Added an implementation of GSSAPI interface to support Kerberos SSPI within OpenSSH. This is only a partial definition of the full GSSAPI specification since OpenSSH only requires a subset of the overall GSSAPI functionality.
- Logic to support conpty (currently disabled until validation is complete)
- fdopen() and fchmod() support for file handles
- support for auto updating known_hosts via ssh and ssh-keygen
- Support for dynamic Windows-size changes with PTY
- Changes to support OneCore SDK
- Test cases
On certain machines, virtual tokens were not getting generated due to lack of required privileges. Fixed it by assigning them before doing LogonUserExExW. Consolidated runtime dll loading logic.
PowerShell/Win32-OpenSSH#1162
Modified getusergroups() to use s4u tokens to discover nested groups and return them in NetBiosName\GroupName format.
Modified get_passwd() to internally normalize names to NetBiosName\SamAccountName format and changed functions that use it to translate to UPN where necessary.
Removed unnecessary support functions used by previous version of getusergroups().
Various refactoring and function consolidation / simplification.
Addressed several buffer over-read issues.
PowerShell/Win32-OpenSSH#553
- Added wait_for_multiple_objects_enhanced() function that can logically handle wait-any on many children (system resources permitting).
- Added unit tests for wait_for_multiple_objects_enhanced().
- Incorporated use of wait_for_multiple_objects_enhanced() into main signal handler.
- Upped max child processes to 500.
OpenSSh privilege separation model - http://www.citi.umich.edu/u/provos/ssh/privsep.html
Posix_spawn is implemented in POSIX adapter as an alternative to fork() that is heavily used in Privilege separation.
Additional state info is added to sshd to accommodate distinguishing the various modes (privileged monitor, unprivileged child, authenticated child).
Required service state (like config and host keys) is transmitted over pipes from monitor to child processes.
Changes to installation scripts and tests to accomodate new architectural changes
#576 - fix the EVENT_CONSOLE_CARET issue.. Wrongly read the X, Y coordinates
#575 - when backspace key is pressed then screen is not refreshed correctly
#574 - when delete key is pressed then screen is not refreshed correctly (the last character is repeated in the end)
#573 - while using up/down arrows, screen is not refreshed correctly (there are some left over characters of bigger command)
#572 - clear screen is not clearing the whole console
#571 - Move the cursor to top of visible window so that nothing will be erased on the console.
#570 - code cleanup for console related logic
#569 - wrong implementation of TIOCGWINSZ. This is causing lot of issues when windows open ssh client is connecting to linux ssh server.
#568 - Scrolling issue when the cursor is at the last line of the visible window.
#567 - Logic to pass the raw buffer to console is wrong.
Tess Gauthier
bagajjal
Bryan Berns
Manoj Ampalam
Manoj Ampalam
Yanbing