Comments (2)
jun66j5
commented on June 27, 2024
Opening the file as 'w+' means the file immediately gets truncated to 0, after which a call to .truncate is done (in my example, truncating to 6, causing 0-bytes to be added). I believe opening the file as 'a+' would be better in this case (I did a test with the code changed, and the behaviour looks correct), although I'm not sure if that would have any other impact.
Bad idea. It will break current behavior.
It needs to implement SFTPHanle.chattr using the handle (fileno) rather than the filename and SFTPServerInterface.open returning the SFTPHanle instance in order to make the fsetattr work. I think your implementation has the root cause. Please share your implementation of the interfaces.
from paramiko.
Mathiasdm
commented on June 27, 2024
I can reproduce with the https://github.com/paramiko/paramiko/blob/main/tests/_stub_sftp.py implementation.
I've created a reproduction scenario as follows (this is using a container, the same can be achieved without it, I assume).
I put in the same folder the following files:
Dockerfile:
FROM rockylinux:9
RUN dnf install -y openssh-server openssh-clients wget python3-pip && pip3 install paramiko==3.4.0
RUN ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa && \
ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa && \
ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa && \
ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
RUN wget https://raw.githubusercontent.com/paramiko/paramiko/main/tests/_stub_sftp.py && mv _stub_sftp.py /stub_sftp.py
COPY sftp.py /sftp.py
RUN chmod +x /sftp.py
RUN sed -i s/Subsystem/#Subsystem/ /etc/ssh/sshd_config
RUN echo "Subsystem sftp /sftp.py" >> /etc/ssh/sshd_config
COPY id_rsa.pub /root/.ssh/authorized_keys
CMD /usr/sbin/sshd -De -oLogLevel=DEBUGsftp.py:
#!/usr/bin/env python3
import logging
import logging.handlers
import sys
import paramiko
import stub_sftp
# based on https://gist.github.com/lonetwin/3b5982cf88c598c0e169
class SocketAdapter(object):
""" Class that adapts stdout and stdin to the socket api to keep paramiko
happy
"""
def __init__(self, stdin, stdout):
self._stdin = stdin
self._stdout = stdout
self._transport = None
def send(self, data, flags=0):
self._stdout.flush()
self._stdout.buffer.write(data)
self._stdout.flush()
return len(data)
def recv(self, bufsize, flags=0):
data = self._stdin.buffer.read(bufsize)
return data
def close(self):
self._stdin.close()
self._stdout.close()
def settimeout(self, ignored):
pass
def get_name(self):
# required at https://github.com/paramiko/paramiko/blob/master/paramiko/sftp_server.py#L86-L91
return 'sftp'
def get_transport(self):
if not self._transport:
self._transport = paramiko.transport.Transport(self)
return self._transport
def main():
logging.basicConfig(level=logging.DEBUG)
logger = logging.getLogger()
logger.setLevel(logging.DEBUG)
extralog = logging.handlers.RotatingFileHandler('/extralog', maxBytes=1000000)
extralog.setLevel(logging.DEBUG)
logger.addHandler(extralog)
log = logging.getLogger(__name__)
log.debug('going to setup adapter...')
server_socket = SocketAdapter(sys.stdin, sys.stdout)
log.debug('going to setup server...')
si = paramiko.server.ServerInterface()
sftp_server = paramiko.sftp_server.SFTPServer(server_socket, 'sftp', server=si, sftp_si=stub_sftp.StubSFTPServer)
log.debug('going to start server...')
sftp_server.start()
if __name__ == "__main__":
main()id_rsa.pub: add your own key here to be able to test using scp
I then built and ran the container: docker build --build-arg http_proxy --build-arg https_proxy --build-arg no_proxy --tag paramikotest . && docker run --rm --name paramikotest -p 2223:22 -it paramikotest
To test, I ran scp from a rockylinux 9 (note: you can use any Linux distribution, but it needs to use the sftp protocol in scp, which happens by default from openssh 9.0 onwards):
echo -e "1\n2\n3\n" > blah
scp -P 2223 blah root@devws244:/blah
This resulted in a file with the correct length, but only 0-bytes in the file.
$ docker exec -it paramikotest /bin/bash -c "cat /root/blah"
(no-output)
$ docker exec -it paramikotest /bin/bash -c "ls -lha /root/blah"
-rw-r--r-- 1 root root 7 Mar 11 10:46 /root/blah
docker exec -it paramikotest /bin/bash -c "hexdump -C /root/blah"
00000000 00 00 00 00 00 00 00 |.......|
00000007
from paramiko.
Related Issues (20)
- [BUG] - ImportError: DLL load failed while importing _rust: The specified program could not be foundγ HOT 6
- [BUG] - Match does not allow 'all' mixed with anything but 'canonical'
- [ASYNC] - Paramiko Async support HOT 1
- [FEAT] - Add support for KEX algorithm: diffie-hellman-group18-sha512
- [SUPPORT] - Authentication fails when wrapping script using paramiko with `sudo -u`
- [BUG] - Logging multiple error lines instead of single row for traceback
- Unable to agree on a pubkey algorithm for signing a 'ssh-rsa' key
- [BUG] - SSHException: No authentication methods available after successful authentication (Tailscale) HOT 2
- [SUPPORT] - Paramiko switching to new keys every 60s HOT 3
- [SUPPORT] - after connection is established nothing happens for 5 seconds
- Paramiko command error HOT 1
- [BUG] - Auth works on 2.12.0 but fails on 3.4.0 HOT 5
- [SUPPORT] - SSH Authentication Failed
- [SUPPORT] - Exception in prefetch thread after closing connection
- [BUG] - <title>
- [SUPPORT] - Authentication failed when connected to remote host that only allows key authentication and non-interactive commands
- [BUG] - Use of MD5 algorithm in FIPs system
- [SUPPORT] - Cannot get output from APC devices HOT 1
- Fix typo in transport.py: "the the window" repeated
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from paramiko.