[ https://issues.apache.org/jira/browse/SSHD-1042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17165630#comment-17165630 ]
Thomas Wolf commented on SSHD-1042: ----------------------------------- [~shahbazsbaig], please don't post log excerpts as images; post the logs as text. The "Command Limiting Policy" appears to be a [feature of the IBM Sterling B2B Integrator|https://www.ibm.com/support/knowledgecenter/SS3JSW_6.0.1/integrating/integrating/integrator/CommandLimitPolicy.html]. Probably the same as OpenSSH's {{internal-sftp -P readdir}}, combined with a {{Match}} directive. "NativeFilesystemProviderBase" appears to be a class from that SB2Bi sftp server that check this "Command Limiting Policy". It looks like there's a team that tries to replace maverick by Apache MINA sshd inside SB2Bi. It also looks like this is a problem inside that SB2Bi; somehow the maverick implementation appears to be wired up such that it doesn't close the server-side session, while with sshd it gets closed. I _do_ notice that maverick has its own {{PermissionDeniedException}} which is _not_ an {{IOException}}. Perhaps that explains why that NativeFilesystemProviderBase doesn't close the session with maverick. In any case I think the reporter [~shahbazsbaig] will need to debug this more closely in their application. It doesn't look like a problem of Apache sshd but of how it's used by that application. > Command Limiting Policy SSH_FXP_READDIR closing connection > ---------------------------------------------------------- > > Key: SSHD-1042 > URL: https://issues.apache.org/jira/browse/SSHD-1042 > Project: MINA SSHD > Issue Type: New Feature > Reporter: Shahbaz > Priority: Major > Attachments: apache rmdir.PNG, maverick filesystem.PNG > > > *This are the below commands which prevent the execution of process for the > user at instance level relating to permission of open, read, write, opendir, > readdir, remove, rename, makedir, removedir respectively.* > *SSH_FXP_OPEN* > *SSH_FXP_READ* > *SSH_FXP_WRITE* > *SSH_FXP_OPENDIR* > *SSH_FXP_READDIR* > *SSH_FXP_REMOVE* > *SSH_FXP_RENAME* > *SSH_FXP_MKDIR* > *SSH_FXP_RMDIR* > *But the command for* *SSH_FXP_READDIR is not executed as it directly closes > the connection. This connection is closed because while throwing the > exception it directly calls destroy method from filesystem. Is there any > workaround to inhibit its execution when we extend sftpsubsytem class where > exception is thrown.*** > *While reading the directory when SH_FXP_READDIR is applied, the operation is > interrupted, as it evokes the destroy function to close the connection > directly when an IOException is thrown. The issue is how can we make sure the > destroy function is not called, when exception is thrown in a class which > extends SFTPSubsystem.* > > > > *Below attached are the images which shows how destroy is invoked in both > maverick and apache case.* > > > > -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org