fix win32 sshd and sshd-session

auth2-methods.c

@@ -17,7 +17,6 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/queue.h>
 
 #include <stdlib.h>
 #include <string.h>

contrib/win32/openssh/Win32-OpenSSH.sln

@@ -5,9 +5,9 @@ MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh", "ssh.vcxproj", "{74E69D5E-A1EF-46EA-9173-19A412774104}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libssh", "libssh.vcxproj", "{05E1115F-8529-46D0-AAAF-52A404CE79A7}"
@@ -23,33 +23,33 @@ EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh-keygen", "keygen.vcxproj", "{47496135-131B-41D6-BF2B-EE7144873DD0}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sftp", "sftp.vcxproj", "{BBEFF9D7-0BC3-41D1-908B-8052158B5052}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sftp-server", "sftp-server.vcxproj", "{6657614F-7821-4D55-96EF-7C3C4B551880}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sshd", "sshd.vcxproj", "{F58FF6BA-098B-4DB9-9609-A030DFB4D03F}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "config", "config.vcxproj", "{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}"
@@ -68,72 +68,72 @@ EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh-agent", "ssh-agent.vcxproj", "{F6644EC5-D6B6-42A1-828C-75E2977470E0}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh-add", "ssh-add.vcxproj", "{029797FF-C986-43DE-95CD-2E771E86AEBC}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "scp", "scp.vcxproj", "{29B98ADF-1285-49CE-BF6C-AA92C5D2FB24}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-bitmap", "unittest-bitmap.vcxproj", "{D901596E-76C7-4608-9CFA-2B42A9FD7250}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-kex", "unittest-kex.vcxproj", "{8EC56B06-5A9A-4D6D-804D-037FE26FD43E}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-sshbuf", "unittest-sshbuf.vcxproj", "{CD9740CE-C96E-49B3-823F-012E09D17806}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
-		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
 		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
+		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-win32compat", "unittest-win32compat.vcxproj", "{BF295BA9-4BF8-43F8-8CBF-FAE84815466C}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-hostkeys", "unittest-hostkeys.vcxproj", "{890C6129-286F-4CD8-8252-FB8D3B4E6E1B}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-sshkey", "unittest-sshkey.vcxproj", "{FC568FF0-60F2-4B2E-AF62-FD392EDBA1B9}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "core", "core", "{17322AAF-808F-4646-AD37-5B0EDDCB8F3E}"
@@ -143,44 +143,50 @@ EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-match", "unittest-match.vcxproj", "{484A8CDE-B949-4BDA-B447-74685C8E032F}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittest-misc", "unittest-misc.vcxproj", "{0B527504-2AF5-4E6E-A84F-10BADFAEDA88}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh-keyscan", "ssh-keyscan.vcxproj", "{7D0A75FC-F366-4B60-B72F-B37C3EA07CCA}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh-sk-helper", "ssh-sk-helper.vcxproj", "{7D0A75FC-F366-4B60-B72F-B37C3EA07CCB}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh-pkcs11-helper", "ssh-pkcs11-helper.vcxproj", "{21D772C3-0EB0-47B7-A93C-FF624675A58D}"
 	ProjectSection(ProjectDependencies) = postProject
 		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
 		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
-		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sshd-session", "sshd-session.vcxproj", "{86D5F580-EFB0-4BEA-96B7-7181F9BC6171}"
+	ProjectSection(ProjectDependencies) = postProject
+		{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
+		{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
+		{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
+		{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
+	EndProjectSection
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

contrib/win32/openssh/libssh.vcxproj

@@ -450,6 +450,7 @@
     <ClCompile Include="$(OpenSSH-Src-Path)ssh-sk.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)sshbuf-io.c" />
     <ClCompile Include="..\..\..\cipher-chachapoly-libcrypto.c" />
+    <ClCompile Include="..\..\..\kex-names.c" />
     <ClCompile Include="..\win32compat\spawn-ext.c" />
   </ItemGroup>
   <ItemGroup>

