SFTPD, directory listing and file attributes

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

SFTPD, directory listing and file attributes

Karolis Petrauskas-2
Hi all,

I'm trying to use the ssh_sftpd server and found strange behaviour
when listing files:

    sftp> ls -l /c/
    data.csv
    data.txt
    some.xxx

File permissions and gid/uid are not shown with the -l option.

If listing the files with the -n option the file attributes are shown
as expected:

    sftp> ls -n /c/
    -rw-rw-r--    0 1000     1000            0 Dec 27 20:11 /c/data.csv
    -rw-rw-r--    0 1000     1000            0 Dec 27 20:12 /c/data.txt
    -rw-rw-r--    0 1000     1000            0 Dec 27 19:12 /c/some.xxx

The attributes are also shown if the files are listed using wildcard:

    sftp> ls -l /c/*
    -rw-rw-r--    0 1000     1000            0 Dec 27 20:12 /c/data.txt
    -rw-rw-r--    0 1000     1000            0 Dec 27 20:11 /c/data.csv
    -rw-rw-r--    0 1000     1000            0 Dec 27 19:12 /c/some.xxx

But in this case, the sftp client asks for file attributes for each
file explicitly. In the client debug, I see the calls similar to the
following, repeated three times in this case:

    debug3: Sent message fd 3 T:7 I:20
    debug3: Received stat reply T:105 I:20


I work on linux, Ubuntu xenial.
I use Erlang/OTP 20.1 for the server.
The client is openssh sftp, version="OpenSSH_7.2p2 Ubuntu-4ubuntu2.2,
OpenSSL 1.0.2g  1 Mar 2016".
The server and the client agrees on the sftp version 3, as the client
implements it.

I tried to look at the ssh_sftp server sources. It looks like
ssh_xfer:encode_name/3 is incorrect, because long file name is not
included in the protocol version 3
(https://tools.ietf.org/html/draft-ietf-secsh-filexfer-03#page-26, see
SSH_FXP_NAME).
As I quick test, I tried to change the Vsn ranges here, but in that
case the server started to report corrupted frames.

I would be apprieciated for any pointers.

Maybe there is a way to log the sftp messages (decrypted) on the
client, it would help to compare responses from the erlang server and
the openssh server (the latter provides the attributes correctly).

--
Karolis Petrauskas
_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: SFTPD, directory listing and file attributes

Karolis Petrauskas-2
I have referred to a wrong version of the protocol specification.
https://tools.ietf.org/html/draft-ietf-secsh-filexfer-03 describes
protocol version 4.
The version 3 is described in
https://tools.ietf.org/html/draft-ietf-secsh-filexfer-02.
This explains why the existing code works at all :)

However, I still don't know, why sftp client shows the directory
listing without the attributes.

Karolis


On Thu, Dec 28, 2017 at 12:49 AM, Karolis Petrauskas
<[hidden email]> wrote:

> Hi all,
>
> I'm trying to use the ssh_sftpd server and found strange behaviour
> when listing files:
>
>     sftp> ls -l /c/
>     data.csv
>     data.txt
>     some.xxx
>
> File permissions and gid/uid are not shown with the -l option.
>
> If listing the files with the -n option the file attributes are shown
> as expected:
>
>     sftp> ls -n /c/
>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:11 /c/data.csv
>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:12 /c/data.txt
>     -rw-rw-r--    0 1000     1000            0 Dec 27 19:12 /c/some.xxx
>
> The attributes are also shown if the files are listed using wildcard:
>
>     sftp> ls -l /c/*
>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:12 /c/data.txt
>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:11 /c/data.csv
>     -rw-rw-r--    0 1000     1000            0 Dec 27 19:12 /c/some.xxx
>
> But in this case, the sftp client asks for file attributes for each
> file explicitly. In the client debug, I see the calls similar to the
> following, repeated three times in this case:
>
>     debug3: Sent message fd 3 T:7 I:20
>     debug3: Received stat reply T:105 I:20
>
>
> I work on linux, Ubuntu xenial.
> I use Erlang/OTP 20.1 for the server.
> The client is openssh sftp, version="OpenSSH_7.2p2 Ubuntu-4ubuntu2.2,
> OpenSSL 1.0.2g  1 Mar 2016".
> The server and the client agrees on the sftp version 3, as the client
> implements it.
>
> I tried to look at the ssh_sftp server sources. It looks like
> ssh_xfer:encode_name/3 is incorrect, because long file name is not
> included in the protocol version 3
> (https://tools.ietf.org/html/draft-ietf-secsh-filexfer-03#page-26, see
> SSH_FXP_NAME).
> As I quick test, I tried to change the Vsn ranges here, but in that
> case the server started to report corrupted frames.
>
> I would be apprieciated for any pointers.
>
> Maybe there is a way to log the sftp messages (decrypted) on the
> client, it would help to compare responses from the erlang server and
> the openssh server (the latter provides the attributes correctly).
>
> --
> Karolis Petrauskas
_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: SFTPD, directory listing and file attributes

