tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added config files to enabled VSTS build, compliance tests, Code signing. (#296) 

Added config files to enabled VSTS build, compliance tests, Code signing.
This commit is contained in:
Yanbing 2018-03-30 19:44:07 -07:00 committed by GitHub
parent 11726e3c8e
commit f291d2438f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 506 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
contrib/win32/openssh/BinSkimConfig.xml Normal file
View File

@ -0,0 +1,126 @@
<?xml version="1.0" encoding="utf-8"?>
<Properties Type="PropertiesDictionary">
<Properties Key="BA2001.LoadImageAboveFourGigabyteAddress.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2002.DoNotIncorporateVulnerableDependencies.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
<Properties Key="VulnerableDependencies" Type="PropertiesDictionary">
<Properties Key="AtlVulnerability" Type="IL.Rules.VulnerableDependencyDescriptor">
<Property Key="FileHashes" Type="StringSet">
<Item>atlbase.h#31-F6-53-39-6A-51-B4-57-1E-F0-DD-C0-B3-54-8A-60</Item>
<Item>atlbase.h#FC-A7-3E-99-8B-D3-CC-E6-D6-28-75-F6-B4-27-DF-6E</Item>
<Item>atlcom.h#0B-C1-32-3B-3B-19-84-64-07-F5-3A-7A-48-36-43-B0</Item>
<Item>atlcom.h#95-EB-90-BE-CF-F8-DF-1B-3E-EC-79-0A-64-B4-96-54</Item>
<Item>atlcom.h#97-D2-E6-9A-A3-D5-F2-F1-BA-2A-51-A2-B6-C8-9A-4B</Item>
<Item>atlcom.h#AE-5D-A4-A5-23-42-EA-F8-46-74-93-91-1C-4F-3B-93</Item>
<Item>atlcomcli.h#56-42-D5-31-BE-31-25-9B-E9-69-9F-2F-1F-68-CD-C2</Item>
<Item>atlcomcli.h#76-FB-17-FE-79-86-B9-7D-0E-09-97-85-9A-20-E9-4C</Item>
<Item>atlcomcli.h#7B-C6-E4-10-50-D7-89-24-37-71-7F-1E-9D-97-84-B6</Item>
<Item>atlcomcli.h#A5-17-80-59-4D-4D-94-0C-68-0A-00-59-ED-6B-B3-1D</Item>
<Item>atlcomcli.h#AC-EB-62-06-96-F2-ED-92-F8-F9-14-A0-50-48-80-25</Item>
<Item>atlimpl.cpp#7C-4C-5D-BE-B6-EF-CB-DF-AF-8E-54-E5-0E-C0-2A-FB</Item>
</Property>
<Property Key="Id" Value="AtlVulnerability" />
<Property Key="Resolution" Value="compile your binary using an up-to-date copy of ATL." />
<Property Key="VulnerabilityDescription" Value="contains known remote execution bugs (see https://technet.microsoft.com/en-us/library/security/ms09-035.aspx)." />
</Properties>
</Properties>
</Properties>
<Properties Key="BA2005.DoNotShipVulnerableBinaries.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
<Properties Key="VulnerableBinaries" Type="IL.Rules.StringToVersionMap">
<Property Key="msidcrl.dll" Value="7.0" Type="System.Version" />
<Property Key="msxml6.dll" Value="6.30" Type="System.Version" />
<Property Key="xmllite.dll" Value="1.3" Type="System.Version" />
</Properties>
</Properties>
<Properties Key="BA2006.BuildWithSecureTools.Options" Type="PropertiesDictionary">
<!---->
<Property Key="AdvancedMitigationsEnforced" Value="None" Type="AdvancedMitigations" />
<Properties Key="AllowedLibraries" Type="IL.Rules.StringToVersionMap" />
<Properties Key="MinimumToolVersions" Type="IL.Rules.StringToVersionMap">
<Property Key="MinimumCompilerVersion" Value="17.0.65501.17013" Type="System.Version" />
<Property Key="MinimumXboxCompilerVersion" Value="16.0.11886.0" Type="System.Version" />
</Properties>
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2007.EnableCriticalCompilerWarnings.Options" Type="PropertiesDictionary">
<!-- Valid values here are currently Default and Disabled. -->
<Property Key="RuleEnabled" Value="Disabled" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2008.EnableControlFlowGuard.Options" Type="PropertiesDictionary">
<!---->
<Property Key="MinimumRequiredLinkerVersion" Value="14.0" Type="System.Version" />
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2009.EnableAddressSpaceLayoutRandomization.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2010.DoNotMarkImportsSectionAsExecutable.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2011.EnableStackProtection.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2012.DoNotModifyStackProtectionCookie.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2013.InitializeStackProtection.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2014.DoNotDisableStackProtectionForFunctions.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
<Property Key="StringSet" Type="StringSet">
<Item>__vcrt_trace_logging_provider::_TlgWrite</Item>
<Item>_TlgWrite</Item>
</Property>
</Properties>
<Properties Key="BA2015.EnableHighEntropyVirtualAddresses.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2016.MarkImageAsNXCompatible.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2018.EnableSafeSEH.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2019.DoNotMarkWritableSectionsAsShared.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2021.DoNotMarkWritableSectionsAsExecutable.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2022.SignSecurely.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA2024.EnableSpectreMitigations.Options" Type="PropertiesDictionary">
<Properties Key="AllowedLibraries" Type="IL.Rules.StringToVersionMap" />
<Properties Key="MitigatedCompilers" Type="PropertiesDictionary">
<Properties Key="Arm" Type="PropertiesDictionary" />
<Properties Key="X86" Type="PropertiesDictionary">
<Property Key="19.12.25830.2-19.12.*.*" Value="D2GuardSpecLoadAvailable" />
<Property Key="19.13.26029.0 - 19.13.26029.*" Value="D2GuardSpecLoadAvailable" />
<Property Key="19.14.0.0 - *.*.*.*" Value="QSpectreAvailable, D2GuardSpecLoadAvailable" />
</Properties>
</Properties>
<!---->
<Property Key="Reporting" Value="Default" Type="ReportingOptions" />
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA3001.EnablePIEOnExecutables.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA3002.DoNotMarkStackAsExecutable.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA3003.EnableStackProtector.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA3010.EnableReadOnlyRelocations.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
<Properties Key="BA3030.UseCheckedFunctionsWithGCC.Options" Type="PropertiesDictionary">
<Property Key="RuleEnabled" Value="Default" Type="Driver.RuleEnabledState" />
</Properties>
</Properties>