contrib/win32/openssh/libssh.vcxproj.filters

@@ -22,8 +22,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)ed25519.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)entropy.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)fatal.c" />
-    <ClCompile Include="$(OpenSSH-Src-Path)fe25519.c" />
-    <ClCompile Include="$(OpenSSH-Src-Path)ge25519.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)gss-genr.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)hash.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)hmac.c" />
@@ -42,7 +40,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)nchan.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)packet.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)poly1305.c" />
-    <ClCompile Include="$(OpenSSH-Src-Path)sc25519.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)smult_curve25519_ref.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)ssh-dss.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)ssh-ecdsa.c" />
@@ -70,7 +67,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)progressmeter.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)readpass.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)rijndael.c" />
-    <ClCompile Include="$(OpenSSH-Src-Path)verify.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)xmalloc.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)kexgexs.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)platform-misc.c" />
@@ -84,6 +80,7 @@
     <ClCompile Include="$(OpenSSH-Src-Path)sshbuf-io.c" />
     <ClCompile Include="..\win32compat\spawn-ext.c" />
     <ClCompile Include="..\..\..\cipher-chachapoly-libcrypto.c" />
+    <ClCompile Include="..\..\..\kex-names.c" />
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="$(OpenSSH-Src-Path)addrmatch.c">
@@ -119,9 +116,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)cipher-chachapoly.c">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)cipher-ctr.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
     <ClCompile Include="$(OpenSSH-Src-Path)cipher.c">
       <Filter>Source Files</Filter>
     </ClCompile>

contrib/win32/openssh/sshd-session.vcxproj

@@ -467,6 +467,7 @@
     <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\win32_sshpty.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\wmain_sshd.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\w32-doexec.c" />
+    <ClCompile Include="..\..\..\auth2-methods.c" />
     <ClCompile Include="..\..\..\auth2-pubkeyfile.c" />
     <ClCompile Include="..\..\..\misc.c" />
     <ClCompile Include="..\..\..\srclimit.c" />

contrib/win32/openssh/sshd-session.vcxproj.filters

@@ -0,0 +1,171 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hh;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="$(OpenSSH-Src-Path)audit-bsm.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)audit-linux.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)audit.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-bsdauth.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-krb5.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-options.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-pam.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-passwd.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-rhosts.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-shadow.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth-sia.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2-chall.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2-gss.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2-hostbased.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2-kbdint.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2-none.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2-passwd.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2-pubkey.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)auth2.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)gss-serv-krb5.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)gss-serv.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)loginrec.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)monitor.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)monitor_wrap.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)platform.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sandbox-capsicum.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sandbox-darwin.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sandbox-null.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sandbox-rlimit.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sandbox-seccomp-filter.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sandbox-systrace.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)servconf.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)serverloop.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)session.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sftp-common.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sshd-session.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)sshlogin.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\wmain_sshd.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\win32_sshpty.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\win32_groupaccess.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\w32-doexec.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="..\win32compat\win32-utf8.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\srclimit.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\ssh-sk-client.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\auth2-pubkeyfile.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\misc.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\sshkey.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="..\..\..\auth2-methods.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="version.rc">
+      <Filter>Resource Files</Filter>
+    </ResourceCompile>
+  </ItemGroup>
+</Project>

contrib/win32/openssh/sshd.vcxproj

@@ -445,6 +445,7 @@
     <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\win32_groupaccess.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\win32_sshpty.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\wmain_sshd.c" />
+    <ClCompile Include="..\..\..\auth2-methods.c" />
     <ClCompile Include="..\..\..\misc.c" />
     <ClCompile Include="..\..\..\srclimit.c" />
     <ClCompile Include="..\..\..\ssh-sk-client.c" />

contrib/win32/openssh/sshd.vcxproj.filters

@@ -24,57 +24,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)audit.c">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-bsdauth.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-krb5.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-options.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-pam.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-passwd.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-rhosts.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-shadow.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth-sia.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2-chall.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2-gss.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2-hostbased.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2-kbdint.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2-none.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2-passwd.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2-pubkey.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)auth2.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
     <ClCompile Include="$(OpenSSH-Src-Path)gss-serv-krb5.c">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -84,12 +33,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)loginrec.c">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)monitor.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)monitor_wrap.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
     <ClCompile Include="$(OpenSSH-Src-Path)platform.c">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -114,12 +57,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)servconf.c">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)serverloop.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)session.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
     <ClCompile Include="$(OpenSSH-Src-Path)sftp-common.c">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -138,9 +75,6 @@
     <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\win32_groupaccess.c">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="$(OpenSSH-Src-Path)contrib\win32\win32compat\w32-doexec.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
     <ClCompile Include="..\win32compat\win32-utf8.c">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -150,15 +84,15 @@
     <ClCompile Include="..\..\..\ssh-sk-client.c">
       <Filter>Source Files</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\auth2-pubkeyfile.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\misc.c">
       <Filter>Source Files</Filter>
     </ClCompile>
     <ClCompile Include="..\..\..\sshkey.c">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="..\..\..\auth2-methods.c">
+      <Filter>Source Files</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ResourceCompile Include="version.rc">