Hans Nilsson R (AL/EAB)
Hi Karolis,

to view the ssh messages decrypted, call the undocumented function

    ssh_dbg:messages()

before the client connects to the server.

/Hans

On 12/28/2017 10:36 AM, Karolis Petrauskas wrote:

> I have referred to a wrong version of the protocol specification.
> https://tools.ietf.org/html/draft-ietf-secsh-filexfer-03 describes
> protocol version 4.
> The version 3 is described in
> https://tools.ietf.org/html/draft-ietf-secsh-filexfer-02.
> This explains why the existing code works at all :)
>
> However, I still don't know, why sftp client shows the directory
> listing without the attributes.
>
> Karolis
>
>
> On Thu, Dec 28, 2017 at 12:49 AM, Karolis Petrauskas
> <[hidden email]> wrote:
>> Hi all,
>>
>> I'm trying to use the ssh_sftpd server and found strange behaviour
>> when listing files:
>>
>>     sftp> ls -l /c/
>>     data.csv
>>     data.txt
>>     some.xxx
>>
>> File permissions and gid/uid are not shown with the -l option.
>>
>> If listing the files with the -n option the file attributes are shown
>> as expected:
>>
>>     sftp> ls -n /c/
>>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:11 /c/data.csv
>>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:12 /c/data.txt
>>     -rw-rw-r--    0 1000     1000            0 Dec 27 19:12 /c/some.xxx
>>
>> The attributes are also shown if the files are listed using wildcard:
>>
>>     sftp> ls -l /c/*
>>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:12 /c/data.txt
>>     -rw-rw-r--    0 1000     1000            0 Dec 27 20:11 /c/data.csv
>>     -rw-rw-r--    0 1000     1000            0 Dec 27 19:12 /c/some.xxx
>>
>> But in this case, the sftp client asks for file attributes for each
>> file explicitly. In the client debug, I see the calls similar to the
>> following, repeated three times in this case:
>>
>>     debug3: Sent message fd 3 T:7 I:20
>>     debug3: Received stat reply T:105 I:20
>>
>>
>> I work on linux, Ubuntu xenial.
>> I use Erlang/OTP 20.1 for the server.
>> The client is openssh sftp, version="OpenSSH_7.2p2 Ubuntu-4ubuntu2.2,
>> OpenSSL 1.0.2g  1 Mar 2016".
>> The server and the client agrees on the sftp version 3, as the client
>> implements it.
>>
>> I tried to look at the ssh_sftp server sources. It looks like
>> ssh_xfer:encode_name/3 is incorrect, because long file name is not
>> included in the protocol version 3
>> (https://tools.ietf.org/html/draft-ietf-secsh-filexfer-03#page-26, see
>> SSH_FXP_NAME).
>> As I quick test, I tried to change the Vsn ranges here, but in that
>> case the server started to report corrupted frames.
>>
>> I would be apprieciated for any pointers.
>>
>> Maybe there is a way to log the sftp messages (decrypted) on the
>> client, it would help to compare responses from the erlang server and
>> the openssh server (the latter provides the attributes correctly).
>>
>> --
>> Karolis Petrauskas
> _______________________________________________
> erlang-questions mailing list
> [hidden email]
> http://erlang.org/mailman/listinfo/erlang-questions
>

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions

smime.p7s (5K) Download Attachment