/' && resolved_path[1]) {
|
||||||
|
if (resolved_path[2] == ':') {
|
||||||
|
if (resolved_path[3] == '\0') {
|
||||||
|
/* make "/x:" as "x:\\" */
|
||||||
|
resolved_path[0] = resolved_path[1];
|
||||||
|
resolved_path[1] = resolved_path[2];
|
||||||
|
resolved_path[2] = '\\';
|
||||||
|
resolved_path[3] = '\0';
|
||||||
|
|
||||||
|
return resolved_path;
|
||||||
} else
|
} else
|
||||||
return (char *)(path + 1); /* skip the first "/" */
|
return (char *)(resolved_path + 1); /* skip the first "/" */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return (char *)path;
|
return (char *)resolved_path;
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
|
@ -944,7 +966,7 @@ statvfs(const char *path, struct statvfs *buf)
|
||||||
DWORD freeClusters;
|
DWORD freeClusters;
|
||||||
DWORD totalClusters;
|
DWORD totalClusters;
|
||||||
|
|
||||||
wchar_t* path_utf16 = utf8_to_utf16(sanitized_path(path));
|
wchar_t* path_utf16 = utf8_to_utf16(resolved_path(path));
|
||||||
if (path_utf16 && (GetDiskFreeSpaceW(path_utf16, §orsPerCluster, &bytesPerSector,
|
if (path_utf16 && (GetDiskFreeSpaceW(path_utf16, §orsPerCluster, &bytesPerSector,
|
||||||
&freeClusters, &totalClusters) == TRUE)) {
|
&freeClusters, &totalClusters) == TRUE)) {
|
||||||
debug5("path : [%s]", path);
|
debug5("path : [%s]", path);
|
||||||
|
@ -1413,3 +1435,34 @@ cleanup:
|
||||||
LocalFree(pSD);
|
LocalFree(pSD);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
char*
|
||||||
|
get_program_data_path()
|
||||||
|
{
|
||||||
|
if (ssh_cfg_dir_path) return ssh_cfg_dir_path;
|
||||||
|
|
||||||
|
wchar_t ssh_cfg_dir_path_w[PATH_MAX] = {0, };
|
||||||
|
int return_val = ExpandEnvironmentStringsW(L"%programData%", ssh_cfg_dir_path_w, PATH_MAX);
|
||||||
|
if (return_val > PATH_MAX)
|
||||||
|
fatal("%s, buffer too small to expand:%s", __func__, "%programData%");
|
||||||
|
else if (!return_val)
|
||||||
|
fatal("%s, failed to expand:%s error:%s", __func__, "%programData%", GetLastError());
|
||||||
|
|
||||||
|
ssh_cfg_dir_path = utf16_to_utf8(ssh_cfg_dir_path_w);
|
||||||
|
if(!ssh_cfg_dir_path)
|
||||||
|
fatal("%s utf16_to_utf8 failed", __func__);
|
||||||
|
|
||||||
|
return ssh_cfg_dir_path;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Windows absolute paths - \abc, /abc, c:\abc, c:/abc, __PROGRAMDATA__\openssh\sshd_config */
|
||||||
|
int
|
||||||
|
is_absolute_path(char *path)
|
||||||
|
{
|
||||||
|
int retVal = 0;
|
||||||
|
if (*path == '/' || *path == '\\' || (*path != '\0' && path[1] == ':') ||
|
||||||
|
((strlen(path) >= strlen(PROGRAM_DATA)) && (memcmp(path, PROGRAM_DATA, strlen(PROGRAM_DATA)) == 0)))
|
||||||
|
retVal = 1;
|
||||||
|
|
||||||
|
return retVal;
|
||||||
|
}
|
||||||
|
|
|
@ -15,28 +15,28 @@
|
||||||
|
|
||||||
#define IS_INVALID_HANDLE(h) ( ((NULL == h) || (INVALID_HANDLE_VALUE == h)) ? 1 : 0 )
|
#define IS_INVALID_HANDLE(h) ( ((NULL == h) || (INVALID_HANDLE_VALUE == h)) ? 1 : 0 )
|
||||||
#define IS_VALID_HANDLE(h) (!IS_INVALID_HANDLE(h))
|
#define IS_VALID_HANDLE(h) (!IS_INVALID_HANDLE(h))
