Source snapshot from Powershell/openssh-portable:latestw_all

auth-passwd.c

@@ -231,7 +231,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
 
 #elif defined(WINDOWS)
 HANDLE password_auth_token = NULL;
-HANDLE process_custom_lsa_auth(char*, const char*, char*);
+HANDLE process_custom_lsa_auth(const char*, const char*, const char*);
 
 void 
 sys_auth_passwd_lsa(Authctxt *authctxt, const char *password)
@@ -253,8 +253,7 @@ sys_auth_passwd_lsa(Authctxt *authctxt, const char *password)
 			lsa_auth_pkg = utf16_to_utf8(lsa_auth_pkg_w);
 			if (!lsa_auth_pkg)
 				fatal("utf16_to_utf8 failed to convert lsa_auth_pkg_w:%ls", lsa_auth_pkg_w);
-
-			debug("Authenticating using LSA Auth Package:%ls", lsa_auth_pkg_w);
+
 			password_auth_token = process_custom_lsa_auth(authctxt->pw->pw_name, password, lsa_auth_pkg);
 		}
 	}

auth.c

@@ -430,7 +430,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
 
 #ifdef WINDOWS
 	/* Return if the path is absolute. If not, prepend the '%h\\' */
-	if ((strlen(file) > 1) && (file[1] == ':'))
+	if(is_absolute_path(file))
 		return (file);
 
 	i = snprintf(ret, sizeof(ret), "%s\\%s", pw->pw_dir, file);

channels.c

@@ -3950,8 +3950,6 @@ channel_disable_adm_local_opens(struct ssh *ssh)
 void
 channel_clear_permitted_opens(struct ssh *ssh)
 {
-	if(ssh == NULL)
-		return;
 	struct ssh_channels *sc = ssh->chanctxt;
 
 	sc->permitted_opens = xrecallocarray(sc->permitted_opens,

contrib/win32/openssh/OpenSSHBuildHelper.psm1

@@ -197,7 +197,8 @@ function Start-OpenSSHBootstrap
         Write-BuildMsg -AsVerbose -Message "$gitCmdPath already present in Path environment variable" -Silent:$silent
     }
 
-    $nativeMSBuildPath = Get-VS2015BuildToolPath
+    $VS2015Path = Get-VS2015BuildToolPath
+    $VS2017Path = Get-VS2017BuildToolPath
 
     # Update machine environment path
     if ($newMachineEnvironmentPath -ne $machinePath)
@@ -206,9 +207,24 @@ function Start-OpenSSHBootstrap
     }    
 
     $vcVars = "${env:ProgramFiles(x86)}\Microsoft Visual Studio 14.0\Common7\Tools\vsvars32.bat"
-    $sdkPath = "${env:ProgramFiles(x86)}\Windows Kits\8.1\bin\x86\register_app.vbs"
-    $packageName = "vcbuildtools"
-    If (($nativeMSBuildPath -eq $null) -or (-not (Test-Path $VcVars)) -or (-not (Test-Path $sdkPath))) {
+    $sdkPath = "${env:ProgramFiles(x86)}\Windows Kits\8.1\bin\x86\register_app.vbs"    
+    #use vs2017 build tool if exists
+    if($VS2017Path -ne $null)
+    {
+        If (-not (Test-Path $sdkPath))
+        {
+            $packageName = "windows-sdk-8.1"
+            Write-BuildMsg -AsInfo -Message "$packageName not present. Installing $packageName ..."
+            choco install $packageName -y --force --limitoutput --execution-timeout 10000 2>&1 >> $script:BuildLogFile
+        }
+
+        if(-not (Test-Path $VcVars))
+        {
+            Write-BuildMsg -AsError -ErrorAction Stop -Message "VC++ 2015.3 v140 toolset are not installed."   
+        }
+    }
+    elseIf (($VS2015Path -eq $null) -or (-not (Test-Path $VcVars)) -or (-not (Test-Path $sdkPath))) {
+        $packageName = "vcbuildtools"
         Write-BuildMsg -AsInfo -Message "$packageName not present. Installing $packageName ..."
         choco install $packageName -ia "/InstallSelectableItems VisualCppBuildTools_ATLMFC_SDK;VisualCppBuildTools_NETFX_SDK;Win81SDK_CppBuildSKUV1" -y --force --limitoutput --execution-timeout 10000 2>&1 >> $script:BuildLogFile
         $errorCode = $LASTEXITCODE
@@ -234,24 +250,21 @@ function Start-OpenSSHBootstrap
                 Write-BuildMsg -AsError -ErrorAction Stop -Message "User choose not to restart the machine to apply the changes."
             }
         }
-        else
+        elseif($errorCode -ne 0)
         {
-            Write-BuildMsg -AsError -ErrorAction Stop -Message "$packageName installation failed with error code $errorCode"
+            Write-BuildMsg -AsError -ErrorAction Stop -Message "$packageName installation failed with error code $errorCode."
         }
     }
     else
     {
         Write-BuildMsg -AsVerbose -Message 'VC++ 2015 Build Tools already present.'
     }
 
