Updated SSHD user password generation routine to be longer and more complex. This should satisfy systems with password filters that require more character types or very long passwords.
Updated routine to now securely zero memory for the SSHD account password.
Corrected attempt to write to NULL pointer by localtime_s() in localtime_r() and made function return NULL on error per specification.
Addressed various compiler / code analysis warnings.
Added utility to build session process command line - this accounts for restrictions from various shells. With these changes, scp and sftp-server are expected to be machine wide PATH if a custom shell (other than cmd.exe) is defined. Added comprehensive test cases.
Fixed issue with USERNAME env variable containing domain prefix too.
PowerShell/Win32-OpenSSH#1165PowerShell/Win32-OpenSSH#1165PowerShell/Win32-OpenSSH#1171
Changes include:
- Removing sid from pwd structure to comply with Unix structure
- Integrating default shell logic within pwd
- pwd placeholder to allow logins using usernames not associated with Windows account (possible via custom LSA authentication)
- Moving all nonPTY logic from shellhost to session.c.
- ssh-shellhost is now exclusively for implementing PTY
- Spawning all session processes from within a shell
- Validation checks in safely_chroot
- Added chroot implementation that simply stores the path in internal state and sets an environment variable
- Spawned processes pickup chroot from environment variable
- Core change in realpath and resolved_path_utf16 now take into account chroot path.
- Unit tests
- Other miscellaneous changes to account for chroot enabled logic in core code
PowerShell/Win32-OpenSSH#190PowerShell/Win32-OpenSSH#292
Modified getusergroups() to use s4u tokens to discover nested groups and return them in NetBiosName\GroupName format.
Modified get_passwd() to internally normalize names to NetBiosName\SamAccountName format and changed functions that use it to translate to UPN where necessary.
Removed unnecessary support functions used by previous version of getusergroups().
Various refactoring and function consolidation / simplification.
Addressed several buffer over-read issues.
PowerShell/Win32-OpenSSH#553
PowerShell/Win32-OpenSSH#1065
Fix: In recent sshd architectural changes, post authentication changes that process user specific changes were missing in authenticated sshd worker. Added missing call.
PowerShell/Win32-OpenSSH#1052
Fix: getpwd* functions will now strip off domain of any local user account.
OpenSSh privilege separation model - http://www.citi.umich.edu/u/provos/ssh/privsep.html
Posix_spawn is implemented in POSIX adapter as an alternative to fork() that is heavily used in Privilege separation.
Additional state info is added to sshd to accommodate distinguishing the various modes (privileged monitor, unprivileged child, authenticated child).
Required service state (like config and host keys) is transmitted over pipes from monitor to child processes.
Changes to installation scripts and tests to accomodate new architectural changes
https://github.com/PowerShell/Win32-OpenSSH/issues/176
1.If there are no sufficient permissions to open a file then _wstat64() is returning file not present but it should return the accessed denied.Fixed this.
2.Code cleanup in the posix compat files to align with the openbsd coding standard.
https://github.com/PowerShell/Win32-OpenSSH/issues/479https://github.com/PowerShell/Win32-OpenSSH/issues/476https://github.com/PowerShell/Win32-OpenSSH/issues/474https://github.com/PowerShell/Win32-OpenSSH/issues/467
bug #479 - "ls c:" is not working
sanitized_path() is modified to handle the edge case "\x:"
2.bug #476 - "cd c:" is not working
If "c:" is passed to _fullpath() then it is returning existing path but not "c:", so if we append "\" to "c:" then it is working fine.
3.bug #474 - code cleanup MAX_PATH
Using PATH_MAX variable instead of MAX_PATH
In dirent.h, used PATH_MAX instead of hardcoding 256 characters
In readdir(), changed the pdirentry to be a static variable. Before this, we are leaking the memory.
4.bug #467 - SFTP rename failed if the newpath already exists.
The _wrename throws error if the newpath exists.
To make it consistent with the linux behavrior,
a) if the newpath is a file and if it exists then delete it so that _wrename will succeed.
b) if the newpath is a directory and if it is empty then delete it so that _wrename will succeed.
Bryan Berns
Manoj Ampalam
bagajjal
Yanbing