|
||||||
|
#define PROGRAM_DATA "__PROGRAMDATA__"
|
||||||
|
|
||||||
|
#define errno_from_Win32LastError() errno_from_Win32Error(GetLastError())
|
||||||
|
|
||||||
|
static char *machine_domain_name;
|
||||||
|
static char *ssh_cfg_dir_path = NULL;
|
||||||
|
|
||||||
/* removes first '/' for Windows paths that are unix styled. Ex: /c:/ab.cd */
|
/* removes first '/' for Windows paths that are unix styled. Ex: /c:/ab.cd */
|
||||||
char * sanitized_path(const char *);
|
char * resolved_path(const char *);
|
||||||
|
|
||||||
void w32posix_initialize();
|
void w32posix_initialize();
|
||||||
void w32posix_done();
|
void w32posix_done();
|
||||||
|
|
||||||
char* w32_programdir();
|
char* w32_programdir();
|
||||||
|
|
||||||
void convertToBackslash(char *str);
|
void convertToBackslash(char *str);
|
||||||
void convertToBackslashW(wchar_t *str);
|
void convertToBackslashW(wchar_t *str);
|
||||||
void convertToForwardslash(char *str);
|
void convertToForwardslash(char *str);
|
||||||
|
|
||||||
#define errno_from_Win32LastError() errno_from_Win32Error(GetLastError())
|
|
||||||
int errno_from_Win32Error(int);
|
int errno_from_Win32Error(int);
|
||||||
void unix_time_to_file_time(ULONG, LPFILETIME);
|
void unix_time_to_file_time(ULONG, LPFILETIME);
|
||||||
void file_time_to_unix_time(const LPFILETIME, time_t *);
|
void file_time_to_unix_time(const LPFILETIME, time_t *);
|
||||||
int file_attr_to_st_mode(wchar_t * path, DWORD attributes);
|
int file_attr_to_st_mode(wchar_t * path, DWORD attributes);
|
||||||
void invalid_parameter_handler(const wchar_t *, const wchar_t *, const wchar_t *, unsigned int, uintptr_t);
|
void invalid_parameter_handler(const wchar_t *, const wchar_t *, const wchar_t *, unsigned int, uintptr_t);
|
||||||
static char *machine_domain_name;
|
|
||||||
void to_lower_case(char *s);
|
void to_lower_case(char *s);
|
||||||
int get_machine_domain_name(wchar_t *domain, int size);
|
int get_machine_domain_name(wchar_t *domain, int size);
|
||||||
|
char* get_program_data_path();
|
||||||
HANDLE get_user_token(char* user);
|
HANDLE get_user_token(char* user);
|
||||||
int load_user_profile(HANDLE user_token, char* user);
|
int load_user_profile(HANDLE user_token, char* user);
|
||||||
|
|
|
@ -423,7 +423,7 @@ socketio_recv(struct w32_io* pio, void *buf, size_t len, int flags)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (0 != socketio_WSARecv(pio, &completed, len))
|
if (0 != socketio_WSARecv(pio, &completed, (int)len))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (completed) {
|
if (completed) {
|
||||||
|
|
|
@ -34,6 +34,8 @@
|
||||||
#include "inc\pwd.h"
|
#include "inc\pwd.h"
|
||||||
#include "sshfileperm.h"
|
#include "sshfileperm.h"
|
||||||
#include "debug.h"
|
#include "debug.h"
|
||||||
|
#include "misc_internal.h"
|
||||||
|
#include "config.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The function is to check if current user is secure to access to the file.
|
* The function is to check if current user is secure to access to the file.
