1
# Copyright (C) 2005 Robey Pointer <robey@lag.net>, Canonical Ltd
3
# This program is free software; you can redistribute it and/or modify
4
# it under the terms of the GNU General Public License as published by
5
# the Free Software Foundation; either version 2 of the License, or
6
# (at your option) any later version.
8
# This program is distributed in the hope that it will be useful,
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
# GNU General Public License for more details.
13
# You should have received a copy of the GNU General Public License
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17
"""Implementation of Transport over SFTP, using paramiko."""
26
from bzrlib.errors import TransportNotPossible, NoSuchFile, NonRelativePath, TransportError
27
from bzrlib.config import config_dir
28
from bzrlib.trace import mutter, warning, error
29
from bzrlib.transport import Transport, register_transport
34
error('The SFTP transport requires paramiko.')
43
Load system host keys (probably doesn't work on windows) and any
44
"discovered" keys from previous sessions.
46
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
48
SYSTEM_HOSTKEYS = paramiko.util.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
50
mutter('failed to load system host keys: ' + str(e))
51
bzr_hostkey_path = os.path.join(config_dir(), 'ssh_host_keys')
53
BZR_HOSTKEYS = paramiko.util.load_host_keys(bzr_hostkey_path)
55
mutter('failed to load bzr host keys: ' + str(e))
60
Save "discovered" host keys in $(config)/ssh_host_keys/.
62
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
63
bzr_hostkey_path = os.path.join(config_dir(), 'ssh_host_keys')
64
if not os.path.isdir(config_dir()):
65
os.mkdir(config_dir())
67
f = open(bzr_hostkey_path, 'w')
68
f.write('# SSH host keys collected by bzr\n')
69
for hostname, keys in BZR_HOSTKEYS.iteritems():
70
for keytype, key in keys.iteritems():
71
f.write('%s %s %s\n' % (hostname, keytype, key.get_base64()))
74
mutter('failed to save bzr host keys: ' + str(e))
78
class SFTPTransportError (TransportError):
82
class SFTPTransport (Transport):
84
Transport implementation for SFTP access.
87
_url_matcher = re.compile(r'^sftp://([^@]*@)?(.*?)(:\d+)?(/.*)?$')
89
def __init__(self, base, clone_from=None):
90
assert base.startswith('sftp://')
91
super(SFTPTransport, self).__init__(base)
93
if clone_from is None:
96
# use the same ssh connection, etc
97
self._sftp = clone_from._sftp
98
# super saves 'self.base'
100
def should_cache(self):
102
Return True if the data pulled across should be cached locally.
106
def clone(self, offset=None):
108
Return a new SFTPTransport with root at self.base + offset.
109
We share the same SFTP session between such transports, because it's
110
fairly expensive to set them up.
113
return SFTPTransport(self.base, self)
115
return SFTPTransport(self.abspath(offset), self)
117
def abspath(self, relpath):
119
Return the full url to the given relative path.
121
@param relpath: the relative path or path components
122
@type relpath: str or list
124
return self._unparse_url(self._abspath(relpath))
126
def _abspath(self, relpath):
127
"""Return the absolute path segment without the SFTP URL."""
128
# FIXME: share the common code across transports
129
assert isinstance(relpath, basestring)
130
relpath = [urllib.unquote(relpath)]
131
basepath = self._path.split('/')
132
if len(basepath) > 0 and basepath[-1] == '':
133
basepath = basepath[:-1]
137
if len(basepath) == 0:
138
# In most filesystems, a request for the parent
139
# of root, just returns root.
147
path = '/'.join(basepath)
152
def relpath(self, abspath):
153
# FIXME: this is identical to HttpTransport -- share it
154
if not abspath.startswith(self.base):
155
raise NonRelativePath('path %r is not under base URL %r'
156
% (abspath, self.base))
158
return abspath[pl:].lstrip('/')
160
def has(self, relpath):
162
Does the target location exist?
165
self._sftp.stat(self._abspath(relpath))
170
def get(self, relpath, decode=False):
172
Get the file at the given relative path.
174
:param relpath: The relative path to the file
177
path = self._abspath(relpath)
178
return self._sftp.file(path)
179
except (IOError, paramiko.SSHException), x:
180
raise NoSuchFile('Error retrieving %s: %s' % (path, str(x)), x)
182
def get_partial(self, relpath, start, length=None):
184
Get just part of a file.
186
:param relpath: Path to the file, relative to base
187
:param start: The starting position to read from
188
:param length: The length to read. A length of None indicates
189
read to the end of the file.
190
:return: A file-like object containing at least the specified bytes.
191
Some implementations may return objects which can be read
192
past this length, but this is not guaranteed.
194
f = self.get(relpath)
198
def put(self, relpath, f):
200
Copy the file-like or string object into the location.
