On 29 Sep 2021 12:35, Damien Miller wrote: > On Mon, 27 Sep 2021, Mike Frysinger wrote: > > would SFTPv4 support be acceptable in OpenSSH's server & client ? > > > > SFTPv4 supports higher stat fidelity & user/group names (not just numeric): > > https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-04#section-10.1 > > > > iiuc, some of the newer features are a bit contentious, like the NFS ACL models > > (which only get worse it seems with SFTPv5 & SFTPv6). from a quick scan, it > > seems these only show up in the file attrs operations, and the server could > > just not return any (never set SSH_FILEXFER_ATTR_ACL). if the client were to > > set file attrs and they have SSH_FILEXFER_ATTR_ACL set, then the server could > > also ignore it, or have it return SSH_FX_OP_UNSUPPORTED. > > > > the other feature that looks a bit dicey is opening files in text mode. the > > caveats the spec sprinkles around makes it sound like it too would be easier > > to simply return SSH_FX_OP_UNSUPPORTED. > > > > requiring filenames be UTF-8 sounds fine ... the code already treats paths as > > a series of bytes (effectively ignoring the encoding), so can just keep doing > > that. if the client sends invalid UTF-8, that's a client bug. if the server > > has a path that is invalid UTF-8, then the client can decide to ignore it, or > > process it. > > > > everything else looks pretty straight forward. > > How many of these things could be implemented as extensions? > > AFAIK we could use SSH_FILEXFER_ATTR_EXTENDED extensions to send > nanosecond timestamps as well as user/group names, and it should be > backwards compatible... hmm, if we're thinking outside the box ... one thought i had but figured would be rejected was that we'd backport the new SSH_FILEXFER_ATTR_OWNERGROUP to SFTPv3 (as it's backwards compatible), but that might work OK for client->server, but not so well for server->client (since the spec makes it sound like flags must be within the defined range only). so lets forget about this avenue. another idea was that we'd define an extension whereby the client could upgrade its connection (akin to HTTP upgrading to 1.1 or 2.0). the server would have "sftpv4-file-attrs@xxxxxxxxxxx", and if the client sent that request, then all file attrs would have to use the newer SFTPv4 form for the rest of the session. i think this is still within the SFTPv3 spec and wouldn't break anyone. it has the slight advantage of the types being directly encoded. otherwise, i think your idea would also work within the SFTPv3 spec and not break anyone. it would mean servers & clients would have to serialize to strings everywhere, but maybe that's not a big deal. the standard & extension fields would have to both be specified, and the other side would ignore the standard data when it sees the extension. e.g. the uid & gid fields would have to be specified, but if the username & group extensions were include, they'd be ignored in favor of dynamic lookup. rough sketch of extensions i'd be interested in: * attrs-type@xxxxxxxxxxx - the possible file types from stat/getdents: "block" "char" "dir" "fifo" "link" "reg" "socket" "unknown" * attrs-owner@xxxxxxxxxxx - the username as a string (instead of uid) * attrs-group@xxxxxxxxxxx - the groupname as a string (instead of gid) * attrs-atime-sec@xxxxxxxxxxx - the 64-bit access time (if 32-bit overflows) * attrs-mtime-sec@xxxxxxxxxxx - the 64-bit modify time (if 32-bit overflows) * attrs-ctime-sec@xxxxxxxxxxx - the 64-bit status time * attrs-btime-sec@xxxxxxxxxxx - the 64-bit create time * attrs-atime-nsec@xxxxxxxxxxx - the subsecond access time (for nanoseconds) * attrs-mtime-nsec@xxxxxxxxxxx - the subsecond modify time (for nanoseconds) * attrs-ctime-nsec@xxxxxxxxxxx - the subsecond status time (for nanoseconds) * attrs-btime-nsec@xxxxxxxxxxx - the subsecond create time (for nanoseconds) maybe instead of "btime" we should use "createtime" as that would match newer SFTP specs better instead of matching Linux's statx field. i opting for separate sec fields here to make parsing a bit easier. i figure doing strtoull on an entire string is easier than finding the . separator and parsing the numbers before/after that. sscanf(buf, "%llu.%llu", &sec, &nsec). lmk if you have a preference on the route to take. -mike
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
