You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Goldstein Lyor (JIRA)" <ji...@apache.org> on 2015/01/08 11:32:34 UTC

[jira] [Updated] (SSHD-400) Ignore SFTP extension data in SSH_FXP_INIT message

     [ https://issues.apache.org/jira/browse/SSHD-400?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Goldstein Lyor updated SSHD-400:
--------------------------------
    Description: 
According to the [specification](see https://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt) - section 4 - Protocol Initialization - the _SSH_FXP_INIT_ message may contain optional extension strings and "Implementations MUST silently ignore any extensions whose name they do not recognize.".

While such extensions may be rare, IMO we don't want the SSHD server to fail talking to such clients. Attached is a patch in that spirit (BTW, there was also a logging error - the message was logging the received version *before* the value was initialized...)

  was:
According to the [specification](see https://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt) - section 4 - Protocol Initialization - the _SSH_FXP_INIT_ message may contain optional extension strings and "Implementations MUST silently ignore any extensions whose name they do not recognize.".

While such extensions may be rare, IMO we don't want the SSHD server to fail talking to such clients. Attached is a patch in that spirit.


> Ignore SFTP extension data in SSH_FXP_INIT message
> --------------------------------------------------
>
>                 Key: SSHD-400
>                 URL: https://issues.apache.org/jira/browse/SSHD-400
>             Project: MINA SSHD
>          Issue Type: Improvement
>            Reporter: Goldstein Lyor
>            Priority: Minor
>
> According to the [specification](see https://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt) - section 4 - Protocol Initialization - the _SSH_FXP_INIT_ message may contain optional extension strings and "Implementations MUST silently ignore any extensions whose name they do not recognize.".
> While such extensions may be rare, IMO we don't want the SSHD server to fail talking to such clients. Attached is a patch in that spirit (BTW, there was also a logging error - the message was logging the received version *before* the value was initialized...)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)