202
:param relpath: Location to put the contents, relative to base.
203
:param f: File-like or string object.
205
# FIXME: should do something atomic or locking here, this is unsafe
207
path = self._abspath(relpath)
208
fout = self._sftp.file(path, 'wb')
209
except (IOError, paramiko.SSHException), x:
210
raise SFTPTransportError('Unable to write file %r' % (path,), x)
216
def iter_files_recursive(self):
217
"""Walk the relative paths of all files in this transport."""
218
queue = list(self.list_dir('.'))
220
relpath = queue.pop(0)
221
st = self.stat(relpath)
222
if stat.S_ISDIR(st.st_mode):
223
for i, basename in enumerate(self.list_dir(relpath)):
224
queue.insert(i, relpath+'/'+basename)
228
def mkdir(self, relpath):
229
"""Create a directory at the given path."""
231
path = self._abspath(relpath)
232
self._sftp.mkdir(path)
233
except (IOError, paramiko.SSHException), x:
234
raise SFTPTransportError('Unable to mkdir %r' % (path,), x)
236
def append(self, relpath, f):
238
Append the text in the file-like object into the final
242
path = self._abspath(relpath)
243
fout = self._sftp.file(path, 'ab')
245
except (IOError, paramiko.SSHException), x:
246
raise SFTPTransportError('Unable to append file %r' % (path,), x)
248
def copy(self, rel_from, rel_to):
249
"""Copy the item at rel_from to the location at rel_to"""
250
path_from = self._abspath(rel_from)
251
path_to = self._abspath(rel_to)
253
fin = self._sftp.file(path_from, 'rb')
255
fout = self._sftp.file(path_to, 'wb')
257
fout.set_pipelined(True)
258
self._pump(fin, fout)
263
except (IOError, paramiko.SSHException), x:
264
raise SFTPTransportError('Unable to copy %r to %r' % (path_from, path_to), x)
266
def move(self, rel_from, rel_to):
267
"""Move the item at rel_from to the location at rel_to"""
268
path_from = self._abspath(rel_from)
269
path_to = self._abspath(rel_to)
271
self._sftp.rename(path_from, path_to)
272
except (IOError, paramiko.SSHException), x:
273
raise SFTPTransportError('Unable to move %r to %r' % (path_from, path_to), x)
275
def delete(self, relpath):
276
"""Delete the item at relpath"""
277
path = self._abspath(relpath)
279
self._sftp.remove(path)
280
except (IOError, paramiko.SSHException), x:
281
raise SFTPTransportError('Unable to delete %r' % (path,), x)
284
"""Return True if this store supports listing."""
287
def list_dir(self, relpath):
289
Return a list of all files at the given location.
291
# does anything actually use this?
292
path = self._abspath(relpath)
294
return self._sftp.listdir(path)
295
except (IOError, paramiko.SSHException), x:
296
raise SFTPTransportError('Unable to list folder %r' % (path,), x)
298
def stat(self, relpath):
299
"""Return the stat information for a file."""
300
path = self._abspath(relpath)
302
return self._sftp.stat(path)
303
except (IOError, paramiko.SSHException), x:
304
raise SFTPTransportError('Unable to stat %r' % (path,), x)
306
def lock_read(self, relpath):
308
Lock the given file for shared (read) access.
309
:return: A lock object, which should be passed to Transport.unlock()
311
# FIXME: there should be something clever i can do here...
312
class BogusLock(object):
313
def __init__(self, path):
317
return BogusLock(relpath)
319
def lock_write(self, relpath):
321
Lock the given file for exclusive (write) access.
322
WARNING: many transports do not support this, so trying avoid using it
324
:return: A lock object, which should be passed to Transport.unlock()