pathnames.h

@@ -49,7 +49,11 @@
 
 /* Binary paths for the sshd components */
 #ifndef _PATH_SSHD_SESSION
+#ifdef WINDOWS
+#define _PATH_SSHD_SESSION		"sshd-session.exe" /* PATH looks in same directory as sshd automatically */
+#else /* WINDOWS */
 #define _PATH_SSHD_SESSION		"/usr/libexec/sshd-session"
+#endif /* WINDOWS */
 #endif
 
 /*

session.c

@@ -104,6 +104,10 @@
 #include <selinux/selinux.h>
 #endif
 
+#ifdef WINDOWS
+#define mm_pty_allocate pty_allocate
+#endif /* WINDOWS */
+
 #define IS_INTERNAL_SFTP(c) \
 	(!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \
 	 (c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \

sshd-session.c

@@ -166,6 +166,7 @@ int privsep_unauth_child = 0;
 int privsep_auth_child = 0;
 int io_sock_in = 0;
 int io_sock_out = 0;
+int win32_rexeced_flag = 0;
 #endif /* WINDOWS */
 
 /*
@@ -313,11 +314,12 @@ send_config_state(int fd, struct sshbuf* conf)
 		(r = sshbuf_put_stringb(m, inc)) != 0)
 		fatal_fr(r, "compose config");
 
+#ifndef WINDOWS
 	/* We need to fit the entire message inside the socket send buffer */
 	sz = ROUNDUP(sshbuf_len(m) + 5, 16 * 1024);
 	if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &sz, sizeof sz) == -1)
 		fatal_f("setsockopt SO_SNDBUF: %s", strerror(errno));
-
+#endif /* WINDOWS */
 	if (ssh_msg_send(fd, 0, m) == -1)
 		error_f("ssh_msg_send failed");
 
@@ -347,37 +349,36 @@ send_idexch_state(struct ssh *ssh, int fd)
 	sshbuf_free(m);
 }
 
-// TODO - determine if needed
+static void
-// static void
+recv_idexch_state(struct ssh *ssh, int fd)
-// recv_idexch_state(struct ssh *ssh, int fd)
+{
-// {
+ 	struct sshbuf *m;
-// 	struct sshbuf *m;
+ 	u_char *cp, ver;
-// 	u_char *cp, ver;
+ 	size_t tmp;
-// 	size_t tmp;
+ 	int r;
-// 	int r;
+ 	const u_char *valp;
-// 	const u_char *valp;
+ 	size_t lenp;
-// 	size_t lenp;
 
-// 	debug3("%s: entering fd = %d", __func__, fd);
+ 	debug3("%s: entering fd = %d", __func__, fd);
 
-// 	if ((m = sshbuf_new()) == NULL)
+ 	if ((m = sshbuf_new()) == NULL)
-// 		fatal("%s: sshbuf_new failed", __func__);
+ 		fatal("%s: sshbuf_new failed", __func__);
-// 	if (ssh_msg_recv(fd, m) == -1)
+ 	if (ssh_msg_recv(fd, m) == -1)
-// 		fatal("%s: ssh_msg_recv failed", __func__);
+ 		fatal("%s: ssh_msg_recv failed", __func__);
-// 	if ((r = sshbuf_get_u8(m, &ver)) != 0)
+ 	if ((r = sshbuf_get_u8(m, &ver)) != 0)
-// 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
-// 	if (ver != 0)
+ 	if (ver != 0)
-// 		fatal("%s: rexec version mismatch", __func__);
+ 		fatal("%s: rexec version mismatch", __func__);
 
