Source snapshot from Powershell/openssh-portable:latestw_all

Author: bingbing8

appveyor.yml

@@ -1,4 +1,4 @@
-version: 0.0.13.0.{build}
+version: 0.0.14.0.{build}
 image: Visual Studio 2015
 
 branches:

contrib/win32/openssh/OpenSSHTestHelper.psm1

@@ -119,6 +119,8 @@ WARNING: Following changes will be made to OpenSSH configuration
    - will be replaced with a test sshd_config
    - $HOME\.ssh\known_hosts will be backed up as known_hosts.ori
    - will be replaced with a test known_hosts
+   - $HOME\.ssh\config will be backed up as config.ori
+   - will be replaced with a test config
    - sshd test listener will be on port 47002
    - $HOME\.ssh\known_hosts will be modified with test host key entry
    - test accounts - ssouser, pubkeyuser, and passwduser will be added
@@ -172,17 +174,23 @@ WARNING: Following changes will be made to OpenSSH configuration
 
     #Backup existing known_hosts and replace with test version
     #TODO - account for custom known_hosts locations
-    $knowHostsDirectoryPath = Join-Path $home .ssh
-    $knowHostsFilePath = Join-Path $knowHostsDirectoryPath known_hosts
-    if(-not (Test-Path $knowHostsDirectoryPath -PathType Container))
+    $dotSshDirectoryPath = Join-Path $home .ssh
+    $knowHostsFilePath = Join-Path $dotSshDirectoryPath known_hosts
+    if(-not (Test-Path $dotSshDirectoryPath -PathType Container))
     {
-        New-Item -ItemType Directory -Path $knowHostsDirectoryPath -Force -ErrorAction SilentlyContinue | out-null
+        New-Item -ItemType Directory -Path $dotSshDirectoryPath -Force -ErrorAction SilentlyContinue | out-null
     }
-    if ((Test-Path $knowHostsFilePath -PathType Leaf) -and (-not (Test-Path (Join-Path $knowHostsDirectoryPath known_hosts.ori) -PathType Leaf))) {
-        Copy-Item $knowHostsFilePath (Join-Path $knowHostsDirectoryPath known_hosts.ori) -Force
+    if ((Test-Path $knowHostsFilePath -PathType Leaf) -and (-not (Test-Path (Join-Path $dotSshDirectoryPath known_hosts.ori) -PathType Leaf))) {
+        Copy-Item $knowHostsFilePath (Join-Path $dotSshDirectoryPath known_hosts.ori) -Force
     }
     Copy-Item (Join-Path $Script:E2ETestDirectory known_hosts) $knowHostsFilePath -Force
 
+    $sshConfigFilePath = Join-Path $dotSshDirectoryPath config
+    if ((Test-Path $sshConfigFilePath -PathType Leaf) -and (-not (Test-Path (Join-Path $dotSshDirectoryPath config.ori) -PathType Leaf))) {
+        Copy-Item $sshConfigFilePath (Join-Path $dotSshDirectoryPath config.ori) -Force
+    }
+    Copy-Item (Join-Path $Script:E2ETestDirectory ssh_config) $sshConfigFilePath -Force
+
     # create test accounts
     #TODO - this is Windows specific. Need to be in PAL
     foreach ($user in $OpenSSHTestAccounts)
@@ -212,6 +220,7 @@ WARNING: Following changes will be made to OpenSSH configuration
     $testPriKeypath = Join-Path $Script:E2ETestDirectory sshtest_userssokey_ed25519
     Cleanup-SecureFileACL -FilePath $testPriKeypath -owner $owner
     cmd /c "ssh-add $testPriKeypath 2>&1 >> $Script:TestSetupLogFile"
+    Backup-OpenSSHTestInfo
 }
 #TODO - this is Windows specific. Need to be in PAL
 function Get-LocalUserProfile
@@ -314,6 +323,14 @@ function Cleanup-OpenSSHTestEnvironment
         Remove-Item $originKnowHostsPath -Force -ErrorAction SilentlyContinue
     }
 
