Page MenuHomePhabricator

sftp: Add check if we are authenticated
Closed, InvalidPublic


I have an amendment request for case T139. From my point of view it would be better to move the authentication check to the function sftp_new.

With the current change rLIBSSH8a885f0bd389 it is no longer possible to create a channel in advance.

I use the libssh as SSH server and have so far initiated ssh_session_new() / ssh_channel_sew() / ssh_event_new() always on a new connection.

Event Timeline

davidwed created this task.May 3 2019, 1:23 PM
davidwed updated the task description. (Show Details)
davidwed updated the task description. (Show Details)May 3 2019, 1:25 PM
asn added a subscriber: asn.May 6 2019, 11:54 AM

What do you mean you can't create a channel in advance?

SFTP needs a channel to request the subsystem. So we should check as early as possible if we are authenticated, and that's when we create a channel.

I created all relevant structures in advance ( also the channel ) no matter if the session authenticated itself or not.
I then checked separately whether the session is authenticated.

However, it makes more sense to check the authentication when the channel is created.

davidwed closed this task as Invalid.May 6 2019, 1:24 PM