-// 	if (sshbuf_get_stringb(m, ssh->kex->client_version) != 0 ||
+ 	if (sshbuf_get_stringb(m, ssh->kex->client_version) != 0 ||
-// 	    sshbuf_get_stringb(m, ssh->kex->server_version) != 0 ||
+ 	    sshbuf_get_stringb(m, ssh->kex->server_version) != 0 ||
-// 	    sshbuf_get_u32(m, &ssh->compat) != 0 )
+ 	    sshbuf_get_u32(m, &ssh->compat) != 0 )
-// 		fatal("%s: unable to retrieve idexch state", __func__);
+ 		fatal("%s: unable to retrieve idexch state", __func__);
 
-// 	sshbuf_free(m);
+ 	sshbuf_free(m);
 
-// 	debug3("%s: done", __func__);
+ 	debug3("%s: done", __func__);
-// }
+}
 
 static void
 send_autxctx_state(Authctxt *auth, int fd)
@@ -468,19 +469,68 @@ send_hostkeys_state(int fd)
 	sshbuf_free(m);
 }
 
+static void
+recv_hostkeys_state(int fd)
+{
+	struct sshbuf* m;
+	u_char* cp, ver;
+	struct sshkey* key = NULL;
+	const u_char* blob;
+	size_t blen;
+	int r;
+	u_int32_t num_host_key_files;
+
+	debug3("%s: entering fd = %d", __func__, fd);
+
+	if ((m = sshbuf_new()) == NULL)
+		fatal("%s: sshbuf_new failed", __func__);
+	if (ssh_msg_recv(fd, m) == -1)
+		fatal("%s: ssh_msg_recv failed", __func__);
+	if ((r = sshbuf_get_u8(m, &ver)) != 0)
+		fatal("%s: buffer error: %s", __func__, ssh_err(r));
+	if (ver != 0)
+		fatal("%s: rexec version mismatch", __func__);
+
+	if ((r = sshbuf_get_u32(m, &num_host_key_files)) != 0)
+		fatal("%s: buffer error: %s", __func__, ssh_err(r));
+	sensitive_data.host_keys = xcalloc(num_host_key_files, sizeof(struct sshkey*));
+	sensitive_data.host_pubkeys = xcalloc(num_host_key_files, sizeof(struct sshkey*));
+	sensitive_data.host_certificates = xcalloc(num_host_key_files, sizeof(struct sshkey*));
+	for (int i = 0; i < num_host_key_files; i++) {
+		if ((r = sshbuf_get_string_direct(m, &blob, &blen)) != 0)
+			fatal("%s: buffer error: %s", __func__, ssh_err(r));
+		sensitive_data.host_pubkeys[i] = NULL;
+		sensitive_data.host_keys[i] = NULL;
+
+		if (blen) {
+			sshkey_from_blob(blob, blen, &key);
+			sensitive_data.host_pubkeys[i] = key;
+		}
+	}
+
+	for (int i = 0; i < num_host_key_files; i++) {
+		if ((r = sshbuf_get_string_direct(m, &blob, &blen)) != 0)
+			fatal("%s: buffer error: %s", __func__, ssh_err(r));
+		sensitive_data.host_certificates[i] = NULL;
+		if (blen) {
+			sshkey_from_blob(blob, blen, &key);
+			sensitive_data.host_certificates[i] = key;
+		}
+	}
+
+	sshbuf_free(m);
+	debug3("%s: done", __func__);
+}
+
 static char**
 privsep_child_cmdline(int authenticated)
 {
-	//char** argv = rexec_argv ? rexec_argv : saved_argv;
 	char** argv = saved_argv;
 	int argc = 0;
 
-	// if (rexec_argv)
+	if (win32_rexeced_flag)
-	// 	argc = rexec_argc;
+		argc = saved_argc - 1; // override '-R'
-	//else {
+	else {
-	//if (rexeced_flag)
-	//	argc = saved_argc - 1; // override '-R'
-	//else {
 		char **tmp = xcalloc(saved_argc + 1 + 1, sizeof(*saved_argv)); // 1 - extra argument "-y/-z", 1 - NULL
 		int i = 0;
 		for (i = 0; (int)i < saved_argc; i++) {
@@ -491,8 +541,7 @@ privsep_child_cmdline(int authenticated)
 		free(saved_argv);
 		argv = saved_argv = tmp;
 		argc = saved_argc;
-	//}
+	}
-	//}
 
