Re: [ftpext] Question about draft-bryan-ftp-hash-07

[Anthony Bryan <anthonybryan@gmail.com>]

On Thu, Sep 16, 2010 at 1:28 AM, Anthony Bryan <anthonybryan@gmail.com> wrote:
> On Fri, Aug 20, 2010 at 6:01 PM, Robert McMurray <robmcm@microsoft.com> wrote:
>> With that in mind, I've been thinking through implementation scenarios in the wake of the denial-of-service discussion that took place before IETF 78. More specifically, I've thinking about a scenario where the maximum file size could be configured at the server, so HASH commands could be prevented from stealing too many server resources when larger files are involved. This is purely a server implementation detail that has nothing to do with the draft with the exception of considering which reply code to return.
>>
>> Looking at section "3.4. HASH Command Errors" in the draft it would seem that none of the 5yz errors that are listed would apply, but returning a 504 reply might seem to make sense in this scenario. If so, would it be worthwhile to add a statement like the following to the draft?
>>
>>   The server-PI SHOULD reply with a 504 reply if the HASH command is
>>   used on a file that cannot be processed for policy reasons. (For
>>   example, the file size exceeds the server's hashing policy.)
>>
>> Or would a 4yz reply be better since this is a configurable option at the server? Perhaps a 452 reply?
>
> revisiting this, Mathias Berchtold is an implementer (ProFTPD module
> mod_digest, http://www.smartftp.com/oss/proftpd/mod_digest.html ) of
> the alternate non-standard commands (XCRC, XMD5, XSHA1, SHA256) that
> HASH is trying to standardize.
>
> mod_digest uses 550 reply code for the case that Robert mentioned of a
> file not being allowed to be hashed because of a policy.
>
> "The DigestMaxSize directive configures the maximum number of bytes a
> single hash command is allowed to read from a file. If the number of
> bytes to be read from the file is greater than the configured limit
> the server will return an error. If no DigestMaxSize directive is
> configured, then there is no limit. It is stronly recommended to set
> an upper limit."
>
> R_550, "%s: Length (%zu) greater than " CONFIG_DIGEST_MAXSIZE " (%zu)
> config value", cmd->arg, lLength, lMaxSize);
>
> Mathias, any suggestions as an implementer?
>
> we use 550 already for file not found.
>
>      550 Requested action not taken.
>          File unavailable (e.g., file not found, no access).
>
> we don't seem to have a specific reply code that fits this case currently.
> should we mint a new reply code (55z since it's permanent & deals with
> file system) or use another existing code that isn't an exact fit?

the newest HASH draft uses a new code: 556.

http://tools.ietf.org/html/draft-bryan-ftp-hash

comments? here's the new text.

 	   The server-PI SHOULD reply with a 556 reply if the HASH command is	
 	   used on a file that cannot be processed for policy reasons.  (For	
 	   example, if the file size exceeds the server's hashing policy.)

later:

 	   Server operators might wish to allow the HASH command but restrict	
 	   its use to certain files, for example, if the file size exceeds the	
 	   server's hashing policy.  A client MUST be able to understand that	
 	   refusal to process HASH commands may be permanent (if indicated by a	
 	   556 response) and will not be honoured later.

-- 
(( Anthony Bryan ... Metalink [ http://www.metalinker.org ]
  )) Easier, More Reliable, Self Healing Downloads