|
||||||
|
@ -44,10 +46,10 @@
|
||||||
* Returns 0 on success and -1 on failure
|
* Returns 0 on success and -1 on failure
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
check_secure_file_permission(const char *name, struct passwd * pw)
|
check_secure_file_permission(const char *input_path, struct passwd * pw)
|
||||||
{
|
{
|
||||||
PSECURITY_DESCRIPTOR pSD = NULL;
|
PSECURITY_DESCRIPTOR pSD = NULL;
|
||||||
wchar_t * name_utf16 = NULL;
|
wchar_t * path_utf16 = NULL;
|
||||||
PSID owner_sid = NULL, user_sid = NULL;
|
PSID owner_sid = NULL, user_sid = NULL;
|
||||||
PACL dacl = NULL;
|
PACL dacl = NULL;
|
||||||
DWORD error_code = ERROR_SUCCESS;
|
DWORD error_code = ERROR_SUCCESS;
|
||||||
|
@ -55,6 +57,7 @@ check_secure_file_permission(const char *name, struct passwd * pw)
|
||||||
struct passwd * pwd = pw;
|
struct passwd * pwd = pw;
|
||||||
char *bad_user = NULL;
|
char *bad_user = NULL;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
char *path = NULL;
|
||||||
|
|
||||||
if (pwd == NULL)
|
if (pwd == NULL)
|
||||||
if ((pwd = getpwuid(0)) == NULL)
|
if ((pwd = getpwuid(0)) == NULL)
|
||||||
|
@ -66,17 +69,19 @@ check_secure_file_permission(const char *name, struct passwd * pw)
|
||||||
ret = -1;
|
ret = -1;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
if ((name_utf16 = utf8_to_utf16(name)) == NULL) {
|
|
||||||
|
path = resolved_path(input_path);
|
||||||
|
if ((path_utf16 = utf8_to_utf16(path)) == NULL) {
|
||||||
ret = -1;
|
ret = -1;
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*Get the owner sid of the file.*/
|
/*Get the owner sid of the file.*/
|
||||||
if ((error_code = GetNamedSecurityInfoW(name_utf16, SE_FILE_OBJECT,
|
if ((error_code = GetNamedSecurityInfoW(path_utf16, SE_FILE_OBJECT,
|
||||||
OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
|
OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
|
||||||
&owner_sid, NULL, &dacl, NULL, &pSD)) != ERROR_SUCCESS) {
|
&owner_sid, NULL, &dacl, NULL, &pSD)) != ERROR_SUCCESS) {
|
||||||
debug3("failed to retrieve the owner sid and dacl of file %s with error code: %d", name, error_code);
|
debug3("failed to retrieve the owner sid and dacl of file %s with error code: %d", path, error_code);
|
||||||
errno = EOTHER;
|
errno = EOTHER;
|
||||||
ret = -1;
|
ret = -1;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
@ -89,7 +94,7 @@ check_secure_file_permission(const char *name, struct passwd * pw)
|
||||||
if (!IsWellKnownSid(owner_sid, WinBuiltinAdministratorsSid) &&
|
if (!IsWellKnownSid(owner_sid, WinBuiltinAdministratorsSid) &&
|
||||||
!IsWellKnownSid(owner_sid, WinLocalSystemSid) &&
|
!IsWellKnownSid(owner_sid, WinLocalSystemSid) &&
|
||||||
!EqualSid(owner_sid, user_sid)) {
|
!EqualSid(owner_sid, user_sid)) {
|
||||||
debug3("Bad owner on %s", name);
|
debug3("Bad owner on %s", path);
|
||||||
ret = -1;
|
ret = -1;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
@ -131,7 +136,7 @@ check_secure_file_permission(const char *name, struct passwd * pw)
|
||||||
debug3("ConvertSidToSidString failed with %d. ", GetLastError());
|
debug3("ConvertSidToSidString failed with %d. ", GetLastError());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
debug3("Bad permissions. Try removing permissions for user: %s on file %s.", bad_user, name);
|
debug3("Bad permissions. Try removing permissions for user: %s on file %s.", bad_user, path);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -142,8 +147,8 @@ cleanup:
|
||||||
LocalFree(pSD);
|
LocalFree(pSD);
|
||||||
if (user_sid)
|
if (user_sid)
|
||||||
LocalFree(user_sid);
|
LocalFree(user_sid);
|
||||||
if(name_utf16)
|
if(path_utf16)
|
||||||
free(name_utf16);
|
free(path_utf16);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -442,7 +442,7 @@ w32_open(const char *pathname, int flags, ... /* arg */)
|
||||||
va_end(valist);
|
va_end(valist);
|
||||||
}
|
}
|
||||||
|
|
||||||
pio = fileio_open(sanitized_path(pathname), flags, mode);
|
pio = fileio_open(resolved_path(pathname), flags, mode);
|
||||||
|
|
||||||
if (pio == NULL)
|
if (pio == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
|
@ -35,46 +35,48 @@
|
||||||
|
|
||||||
#include "inc\syslog.h"
|
#include "inc\syslog.h"
|
||||||
#include "misc_internal.h"
|
#include "misc_internal.h"
|
||||||
|
#include "inc\utf.h"
|
||||||
|
|
||||||
#define MSGBUFSIZ 1024
|
#define MSGBUFSIZ 1024
|
||||||
static int logfd = -1;
|
static int logfd = -1;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* open a log file using the name of executable under logs folder
|
* log file location will be - "%programData%\\openssh\\logs\\<module_name>.log"
|
||||||
* Ex. if called from c:\windows\system32\openssh\sshd.exe
|
|
||||||
* logfile - c:\windows\system32\openssh\logs\sshd.log
|
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
openlog(char *ident, unsigned int option, int facility)
|
openlog(char *ident, unsigned int option, int facility)
|
||||||
{
|
{
|
||||||
wchar_t *logs_dir = L"\\logs\\";
|
|
||||||
if (logfd != -1 || ident == NULL)
|
if (logfd != -1 || ident == NULL)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
wchar_t path[PATH_MAX] = { 0 }, log_file[PATH_MAX + 12] = { 0 };
|
wchar_t *logs_dir = L"\\logs\\";
|
||||||
errno_t r = 0;
|
wchar_t module_path[PATH_MAX] = { 0 }, log_file[PATH_MAX + 12] = { 0 };
|
||||||
if (GetModuleFileNameW(NULL, path, PATH_MAX) == 0)
|
|
||||||
|
if (GetModuleFileNameW(NULL, module_path, PATH_MAX) == 0)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
path[PATH_MAX - 1] = L'\0';
|
if (wcsnlen(module_path, MAX_PATH) > MAX_PATH - wcslen(logs_dir))
|
||||||
|
|
||||||
if (wcsnlen(path, MAX_PATH) > MAX_PATH - wcslen(logs_dir))
|
|
||||||
return;
|
return;
|
||||||
|
|
||||||
/* split path root and module */
|
/* split path root and module */
|
||||||
{
|
{
|
||||||
wchar_t* tail = path + wcsnlen(path, MAX_PATH);
|
wchar_t* tail = module_path + wcsnlen(module_path, MAX_PATH);
|
||||||
while (tail > path && *tail != L'\\' && *tail != L'/')
|
while (tail > module_path && *tail != L'\\' && *tail != L'/')
|
||||||
tail--;
|
tail--;
|
||||||
|
|
||||||
if (((r = wcsncat_s(log_file, PATH_MAX + 12, path, tail - path)) != 0 ) ||
|
char ssh_cfg_path[PATH_MAX] = {0 ,};
|
||||||
(r = wcsncat_s(log_file, PATH_MAX + 12, logs_dir, 6) != 0 )||
|
strcat_s(ssh_cfg_path, _countof(ssh_cfg_path), get_program_data_path()); /* "%programData%" */
|
||||||
(r = wcsncat_s(log_file, PATH_MAX + 12, tail + 1, wcslen(tail + 1) - 3) != 0 ) ||
|
strcat_s(ssh_cfg_path, _countof(ssh_cfg_path), "\\ssh"); /* "%programData%\\ssh" */
|
||||||
(r = wcsncat_s(log_file, PATH_MAX + 12, L"log", 3) != 0 ))
|
|
||||||
|
wchar_t* ssh_root_path_w = utf8_to_utf16(ssh_cfg_path); /* "%programData%\\ssh" */
|
||||||
|
|
||||||
|
if ((wcsncat_s(log_file, PATH_MAX + 12, ssh_root_path_w, wcslen(ssh_root_path_w)) != 0) ||