13
contrib/win32/openssh/CredScanSuppress.json Normal file
View File

@ -0,0 +1,13 @@
{
"tool": "Credential Scanner",
"suppressions": [
{
"file": "\\regress\\pesterTests\\SSHDConfig.tests.ps1",
"_justification": "password for testing purpose"
},
{
"file": "\\contrib\\win32\\openssh\\OpenSSHTestHelper.psm1",
"_justification": "password for testing purpose"
}
]
}

11
contrib/win32/openssh/DockerFile Normal file
View File

@ -0,0 +1,11 @@
# escape=`
#0.3.6 (no powershell 6)
#FROM travisez13/microsoft.windowsservercore.build-tools:latest
FROM balu1202/winservercore_openssh:latest
SHELL ["PowerShell.exe", "-command"]
RUN Set-ExecutionPolicy Unrestricted
COPY ./OpenSSH-build.ps1 /OpenSSH-build.ps1
ENTRYPOINT ["powershell", "-executionpolicy", "unrestricted"]

44
contrib/win32/openssh/OpenSSH-build.ps1 Normal file
View File

@ -0,0 +1,44 @@
[cmdletbinding()]
# PowerShell Script to clone, build and package PowerShell from specified fork and branch
param (
[string] $repolocation = "$pwd\openssh-portable",
[string] $destination = "$env:WORKSPACE",
[ValidateSet('x86', 'x64', 'arm64', 'arm')]
[String]$NativeHostArch = 'x64',
[ValidateSet('Debug', 'Release')]
[string]$Configuration = "Release",
[switch]$NoOpenSSL,
[switch]$OneCore
)
try
{
Push-location $repolocation
Import-Module "$repolocation\contrib\win32\openssh\OpenSSHBuildHelper.psm1" -Force
$Bucket = "OpenSSH-$NativeHostArch"
if($NativeHostArch -ieq 'x86') {
$Bucket = "OpenSSH-Win32"
}
elseif($NativeHostArch -ieq 'x64') {
$Bucket = "OpenSSH-Win64"
}
Write-Verbose "Start-OpenSSHBuild -NativeHostArch $NativeHostArch -Configuration $Configuration -NoOpenSSL:$NoOpenSSL -Onecore:$OneCore -Verbose " -Verbose
Start-OpenSSHBuild -NativeHostArch $NativeHostArch -Configuration $Configuration -NoOpenSSL:$NoOpenSSL -Onecore:$OneCore -Verbose
Write-Verbose "Start-OpenSSHPackage -NativeHostArch $NativeHostArch -Configuration $Configuration -NoOpenSSL:$NoOpenSSL -Onecore:$OneCore -DestinationPath $repolocation\$($Bucket)_symbols" -verbose
Start-OpenSSHPackage -NativeHostArch $NativeHostArch -Configuration $Configuration -NoOpenSSL:$NoOpenSSL -Onecore:$OneCore -DestinationPath "$repolocation\$($Bucket)_symbols"
if(-not (Test-Path $destination))
{
New-Item -Path $destination -ItemType Directory -Force -ErrorAction Stop| Out-Null
}
#copy the build log
$buildLog = Get-BuildLogFile -NativeHostArch $NativeHostArch -Configuration $Configuration -root $repolocation
Write-Verbose "Copying $buildLog to $repolocation\$($Bucket)_symbols" -verbose
Copy-Item -Path $buildLog -Destination "$($Bucket)_symbols\" -Force -ErrorAction SilentlyContinue
Compress-Archive -path "$repolocation\$($Bucket)_symbols\*" -DestinationPath "$destination\$($Bucket)_symbols"
}
finally
{
Pop-Location
}

