Re: sftp(1) URI destination can't handle IPv6 addresses

Tue, 17 Nov 2020 15:08:29 -0800 

On Tue, Nov 17, 2020 at 03:40:39PM -0300, K R wrote:
> >Synopsis:      sftp URI destination can't handle IPv6 addresses
> >Category:      system amd64
> >Environment:
>         System      : OpenBSD 6.8
>         Details     : OpenBSD 6.8-current (GENERIC) #173: Mon Nov 16
> 22:16:04 MST 2020
>                          [email protected]:
> /usr/src/sys/arch/amd64/compile/GENERIC
> 
>         Architecture: OpenBSD.amd64
>         Machine     : amd64
> >Description:
>         sftp(1) won't work if destination is written in URI format:
> 
>           sftp://[user@]host[:port][/path]
> 
>         and host is an IPv6 address, enclosed in square brackets.
> 
> >How-To-Repeat:
> 
> # sftp sftp://user@[::1]:2222/
> usage: sftp [-46AaCfNpqrv] [-B buffer_size] [-b batchfile] [-c cipher]
>           [-D sftp_server_path] [-F ssh_config] [-i identity_file]
>           [-J destination] [-l limit] [-o ssh_option] [-P port]
>           [-R num_requests] [-S program] [-s subsystem | sftp_server]
>           destination
> 
> # sftp -P 2222 user@[::1]/
> 
>    works as expected.

i have just looked into this issue and confirmed,
ssh:// scp:// URI formats are affected since those
are using same code path, misc.c:859:parse_uri

i changed the code just for debugging and the errstr
gives the clue:

misc.c:
    909         if (!valid_domain(host, 0, &errstr)) {
    910                 err("%s", errstr); // XXX: debug, fill and give me 
errstr please
    911                 goto out;
    912         }

snap01$ ./sftp sftp://[1001:19f0:9002:1b3a:5400:2ff:feb3:7ed3]:22 
sftp: domain name "1001:19f0:9002:1b3a:5400:2ff:feb3:7ed3" contains
invalid characters: Undefined error: 0
snap01$ ./sftp sftp://[2001:19f0:9002:1b3a:5400:2ff:feb3:7ed3]:22 
sftp: domain name "2001:19f0:9002:1b3a:5400:2ff:feb3:7ed3" contains
invalid characters: Undefined error: 0

looking at valid_domain() now with a clue:

   2116                 if (c != '.' && c != '-' && !isalnum(c) &&
   2117                     c != '_') /* technically invalid, but common */ {
   2118                         snprintf(errbuf, sizeof(errbuf), "domain name "
   2119                             "\"%.100s\" contains invalid characters", 
name);
   2120                         goto bad;
   2121                 }

see above, IPv6 char ':' fails,

> >Fix:

Accordingly to 
https://tools.ietf.org/html/draft-ietf-secsh-scp-sftp-ssh-uri-04
"host" part of the URI referenced at
https://tools.ietf.org/html/rfc3986#section-3.2.2
it can be an IPv6/IPv4 address or a domain name itself, so the most
obvious solution should be to remove the valid_domain() check from
parse_uri(), but RFC also says that registered names and hexadecimal
addresses should be in lowercase for the sake of uniformity, while
only using uppercase letters for percent-encodings.

Looking for thoughts,

Reply via email to