|
||||||
|
(wcsncat_s(log_file, PATH_MAX + 12, logs_dir, 6) != 0) ||
|
||||||
|
(wcsncat_s(log_file, PATH_MAX + 12, tail + 1, wcslen(tail + 1) - 3) != 0 ) ||
|
||||||
|
(wcsncat_s(log_file, PATH_MAX + 12, L"log", 3) != 0))
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
errno_t err = _wsopen_s(&logfd, log_file, O_WRONLY | O_CREAT | O_APPEND, SH_DENYNO, S_IREAD | S_IWRITE);
|
errno_t err = _wsopen_s(&logfd, log_file, O_WRONLY | O_CREAT | O_APPEND, SH_DENYNO, S_IREAD | S_IWRITE);
|
||||||
|
|
||||||
if (logfd != -1)
|
if (logfd != -1)
|
||||||
|
|
|
@ -108,7 +108,7 @@ opendir(const char *name)
|
||||||
if (name && strcmp(name, "/") == 0)
|
if (name && strcmp(name, "/") == 0)
|
||||||
return openrootdir(name);
|
return openrootdir(name);
|
||||||
|
|
||||||
if ((wname = utf8_to_utf16(sanitized_path(name))) == NULL) {
|
if ((wname = utf8_to_utf16(resolved_path(name))) == NULL) {
|
||||||
errno = ENOMEM;
|
errno = ENOMEM;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
|
@ -108,7 +108,7 @@ prereq_setup()
|
||||||
RPC_CWSTR rpc_str;
|
RPC_CWSTR rpc_str;
|
||||||
USER_INFO_1 ui;
|
USER_INFO_1 ui;
|
||||||
NET_API_STATUS nStatus;
|
NET_API_STATUS nStatus;
|
||||||
STARTUPINFO si;
|
STARTUPINFOW si;
|
||||||
PROCESS_INFORMATION pi;
|
PROCESS_INFORMATION pi;
|
||||||
wchar_t cmdline[MAX_PATH];
|
wchar_t cmdline[MAX_PATH];
|
||||||
|
|
||||||
|
@ -135,7 +135,7 @@ prereq_setup()
|
||||||
|
|
||||||
/* create host keys if they dont already exist */
|
/* create host keys if they dont already exist */
|
||||||
ZeroMemory(&si, sizeof(si));
|
ZeroMemory(&si, sizeof(si));
|
||||||
si.cb = sizeof(si);
|
si.cb = sizeof(STARTUPINFOW);
|
||||||
ZeroMemory(&pi, sizeof(pi));
|
ZeroMemory(&pi, sizeof(pi));
|
||||||
memcpy(cmdline, SSH_HOSTKEY_GEN_CMDLINE, wcslen(SSH_HOSTKEY_GEN_CMDLINE) * 2 + 2);
|
memcpy(cmdline, SSH_HOSTKEY_GEN_CMDLINE, wcslen(SSH_HOSTKEY_GEN_CMDLINE) * 2 + 2);
|
||||||
if (CreateProcessW(NULL, cmdline, NULL, NULL, FALSE, CREATE_NEW_CONSOLE, NULL, NULL, &si, &pi)) {
|
if (CreateProcessW(NULL, cmdline, NULL, NULL, FALSE, CREATE_NEW_CONSOLE, NULL, NULL, &si, &pi)) {
|
||||||
|
|
|
@ -21,10 +21,10 @@ Port 47002
|
||||||
# HostKey for protocol version 1
|
# HostKey for protocol version 1
|
||||||
#HostKey /etc/ssh/ssh_host_key
|
#HostKey /etc/ssh/ssh_host_key
|
||||||
# HostKeys for protocol version 2
|
# HostKeys for protocol version 2
|
||||||
HostKey sshtest_hostkey_rsa
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_rsa
|
||||||
HostKey sshtest_hostkey_dsa
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_dsa
|
||||||
HostKey sshtest_hostkey_ecdsa
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ecdsa
|
||||||
HostKey sshtest_hostkey_ed25519
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ed25519
|
||||||
|
|
||||||
# Lifetime and size of ephemeral version 1 server key
|
# Lifetime and size of ephemeral version 1 server key
|
||||||
#KeyRegenerationInterval 1h
|
#KeyRegenerationInterval 1h
|
||||||
|
@ -126,4 +126,4 @@ PubkeyAcceptedKeyTypes ssh-ed25519*
|
||||||
#AllowUsers allowuser1 allowu*r2 allow?se?3 allowuser4 localuser1 localu*r2 loc?lu?er3 localadmin
|
#AllowUsers allowuser1 allowu*r2 allow?se?3 allowuser4 localuser1 localu*r2 loc?lu?er3 localadmin
|
||||||
#DenyGroups denygroup1 denygr*p2 deny?rou?3
|
#DenyGroups denygroup1 denygr*p2 deny?rou?3
|
||||||
#AllowGroups allowgroup1 allowg*2 allowg?ou?3 Adm*