29
contrib/win32/openssh/SignConfig.xml Normal file
View File

@ -0,0 +1,29 @@
<?xml version="1.0" encoding="utf-8" ?>
<SignConfigXML>
<!-- ****Begin**** BothDual - Dual (Sha256 and Sha1) AuthenticodeDual) and should be StrongName ******** -->
<job platform="" configuration="" dest="__OUTPATHROOT__\signed" jobname="OpenSSH" approvers="gstolt,vigarg">
<file src="__INPATHROOT__\libcrypto.dll" signType="AuthenticodeDual" dest="__OUTPATHROOT__\libcrypto.dll" />
<file src="__INPATHROOT__\scp.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\scp.exe" />
<file src="__INPATHROOT__\sftp-server.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\sftp-server.exe" />
<file src="__INPATHROOT__\sftp.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\sftp.exe" />
<file src="__INPATHROOT__\ssh-add.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\ssh-add.exe" />
<file src="__INPATHROOT__\ssh-agent.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\ssh-agent.exe" />
<file src="__INPATHROOT__\ssh-keygen.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\ssh-keygen.exe" />
<file src="__INPATHROOT__\ssh-keyscan.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\ssh-keyscan.exe" />
<file src="__INPATHROOT__\ssh-shellhost.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\ssh-shellhost.exe" />
<file src="__INPATHROOT__\ssh.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\ssh.exe" />
<file src="__INPATHROOT__\sshd.exe" signType="AuthenticodeDual" dest="__OUTPATHROOT__\sshd.exe" />
<!-- ****Begin**** Authenticode - Authenticode SHA256 ************* -->
<!-- PowerShell script files cannot be dual signed, so we will sign them only with a SHA256 cert -->
<file src="__INPATHROOT__\FixHostFilePermissions.ps1" signType="Authenticode" dest="__OUTPATHROOT__\FixHostFilePermissions.ps1" />
<file src="__INPATHROOT__\FixUserFilePermissions.ps1" signType="Authenticode" dest="__OUTPATHROOT__\FixUserFilePermissions.ps1" />
<file src="__INPATHROOT__\install-sshd.ps1" signType="Authenticode" dest="__OUTPATHROOT__\install-sshd.ps1" />
<file src="__INPATHROOT__\uninstall-sshd.ps1" signType="Authenticode" dest="__OUTPATHROOT__\uninstall-sshd.ps1" />
<file src="__INPATHROOT__\OpenSSHUtils.psd1" signType="Authenticode" dest="__OUTPATHROOT__\OpenSSHUtils.psd1" />
<file src="__INPATHROOT__\OpenSSHUtils.psm1" signType="Authenticode" dest="__OUTPATHROOT__\OpenSSHUtils.psm1" />
<!-- not actually a code file, don't sign for now
<file src="__INPATHROOT__\sshd_config_default" signType="Authenticode" dest="__OUTPATHROOT__\sshd_config_default" />
-->
</job>
</SignConfigXML>