326
# FIXME: there should be something clever i can do here...
327
class BogusLock(object):
328
def __init__(self, path):
332
return BogusLock(relpath)
335
def _unparse_url(self, path=None):
339
return 'sftp://%s@%s%s' % (self._username, self._host, path)
340
return 'sftp://%s@%s:%d%s' % (self._username, self._host, self._port, path)
342
def _parse_url(self, url):
343
assert url[:7] == 'sftp://'
344
m = self._url_matcher.match(url)
346
raise SFTPTransportError('Unable to parse SFTP URL %r' % (url,))
347
self._username, self._host, self._port, self._path = m.groups()
348
if self._username is None:
349
self._username = getpass.getuser()
351
self._username = self._username[:-1]
352
if self._port is None:
355
self._port = int(self._port[1:])
356
if (self._path is None) or (self._path == ''):
359
def _sftp_connect(self):
360
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
365
t = paramiko.Transport((self._host, self._port))
367
except paramiko.SSHException:
368
raise SFTPTransportError('Unable to reach SSH host %s:%d' % (self._host, self._port))
370
server_key = t.get_remote_server_key()
371
server_key_hex = paramiko.util.hexify(server_key.get_fingerprint())
372
keytype = server_key.get_name()
373
if SYSTEM_HOSTKEYS.has_key(self._host) and SYSTEM_HOSTKEYS[self._host].has_key(keytype):
374
our_server_key = SYSTEM_HOSTKEYS[self._host][keytype]
375
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
376
elif BZR_HOSTKEYS.has_key(self._host) and BZR_HOSTKEYS[self._host].has_key(keytype):
377
our_server_key = BZR_HOSTKEYS[self._host][keytype]
378
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
380
warning('Adding %s host key for %s: %s' % (keytype, self._host, server_key_hex))
381
if not BZR_HOSTKEYS.has_key(self._host):
382
BZR_HOSTKEYS[self._host] = {}
383
BZR_HOSTKEYS[self._host][keytype] = server_key
384
our_server_key = server_key
385
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
387
if server_key != our_server_key:
388
filename1 = os.path.expanduser('~/.ssh/known_hosts')
389
filename2 = os.path.join(config_dir(), 'ssh_host_keys')
390
raise SFTPTransportError('Host keys for %s do not match! %s != %s' % \
391
(self._host, our_server_key_hex, server_key_hex),
392
['Try editing %s or %s' % (filename1, filename2)])
394
self._sftp_auth(t, self._username, self._host)
397
self._sftp = t.open_sftp_client()
398
except paramiko.SSHException:
399
raise BzrError('Unable to find path %s on SFTP server %s' % \
400
(self._path, self._host))
402
def _sftp_auth(self, transport, username, host):
403
agent = paramiko.Agent()
404
for key in agent.get_keys():
405
mutter('Trying SSH agent key %s' % paramiko.util.hexify(key.get_fingerprint()))
407
transport.auth_publickey(self._username, key)
409
except paramiko.SSHException, e:
412
# okay, try finding id_rsa or id_dss? (posix only)
413
if self._try_pkey_auth(transport, paramiko.RSAKey, 'id_rsa'):
415
if self._try_pkey_auth(transport, paramiko.DSSKey, 'id_dsa'):
418
# give up and ask for a password
419
password = getpass.getpass('SSH %s@%s password: ' % (self._username, self._host))
421
transport.auth_password(self._username, password)
422
except paramiko.SSHException:
423
raise SFTPTransportError('Unable to authenticate to SSH host as %s@%s' % \
424
(self._username, self._host))
426
def _try_pkey_auth(self, transport, pkey_class, filename):
427
filename = os.path.expanduser('~/.ssh/' + filename)
429
key = pkey_class.from_private_key_file(filename)
430
transport.auth_publickey(self._username, key)
432
except paramiko.PasswordRequiredException:
433
password = getpass.getpass('SSH %s password: ' % (os.path.basename(filename),))
435
key = pkey_class.from_private_key_file(filename, password)
436
transport.auth_publickey(self._username, key)
438
except paramiko.SSHException:
439
mutter('SSH authentication via %s key failed.' % (os.path.basename(filename),))
440
except paramiko.SSHException:
441
mutter('SSH authentication via %s key failed.' % (os.path.basename(filename),))
1
# Copyright (C) 2005 Robey Pointer <robey@lag.net>, Canonical Ltd
3
# This program is free software; you can redistribute it and/or modify
4
# it under the terms of the GNU General Public License as published by
5
# the Free Software Foundation; either version 2 of the License, or
6
# (at your option) any later version.
8
# This program is distributed in the hope that it will be useful,
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
# GNU General Public License for more details.
13
# You should have received a copy of the GNU General Public License
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17
"""Implementation of Transport over SFTP, using paramiko."""
32
from bzrlib.config import config_dir, ensure_config_dir_exists
33
from bzrlib.errors import (ConnectionError,
35
TransportNotPossible, NoSuchFile, PathNotChild,
37
LockError, ParamikoNotPresent
39
from bzrlib.osutils import pathjoin, fancy_rename
40
from bzrlib.trace import mutter, warning, error
41
from bzrlib.transport import Transport, Server, urlescape
46
except ImportError, e:
47
raise ParamikoNotPresent(e)
49
from paramiko.sftp import (SFTP_FLAG_WRITE, SFTP_FLAG_CREATE,
50
SFTP_FLAG_EXCL, SFTP_FLAG_TRUNC,
52
from paramiko.sftp_attr import SFTPAttributes
53
from paramiko.sftp_file import SFTPFile
54
from paramiko.sftp_client import SFTPClient
56
if 'sftp' not in urlparse.uses_netloc:
57
urlparse.uses_netloc.append('sftp')
59
# don't use prefetch unless paramiko version >= 1.5.2 (there were bugs earlier)
60
_default_do_prefetch = False
61
if getattr(paramiko, '__version_info__', (0, 0, 0)) >= (1, 5, 2):
62
_default_do_prefetch = True
66
if sys.platform == 'win32':
67
# close_fds not supported on win32
72
def _get_ssh_vendor():
73
"""Find out what version of SSH is on the system."""