-    if($NativeHostArch.ToLower().Startswith('arm'))
-    {		
-        $nativeMSBuildPath = Get-VS2017BuildToolPath
-        If ($nativeMSBuildPath -eq $null)
-        {
-            #todo, install vs 2017 build tools
-            Write-BuildMsg -AsError -ErrorAction Stop -Message "The required msbuild 15.0 is not installed on the machine."
-        }
+    if($NativeHostArch.ToLower().Startswith('arm') -and ($VS2017Path -eq $null))
+    {
+
+        #todo, install vs 2017 build tools
+        Write-BuildMsg -AsError -ErrorAction Stop -Message "The required msbuild 15.0 is not installed on the machine."
     }
 
     if($OneCore -or ($NativeHostArch.ToLower().Startswith('arm')))
@@ -268,7 +281,7 @@ function Start-OpenSSHBootstrap
     # Ensure the VS C toolset is installed
     if ($null -eq $env:VS140COMNTOOLS)
     {
-        Write-BuildMsg -AsError -ErrorAction Stop -Message "Cannot find Visual Studio 2015 Environment variable VS140COMNTOOlS"
+        Write-BuildMsg -AsError -ErrorAction Stop -Message "Cannot find Visual Studio 2015 Environment variable VS140COMNTOOlS."
     }
 
     $item = Get-Item(Join-Path -Path $env:VS140COMNTOOLS -ChildPath '../../vc')
@@ -314,7 +327,7 @@ function Copy-LibreSSLSDK
     Copy-Item -Container -Path $sourcePath -Destination $PSScriptRoot -Recurse -Force -ErrorAction SilentlyContinue -ErrorVariable e
     if($e -ne $null)
     {
-        Write-BuildMsg -AsError -ErrorAction Stop -Message "Copy LibreSSLSDK from $sourcePath to $PSScriptRoot failed"
+        Write-BuildMsg -AsError -ErrorAction Stop -Message "Copy LibreSSLSDK from $sourcePath to $PSScriptRoot failed."
     }
 }
 
@@ -330,7 +343,8 @@ function Start-OpenSSHPackage
         [string]$Configuration = "Release",
 
         # Copy payload to DestinationPath instead of packaging
-        [string]$DestinationPath = ""
+        [string]$DestinationPath = "",
+        [switch]$NoOpenSSL
     )
 
     [System.IO.DirectoryInfo] $repositoryRoot = Get-RepositoryRoot
@@ -390,7 +404,10 @@ function Start-OpenSSHPackage
 