246
contrib/win32/openssh/build.json Normal file
View File

@ -0,0 +1,246 @@
{
"Windows": [
{
"Name": "Onecore-X64",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X64 -Configuration Release -OneCore",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x64",
"BinaryBucket": "OpenSSH-Win64",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X64"
},
{
"Name": "Onecore-X86",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X86 -Configuration Release -OneCore",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x86",
"BinaryBucket": "OpenSSH-Win32",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X86"
},
{
"Name": "Onecore-ARM",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM -Configuration Release -OneCore",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm",
"BinaryBucket": "OpenSSH-ARM",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM"
},
{
"Name": "Onecore-ARM64",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM64 -Configuration Release -OneCore",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm64",
"BinaryBucket": "OpenSSH-ARM64",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM64"
},
{
"Name": "Onecore-X64-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X64 -Configuration Release -OneCore -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x64",
"BinaryBucket": "OpenSSH-Win64",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X64"
},
{
"Name": "Onecore-X86-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X86 -Configuration Release -OneCore -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x86",
"BinaryBucket": "OpenSSH-Win32",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X86"
},
{
"Name": "Onecore-ARM-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM -Configuration Release -OneCore -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm",
"BinaryBucket": "OpenSSH-Arm",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM"
},
{
"Name": "Onecore-ARM64-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM64 -Configuration Release -OneCore -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm64",
"BinaryBucket": "OpenSSH-Arm64",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM64"
},
{
"Name": "X64",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X64 -Configuration Release",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x64",
"BinaryBucket": "OpenSSH-Original",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X64"
},
{
"Name": "X86",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X86 -Configuration Release",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x86",
"BinaryBucket": "OpenSSH-Original",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X86"
},
{
"Name": "ARM",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM -Configuration Release",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm",
"BinaryBucket": "OpenSSH-Arm",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM"
},
{
"Name": "ARM64",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM64 -Configuration Release",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm64",
"BinaryBucket": "OpenSSH-Arm64",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM64"
},
{
"Name": "X64-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X64 -Configuration Release -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x64",
"BinaryBucket": "OpenSSH-Win64",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X64"
},
{
"Name": "X86-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch X86 -Configuration Release -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-x86",
"BinaryBucket": "OpenSSH-Win32",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-X86"
},
{
"Name": "ARM-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM -Configuration Release -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm",
"BinaryBucket": "OpenSSH-Arm",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM"
},
{
"Name": "ARM64-NoOpenSSL",
"RepoDestinationPath": "C:\\OpenSSH",
"BuildCommand": "C:\\OpenSSH-build.ps1 -repolocation _RepoDestinationPath_ -destination _DockerVolume_ -NativeHostArch ARM64 -Configuration Release -NoOpenSSL",
"BuildDockerOptions": [
"-m",
"3968m"
],
"DockerFile": ".\\contrib\\win32\\openssh\\DockerFile",
"AdditionalContextFiles": [ ".\\contrib\\win32\\openssh\\OpenSSH-build.ps1" ],
"DockerImageName": "di-openssh-arm64",
"BinaryBucket": "OpenSSH-Arm64",
"ArtifactsExpected": 1,
"VariableForExtractedBinariesPath": "OpenSSH-ARM64"
}
],
"Linux": [
]
}

37
contrib/win32/openssh/updateSigning.ps1 Normal file
View File

@ -0,0 +1,37 @@
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License.
# Script for use to update SignConfig.xml
param(
[string] $SigningXmlPath = (Join-Path -Path $PSScriptRoot -ChildPath 'SignConfig.xml')
)
# Parse the signing xml
$signingXml = [xml](Get-Content $signingXmlPath)
# Get any variables to updating 'signType' in the XML
# Define a variable named `<signTypeInXml>SignType' in xml to updating that signing type
# Example: $env:AuthenticodeSignType='newvalue'
# will cause all files with the 'Authenticode' signtype to be updated with the 'newvalue' signtype
$signTypes = @{}
Get-ChildItem -Path env:/*SignType | ForEach-Object -Process {
$signType = $_.Name.ToUpperInvariant().Replace('SIGNTYPE','')
Write-Host "Found SigningType $signType with value $($_.value)"
$signTypes[$signType] = $_.Value
}
# examine each job in the xml
$signingXml.SignConfigXML.job | ForEach-Object -Process {
# examine each file in the job
$_.file | ForEach-Object -Process {
# if the sign type is one of the variables we found, update it to the new value
$signType = $_.SignType.ToUpperInvariant()
if($signTypes.ContainsKey($signType))
{
$newSignType = $signTypes[$signType]
Write-Host "Updating $($_.src) to $newSignType"
$_.signType = $newSignType
}
}
}
$signingXml.Save($signingXmlPath)