OpenSSh privilege separation model - http://www.citi.umich.edu/u/provos/ssh/privsep.html
Posix_spawn is implemented in POSIX adapter as an alternative to fork() that is heavily used in Privilege separation.
Additional state info is added to sshd to accommodate distinguishing the various modes (privileged monitor, unprivileged child, authenticated child).
Required service state (like config and host keys) is transmitted over pipes from monitor to child processes.
Changes to installation scripts and tests to accomodate new architectural changes
PowerShell/Win32-OpenSSH#929
Issue: ReadThread prematurely returns on read io error. This results in APC never getting set and hence the corresponding fd is never set on select resulting the hang seen in issue 929.
Also removed the static instances storing sync io status, since there could be multiple sync fds operating at the same time. Moved the sync io status to w32_io object itself.
PowerShell/Win32-OpenSSH#884
Convert the mode properly to file permissions.
If mode has "read" permission then we set the file permission to "read & execute"
If mode has "write" permission then we set the file permission to "Write & Modify"
Inherit the file permissions from the parent folder when sftp / scp creates the file on windows.
sftp - put & get.
scp - from local to remote windows machine.
docker ssh issue
PowerShell/Win32-OpenSSH#666
a) fdopen changes to accept the /dev/null device
b) fix the select (using same fdset as readfdset, exceptfdset) issue with the unix opensssh code.
changed keyscan pester test to refer to localhost (127.0.0.1) instead of GitHub.com
PowerShell/Win32-OpenSSH#731
Fix the ASSERT_HANDLE issue..
ASSERT_HANDLE should fail if handle is either NULL or INVALID_HANDLE.
Added new testcases for the null device.
1. Add file permission check when load or add ssh_config, authorized_keys, private keys, host keys,.
2. set the owner and ACE for create secure file, ex, private key in ssh-keygen.exe
3. Update script OpenSSHTestHelper.psm1 to be able to run Install-OpenSSH if the sshd is running on the machine.
4. add OpenSSHBinPath to path.
5. change indents in agentconfig.c
6. update test script to represent the changes
7. Add tests for:
* authorized_keys and ssh-keygen testing
* host keys file perm testing
* user private key file perm testing
* ssh-add test
* user ssh_config
1. Reduce the console output of build
2. move to use powershell core 6.0.0.14
3. one minor fix in pester tests.
* Update the path of unittest results and build log. suppress the warning message.
* limitoutput of choco installation.
* fix of quotes
* remove redundant log
* Set x64 Release build as default
Manoj Ampalam
bagajjal
Yanbing