75
if _ssh_vendor is not None:
80
if 'BZR_SSH' in os.environ:
81
_ssh_vendor = os.environ['BZR_SSH']
82
if _ssh_vendor == 'paramiko':
87
p = subprocess.Popen(['ssh', '-V'],
89
stdin=subprocess.PIPE,
90
stdout=subprocess.PIPE,
91
stderr=subprocess.PIPE)
92
returncode = p.returncode
93
stdout, stderr = p.communicate()
97
if 'OpenSSH' in stderr:
98
mutter('ssh implementation is OpenSSH')
99
_ssh_vendor = 'openssh'
100
elif 'SSH Secure Shell' in stderr:
101
mutter('ssh implementation is SSH Corp.')
104
if _ssh_vendor != 'none':
107
# XXX: 20051123 jamesh
108
# A check for putty's plink or lsh would go here.
110
mutter('falling back to paramiko implementation')
114
class SFTPSubprocess:
115
"""A socket-like object that talks to an ssh subprocess via pipes."""
116
def __init__(self, hostname, vendor, port=None, user=None):
117
assert vendor in ['openssh', 'ssh']
118
if vendor == 'openssh':
120
'-oForwardX11=no', '-oForwardAgent=no',
121
'-oClearAllForwardings=yes', '-oProtocol=2',
122
'-oNoHostAuthenticationForLocalhost=yes']
124
args.extend(['-p', str(port)])
126
args.extend(['-l', user])
127
args.extend(['-s', hostname, 'sftp'])
128
elif vendor == 'ssh':
131
args.extend(['-p', str(port)])
133
args.extend(['-l', user])
134
args.extend(['-s', 'sftp', hostname])
136
self.proc = subprocess.Popen(args, close_fds=_close_fds,
137
stdin=subprocess.PIPE,
138
stdout=subprocess.PIPE)
140
def send(self, data):
141
return os.write(self.proc.stdin.fileno(), data)
143
def recv_ready(self):
144
# TODO: jam 20051215 this function is necessary to support the
145
# pipelined() function. In reality, it probably should use
146
# poll() or select() to actually return if there is data
147
# available, otherwise we probably don't get any benefit
150
def recv(self, count):
151
return os.read(self.proc.stdout.fileno(), count)
154
self.proc.stdin.close()
155
self.proc.stdout.close()
159
class LoopbackSFTP(object):
160
"""Simple wrapper for a socket that pretends to be a paramiko Channel."""
162
def __init__(self, sock):
165
def send(self, data):
166
return self.__socket.send(data)
169
return self.__socket.recv(n)
171
def recv_ready(self):
175
self.__socket.close()
181
# This is a weakref dictionary, so that we can reuse connections
182
# that are still active. Long term, it might be nice to have some
183
# sort of expiration policy, such as disconnect if inactive for
184
# X seconds. But that requires a lot more fanciness.
185
_connected_hosts = weakref.WeakValueDictionary()
188
def load_host_keys():
190
Load system host keys (probably doesn't work on windows) and any
191
"discovered" keys from previous sessions.
193
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
195
SYSTEM_HOSTKEYS = paramiko.util.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
197
mutter('failed to load system host keys: ' + str(e))
198
bzr_hostkey_path = pathjoin(config_dir(), 'ssh_host_keys')
200
BZR_HOSTKEYS = paramiko.util.load_host_keys(bzr_hostkey_path)
202
mutter('failed to load bzr host keys: ' + str(e))
206
def save_host_keys():
208
Save "discovered" host keys in $(config)/ssh_host_keys/.
210
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
211
bzr_hostkey_path = pathjoin(config_dir(), 'ssh_host_keys')
212
ensure_config_dir_exists()
215
f = open(bzr_hostkey_path, 'w')
216
f.write('# SSH host keys collected by bzr\n')
217
for hostname, keys in BZR_HOSTKEYS.iteritems():
218
for keytype, key in keys.iteritems():
219
f.write('%s %s %s\n' % (hostname, keytype, key.get_base64()))
222
mutter('failed to save bzr host keys: ' + str(e))
225
class SFTPLock(object):
226
"""This fakes a lock in a remote location."""