     #copy libcrypto dll
     $libreSSLSDKPath = Join-Path $PSScriptRoot $script:libreSSLSDKStr
-    Copy-Item -Path $(Join-Path $libreSSLSDKPath "$NativeHostArch\libcrypto.dll") -Destination $packageDir -Force -ErrorAction Stop    
+    if (-not $NoOpenSSL.IsPresent) 
+    {        
+        Copy-Item -Path $(Join-Path $libreSSLSDKPath "$NativeHostArch\libcrypto.dll") -Destination $packageDir -Force -ErrorAction Stop
+    }    
 
     if ($DestinationPath -ne "") {
         if (Test-Path $DestinationPath) {            
@@ -400,7 +417,7 @@ function Start-OpenSSHPackage
             New-Item -ItemType Directory $DestinationPath -Force | Out-Null
         }
         Copy-Item -Path $packageDir\* -Destination $DestinationPath -Force -Recurse
-        Write-BuildMsg -AsInfo -Message "Copied payload to $DestinationPath"
+        Write-BuildMsg -AsInfo -Message "Copied payload to $DestinationPath."
     }
     else {
         Remove-Item ($packageDir + '.zip') -Force -ErrorAction SilentlyContinue
@@ -411,7 +428,7 @@ function Start-OpenSSHPackage
         }
         else
         {
-               Write-BuildMsg -AsInfo -Message "Packaged Payload not compressed."
+            Write-BuildMsg -AsInfo -Message "Packaged Payload not compressed."
         }
     }
     Remove-Item $packageDir -Recurse -Force -ErrorAction SilentlyContinue
@@ -470,7 +487,7 @@ function Start-OpenSSHBuild
         Remove-Item -Path $script:BuildLogFile -force
     }
 
-    Write-BuildMsg -AsInfo -Message "Starting Open SSH build; Build Log: $($script:BuildLogFile)"
+    Write-BuildMsg -AsInfo -Message "Starting Open SSH build; Build Log: $($script:BuildLogFile)."
 
     Start-OpenSSHBootstrap -OneCore:$OneCore
 
@@ -523,17 +540,25 @@ function Start-OpenSSHBuild
         $xml.Project.PropertyGroup.WindowsSDKVersion = $win10SDKVer.ToString()
         $xml.Project.PropertyGroup.AdditionalDependentLibs = 'onecore.lib'
         $xml.Project.PropertyGroup.MinimalCoreWin = 'true'
+
+        #Use onecore libcrypto binaries
+        $xml.Project.PropertyGroup."LibreSSL-x86-Path" = '$(SolutionDir)\LibreSSLSDK\onecore\x86\'
+        $xml.Project.PropertyGroup."LibreSSL-x64-Path" = '$(SolutionDir)\LibreSSLSDK\onecore\x64\'
+        $xml.Project.PropertyGroup."LibreSSL-arm-Path" = '$(SolutionDir)\LibreSSLSDK\onecore\arm\'
+        $xml.Project.PropertyGroup."LibreSSL-arm64-Path" = '$(SolutionDir)\LibreSSLSDK\onecore\arm64\'
+
         $xml.Save($PathTargets)
     }
 
     $solutionFile = Get-SolutionFile -root $repositoryRoot.FullName
-    $cmdMsg = @("${solutionFile}", "/p:Platform=${NativeHostArch}", "/p:Configuration=${Configuration}", "/m", "/noconlog", "/nologo", "/fl", "/flp:LogFile=${script:BuildLogFile}`;Append`;Verbosity=diagnostic")    
-
-    if($NativeHostArch.ToLower().Startswith('arm'))
+    $cmdMsg = @("${solutionFile}", "/t:Rebuild", "/p:Platform=${NativeHostArch}", "/p:Configuration=${Configuration}", "/m", "/nologo", "/fl", "/flp:LogFile=${script:BuildLogFile}`;Append`;Verbosity=diagnostic")    
+    if($silent)
     {
-        $msbuildCmd = Get-VS2017BuildToolPath
+        $cmdMsg += "/noconlog"
     }
-    else
+
+    $msbuildCmd = Get-VS2017BuildToolPath
+    if($msbuildCmd -eq $null)
     {
         $msbuildCmd = Get-VS2015BuildToolPath
     }

contrib/win32/openssh/OpenSSHTestHelper.psm1

@@ -162,8 +162,14 @@ WARNING: Following changes will be made to OpenSSH configuration
        New-Item -ItemType Directory -Path $TestDataPath -Force -ErrorAction SilentlyContinue | out-null
     }
 
