Subject: libssh2 uploads/fail with recent (?) Linux openssh/sftp-server servers

libssh2 uploads/fail with recent (?) Linux openssh/sftp-server servers

From: Oleg Rosowiecki <orosowiecki_at_gmail.com>
Date: Fri, 13 Aug 2021 14:07:34 +0200

Hello,

I noticed a strange behavior of the libssh2 library with some (newer?)
openssh/sftp servers (running on Linux systems). The files would not
download and/or upload. However, a command line sftp client
downloads/uploads from/to my target systems just fine.

I narrowed down the problem to using one of the example tools (e.g.
sftp_write.c) to see how it behaves with different server versions.

On the server side, this is what happens during attempts to write:

Aug 13 12:15:27 localhost sftp-server[9240]: open "..." flags
WRITE,CREATE,TRUNCATE mode 0100644.

or attempts to read:

Aug 10 15:54:51 (none) authpriv.info sftp-server[15695]: open
"root/somefile.txt" flags READ mode 010000

So, instead of just 0664 the library OR's it with 0100000. I found the
relevant portion of the code:

/* S_IFREG */
#define LIBSSH2_SFTP_ATTR_PFILETYPE_FILE 0100000

        /* Filetype in SFTP 3 and earlier */
        attrs.permissions = mode |
            (open_file ? LIBSSH2_SFTP_ATTR_PFILETYPE_FILE :
             LIBSSH2_SFTP_ATTR_PFILETYPE_DIR);

I discovered this in version 1.8.0, but it seems that this code has
remained there ever since.

I would like to ask libssh2 developers about the following.

1. Why is this extra constant there and what purpose do those "extended
mode/permissions" serve? By looking at sftp-server implementation I see
that the mode parameter is applied quite literally, i.e. the mode value
such as 0100644 or similar is supplied to the open(filename, flags, mode)
system call.

2. I checked against Linux openssh versions:

OpenSSH_8.2p1, OpenSSL 1.0.2t 10 Sep 2019
and
OpenSSH_8.0p1, OpenSSL 1.1.1d FIPS 10 Sep 2019

In both instances, sftp-server fails to support this "extended mode" flag
(in fact, the difference is just in a single extra bit).

Is this a known problem? Is libssh2 compatible with only some versions of
openssh/sftp-server?

I would appreciate your help,
Oleg Rosowiecki

_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2021-08-13