[
https://issues.apache.org/jira/browse/SSHD-903?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16780220#comment-16780220
]
Mark Ebbers edited comment on SSHD-903 at 2/28/19 8:08 AM:
-----------------------------------------------------------
[~lgoldstein]
{quote}The server can either play along or refuse -
{quote}
IMHO in the Draft 13 they are describing a version negotiation in the chapters
5.1. Client Initialization & 5.2. Server Initialization. Especially in 5.2
stated:
{quote}The SSH_FXP_VERSION packet (from server to client) has the following
data: uint32 version extension-pair extensions[0..n] 'version' is the *lower of
the protocol version supported by the server and the version number received
from the client*.
{quote}
If interpreted this as Clients sends version 6, server supports max version 3,
3 is the lower protocol version supported by the server and the version number
received from the client, 6, thus returning 3 to the client.
I have implemented this behavior, set WinSCP to version 6, and after connecting
they are using version 3. I attached some screenshots and logging.
{{. 2019-02-28 08:47:13.270
--------------------------------------------------------------------------}}
{{. 2019-02-28 08:47:13.270 Using SFTP protocol.}}
{{. 2019-02-28 08:47:13.271 Doing startup conversation with host.}}
{{> 2019-02-28 08:47:13.284 Type: SSH_FXP_INIT, Size: 5, Number: -1}}
{{> 2019-02-28 08:47:13.284 01,00,00,00,*06, <--- Version 6 proposed by
client*}}
{{. 2019-02-28 08:47:13.284 Sent 9 bytes}}
{{. 2019-02-28 08:47:13.284 There are 0 bytes remaining in the send buffer}}
...
{{. 2019-02-28 08:47:13.290 Read 473 bytes (0 pending)}}
{{< 2019-02-28 08:47:13.290 Type: SSH_FXP_VERSION, Size: 473, Number: -1}}
{{< 2019-02-28 08:47:13.290 02,00,00,00,*03*,00 *<--- Version 3 returned*}}
*{{. 2019-02-28 08:47:13.291 SFTP version 3 negotiated.}}*
*{{. 2019-02-28 08:47:13.291 SFTP versions supported by the server: 3}}*
{{. 2019-02-28 08:47:13.291 Server requests EOL sequence "\n".}}
...
{{. 2019-02-28 08:47:13.291 Attribute extensions (0)}}
{{. 2019-02-28 08:47:13.291 Extensions (8)}}
{{. 2019-02-28 08:47:13.291 version-select}}
...
{{. 2019-02-28 08:47:13.291 We will use UTF-8 strings until server sends an
invalid UTF-8 string as with SFTP version 3 and older UTF-8 strings are not
mandatory}}
!winscp.png!!winscp-info.png!
I made a quick fix in our implementation like this
{code:java}
@Override
protected void doInit(Buffer buffer, int id) throws IOException {
final ServerSession session = getServerSession();
if (log.isDebugEnabled()) {
log.debug("doInit({})[id={}] SSH_FXP_INIT (proposed version={})",
session, id, id);
}
if (id < LOWER_SFTP_IMPL) {
sendStatus(BufferUtils.clear(buffer), id,
SftpConstants.SSH_FX_OP_UNSUPPORTED, "Proposed sftp protocol version (" + id +
") not supported.");
return;
}
final Integer sftpVersionServer = session.getInteger("sftp-version");
final String supportedVersions;
if (sftpVersionServer != null) {
version = sftpVersionServer.intValue();
supportedVersions = sftpVersionServer.toString();
} else {
this.version = id;
if (id > HIGHER_SFTP_IMPL) {
version = HIGHER_SFTP_IMPL;
} else {
version = id;
}
supportedVersions = IntStream.rangeClosed(version, HIGHER_SFTP_IMPL)
.mapToObj(Integer::toString)
.collect(Collectors.joining(","));
}
if (log.isDebugEnabled()) {
log.debug("doInit({})[id={}] SSH_FXP_INIT (negotiated version={},
forced={}, supported versions={})", session, id, version, sftpVersionServer !=
null, supportedVersions);
}
while(buffer.available() > 0) {
String name = buffer.getString();
byte[] data = buffer.getBytes();
extensions.put(name, data);
}
buffer.clear();
buffer.putByte((byte)SSH_FXP_VERSION);
buffer.putInt((long)version);
appendExtensions(buffer, supportedVersions);
SftpEventListener listener = getSftpEventListenerProxy();
listener.initialized(session, version);
send(buffer);
}
{code}
was (Author: mark.ebbers):
[~lgoldstein]
{quote}The server can either play along or refuse -
{quote}
IMHO in the Draft 13 they are describing a version negotiation in the chapters
5.1. Client Initialization & 5.2. Server Initialization. Especially in 5.2
stated:
{quote}The SSH_FXP_VERSION packet (from server to client) has the following
data: uint32 version extension-pair extensions[0..n] 'version' is the *lower of
the protocol version supported by the server and the version number received
from the client*.
