You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Mark Ebbers (JIRA)" <ji...@apache.org> on 2019/02/28 07:58:00 UTC
[jira] [Comment Edited] (SSHD-903) SFTP version negotiation does
not work
[ https://issues.apache.org/jira/browse/SSHD-903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16780220#comment-16780220 ]
Mark Ebbers edited comment on SSHD-903 at 2/28/19 7:57 AM:
-----------------------------------------------------------
[~lgoldstein]
{quote}The server can either play along or refuse -
{quote}
IMHO in the Draft 13 they are describing a version negotiation in the chapters 5.1. Client Initialization & 5.2. Server Initialization. Especially in 5.2 stated:
{quote}The SSH_FXP_VERSION packet (from server to client) has the following data: uint32 version extension-pair extensions[0..n] 'version' is the *lower of the protocol version supported by the server and the version number received from the client*.
{quote}
If interpreted this as Clients sends version 6, server supports max version 3, 3 is the lower protocol version supported by the server and the version number received from the client, 6, thus returning 3 to the client.
I have implemented this behavior, set WinSCP to version 6, and after connecting they are using version 3. I attached some screenshots and logging.
{{. 2019-02-28 08:47:13.270 --------------------------------------------------------------------------}}
{{. 2019-02-28 08:47:13.270 Using SFTP protocol.}}
{{. 2019-02-28 08:47:13.271 Doing startup conversation with host.}}
{{> 2019-02-28 08:47:13.284 Type: SSH_FXP_INIT, Size: 5, Number: -1}}
{{> 2019-02-28 08:47:13.284 01,00,00,00,*06, <--- Version 6 proposed by client*}}
{{. 2019-02-28 08:47:13.284 Sent 9 bytes}}
{{. 2019-02-28 08:47:13.284 There are 0 bytes remaining in the send buffer}}
...
{{. 2019-02-28 08:47:13.290 Read 473 bytes (0 pending)}}
{{< 2019-02-28 08:47:13.290 Type: SSH_FXP_VERSION, Size: 473, Number: -1}}
{{< 2019-02-28 08:47:13.290 02,00,00,00,*03*,00 *<--- Version 3 returned*}}
*{{. 2019-02-28 08:47:13.291 SFTP version 3 negotiated.}}*
*{{. 2019-02-28 08:47:13.291 SFTP versions supported by the server: 3}}*
{{. 2019-02-28 08:47:13.291 Server requests EOL sequence "\n".}}
...
{{. 2019-02-28 08:47:13.291 Attribute extensions (0)}}
{{. 2019-02-28 08:47:13.291 Extensions (8)}}
{{. 2019-02-28 08:47:13.291 version-select}}
...
{{. 2019-02-28 08:47:13.291 We will use UTF-8 strings until server sends an invalid UTF-8 string as with SFTP version 3 and older UTF-8 strings are not mandatory}}
!winscp.png!!winscp-info.png!
was (Author: mark.ebbers):
[~lgoldstein]
{quote}The server can either play along or refuse -
{quote}
IMHO in the Draft 13 they are describing a version negotiation in the chapters 5.1. Client Initialization & 5.2. Server Initialization. Especially in 5.2 stated:
{quote}The SSH_FXP_VERSION packet (from server to client) has the following data: uint32 version extension-pair extensions[0..n] 'version' is the *lower of the protocol version supported by the server and the version number received from the client*.{quote}
If interpreted this as Clients sends version 6, server supports max version 3, 3 is the lower protocol version supported by the server and the version number received from the client, 6, thus returning 3 to the client.
I have implemented this behavior, set WinSCP to version 6, and after connecting they are using version 3. I attached some screenshots and logging.
{{. 2019-02-28 08:47:13.270 --------------------------------------------------------------------------}}
{{. 2019-02-28 08:47:13.270 Using SFTP protocol.}}
{{. 2019-02-28 08:47:13.271 Doing startup conversation with host.}}
{{> 2019-02-28 08:47:13.284 Type: SSH_FXP_INIT, Size: 5, Number: -1}}
{{> 2019-02-28 08:47:13.284 01,00,00,00,*06, <--- Version 6 proposed by client*}}
{{. 2019-02-28 08:47:13.284 Sent 9 bytes}}
{{. 2019-02-28 08:47:13.284 There are 0 bytes remaining in the send buffer}}
...
{{. 2019-02-28 08:47:13.290 Read 473 bytes (0 pending)}}
{{< 2019-02-28 08:47:13.290 Type: SSH_FXP_VERSION, Size: 473, Number: -1}}
{{< 2019-02-28 08:47:13.290 02,00,00,00,*03*,00 *<--- Version 3 returned*}}
*{{. 2019-02-28 08:47:13.291 SFTP version 3 negotiated.}}*
*{{. 2019-02-28 08:47:13.291 SFTP versions supported by the server: 3}}*
{{. 2019-02-28 08:47:13.291 Server requests EOL sequence "\n".}}
...
{{. 2019-02-28 08:47:13.291 Attribute extensions (0)}}
{{. 2019-02-28 08:47:13.291 Extensions (8)}}
{{. 2019-02-28 08:47:13.291 version-select}}
...
{{. 2019-02-28 08:47:13.291 We will use UTF-8 strings until server sends an invalid UTF-8 string as with SFTP version 3 and older UTF-8 strings are not mandatory}}
> SFTP version negotiation does not work
> ----------------------------------------
>
> Key: SSHD-903
> URL: https://issues.apache.org/jira/browse/SSHD-903
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 2.2.0
> Reporter: Mark Ebbers
> Assignee: Goldstein Lyor
> Priority: Major
> Attachments: screenshot-winscp-sftp-version.png, sftp-version-1.png, sftp-version-2.png, winscp-info.png, winscp.png
>
>
> I have some problems with uploading files to our MINA SSHD based SFTP server when using ,different version, of WinSCP as SFTP client. WinSCP is configured to use version 6 of the SFTP protocol if possible.
> Uploading a file of ~ 45KB sometimes result in a file of 32711 bytes where in the data is not appended (from the second SFTP packet) but overwritten. (But did not pin point the exact bug)
> As a temporary solution I found, in issue SSHD-874, a comment which suggest to force the server to use sftp-protocol version 3. If I do this I expect the server to negotiate with the client that version 3 should be used instead of version 6. But what happens is that the server sends a not supported message.
>
> I think that the AbstractSftpSubsystemHelper::checkVersionCompatibility() is the problem.
> See my screenshots. As you can see the version proposed by WinSCP is version 6. I forced the server on version 3.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)