 	if (authenticated)
 		argv[argc] = "-z";
@@ -693,7 +742,6 @@ privsep_preauth(struct ssh *ssh)
 		close(pmonitor->m_recvfd);
 		close(pmonitor->m_log_sendfd);
 		send_config_state(pmonitor->m_sendfd, cfg);
-		send_hostkeys_state(pmonitor->m_sendfd);
 		send_idexch_state(ssh, pmonitor->m_sendfd);
 		monitor_child_preauth(ssh, pmonitor);
 		while (waitpid(pid, &status, 0) < 0) {
@@ -797,7 +845,6 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
 
 		verbose("User child is on pid %ld", (long)pmonitor->m_pid);
 		send_config_state(pmonitor->m_sendfd, cfg);
-		send_hostkeys_state(pmonitor->m_sendfd);
 		send_idexch_state(ssh, pmonitor->m_sendfd);
 		send_autxctx_state(authctxt, pmonitor->m_sendfd);
 		monitor_send_keystate(pmonitor);
@@ -1387,6 +1434,9 @@ main(int ac, char **av)
 			break;
 		case 'R':
 			rexeced_flag = 1;
+#ifdef WINDOWS
+			win32_rexeced_flag = 1;
+#endif /* WINDOWS */
 			break;
 		case 'Q':
 			/* ignored */
@@ -1454,12 +1504,10 @@ main(int ac, char **av)
 #ifdef WINDOWS
 		case 'y':
 			privsep_unauth_child = 1;
-			//rexec_flag = 0;
 			logfile = NULL;
 			break;
 		case 'z':
 			privsep_auth_child = 1;
-			//rexec_flag = 0;
 			logfile = NULL;
 			break;
 #endif /* WINDOWS */
@@ -1476,16 +1524,22 @@ main(int ac, char **av)
 	}
 
 	debug("sshd version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION);
-
+#ifdef WINDOWS
+	if (!rexeced_flag && !privsep_unauth_child && !privsep_auth_child)
+#else /* WINDOWS */
 	if (!rexeced_flag)
+#endif /* WINDOWS */
 		fatal("sshd-session should not be executed directly");
 #ifdef WINDOWS
 	if (privsep_unauth_child)
 		closefrom(PRIVSEP_UNAUTH_MIN_FREE_FD);
 	else if (privsep_auth_child)
 		closefrom(PRIVSEP_AUTH_MIN_FREE_FD);
-#endif /* WINDOWS */
+	else
 		closefrom(REEXEC_MIN_FREE_FD);
+#else /* WINDOWS */
+	closefrom(REEXEC_MIN_FREE_FD);
+#endif /* WINDOWS */
 
 	seed_rng();
 
@@ -1531,18 +1585,32 @@ main(int ac, char **av)
 	/* Fetch our configuration */
 	if ((cfg = sshbuf_new()) == NULL)
 		fatal("sshbuf_new config buf failed");
-	// TODO: is this still needed?
+
-	// if (privsep_unauth_child || privsep_auth_child)
-	// 	recv_config_state(PRIVSEP_MONITOR_FD, cfg); //TODO - should starup_pipe be closed as above ?
 	setproctitle("%s", "[rexeced]");
+
+#ifdef WINDOWS
+	if (privsep_unauth_child || privsep_auth_child) {
+		recv_rexec_state(PRIVSEP_MONITOR_FD, cfg, &timing_secret); //TODO - should starup_pipe be closed as above ?B
+	}
+	else {
 		recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg, &timing_secret);
 		close(REEXEC_CONFIG_PASS_FD);
+	}
+#else /* WINDOWS */
+	recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg, &timing_secret);
+	close(REEXEC_CONFIG_PASS_FD);
+#endif /* WINDOWS */
+
 	parse_server_config(&options, "rexec", cfg, &includes, NULL, 1);
 	/* Fill in default values for those options not explicitly set. */
 	fill_default_server_options(&options);
 	options.timing_secret = timing_secret;
 