227
__slots__ = ['path', 'lock_path', 'lock_file', 'transport']
228
def __init__(self, path, transport):
229
assert isinstance(transport, SFTPTransport)
231
self.lock_file = None
233
self.lock_path = path + '.write-lock'
234
self.transport = transport
236
# RBC 20060103 FIXME should we be using private methods here ?
237
abspath = transport._remote_path(self.lock_path)
238
self.lock_file = transport._sftp_open_exclusive(abspath)
240
raise LockError('File %r already locked' % (self.path,))
243
"""Should this warn, or actually try to cleanup?"""
245
warning("SFTPLock %r not explicitly unlocked" % (self.path,))
249
if not self.lock_file:
251
self.lock_file.close()
252
self.lock_file = None
254
self.transport.delete(self.lock_path)
255
except (NoSuchFile,):
256
# What specific errors should we catch here?
259
class SFTPTransport (Transport):
261
Transport implementation for SFTP access.
263
_do_prefetch = _default_do_prefetch
265
def __init__(self, base, clone_from=None):
266
assert base.startswith('sftp://')
267
self._parse_url(base)
268
base = self._unparse_url()
271
super(SFTPTransport, self).__init__(base)
272
if clone_from is None:
275
# use the same ssh connection, etc
276
self._sftp = clone_from._sftp
277
# super saves 'self.base'
279
def should_cache(self):
281
Return True if the data pulled across should be cached locally.
285
def clone(self, offset=None):
287
Return a new SFTPTransport with root at self.base + offset.
288
We share the same SFTP session between such transports, because it's
289
fairly expensive to set them up.
292
return SFTPTransport(self.base, self)
294
return SFTPTransport(self.abspath(offset), self)
296
def abspath(self, relpath):
298
Return the full url to the given relative path.
300
@param relpath: the relative path or path components
301
@type relpath: str or list
303
return self._unparse_url(self._remote_path(relpath))
305
def _remote_path(self, relpath):
306
"""Return the path to be passed along the sftp protocol for relpath.
308
relpath is a urlencoded string.
310
# FIXME: share the common code across transports
311
assert isinstance(relpath, basestring)
312
relpath = urllib.unquote(relpath).split('/')
313
basepath = self._path.split('/')
314
if len(basepath) > 0 and basepath[-1] == '':
315
basepath = basepath[:-1]
319
if len(basepath) == 0:
320
# In most filesystems, a request for the parent
321
# of root, just returns root.
329
path = '/'.join(basepath)
332
def relpath(self, abspath):
333
username, password, host, port, path = self._split_url(abspath)
335
if (username != self._username):
336
error.append('username mismatch')
337
if (host != self._host):
338
error.append('host mismatch')
339
if (port != self._port):
340
error.append('port mismatch')
341
if (not path.startswith(self._path)):
342
error.append('path mismatch')
344
extra = ': ' + ', '.join(error)
345
raise PathNotChild(abspath, self.base, extra=extra)
347
return path[pl:].strip('/')
349
def has(self, relpath):
351
Does the target location exist?
354
self._sftp.stat(self._remote_path(relpath))
359
def get(self, relpath):
361
Get the file at the given relative path.
363
:param relpath: The relative path to the file
366
path = self._remote_path(relpath)
367
f = self._sftp.file(path, mode='rb')
368
if self._do_prefetch and (getattr(f, 'prefetch', None) is not None):
371
except (IOError, paramiko.SSHException), e:
372
self._translate_io_exception(e, path, ': error retrieving')
374
def get_partial(self, relpath, start, length=None):
376
Get just part of a file.
378
:param relpath: Path to the file, relative to base
379
:param start: The starting position to read from
380
:param length: The length to read. A length of None indicates
381
read to the end of the file.
382
:return: A file-like object containing at least the specified bytes.
383
Some implementations may return objects which can be read
384
past this length, but this is not guaranteed.
386
# TODO: implement get_partial_multi to help with knit support
387
f = self.get(relpath)
389
if self._do_prefetch and hasattr(f, 'prefetch'):
393
def put(self, relpath, f, mode=None):
395
Copy the file-like or string object into the location.
397
:param relpath: Location to put the contents, relative to base.
398
:param f: File-like or string object.
399
:param mode: The final mode for the file
401
final_path = self._remote_path(relpath)
402
self._put(final_path, f, mode=mode)
404
def _put(self, abspath, f, mode=None):
405
"""Helper function so both put() and copy_abspaths can reuse the code"""
406
tmp_abspath = '%s.tmp.%.9f.%d.%d' % (abspath, time.time(),
407
os.getpid(), random.randint(0,0x7FFFFFFF))
408
fout = self._sftp_open_exclusive(tmp_abspath, mode=mode)
412
fout.set_pipelined(True)
414
except (IOError, paramiko.SSHException), e:
415
self._translate_io_exception(e, tmp_abspath)
417
self._sftp.chmod(tmp_abspath, mode)
420
self._rename_and_overwrite(tmp_abspath, abspath)
422
# If we fail, try to clean up the temporary file
423
# before we throw the exception
424
# but don't let another exception mess things up
425
# Write out the traceback, because otherwise
426
# the catch and throw destroys it
428
mutter(traceback.format_exc())
432
self._sftp.remove(tmp_abspath)
434
# raise the saved except
436
# raise the original with its traceback if we can.
439
def iter_files_recursive(self):
440
"""Walk the relative paths of all files in this transport."""