-    #Backup existing OpenSSH configuration
+
+    if(-not (Test-Path $OpenSSHConfigPath -pathType Container))
+    {
+        #starting the service will create ssh config folder
+        start-service sshd
+    }    
     $backupConfigPath = Join-Path $OpenSSHConfigPath sshd_config.ori
+    #Backup existing OpenSSH configuration
     if (-not (Test-Path $backupConfigPath -PathType Leaf)) {
         Copy-Item (Join-Path $OpenSSHConfigPath sshd_config) $backupConfigPath -Force
     }
@@ -244,7 +250,7 @@ WARNING: Following changes will be made to OpenSSH configuration
     $authorizedKeyPath = Join-Path $ssouserProfile .ssh\authorized_keys
     $testPubKeyPath = Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519.pub
     Copy-Item $testPubKeyPath $authorizedKeyPath -Force -ErrorAction SilentlyContinue
-    Repair-AuthorizedKeyPermission -FilePath $authorizedKeyPath -confirm:$false
+    Repair-AuthorizedKeyPermission -FilePath $authorizedKeyPath -confirm:$false 
 
     copy-item (Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519) $Global:OpenSSHTestInfo["TestDataPath"]
     $testPriKeypath = Join-Path $Global:OpenSSHTestInfo["TestDataPath"] sshtest_userssokey_ed25519

contrib/win32/openssh/config.h.vs

@@ -1565,7 +1565,7 @@
 #define _PATH_PASSWD_PROG "/usr/bin/passwd"
 
 /* Specify location of ssh.pid */
-#define _PATH_SSH_PIDDIR "."
+/* #undef _PATH_SSH_PIDDIR */
 
 /* Define if we don't have struct __res_state in resolv.h */
 #define __res_state state
@@ -1693,6 +1693,7 @@
 
 #define _PATH_PRIVSEP_CHROOT_DIR "."
 #define SSHDIR "__PROGRAMDATA__\\ssh"
+#define _PATH_SSH_PIDDIR SSHDIR
 #define _PATH_SFTP_SERVER "sftp-server.exe"
 #define _PATH_SSH_PROGRAM "ssh.exe"
 #define _PATH_LS			"dir"

contrib/win32/openssh/paths.targets

@@ -12,7 +12,7 @@
     <UseOpenSSL>true</UseOpenSSL>
     <SSLLib>libcrypto.lib;</SSLLib>
     <WindowsSDKVersion>8.1</WindowsSDKVersion>
-    <AdditionalDependentLibs>bcrypt.lib;Userenv.lib;Crypt32.lib;Ws2_32.lib;Secur32.lib;Shlwapi.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;Netapi32.lib;Rpcrt4.lib</AdditionalDependentLibs>
+    <AdditionalDependentLibs>bcrypt.lib;Userenv.lib;Crypt32.lib;Ws2_32.lib;Secur32.lib;Shlwapi.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;Netapi32.lib;Rpcrt4.lib;ntdll.lib</AdditionalDependentLibs>
     <MinimalCoreWin>false</MinimalCoreWin>
   </PropertyGroup>
 </Project>

contrib/win32/openssh/sshd_config

@@ -11,10 +11,10 @@
 #ListenAddress 0.0.0.0
 #ListenAddress ::
 
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_dsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
+#HostKey __PROGRAMDATA__/ssh/ssh_host_rsa_key
+#HostKey __PROGRAMDATA__/ssh/ssh_host_dsa_key
+#HostKey __PROGRAMDATA__/ssh/ssh_host_ecdsa_key
+#HostKey __PROGRAMDATA__/ssh/ssh_host_ed25519_key
 
 # Ciphers and keying
 #RekeyLimit default none
@@ -39,7 +39,7 @@ AuthorizedKeysFile	.ssh/authorized_keys
 
 #AuthorizedPrincipalsFile none
 
-# For this to work you will also need host keys in %windir%/programdata/openssh/config/ssh_known_hosts
+# For this to work you will also need host keys in %programData%/ssh/ssh_known_hosts
 #HostbasedAuthentication no
 # Change to yes if you don't trust ~/.ssh/known_hosts for
 # HostbasedAuthentication