+#ifdef WINDOWS
+	if (!debug_flag && !privsep_unauth_child && !privsep_auth_child) {
+#else /* WINDOWS */
 	if (!debug_flag) {
+#endif /* WINDOWS */
 		startup_pipe = dup(REEXEC_STARTUP_PIPE_FD);
 		close(REEXEC_STARTUP_PIPE_FD);
 		/*
@@ -1678,6 +1746,10 @@ main(int ac, char **av)
 	 * Register our connection.  This turns encryption off because we do
 	 * not have a key.
 	 */
+#ifdef WINDOWS
+	io_sock_in = sock_in;
+	io_sock_out = sock_out;
+#endif /* WINDOWS */
 	if ((ssh = ssh_packet_set_connection(NULL, sock_in, sock_out)) == NULL)
 		fatal("Unable to create connection");
 	the_active_state = ssh;
@@ -1718,11 +1790,10 @@ main(int ac, char **av)
 
 	rdomain = ssh_packet_rdomain_in(ssh);
 
-	// TODO: determine if this is still needed
+	if (privsep_unauth_child || privsep_auth_child) {
-	// if (privsep_unauth_child || privsep_auth_child) {
+		recv_idexch_state(ssh, PRIVSEP_MONITOR_FD);
-	// 	recv_idexch_state(ssh, PRIVSEP_MONITOR_FD);
+		goto idexch_done;
-	// 	goto idexch_done;
+	}
-	// }
 
 	/* Log the connection. */
 	laddr = get_local_ipaddr(sock_in);
@@ -1759,7 +1830,7 @@ main(int ac, char **av)
 	}
 	send_kex_exch_exit_code_telemetry(0);
 #endif /* WINDOWS */
-// TODO determine if needed - idexch_done:
+idexch_done:
 	ssh_packet_set_nonblocking(ssh);
 
 	/* allocate authentication context */

sshd.c

@@ -129,6 +129,10 @@ int debug_flag = 0;
 static char **saved_argv;
 static int saved_argc;
 
+#ifdef WINDOWS
+static char** rexec_argv;
+#endif /* WINDOWS */
+
 /*
  * The sockets that the server is listening; this is used in the SIGHUP
  * signal handler.
@@ -237,6 +241,7 @@ sighup_handler(int sig)
 static void
 sighup_restart(void)
 {
+#ifndef WINDOWS // not applicable to Windows
 	logit("Received SIGHUP; restarting.");
 	if (options.pid_file != NULL)
 		unlink(options.pid_file);
@@ -244,10 +249,11 @@ sighup_restart(void)
 	close_listen_socks();
 	close_startup_pipes();
 	ssh_signal(SIGHUP, SIG_IGN); /* will be restored after exec */
-	execv(saved_argv[0], saved_argv); // CodeQL [SM01925] false positive: restarting sshd will verify inputs via case statement in main
+	execv(saved_argv[0], saved_argv);
 	logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
 	    strerror(errno));
 	exit(1);
+#endif /* WINDOWS */
 }
 
 /*
@@ -520,10 +526,12 @@ send_rexec_state(int fd, struct sshbuf *conf)
 	    (r = sshbuf_put_stringb(m, inc)) != 0)
 		fatal_fr(r, "compose config");
 
+#ifndef WINDOWS
 	/* We need to fit the entire message inside the socket send buffer */
 	sz = ROUNDUP(sshbuf_len(m) + 5, 16*1024);
 	if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &sz, sizeof sz) == -1)
 		fatal_f("setsockopt SO_SNDBUF: %s", strerror(errno));
+#endif /* WINDOWS */
 
 	if (ssh_msg_send(fd, 0, m) == -1)
 		error_f("ssh_msg_send failed");
@@ -806,6 +814,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s,
 				close(startup_p[1]);
 				continue;
 			}
+
 			fcntl(startup_p[0], F_SETFD, FD_CLOEXEC);
 			fcntl(startup_p[1], F_SETFD, FD_CLOEXEC);
 			fcntl(config_s[0], F_SETFD, FD_CLOEXEC);
@@ -838,7 +847,9 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s,
 				close(startup_p[1]);
 				startup_pipe = -1;
 				pid = getpid();
+#ifndef WINDOWS
 				send_rexec_state(config_s[0], cfg);
+#endif /* !WINDOWS */
 				close(config_s[0]);
 				free(pfd);
 				return;
@@ -857,12 +868,12 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s,
 				    posix_spawnattr_setflags(&attributes, POSIX_SPAWN_SETPGROUP) != 0 ||
 				    posix_spawnattr_setpgroup(&attributes, 0) != 0)
 					error("posix_spawn initialization failed");
-				// else {
+				else {
-				// 	if (posix_spawn(&pid, rexec_argv[0], &actions, &attributes, rexec_argv, NULL) != 0)
+				 	if (posix_spawn(&pid, rexec_argv[0], &actions, &attributes, rexec_argv, NULL) != 0)
-				// 		error("%s, posix_spawn failed", __func__);
+				 		error("%s, posix_spawn failed", __func__);
-				// 	posix_spawn_file_actions_destroy(&actions);
+				 	posix_spawn_file_actions_destroy(&actions);
-				// 	posix_spawnattr_destroy(&attributes);
+				 	posix_spawnattr_destroy(&attributes);
-				// }
+				}
 			}
 #else
 			/*
@@ -905,7 +916,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s,
 
