would SFTPv4 support be acceptable in OpenSSH's server & client ?
SFTPv4 supports higher stat fidelity & user/group names (not just numeric):
https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-04#section-10.1
iiuc, some of the newer features are a bit contentious, like the NFS ACL models
(which only get worse it seems with SFTPv5 & SFTPv6). from a quick scan, it
seems these only show up in the file attrs operations, and the server could
just not return any (never set SSH_FILEXFER_ATTR_ACL). if the client were to
set file attrs and they have SSH_FILEXFER_ATTR_ACL set, then the server could
also ignore it, or have it return SSH_FX_OP_UNSUPPORTED.
the other feature that looks a bit dicey is opening files in text mode. the
caveats the spec sprinkles around makes it sound like it too would be easier
to simply return SSH_FX_OP_UNSUPPORTED.
requiring filenames be UTF-8 sounds fine ... the code already treats paths as
a series of bytes (effectively ignoring the encoding), so can just keep doing
that. if the client sends invalid UTF-8, that's a client bug. if the server
has a path that is invalid UTF-8, then the client can decide to ignore it, or
process it.
everything else looks pretty straight forward.
-mike
SFTPv4 supports higher stat fidelity & user/group names (not just numeric):
https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-04#section-10.1
iiuc, some of the newer features are a bit contentious, like the NFS ACL models
(which only get worse it seems with SFTPv5 & SFTPv6). from a quick scan, it
seems these only show up in the file attrs operations, and the server could
just not return any (never set SSH_FILEXFER_ATTR_ACL). if the client were to
set file attrs and they have SSH_FILEXFER_ATTR_ACL set, then the server could
also ignore it, or have it return SSH_FX_OP_UNSUPPORTED.
the other feature that looks a bit dicey is opening files in text mode. the
caveats the spec sprinkles around makes it sound like it too would be easier
to simply return SSH_FX_OP_UNSUPPORTED.
requiring filenames be UTF-8 sounds fine ... the code already treats paths as
a series of bytes (effectively ignoring the encoding), so can just keep doing
that. if the client sends invalid UTF-8, that's a client bug. if the server
has a path that is invalid UTF-8, then the client can decide to ignore it, or
process it.
everything else looks pretty straight forward.
-mike