+    #Restore ssh_config
+    $originConfigPath = Join-Path $home .ssh\config.ori
+    if (Test-Path $originConfigPath)
+    {
+        Copy-Item $originConfigPath (Join-Path $home .ssh\config) -Force -ErrorAction SilentlyContinue
+        Remove-Item $originConfigPath -Force -ErrorAction SilentlyContinue
+    }
+
     #Delete accounts
     foreach ($user in $OpenSSHTestAccounts)
     {
@@ -395,7 +412,7 @@ function Run-OpenSSHE2ETest
    # Discover all CI tests and run them.
     Push-Location $Script:E2ETestDirectory
     Write-Log -Message "Running OpenSSH E2E tests..."    
-    $testFolders = Get-ChildItem *.tests.ps1 -Recurse -Exclude SSHDConfig.tests.ps1, SSH.Tests.ps1 | ForEach-Object{ Split-Path $_.FullName} | Sort-Object -Unique
+    $testFolders = Get-ChildItem *.tests.ps1 -Recurse | ForEach-Object{ Split-Path $_.FullName} | Sort-Object -Unique
     Invoke-Pester $testFolders -OutputFormat NUnitXml -OutputFile $Script:E2ETestResultsFile -Tag 'CI'
     Pop-Location
 }
@@ -439,6 +456,56 @@ function Run-OpenSSHUnitTest
     $testfailed
 }
 
+function Backup-OpenSSHTestInfo
+{
+    param
+    (    
+        [string] $BackupFile = $null
+    )
+
+    if ($Global:OpenSSHTestInfo -eq $null) {
+        Throw "`$OpenSSHTestInfo is null. Did you run Setup-OpenSSHTestEnvironment yet?"
+    }
+    
+    $testInfo = $Global:OpenSSHTestInfo
+    
+    if ([String]::IsNullOrEmpty($BackupFile)) {
+        $BackupFile = Join-Path $testInfo["TestDataPath"] "OpenSSHTestInfo_backup.txt"
+    }
+    
+    $null | Set-Content $BackupFile
+
+    foreach ($key in $testInfo.Keys) {
+        $value = $testInfo[$key]
+        Add-Content $BackupFile "$key,$value"
+    }
+}
+
+function Recover-OpenSSHTestInfo
+{
+    param
+    (
+        [Parameter(Mandatory=$true)]
+        [ValidateNotNullOrEmpty()]
+        [string] $BackupFile
+    )
+
+    if($Global:OpenSSHTestInfo -ne $null)
+    {
+        $Global:OpenSSHTestInfo.Clear()
+        $Global:OpenSSHTestInfo = $null
+    }
+
+    $Global:OpenSSHTestInfo = @{}
+
+    $entries = Get-Content $BackupFile
+
+    foreach ($entry in $entries) {
+        $data = $entry.Split(",")
+        $Global:OpenSSHTestInfo[$data[0]] = $data[1] 
+    }
+}
+
 <#
     Write-Log 
 #>
@@ -460,4 +527,4 @@ function Write-Log
     }  
 }
 
-Export-ModuleMember -Function Setup-OpenSSHTestEnvironment, Cleanup-OpenSSHTestEnvironment, Run-OpenSSHUnitTest, Run-OpenSSHE2ETest
+Export-ModuleMember -Function Setup-OpenSSHTestEnvironment, Cleanup-OpenSSHTestEnvironment, Run-OpenSSHUnitTest, Run-OpenSSHE2ETest, Backup-OpenSSHTestInfo, Recover-OpenSSHTestInfo

contrib/win32/openssh/version.rc

@@ -66,7 +66,7 @@ typedef struct _SCREEN_RECORD {
 
 PSCREEN_RECORD pSavedScreenRec = NULL;
 int in_raw_mode = 0;
-char *consoleTitle = "Microsoft openSSH client";
+char *consoleTitle = "OpenSSH SSH client";
 