441
queue = list(self.list_dir('.'))
443
relpath = urllib.quote(queue.pop(0))
444
st = self.stat(relpath)
445
if stat.S_ISDIR(st.st_mode):
446
for i, basename in enumerate(self.list_dir(relpath)):
447
queue.insert(i, relpath+'/'+basename)
451
def mkdir(self, relpath, mode=None):
452
"""Create a directory at the given path."""
454
path = self._remote_path(relpath)
455
# In the paramiko documentation, it says that passing a mode flag
456
# will filtered against the server umask.
457
# StubSFTPServer does not do this, which would be nice, because it is
458
# what we really want :)
459
# However, real servers do use umask, so we really should do it that way
460
self._sftp.mkdir(path)
462
self._sftp.chmod(path, mode=mode)
463
except (paramiko.SSHException, IOError), e:
464
self._translate_io_exception(e, path, ': unable to mkdir',
465
failure_exc=FileExists)
467
def _translate_io_exception(self, e, path, more_info='', failure_exc=NoSuchFile):
468
"""Translate a paramiko or IOError into a friendlier exception.
470
:param e: The original exception
471
:param path: The path in question when the error is raised
472
:param more_info: Extra information that can be included,
473
such as what was going on
474
:param failure_exc: Paramiko has the super fun ability to raise completely
475
opaque errors that just set "e.args = ('Failure',)" with
477
This sometimes means FileExists, but it also sometimes
480
# paramiko seems to generate detailless errors.
481
self._translate_error(e, path, raise_generic=False)
482
if hasattr(e, 'args'):
483
if (e.args == ('No such file or directory',) or
484
e.args == ('No such file',)):
485
raise NoSuchFile(path, str(e) + more_info)
486
if (e.args == ('mkdir failed',)):
487
raise FileExists(path, str(e) + more_info)
488
# strange but true, for the paramiko server.
489
if (e.args == ('Failure',)):
490
raise failure_exc(path, str(e) + more_info)
491
mutter('Raising exception with args %s', e.args)
492
if hasattr(e, 'errno'):
493
mutter('Raising exception with errno %s', e.errno)
496
def append(self, relpath, f):
498
Append the text in the file-like object into the final
502
path = self._remote_path(relpath)
503
fout = self._sftp.file(path, 'ab')
507
except (IOError, paramiko.SSHException), e:
508
self._translate_io_exception(e, relpath, ': unable to append')
510
def rename(self, rel_from, rel_to):
511
"""Rename without special overwriting"""
513
self._sftp.rename(self._remote_path(rel_from),
514
self._remote_path(rel_to))
515
except (IOError, paramiko.SSHException), e:
516
self._translate_io_exception(e, rel_from,
517
': unable to rename to %r' % (rel_to))
519
def _rename_and_overwrite(self, abs_from, abs_to):
520
"""Do a fancy rename on the remote server.
522
Using the implementation provided by osutils.
525
fancy_rename(abs_from, abs_to,
526
rename_func=self._sftp.rename,
527
unlink_func=self._sftp.remove)
528
except (IOError, paramiko.SSHException), e:
529
self._translate_io_exception(e, abs_from, ': unable to rename to %r' % (abs_to))
531
def move(self, rel_from, rel_to):
532
"""Move the item at rel_from to the location at rel_to"""
533
path_from = self._remote_path(rel_from)
534
path_to = self._remote_path(rel_to)
535
self._rename_and_overwrite(path_from, path_to)
537
def delete(self, relpath):
538
"""Delete the item at relpath"""
539
path = self._remote_path(relpath)
541
self._sftp.remove(path)
542
except (IOError, paramiko.SSHException), e:
543
self._translate_io_exception(e, path, ': unable to delete')
546
"""Return True if this store supports listing."""
549
def list_dir(self, relpath):
551
Return a list of all files at the given location.
553
# does anything actually use this?
554
path = self._remote_path(relpath)
556
return self._sftp.listdir(path)
557
except (IOError, paramiko.SSHException), e:
558
self._translate_io_exception(e, path, ': failed to list_dir')
560
def rmdir(self, relpath):
561
"""See Transport.rmdir."""
