- Updated code to dynamic load Lsa functions until RS5 SDK includes them
- Add conpty support in openssh
- Fixed Wierd characters (?25l) are seen, when logged in from ssh client
- Backspace doesn't work in powershell window
- Changes to support ssh-shellhost as an alternative shell
- Added support to have ssh-shellhost work as a standby shell (ssh-shellhost -c "cmdline") simply executes cmdline via CreateProcess
- Added E2E test cases and fixed unittests broken from prior changes
- Added PTY launch interface that supports both conpty and ssh-shellhost pty.
- Implemented PTY control channel in ssh-shellhost that supports Window resize events.
- Fixed regression with starting a PTY session with an explicit command
- modified ssh-shellhost pty argument to ---pty to remove ambiguity in cases when both -p and -c are present in commandline. Ex. ssh-shellhost.exe -c "myprogram -p -c argument"
- Logic to support conpty (currently disabled until validation is complete)
- fdopen() and fchmod() support for file handles
- support for auto updating known_hosts via ssh and ssh-keygen
- Support for dynamic Windows-size changes with PTY
- Changes to support OneCore SDK
- Test cases
Fix descriptor leaks in win32 fstat implementation
PowerShell/Win32-OpenSSH#1209
According to the docs for _open_osfhandle, _close will close the underlying handle:
"To close a file opened with , call _close. The underlying handle is also closed by a call to _close, so it is not necessary to call the Win32 function CloseHandle on the original handle"
Current group membership resolution though very effective, is very slow. In a typical domain joined enterprise machine, adding a simple entry like the following in sshd_config
AllowGroups administrators
will incur a long delay in remote session establishment as sshd tried to pull all groups associated with the domain user.
Changes in this PR optimize the general case scenarios where no wild cards are in use. Specifically rules like this are processed promptly:
AllowGroups group1, group2, group3 //with no wild cards
Match Group group1 //single group with no negation and wild cards
Optimization is done by resolve the groupname in rule immediately to SID and checking its membership against user token. Enumerating the entire group membership is done on a lazy on-demand basis.
Beyond the optimization, there are 2 functional changes
- removed domain prefix for builtin groups
- removed domain prefix'ed versions of local groups since we are strictly following the convention that local principals shouldn't have any domain qualification.
Updated SSHD user password generation routine to be longer and more complex. This should satisfy systems with password filters that require more character types or very long passwords.
Updated routine to now securely zero memory for the SSHD account password.
Corrected attempt to write to NULL pointer by localtime_s() in localtime_r() and made function return NULL on error per specification.
Addressed various compiler / code analysis warnings.
* Alternate Thread Creation API To Avoid Memory Leaks
- Switched from CreateThread() to _beginthreadex() and ExitThread() to _endthreadex() in order to avoid potential leaks when linking with static CRT library.
- Addressed a variety of warnings that were being detected with static code analysis.
* Addressed Type Cast Warning
- Added explicit cast to the output of _beginthreadex() to avoid a compiler warning.
* Indentation Fix
Changes include:
- Removing sid from pwd structure to comply with Unix structure
- Integrating default shell logic within pwd
- pwd placeholder to allow logins using usernames not associated with Windows account (possible via custom LSA authentication)
- Moving all nonPTY logic from shellhost to session.c.
- ssh-shellhost is now exclusively for implementing PTY
- Spawning all session processes from within a shell
- Validation checks in safely_chroot
- Added chroot implementation that simply stores the path in internal state and sets an environment variable
- Spawned processes pickup chroot from environment variable
- Core change in realpath and resolved_path_utf16 now take into account chroot path.
- Unit tests
- Other miscellaneous changes to account for chroot enabled logic in core code
PowerShell/Win32-OpenSSH#190PowerShell/Win32-OpenSSH#292
- Reworked resolved_path() into resolved_path_utf16() that combined utf16 conversion and path conditioning into a single function. This eliminated the previously non-threadsafe resolved_path() function.
- Adjusted functions to use resolved_path_utf16().
- Collapsed copy_file() function that was only used once.
- Corrected compilation errors when debug4() and debug5() are enabled.
fileio_open previously treated all O_CREAT flags as CREATE_* flags in
CreateFile; CREATE_* always truncates files but O_CREAT only truncates
files when O_TRUNC is also set on POSIX platforms. This becomes
noticeable under SFTP sessions where remote files are opened with
O_APPEND: the file is instead truncated as in O_CREAT | O_TRUNC.
https://github.com/PowerShell/Win32-OpenSSH/issues/1078
- Added implementation of symlink() using native CreateSymbolicLink() function.