 /* Used to enter the raw mode */
 int 

contrib/win32/win32compat/console.c

@@ -117,7 +117,7 @@ char* _sys_errlist_ext[] = {
 	"No STREAM resources",					/* ENOSR           124 */
 	"Not a STREAM",						/* ENOSTR          125 */
 	"The socket is not connected",				/* ENOTCONN        126 */
-	"enotecoverable",					/* ENOTRECOVERABLE 127 */
+	"enotrecoverable",					/* ENOTRECOVERABLE 127 */
 	"Not a socket",						/* ENOTSOCK        128 */
 	"Operation not supported",				/* ENOTSUP         129 */
 	"Operation not supported on socket",			/* EOPNOTSUPP      130 */
@@ -256,7 +256,6 @@ w32_fopen_utf8(const char *path, const char *mode)
 	}
 
 	f = _wfopen(wpath, wmode);
-
 	if (f) {
 		/* BOM adjustments for file streams*/
 		if (mode[0] == 'w' && fseek(f, 0, SEEK_SET) != EBADF) {

contrib/win32/win32compat/misc.c

@@ -55,8 +55,9 @@
 */
 int
 check_secure_file_permission(const char *name, struct passwd * pw)
-{	
-	PSECURITY_DESCRIPTOR pSD = NULL;
+{
+	return 0;
+	/*PSECURITY_DESCRIPTOR pSD = NULL;
 	wchar_t * name_utf16 = NULL;
 	PSID owner_sid = NULL, user_sid = NULL;
 	PACL dacl = NULL;
@@ -79,10 +80,10 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 	if ((name_utf16 = utf8_to_utf16(name)) == NULL) {
 		errno = ENOMEM;
 		goto cleanup;
-	}
+	}*/
 
 	/*Get the owner sid of the file.*/
-	if ((error_code = GetNamedSecurityInfoW(name_utf16, SE_FILE_OBJECT,
+	/*if ((error_code = GetNamedSecurityInfoW(name_utf16, SE_FILE_OBJECT,
 		OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
 		&owner_sid, NULL, &dacl, NULL, &pSD)) != ERROR_SUCCESS) {
 		debug3("failed to retrieve the owner sid and dacl of file %s with error code: %d", name, error_code);
@@ -102,14 +103,14 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 		debug3("Bad owner on %s", name);
 		ret = -1;
 		goto cleanup;
-	}
+	}*/
 	/*
 	iterate all aces of the file to find out if there is voilation of the following rules:
 		1. no others than administrators group, system account, and current user, owner accounts have write permission on the file
 		2. sshd account can only have read permission
 		3. this user and file owner should at least have read permission 
 	*/
-	for (DWORD i = 0; i < dacl->AceCount; i++) {
+	/*for (DWORD i = 0; i < dacl->AceCount; i++) {
 		PVOID current_ace = NULL;
 		PACE_HEADER current_aceHeader = NULL;
 		PSID current_trustee_sid = NULL;
@@ -152,10 +153,10 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 			// Not interested ACE
 			continue;
 		}
-		}
+		}*/
 
 		/*no need to check administrators group, owner account, user account and system account*/
-		if (IsWellKnownSid(current_trustee_sid, WinBuiltinAdministratorsSid) ||
+		/*if (IsWellKnownSid(current_trustee_sid, WinBuiltinAdministratorsSid) ||
 			IsWellKnownSid(current_trustee_sid, WinLocalSystemSid) ||
 			EqualSid(current_trustee_sid, owner_sid) ||
 			EqualSid(current_trustee_sid, user_sid) ||
@@ -188,7 +189,7 @@ check_secure_file_permission(const char *name, struct passwd * pw)
 		FreeSid(user_sid);
 	if(name_utf16)
 		free(name_utf16);
-	return ret;
+	return ret;*/
 }
 
 static BOOL
@@ -267,7 +268,8 @@ is_admin_account(PSID user_sid)
 int
 set_secure_file_permission(const char *name, struct passwd * pw)
 {
-	PSECURITY_DESCRIPTOR pSD = NULL;
+	return 0;
+	/*PSECURITY_DESCRIPTOR pSD = NULL;
 	PSID owner_sid = NULL;
 	PACL dacl = NULL;
 	wchar_t *name_utf16 = NULL, *sid_utf16 = NULL, sddl[256];
@@ -327,10 +329,10 @@ set_secure_file_permission(const char *name, struct passwd * pw)
 		errno = ENOMEM;
 		ret = -1;
 		goto cleanup;
-	}
+	}*/
 
