-
-
Notifications
You must be signed in to change notification settings - Fork 931
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle unknown channel messages correctly #1363
Conversation
See discussion sshnet#1218 . Some servers send custom channel messages like '[email protected]' as keep alive messages. This currently causes a NotSupportedException. According to the spec https://datatracker.ietf.org/doc/html/rfc4254#section-5.4 : "If the request is not recognized or is not supported for the channel, SSH_MSG_CHANNEL_FAILURE is returned." Send a failure message back instead of throwing an exception.
beb09ac
to
1ab1300
Compare
The whole paragraph is (emphasis mine):
To me, that says we should only send SSH_MSG_CHANNEL_FAILURE if 'want reply' is true. i.e. // Raise request specific event
OnRequest(requestInfo);
}
- else
+ else if (e.Message.WantReply)
{
var reply = new ChannelFailureMessage(LocalChannelNumber);
SendMessage(reply);
Unfortunately,
2 is probably easiest. What do you think? |
@Rob-Hague Pushed. Moved UnknownRequestInfo to production code and it checks WantReply now. The test still needs its own class to set WantReply=true . |
This RFC clarification (draft) may be relevant here, though it's a slightly different issue arising from the same RFC paragraph: This issue has been discussed before in other SSH packages: And this implementation also agrees with your interpretation of WantReply: |
Thanks. The relevant text is:
I think we are covered here because SSH.NET/src/Renci.SshNet/Channels/Channel.cs Lines 479 to 488 in db3d7e8
SSH.NET/src/Renci.SshNet/Channels/Channel.cs Lines 547 to 575 in db3d7e8
|
not directly related to the PR, was noticed during Code Review.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks
@Rob-Hague/ @WojciechNagorski Can we have a release with this fix please? |
Probably some time in May |
@Rob-Hague can we please have a release for this? |
Yes, soon |
Hey @Rob-Hague can you provide a tentative ETA on when you're planning to do the next release? |
See discussion #1218 . Some servers send custom channel messages like '[email protected]' as keep alive messages. This currently causes a NotSupportedException.
According to the spec https://datatracker.ietf.org/doc/html/rfc4254#section-5.4 :
"If the request is not recognized or is not
supported for the channel, SSH_MSG_CHANNEL_FAILURE is returned."
Send a failure message back instead of throwing an exception.
The test is mostly copy&paste from ChannelTest_OnSessionChannelRequestReceived_OnRequest_Exception. I also reproduced the issue and tested the fix with an actual ProFTPD server locally.