- Added unit tests for symlink behavior in readlink(), lstat, stat(), and symlink().
- Reworked readlink() to be more inline with POSIX readlink() behavior.
- Reworked symlink handling in stat/lstat due to revised readlink().
- Added additional error handling to readlink().
- Added symlink() Implementation - Memory Leak Fix
- Modified fileio_readlink() to properly free a temporary buffer it creates.
OpenSSh privilege separation model - http://www.citi.umich.edu/u/provos/ssh/privsep.html
Posix_spawn is implemented in POSIX adapter as an alternative to fork() that is heavily used in Privilege separation.
Additional state info is added to sshd to accommodate distinguishing the various modes (privileged monitor, unprivileged child, authenticated child).
Required service state (like config and host keys) is transmitted over pipes from monitor to child processes.
Changes to installation scripts and tests to accomodate new architectural changes
PowerShell/Win32-OpenSSH#884
Convert the mode properly to file permissions.
If mode has "read" permission then we set the file permission to "read & execute"
If mode has "write" permission then we set the file permission to "Write & Modify"
Inherit the file permissions from the parent folder when sftp / scp creates the file on windows.
sftp - put & get.
scp - from local to remote windows machine.
Fix to PowerShell/Win32-OpenSSH#698 - Create job object, add ssh-shellhost and ensure all its child process and tied to its lifetime.
Other changes include changes to debug* statements in posix adapter that may cause recursion/stack overflow issues.
Support the unicode characters as input to the ssh client.
PowerShell/Win32-OpenSSH#711
Remove the bAnsi related code changes to the ssh-shellhost.c as that code never executes..
Fixed "long pressing key issue for the slow ssh connections"
PowerShell/Win32-OpenSSH#701
fixed warning message in the latestw_all recent commits.
Fixed the issue with ssh failures in the latestw_all recent commits.
client now connect to ssh-agent at Identification level, preventing rogue processes hosting "ssh-agent" pipes from impersonating and elevating to client context.
Since ssh-agent now cannot do ImpersonateNamedpipeClient, retrieve the client impersonation token explicitly and rely on ImpersonateLoggedonUser instead.
docker ssh issue
PowerShell/Win32-OpenSSH#666
a) fdopen changes to accept the /dev/null device
b) fix the select (using same fdset as readfdset, exceptfdset) issue with the unix opensssh code.
changed keyscan pester test to refer to localhost (127.0.0.1) instead of GitHub.com
PowerShell/Win32-OpenSSH#731
Fix the ASSERT_HANDLE issue..
ASSERT_HANDLE should fail if handle is either NULL or INVALID_HANDLE.
Added new testcases for the null device.
AF_UNIX kind of sockets are now supported. socket() and connect() calls are implemented. Windows specific logic in authfd.c is now removed. https://github.com/PowerShell/Win32-OpenSSH/issues/532 is created to keep track of ssh-agent end point authentication
https://github.com/PowerShell/Win32-OpenSSH/issues/176
1.If there are no sufficient permissions to open a file then _wstat64() is returning file not present but it should return the accessed denied.Fixed this.
2.Code cleanup in the posix compat files to align with the openbsd coding standard.
https://github.com/PowerShell/Win32-OpenSSH/issues/479https://github.com/PowerShell/Win32-OpenSSH/issues/476https://github.com/PowerShell/Win32-OpenSSH/issues/474https://github.com/PowerShell/Win32-OpenSSH/issues/467
bug #479 - "ls c:" is not working
sanitized_path() is modified to handle the edge case "\x:"
2.bug #476 - "cd c:" is not working
If "c:" is passed to _fullpath() then it is returning existing path but not "c:", so if we append "\" to "c:" then it is working fine.
3.bug #474 - code cleanup MAX_PATH
Using PATH_MAX variable instead of MAX_PATH
In dirent.h, used PATH_MAX instead of hardcoding 256 characters
In readdir(), changed the pdirentry to be a static variable. Before this, we are leaking the memory.
4.bug #467 - SFTP rename failed if the newpath already exists.
The _wrename throws error if the newpath exists.
To make it consistent with the linux behavrior,
a) if the newpath is a file and if it exists then delete it so that _wrename will succeed.
b) if the newpath is a directory and if it is empty then delete it so that _wrename will succeed.
Manoj Ampalam
cbookg
Bryan Berns
Daniel Sweet
bagajjal
Yanbing
Manoj Ampalam
Oleg S