Partenie, Sergiu
2008-Nov-18 17:10 UTC
Axway XFB sftp server & no-more-sessions@openssh.com
Hello all, First of all, thank you for such great software. I have a bug (and a fix) to report for 5.1p: The "Axway XFB.Gateway" SFTP server will drop sftp sessions initiated from the OpenSSH 5.1p (HP-UX) sftp if it receives the "no-more-sessions at openssh.com" flag. It can be reproduced also with the sftp sessions initiated from a OpenSSH 5.1p sftp on a Linux machine. As a workaround we are using now "-oControlMaster=yes" for each sftp connection in order to disable the sending of "no-more-sessions at openssh.com" flag. Can you please add for future versions in "compat.c" that for connections to servers who identify themselves as "XFB.Gateway Unix" a flag should be set that "no-more-sessions at openssh.com" is not sent to that server ? Thanks a lot ! excerpts from sftp -vvv (without "-oControlMaster=yes") ========... debug1: Remote protocol version 2.0, remote software version XFB.Gateway Unix debug1: no match: XFB.Gateway Unix debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1+sftpfilecontrol-v1.2-hpn13v5 ... debug1: Authentication succeeded (publickey). debug2: fd 5 setting O_NONBLOCK debug2: fd 6 setting O_NONBLOCK debug1: Final hpn_buffer_size = 2097152 debug1: HPN Disabled: 1, HPN Buffer Size: 2097152 debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting no-more-sessions at openssh.com debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug1: Sending subsystem: sftp debug2: channel 0: request subsystem confirm 1 debug2: fd 4 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 32768 rmax 16384 debug1: channel 0: free: client-session, nchannels 1 debug3: channel 0: status: The following connections are open: #0 client-session (t4 r660 i0/9 o0/0 fd 5/6 cfd -1) debug3: channel 0: close_fds r 5 w 6 e 7 c -1 debug1: fd 0 clearing O_NONBLOCK debug1: fd 1 clearing O_NONBLOCK Connection to XX.XX.XX.XX closed by remote host. Transferred: sent 2152, received 1088 bytes, in 0.1 seconds Bytes per second: sent 16388.3, received 8285.6 debug1: Exit status -1 Connection closed ===========
On Tue, 18 Nov 2008, Partenie, Sergiu wrote:> Hello all, > > First of all, thank you for such great software. > > I have a bug (and a fix) to report for 5.1p: > > The "Axway XFB.Gateway" SFTP server will drop sftp sessions > initiated from the OpenSSH 5.1p (HP-UX) sftp if it receives the > "no-more-sessions at openssh.com" flag It can be reproduced also with the > sftp sessions initiated from a OpenSSH 5.1p sftp on a Linux machine > > As a workaround we are using now "-oControlMaster=yes" for > each sftp connection in order to disable the sending of > "no-more-sessions at openssh.com" flag. > > Can you please add for future versions in "compat.c" that for > connections to servers who identify themselves as "XFB.Gateway Unix" a > flag should be set that "no-more-sessions at openssh.com" is not sent to > that server ?Due to bugs in other servers, OpenSSH 5.2 will not send this extension message (nor the eow at openssh.com channel half-closed notification) to any server that doesn't identify itself as OpenSSH. Vendors are required to gracefully refuse messages that they do not understand, so the "Axway XFB.Gateway" is actually what is at fault here. If any other ssh vendors what to receive these messages, then they should let us know so they can be whitelisted in compat.c -d
Possibly Parallel Threads
- [PATCH 1/2] st/mesa: treat resource-less xfb buffers as if they weren't there
- Attempts to connect to Axway SFTP server result in publickey auth loopin
- Re: [RFC] mesa/st: Avoid passing a NULL buffer to the drivers
- Re: [RFC] mesa/st: Avoid passing a NULL buffer to the drivers
- [RFC] mesa/st: Avoid passing a NULL buffer to the drivers