562
path = self._remote_path(relpath)
564
return self._sftp.rmdir(path)
565
except (IOError, paramiko.SSHException), e:
566
self._translate_io_exception(e, path, ': failed to rmdir')
568
def stat(self, relpath):
569
"""Return the stat information for a file."""
570
path = self._remote_path(relpath)
572
return self._sftp.stat(path)
573
except (IOError, paramiko.SSHException), e:
574
self._translate_io_exception(e, path, ': unable to stat')
576
def lock_read(self, relpath):
578
Lock the given file for shared (read) access.
579
:return: A lock object, which has an unlock() member function
581
# FIXME: there should be something clever i can do here...
582
class BogusLock(object):
583
def __init__(self, path):
587
return BogusLock(relpath)
589
def lock_write(self, relpath):
591
Lock the given file for exclusive (write) access.
592
WARNING: many transports do not support this, so trying avoid using it
594
:return: A lock object, which has an unlock() member function
596
# This is a little bit bogus, but basically, we create a file
597
# which should not already exist, and if it does, we assume
598
# that there is a lock, and if it doesn't, the we assume
599
# that we have taken the lock.
600
return SFTPLock(relpath, self)
602
def _unparse_url(self, path=None):
605
path = urllib.quote(path)
606
# handle homedir paths
607
if not path.startswith('/'):
609
netloc = urllib.quote(self._host)
610
if self._username is not None:
611
netloc = '%s@%s' % (urllib.quote(self._username), netloc)
612
if self._port is not None:
613
netloc = '%s:%d' % (netloc, self._port)
615
return urlparse.urlunparse(('sftp', netloc, path, '', '', ''))
617
def _split_url(self, url):
618
if isinstance(url, unicode):
619
url = url.encode('utf-8')
620
(scheme, netloc, path, params,
621
query, fragment) = urlparse.urlparse(url, allow_fragments=False)
622
assert scheme == 'sftp'
623
username = password = host = port = None
625
username, host = netloc.split('@', 1)
627
username, password = username.split(':', 1)
628
password = urllib.unquote(password)
629
username = urllib.unquote(username)
634
host, port = host.rsplit(':', 1)
638
# TODO: Should this be ConnectionError?
639
raise TransportError('%s: invalid port number' % port)
640
host = urllib.unquote(host)
642
path = urllib.unquote(path)
644
# the initial slash should be removed from the path, and treated
645
# as a homedir relative path (the path begins with a double slash
646
# if it is absolute).
647
# see draft-ietf-secsh-scp-sftp-ssh-uri-03.txt
648
# RBC 20060118 we are not using this as its too user hostile. instead
649
# we are following lftp and using /~/foo to mean '~/foo'.
650
# handle homedir paths
651
if path.startswith('/~/'):
655
return (username, password, host, port, path)
657
def _parse_url(self, url):
658
(self._username, self._password,
659
self._host, self._port, self._path) = self._split_url(url)
661
def _sftp_connect(self):
662
"""Connect to the remote sftp server.
663
After this, self._sftp should have a valid connection (or
664
we raise an TransportError 'could not connect').
666
TODO: Raise a more reasonable ConnectionFailed exception
668
global _connected_hosts
670
idx = (self._host, self._port, self._username)
672
self._sftp = _connected_hosts[idx]
677
vendor = _get_ssh_vendor()
678
if vendor == 'loopback':
679
sock = socket.socket()
680
sock.connect((self._host, self._port))
681
self._sftp = SFTPClient(LoopbackSFTP(sock))
682
elif vendor != 'none':
683
sock = SFTPSubprocess(self._host, vendor, self._port,
685
self._sftp = SFTPClient(sock)
687
self._paramiko_connect()
689
_connected_hosts[idx] = self._sftp
691
def _paramiko_connect(self):
692
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
697
t = paramiko.Transport((self._host, self._port or 22))
698
t.set_log_channel('bzr.paramiko')
700
except paramiko.SSHException, e:
701
raise ConnectionError('Unable to reach SSH host %s:%d' %
702
(self._host, self._port), e)
704
server_key = t.get_remote_server_key()
705
server_key_hex = paramiko.util.hexify(server_key.get_fingerprint())
706
keytype = server_key.get_name()
707
if SYSTEM_HOSTKEYS.has_key(self._host) and SYSTEM_HOSTKEYS[self._host].has_key(keytype):
708
our_server_key = SYSTEM_HOSTKEYS[self._host][keytype]
709
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
710
elif BZR_HOSTKEYS.has_key(self._host) and BZR_HOSTKEYS[self._host].has_key(keytype):
711
our_server_key = BZR_HOSTKEYS[self._host][keytype]
712
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
714
warning('Adding %s host key for %s: %s' % (keytype, self._host, server_key_hex))
715
if not BZR_HOSTKEYS.has_key(self._host):
716
BZR_HOSTKEYS[self._host] = {}
717
BZR_HOSTKEYS[self._host][keytype] = server_key
718
our_server_key = server_key
719
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
721
if server_key != our_server_key:
722
filename1 = os.path.expanduser('~/.ssh/known_hosts')
723
filename2 = pathjoin(config_dir(), 'ssh_host_keys')
724
raise TransportError('Host keys for %s do not match! %s != %s' % \
725
(self._host, our_server_key_hex, server_key_hex),
726
['Try editing %s or %s' % (filename1, filename2)])
731
self._sftp = t.open_sftp_client()
732
except paramiko.SSHException, e:
733
raise ConnectionError('Unable to start sftp client %s:%d' %
734
(self._host, self._port), e)
736
def _sftp_auth(self, transport):