 	/*Set the owner sid and acl of the file.*/
-	if ((error_code = SetNamedSecurityInfoW(name_utf16, SE_FILE_OBJECT,
+	/*if ((error_code = SetNamedSecurityInfoW(name_utf16, SE_FILE_OBJECT,
 		OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | PROTECTED_DACL_SECURITY_INFORMATION,
 		owner_sid, NULL, dacl, NULL)) != ERROR_SUCCESS) {
 		debug3("failed to set the owner sid and dacl of file %s with error code: %d", name, error_code);
@@ -348,5 +350,5 @@ set_secure_file_permission(const char *name, struct passwd * pw)
 	if (owner_sid)
 		FreeSid(owner_sid);	
 	
-	return ret;
+	return ret;*/
 }

contrib/win32/win32compat/w32-sshfileperm.c

@@ -1,5 +1,5 @@
 Import-Module $PSScriptRoot\CommonUtils.psm1 -Force
-Describe "Tests for authorized_keys file permission" -Tags "CI" {
+Describe "Tests for authorized_keys file permission" -Tags "Scenario" {
     BeforeAll {    
         if($OpenSSHTestInfo -eq $null)
         {

regress/pesterTests/Authorized_keys_fileperm.Tests.ps1

@@ -1,4 +1,4 @@
-Describe "Tests for ssh config" -Tags "CI" {
+Describe "Tests for ssh config" -Tags "Scenario" {
     BeforeAll {
         if($OpenSSHTestInfo -eq $null)
         {

regress/pesterTests/Cfginclude.Tests.ps1

@@ -1,5 +1,5 @@
 Import-Module $PSScriptRoot\CommonUtils.psm1 -Force
-Describe "Tests for host keys file permission" -Tags "CI" {
+Describe "Tests for host keys file permission" -Tags "Scenario" {
     BeforeAll {
         if($OpenSSHTestInfo -eq $null)
         {

regress/pesterTests/Hostkey_fileperm.Tests.ps1

@@ -2,7 +2,7 @@
 $tI = 0
 $suite = "keyutils"
 
-Describe "E2E scenarios for ssh key management" -Tags "CI" {
+Describe "E2E scenarios for ssh key management" -Tags "Scenario" {
     BeforeAll {    
         if($OpenSSHTestInfo -eq $null)
         {
@@ -14,6 +14,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
         {
             $null = New-Item $testDir -ItemType directory -Force -ErrorAction SilentlyContinue
         }
+
         $keypassphrase = "testpassword"
         $keytypes = @("rsa","dsa","ecdsa","ed25519")     
         #only validate owner and ACE of the file
@@ -36,8 +37,12 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
     }
 
     BeforeEach {
-        $tI++;
-    }     
+        $stderrFile=Join-Path $testDir "$tC.$tI.stderr.txt"
+        $stdoutFile=Join-Path $testDir "$tC.$tI.stdout.txt"
+        $logFile = Join-Path $testDir "$tC.$tI.log.txt"
+    }        
+
+    AfterEach {$tI++;}    
 
     Context "$tC - ssh-keygen all key types" {
 
@@ -124,6 +129,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
 
             #ensure added keys are listed
             $allkeys = ssh-add -L
+            $allkeys | Set-Content (Join-Path $testDir "$tC.$tI.allkeyonAdd.txt")
 
             foreach($type in $keytypes)
             {
@@ -141,7 +147,8 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
 
             #check keys are deleted
             $allkeys = ssh-add -L
-            
+            $allkeys | Set-Content (Join-Path $testDir "$tC.$tI.allkeyonDelete.txt")
+
             foreach($type in $keytypes)
             {
                 $keyPath = Join-Path $testDir "id_$type"