|
#AllowGroups allowgroup1 allowg*2 allowg?ou?3 Adm*
|
||||||
TrustedUserCAKeys sshtest_ca_userkeys.pub
|
TrustedUserCAKeys __PROGRAMDATA__\ssh\sshtest_ca_userkeys.pub
|
||||||
|
|
|
@ -11,10 +11,10 @@ Port 47003
|
||||||
# HostKey for protocol version 1
|
# HostKey for protocol version 1
|
||||||
#HostKey /etc/ssh/ssh_host_key
|
#HostKey /etc/ssh/ssh_host_key
|
||||||
# HostKeys for protocol version 2
|
# HostKeys for protocol version 2
|
||||||
HostKey sshtest_hostkey_rsa
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_rsa
|
||||||
HostKey sshtest_hostkey_dsa
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_dsa
|
||||||
HostKey sshtest_hostkey_ecdsa
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ecdsa
|
||||||
HostKey sshtest_hostkey_ed25519
|
HostKey __PROGRAMDATA__\ssh\sshtest_hostkey_ed25519
|
||||||
|
|
||||||
# Lifetime and size of ephemeral version 1 server key
|
# Lifetime and size of ephemeral version 1 server key
|
||||||
#KeyRegenerationInterval 1h
|
#KeyRegenerationInterval 1h
|
||||||
|
|
|
@ -67,9 +67,9 @@ test_sanitizedpath()
|
||||||
char *win32prgdir = w32_programdir();
|
char *win32prgdir = w32_programdir();
|
||||||
ASSERT_PTR_NE(win32prgdir, NULL);
|
ASSERT_PTR_NE(win32prgdir, NULL);
|
||||||
|
|
||||||
ASSERT_PTR_EQ(sanitized_path(NULL), NULL);
|
ASSERT_PTR_EQ(resolved_path(NULL), NULL);
|
||||||
|
|
||||||
char *ret = sanitized_path(win32prgdir);
|
char *ret = resolved_path(win32prgdir);
|
||||||
retValue = strcmp(win32prgdir, ret);
|
retValue = strcmp(win32prgdir, ret);
|
||||||
ASSERT_INT_EQ(retValue, 0);
|
ASSERT_INT_EQ(retValue, 0);
|
||||||
|
|
||||||
|
@ -79,14 +79,14 @@ test_sanitizedpath()
|
||||||
strncpy(tmp_path+1, win32prgdir, win32prgdir_len);
|
strncpy(tmp_path+1, win32prgdir, win32prgdir_len);
|
||||||
tmp_path[win32prgdir_len+1] = '\0';
|
tmp_path[win32prgdir_len+1] = '\0';
|
||||||
|
|
||||||
ret = sanitized_path(tmp_path);
|
ret = resolved_path(tmp_path);
|
||||||
retValue = strcmp(win32prgdir, ret);
|
retValue = strcmp(win32prgdir, ret);
|
||||||
ASSERT_INT_EQ(retValue, 0);
|
ASSERT_INT_EQ(retValue, 0);
|
||||||
|
|
||||||
char *s1 = malloc(4), *s2 = malloc(4);
|
char *s1 = malloc(4), *s2 = malloc(4);
|
||||||
s1[0] = '/', s1[1] = win32prgdir[0], s1[2] = ':', s1[3] = '\0';
|
s1[0] = '/', s1[1] = win32prgdir[0], s1[2] = ':', s1[3] = '\0';
|
||||||
s2[0] = win32prgdir[0], s2[1] = ':', s2[2] = '\\', s2[3] = '\0';
|
s2[0] = win32prgdir[0], s2[1] = ':', s2[2] = '\\', s2[3] = '\0';
|
||||||
ret = sanitized_path(s1);
|
ret = resolved_path(s1);
|
||||||
retValue = strcmp(ret, s2);
|
retValue = strcmp(ret, s2);
|
||||||
ASSERT_INT_EQ(retValue, 0);
|
ASSERT_INT_EQ(retValue, 0);
|
||||||
|
|
||||||
|
|
|
@ -661,9 +661,7 @@ derelativise_path(const char *path)
|
||||||
return xstrdup("none");
|
return xstrdup("none");
|
||||||
expanded = tilde_expand_filename(path, getuid());
|
expanded = tilde_expand_filename(path, getuid());
|
||||||
#ifdef WINDOWS
|
#ifdef WINDOWS
|
||||||
/* Windows absolute paths - \abc, /abc, c:\abc, c:/abc*/
|
if (is_absolute_path(expanded))
|
||||||
if (*expanded == '/' || *expanded == '\\' ||
|
|
||||||
(*expanded != '\0' && expanded[1] == ':'))
|
|
||||||
#else /* !WINDOWS */
|
#else /* !WINDOWS */
|
||||||
if (*expanded == '/')
|
if (*expanded == '/')
|
||||||
#endif /* !WINDOWS */
|
#endif /* !WINDOWS */
|
||||||
|
|
Loading…
Reference in New Issue