etherscan-io
diff --git a/‎packet-typing.go
Lines changed: 3 additions & 1 deletion b/‎packet-typing.go
Lines changed: 3 additions & 1 deletion
diff --git a/‎packet.go
Lines changed: 11 additions & 3 deletions b/‎packet.go
Lines changed: 11 additions & 3 deletions
diff --git a/‎request-server.go
Lines changed: 12 additions & 3 deletions b/‎request-server.go
Lines changed: 12 additions & 3 deletions
diff --git a/‎server.go
Lines changed: 13 additions & 4 deletions b/‎server.go
Lines changed: 13 additions & 4 deletions
diff --git a/‎server_test.go
Lines changed: 14 additions & 9 deletions b/‎server_test.go
Lines changed: 14 additions & 9 deletions
@@ -127,7 +127,9 @@ func makePacket(p rxPacket) (requestPacket, error) {
 		return nil, errors.Errorf("unhandled packet type: %s", p.pktType)
 	}
 	if err := pkt.UnmarshalBinary(p.pktBytes); err != nil {
-		return nil, err
+		// Return partially unpacked packet to allow callers to return
+		// error messages appropriately with necessary id() method.
+		return pkt, err
 	}
 	return pkt, nil
 }
@@ -874,10 +874,18 @@ type sshFxpExtendedPacket struct {
 	}
 }
 
-func (p sshFxpExtendedPacket) id() uint32     { return p.ID }
-func (p sshFxpExtendedPacket) readonly() bool { return p.SpecificPacket.readonly() }
+func (p sshFxpExtendedPacket) id() uint32 { return p.ID }
+func (p sshFxpExtendedPacket) readonly() bool {
+	if p.SpecificPacket == nil {
+		return true
+	}
+	return p.SpecificPacket.readonly()
+}
 
 func (p sshFxpExtendedPacket) respond(svr *Server) error {
+	if p.SpecificPacket == nil {
+		return nil
+	}
 	return p.SpecificPacket.respond(svr)
 }
 
@@ -897,7 +905,7 @@ func (p *sshFxpExtendedPacket) UnmarshalBinary(b []byte) error {
 	case "posix-rename@openssh.com":
 		p.SpecificPacket = &sshFxpExtendedPacketPosixRename{}
 	default:
-		return errUnknownExtendedPacket
+		return errors.Wrapf(errUnknownExtendedPacket, "packet type %v", p.SpecificPacket)
 	}
 
 	return p.SpecificPacket.UnmarshalBinary(bOrig)
 
@@ -128,9 +128,18 @@ func (rs *RequestServer) Serve() error {
 
 		pkt, err = makePacket(rxPacket{fxp(pktType), pktBytes})
 		if err != nil {
-			debug("makePacket err: %v", err)
-			rs.conn.Close() // shuts down recvPacket
-			break
+			switch errors.Cause(err) {
+			case errUnknownExtendedPacket:
+				if err := rs.serverConn.sendError(pkt, ErrSshFxOpUnsupported); err != nil {
+					debug("failed to send err packet: %v", err)
+					rs.conn.Close() // shuts down recvPacket
+					break
+				}
+			default:
+				debug("makePacket err: %v", err)
+				rs.conn.Close() // shuts down recvPacket
+				break
+			}
 		}
 
 		pktChan <- pkt
 
@@ -134,7 +134,7 @@ func (svr *Server) sftpServerWorker(pktChan chan requestPacket) error {
 		case *sshFxpOpenPacket:
 			readonly = pkt.readonly()
 		case *sshFxpExtendedPacket:
-			readonly = pkt.SpecificPacket.readonly()
+			readonly = pkt.readonly()
 		}
 
 		// If server is operating read-only and a write operation is requested,
@@ -304,9 +304,18 @@ func (svr *Server) Serve() error {
 
 		pkt, err = makePacket(rxPacket{fxp(pktType), pktBytes})
 		if err != nil {
-			debug("makePacket err: %v", err)
-			svr.conn.Close() // shuts down recvPacket
-			break
+			switch errors.Cause(err) {
+			case errUnknownExtendedPacket:
+				if err := svr.serverConn.sendError(pkt, ErrSshFxOpUnsupported); err != nil {
+					debug("failed to send err packet: %v", err)
+					svr.conn.Close() // shuts down recvPacket
+					break
+				}
+			default:
+				debug("makePacket err: %v", err)
+				svr.conn.Close() // shuts down recvPacket
+				break
+			}
 		}
 
 		pktChan <- pkt
 
@@ -198,24 +198,29 @@ func (p sshFxpTestBadExtendedPacket) MarshalBinary() ([]byte, error) {
 }
 
 // test that errors are sent back when we request an invalid extended packet operation
+// this validates the following rfc draft is followed https://tools.ietf.org/html/draft-ietf-secsh-filexfer-extensions-00
 func TestInvalidExtendedPacket(t *testing.T) {
 	client, server := clientServerPair(t)
 	defer client.Close()
 	defer server.Close()
 
 	badPacket := sshFxpTestBadExtendedPacket{client.nextID(), "thisDoesn'tExist", "foobar"}
-	_, _, err := client.clientConn.sendPacket(badPacket)
-	if err == nil {
-		t.Fatal("expected error from bad packet")
+	typ, data, err := client.clientConn.sendPacket(badPacket)
+		t.Fatalf("unexpected error from sendPacket: %s", err)
 	}
-
-	// try to stat a file; the client should have shut down.
-	filePath := "/etc/passwd"
-	_, err = client.Stat(filePath)
-	if err == nil {
-		t.Fatal("expected error from closed connection")
+	if typ != ssh_FXP_STATUS {
+		t.Fatalf("received non-FPX_STATUS packet: %v", typ)
 	}
 
+	err = unmarshalStatus(badPacket.id(), data)
+	statusErr, ok := err.(*StatusError)
+	if !ok {
+		t.Fatal("failed to convert error from unmarshalStatus to *StatusError")
+	}
+	if statusErr.Code != ssh_FX_OP_UNSUPPORTED {
+		t.Errorf("statusErr.Code => %d, wanted %d", statusErr.Code, ssh_FX_OP_UNSUPPORTED)
+	}
 }
 
 // test that server handles concurrent requests correctly
Original file line number	Diff line number	Diff line change
`@@ -127,7 +127,9 @@ func makePacket(p rxPacket) (requestPacket, error) {`
`127`	`127`	`return nil, errors.Errorf("unhandled packet type: %s", p.pktType)`
`128`	`128`	`}`
`129`	`129`	`if err := pkt.UnmarshalBinary(p.pktBytes); err != nil {`
`130`		`- return nil, err`
	`130`	`+ // Return partially unpacked packet to allow callers to return`
	`131`	`+ // error messages appropriately with necessary id() method.`
	`132`	`+ return pkt, err`
`131`	`133`	`}`
`132`	`134`	`return pkt, nil`
`133`	`135`	`}`