search

sshtools / maverick-synergy

Next Generation Java SSH API
https://jadaptive.com
GNU Lesser General Public License v3.0
96 stars 26 forks source link

SFTP-problem in SftpChannel if protocol-version is 5 #80

Closed mr-mister123 closed 11 months ago

mr-mister123 commented 1 year ago

I have to connect to an ssh-server, wich is not under my control. The protocol-version that is used is '5'.

I get following exception, when processing supported features:

java.io.IOException: Unexpected length of 1936744803 bytes exceeds available data of 72 bytes
    at com.sshtools.common.util.ByteArrayReader.checkLength(ByteArrayReader.java:99)
    at com.sshtools.common.util.ByteArrayReader.readString(ByteArrayReader.java:232)
    at com.sshtools.common.util.ByteArrayReader.readString(ByteArrayReader.java:220)
    at com.sshtools.client.sftp.SftpChannel.processSupported(SftpChannel.java:424)
    at com.sshtools.client.sftp.SftpChannel.initializeSftp(SftpChannel.java:285)
    ... 19 more

I've checked the sftp-documentation and it states that the supported-structure is as follows:

string "supported"
        string supported-structure
           uint32 supported-attribute-mask
           uint32 supported-attribute-bits
           uint32 supported-open-flags
           uint32 supported-access-mask
           uint32 max-read-size
           string extension-names[0..n]

in SftpChannel the data is processed in this way:

if(supportedStructure.available() >= 4) {
    int count = (int) supportedStructure.readInt();
        for (int i = 0; i < count; i++) {
            String ext = supportedStructure.readString();
            if(Log.isTraceEnabled()) {
                Log.trace("Server supports '" + ext
                        + "' extension");
            }
            supportedExtensions.add(ext);
        }
    }

So if there is data available it determines the number of extension an than reads as many strings. i don't know, if this is correct, but it doesn't work. i think the documentation has to be read as follows: as long as data is available read string.

if changing the if-block quoted above to 

while (supportedStructure.available() >= 4) {
    String ext = supportedStructure.readString();
    if(Log.isTraceEnabled()) {
        Log.trace("Server supports '" + ext
                + "' extension");
    }
    supportedExtensions.add(ext);
}

it works fine.

In the log following messages show up:

Processed extension 'supported'
Server supports 'space-available' extension
Server supports 'statvfs@openssh.com' extension
Server supports 'fstatvfs@openssh.com' extension

wich seems to make sense...

Greetz, Karsten

ludup commented 1 year ago

I'm fixing this in the develop branch (3.1.0-SNAPSHOT). It looks like an over-eager copy/paste as the supported2 structure in V6 does have an int count preceding the extension names.