{quote}
If interpreted this as Clients sends version 6, server supports max version 3,
3 is the lower protocol version supported by the server and the version number
received from the client, 6, thus returning 3 to the client.
I have implemented this behavior, set WinSCP to version 6, and after connecting
they are using version 3. I attached some screenshots and logging.
{{. 2019-02-28 08:47:13.270
--------------------------------------------------------------------------}}
{{. 2019-02-28 08:47:13.270 Using SFTP protocol.}}
{{. 2019-02-28 08:47:13.271 Doing startup conversation with host.}}
{{> 2019-02-28 08:47:13.284 Type: SSH_FXP_INIT, Size: 5, Number: -1}}
{{> 2019-02-28 08:47:13.284 01,00,00,00,*06, <--- Version 6 proposed by
client*}}
{{. 2019-02-28 08:47:13.284 Sent 9 bytes}}
{{. 2019-02-28 08:47:13.284 There are 0 bytes remaining in the send buffer}}
...
{{. 2019-02-28 08:47:13.290 Read 473 bytes (0 pending)}}
{{< 2019-02-28 08:47:13.290 Type: SSH_FXP_VERSION, Size: 473, Number: -1}}
{{< 2019-02-28 08:47:13.290 02,00,00,00,*03*,00 *<--- Version 3 returned*}}
*{{. 2019-02-28 08:47:13.291 SFTP version 3 negotiated.}}*
*{{. 2019-02-28 08:47:13.291 SFTP versions supported by the server: 3}}*
{{. 2019-02-28 08:47:13.291 Server requests EOL sequence "\n".}}
...
{{. 2019-02-28 08:47:13.291 Attribute extensions (0)}}
{{. 2019-02-28 08:47:13.291 Extensions (8)}}
{{. 2019-02-28 08:47:13.291 version-select}}
...
{{. 2019-02-28 08:47:13.291 We will use UTF-8 strings until server sends an
invalid UTF-8 string as with SFTP version 3 and older UTF-8 strings are not
mandatory}}
!winscp.png!!winscp-info.png!
> SFTP version negotiation does not work
> ----------------------------------------
>
> Key: SSHD-903
> URL: https://issues.apache.org/jira/browse/SSHD-903
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 2.2.0
> Reporter: Mark Ebbers
> Assignee: Goldstein Lyor
> Priority: Major
> Attachments: screenshot-winscp-sftp-version.png, sftp-version-1.png,
> sftp-version-2.png, winscp-info.png, winscp.png
>
>
> I have some problems with uploading files to our MINA SSHD based SFTP server
> when using ,different version, of WinSCP as SFTP client. WinSCP is configured
> to use version 6 of the SFTP protocol if possible.
> Uploading a file of ~ 45KB sometimes result in a file of 32711 bytes where in
> the data is not appended (from the second SFTP packet) but overwritten. (But
> did not pin point the exact bug)
> As a temporary solution I found, in issue SSHD-874, a comment which suggest
> to force the server to use sftp-protocol version 3. If I do this I expect the
> server to negotiate with the client that version 3 should be used instead of
> version 6. But what happens is that the server sends a not supported message.
>
> I think that the AbstractSftpSubsystemHelper::checkVersionCompatibility() is
> the problem.
> See my screenshots. As you can see the version proposed by WinSCP is version
> 6. I forced the server on version 3.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
