[jira] [Updated] (SSHD-400) Ignore SFTP extension data in SSH_FXP_INIT message

Thu, 08 Jan 2015 02:32:46 -0800 

     [ 
https://issues.apache.org/jira/browse/SSHD-400?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Goldstein Lyor updated SSHD-400:
--------------------------------
    Description: 
According to the [specification](see 
https://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt) - section 
4 - Protocol Initialization - the _SSH_FXP_INIT_ message may contain optional 
extension strings and "Implementations MUST silently ignore any extensions 
whose name they do not recognize.".

While such extensions may be rare, IMO we don't want the SSHD server to fail 
talking to such clients. Attached is a patch in that spirit (BTW, there was 
also a logging error - the message was logging the received version *before* 
the value was initialized...)

  was:
According to the [specification](see 
https://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt) - section 
4 - Protocol Initialization - the _SSH_FXP_INIT_ message may contain optional 
extension strings and "Implementations MUST silently ignore any extensions 
whose name they do not recognize.".

While such extensions may be rare, IMO we don't want the SSHD server to fail 
talking to such clients. Attached is a patch in that spirit.


> Ignore SFTP extension data in SSH_FXP_INIT message
> --------------------------------------------------
>
>                 Key: SSHD-400
>                 URL: https://issues.apache.org/jira/browse/SSHD-400
>             Project: MINA SSHD
>          Issue Type: Improvement
>            Reporter: Goldstein Lyor
>            Priority: Minor
>
> According to the [specification](see 
> https://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt) - 
> section 4 - Protocol Initialization - the _SSH_FXP_INIT_ message may contain 
> optional extension strings and "Implementations MUST silently ignore any 
> extensions whose name they do not recognize.".
> While such extensions may be rare, IMO we don't want the SSHD server to fail 
> talking to such clients. Attached is a patch in that spirit (BTW, there was 
> also a logging error - the message was logging the received version *before* 
> the value was initialized...)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to