 #endif /* fork unsupported */
 			close(startup_p[1]);
-
 			close(config_s[1]);
 			send_rexec_state(config_s[0], cfg);
 			close(config_s[0]);
@@ -998,7 +1008,12 @@ main(int ac, char **av)
 	int sock_in = -1, sock_out = -1, newsock = -1, rexec_argc = 0;
 	int config_s[2] = { -1 , -1 }, have_connection_info = 0;
 	int need_privsep = 1;
-	char *fp, *line, *logfile = NULL, **rexec_argv = NULL;
+#ifdef WINDOWS
+	// rexec_argv is still defined globally for use in server_accept_loop
+	char* fp, * line, * logfile = NULL;
+#else /* WINDOWS */
+	char* fp, * line, * logfile = NULL, **rexec_argv = NULL;
+#endif /* WINDOWS */
 	struct stat sb;
 	u_int i, j;
 	mode_t new_umask;
@@ -1155,10 +1170,6 @@ main(int ac, char **av)
 	}
 	if (!test_flag && !do_dump_cfg && !path_absolute(av[0]))
 		fatal("sshd re-exec requires execution with an absolute path");
-	// if (privsep_unauth_child)
-	// 	closefrom(PRIVSEP_UNAUTH_MIN_FREE_FD);
-	// else if (privsep_auth_child)
-	// 	closefrom(PRIVSEP_AUTH_MIN_FREE_FD);
 
 	closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
 
@@ -1257,12 +1268,6 @@ main(int ac, char **av)
 	if (do_dump_cfg)
 		print_config(&connection_info);
 
-	// TODO: does this need to be in ssh-session?
-	// if (privsep_auth_child || privsep_unauth_child) {
-	// 	recv_hostkeys_state(PRIVSEP_MONITOR_FD);
-	// 	goto done_loading_hostkeys;
-	// }
-
 	/* load host keys */
 	sensitive_data.host_keys = xcalloc(options.num_host_key_files,
 	    sizeof(struct sshkey *));
@@ -1286,7 +1291,6 @@ main(int ac, char **av)
 
 		if (options.host_key_files[i] == NULL)
 			continue;
-		//if (privsep_unauth_child || privsep_auth_child) key = NULL; else /*TODO - remove this*/
 		if ((r = sshkey_load_private(options.host_key_files[i], "",
 		    &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
 			do_log2_r(r, ll, "Unable to load host key \"%s\"",
@@ -1462,6 +1466,8 @@ main(int ac, char **av)
 	rexec_argv = xcalloc(rexec_argc + 3, sizeof(char *));
 	/* Point to the sshd-session binary instead of sshd */
 	rexec_argv[0] = options.sshd_session_path;
+	extern wchar_t* __wprogdir;
+	debug("__wprogdir: %ls", __wprogdir);
 	for (i = 1; i < (u_int)rexec_argc; i++) {
 		debug("rexec_argv[%d]='%s'", i, saved_argv[i]);
 		rexec_argv[i] = saved_argv[i];
@@ -1519,11 +1525,6 @@ main(int ac, char **av)
 			fatal("socketpair: %s", strerror(errno));
 		send_rexec_state(config_s[0], cfg);
 		close(config_s[0]);
-	// } else if (privsep_unauth_child || privsep_auth_child) {
-	// 	sock_in = sock_out = dup(STDIN_FILENO);
-	// 	close(STDIN_FILENO);
-	// 	close(STDOUT_FILENO);
-	// 	startup_pipe = -1;
 	} else {
 		platform_pre_listen();
 		server_listen();