- Logic to support conpty (currently disabled until validation is complete)
- fdopen() and fchmod() support for file handles
- support for auto updating known_hosts via ssh and ssh-keygen
- Support for dynamic Windows-size changes with PTY
- Changes to support OneCore SDK
- Test cases
Added utility to build session process command line - this accounts for restrictions from various shells. With these changes, scp and sftp-server are expected to be machine wide PATH if a custom shell (other than cmd.exe) is defined. Added comprehensive test cases.
Fixed issue with USERNAME env variable containing domain prefix too.
PowerShell/Win32-OpenSSH#1165PowerShell/Win32-OpenSSH#1165PowerShell/Win32-OpenSSH#1171
- Removed logic that was excluding the group membership SID that matched 'None' on workgroup computers or 'Domain Users' on domain systems.
- Removed test that was checking that AllowGroups failure if user was not in any group at all. This is no longer testable since user will always be a member of at least one group.
https://github.com/PowerShell/Win32-OpenSSH/issues/1167
* Alternate Thread Creation API To Avoid Memory Leaks
- Switched from CreateThread() to _beginthreadex() and ExitThread() to _endthreadex() in order to avoid potential leaks when linking with static CRT library.
- Addressed a variety of warnings that were being detected with static code analysis.
* Addressed Type Cast Warning
- Added explicit cast to the output of _beginthreadex() to avoid a compiler warning.
* Indentation Fix
- Added chroot implementation that simply stores the path in internal state and sets an environment variable
- Spawned processes pickup chroot from environment variable
- Core change in realpath and resolved_path_utf16 now take into account chroot path.
- Unit tests
- Other miscellaneous changes to account for chroot enabled logic in core code
PowerShell/Win32-OpenSSH#190PowerShell/Win32-OpenSSH#292
Reworked resolved_path() into resolved_path_utf16() that combined utf16 conversion and path conditioning into a single function. This eliminated the previously non-threadsafe resolved_path() function that used a static buffer. Changed some functions to use unicode to eliminate use of previous resolve_path function.
Adjusted functions to use resolved_path_utf16().
Collapsed copy_file() function that was only used once.
Corrected compilation errors when debug4() and debug5() are enabled.
Removed debug statements that were interfering with APC wakeup due to the way that logging works in atomicio6().
Filled in a missing parameter in a debug statement.
Changed test helper so test name is displayed when running release build.
Corrected permissions check for whether to run symbolic links in test cases.
Removed TEST_RESOURCES() in unit tests calls due to inconsistent ability to sample handles in Windows 8.1 / Server 2012 R2.
1. Fix issue install-sshd.ps1 failed on Nano
2. Update settings of services in install-sshd.ps1 to match windows inbox
3. added setup tests and update the test helper scripts to run setup tests before changing configurations on the machine
4. added uninstallation tests
1. Add support to take key files with windows new line ending (PowerShell/Win32-OpenSSH#1130)
2. add test cases for CRLF
3. Update test helper script to catch the exitcode of unittest and report the failure
4. Enable uni test unittest-sshkey and unittest-sshkey
5. Disable resource check for signal tests due to some API issue to follow.
6. Remove workaround for windows new line ending in test scripts
7. Add test validation for ACL of registry entries when perform ssh-add
- Reworked resolved_path() into resolved_path_utf16() that combined utf16 conversion and path conditioning into a single function. This eliminated the previously non-threadsafe resolved_path() function.
- Adjusted functions to use resolved_path_utf16().
- Collapsed copy_file() function that was only used once.
- Corrected compilation errors when debug4() and debug5() are enabled.
- Added implementation of symlink() using native CreateSymbolicLink() function.
- Added unit tests for symlink behavior in readlink(), lstat, stat(), and symlink().
- Reworked readlink() to be more inline with POSIX readlink() behavior.
- Reworked symlink handling in stat/lstat due to revised readlink().
- Added additional error handling to readlink().
- Added symlink() Implementation - Memory Leak Fix
- Modified fileio_readlink() to properly free a temporary buffer it creates.
OpenBSD they are both non-blocking, but on many other -portable platforms it
blocks, stalling tests.
OpenBSD-Regress-ID: 397d0d4c719c353f24d79f5b14775e0cfdf0e1cc
- Added wait_for_multiple_objects_enhanced() function that can logically handle wait-any on many children (system resources permitting).
- Added unit tests for wait_for_multiple_objects_enhanced().
- Incorporated use of wait_for_multiple_objects_enhanced() into main signal handler.
- Upped max child processes to 500.
"expiry-time" as the former is confusing wrt similar terminology in X.509;
pointed out by jsing@
OpenBSD-Regress-ID: ac8b41dbfd90cffd525d58350c327195b0937793
1. Expand wildcard for input parameters
2. add scp tests with wildcard
3. for debug mode, need to enable the log to local log file.
4. update the path to log file
points to something in /dev (rather than checking the device node itself);
makes life easier for portable, where systems with dynamic ptys can delete
nodes before we get around to testing their existence.
OpenBSD-Regress-ID: b1e455b821e62572bccd98102f8dd9d09bb94994
* Test Fixes on downlevel machines
1. Test fix to run on win7 and win8
2. Add -onecore parameter to start-opensshpackage in build helper script
3. Add copying of libcrypto.dll and libcrypto.pdb
4. Update the build number on appveyor.yml
PowerShell/Win32-OpenSSH#1065
Fix: In recent sshd architectural changes, post authentication changes that process user specific changes were missing in authenticated sshd worker. Added missing call.
PowerShell/Win32-OpenSSH#1052
Fix: getpwd* functions will now strip off domain of any local user account.
Updated file version info:
FileVersionRaw : 7.6.0.0
ProductVersionRaw : 7.6.0.0
ProductName : OpenSSH for Windows
ProductVersion : OpenSSH_7.6p1 for Windows
Updated softwareversion - this would show up in protocol identification string and when doing ssh -V
OpenSSH_for_Windows_7.6
Sometimes multiplex tests fail on Solaris with "netcat: local_listen:
Address already in use" which is likely due to previous invocations
leaving the port in TIME_WAIT. Set SO_REUSEADDR (in addition to
SO_REUSEPORT which is alread set on platforms that support it). ok djm@
1. Move Start-SSHD-TestDaemon and Stop-SSHD-TestDaemon to commonUtils.psm1
2. Fix the timing issue when trying to read the log while it is still locked by the process.
3, Start the service to create the config fold if it is not there.
4. Skip authorizedkey and sshdconfig tests on win7 since the task scheduler cmdlets are not available on win7.
5. rename variables
OpenSSh privilege separation model - http://www.citi.umich.edu/u/provos/ssh/privsep.html
Posix_spawn is implemented in POSIX adapter as an alternative to fork() that is heavily used in Privilege separation.
Additional state info is added to sshd to accommodate distinguishing the various modes (privileged monitor, unprivileged child, authenticated child).
Required service state (like config and host keys) is transmitted over pipes from monitor to child processes.
Changes to installation scripts and tests to accomodate new architectural changes
Yanbing
Manoj Ampalam
Bryan Berns
Manoj Ampalam
Damien Miller
Darren Tucker
dtucker@openbsd.org
djm@openbsd.org
bagajjal