737
# paramiko requires a username, but it might be none if nothing was supplied
738
# use the local username, just in case.
739
# We don't override self._username, because if we aren't using paramiko,
740
# the username might be specified in ~/.ssh/config and we don't want to
741
# force it to something else
742
# Also, it would mess up the self.relpath() functionality
743
username = self._username or getpass.getuser()
745
# Paramiko tries to open a socket.AF_UNIX in order to connect
746
# to ssh-agent. That attribute doesn't exist on win32 (it does in cygwin)
747
# so we get an AttributeError exception. For now, just don't try to
748
# connect to an agent if we are on win32
749
if sys.platform != 'win32':
750
agent = paramiko.Agent()
751
for key in agent.get_keys():
752
mutter('Trying SSH agent key %s' % paramiko.util.hexify(key.get_fingerprint()))
754
transport.auth_publickey(username, key)
756
except paramiko.SSHException, e:
759
# okay, try finding id_rsa or id_dss? (posix only)
760
if self._try_pkey_auth(transport, paramiko.RSAKey, username, 'id_rsa'):
762
if self._try_pkey_auth(transport, paramiko.DSSKey, username, 'id_dsa'):
767
transport.auth_password(username, self._password)
769
except paramiko.SSHException, e:
772
# FIXME: Don't keep a password held in memory if you can help it
773
#self._password = None
775
# give up and ask for a password
776
password = bzrlib.ui.ui_factory.get_password(
777
prompt='SSH %(user)s@%(host)s password',
778
user=username, host=self._host)
780
transport.auth_password(username, password)
781
except paramiko.SSHException, e:
782
raise ConnectionError('Unable to authenticate to SSH host as %s@%s' %
783
(username, self._host), e)
785
def _try_pkey_auth(self, transport, pkey_class, username, filename):
786
filename = os.path.expanduser('~/.ssh/' + filename)
788
key = pkey_class.from_private_key_file(filename)
789
transport.auth_publickey(username, key)
791
except paramiko.PasswordRequiredException:
792
password = bzrlib.ui.ui_factory.get_password(
793
prompt='SSH %(filename)s password',
796
key = pkey_class.from_private_key_file(filename, password)
797
transport.auth_publickey(username, key)
799
except paramiko.SSHException:
800
mutter('SSH authentication via %s key failed.' % (os.path.basename(filename),))
801
except paramiko.SSHException:
802
mutter('SSH authentication via %s key failed.' % (os.path.basename(filename),))
807
def _sftp_open_exclusive(self, abspath, mode=None):
808
"""Open a remote path exclusively.
810
SFTP supports O_EXCL (SFTP_FLAG_EXCL), which fails if
811
the file already exists. However it does not expose this
812
at the higher level of SFTPClient.open(), so we have to
815
WARNING: This breaks the SFTPClient abstraction, so it
816
could easily break against an updated version of paramiko.
818
:param abspath: The remote absolute path where the file should be opened
819
:param mode: The mode permissions bits for the new file
821
path = self._sftp._adjust_cwd(abspath)
822
attr = SFTPAttributes()
825
omode = (SFTP_FLAG_WRITE | SFTP_FLAG_CREATE
826
| SFTP_FLAG_TRUNC | SFTP_FLAG_EXCL)
828
t, msg = self._sftp._request(CMD_OPEN, path, omode, attr)
830
raise TransportError('Expected an SFTP handle')
831
handle = msg.get_string()
832
return SFTPFile(self._sftp, handle, 'wb', -1)
833
except (paramiko.SSHException, IOError), e:
834
self._translate_io_exception(e, abspath, ': unable to open',
835
failure_exc=FileExists)
838
# ------------- server test implementation --------------
842
from bzrlib.tests.stub_sftp import StubServer, StubSFTPServer
844
STUB_SERVER_KEY = """
845
-----BEGIN RSA PRIVATE KEY-----
846
MIICWgIBAAKBgQDTj1bqB4WmayWNPB+8jVSYpZYk80Ujvj680pOTh2bORBjbIAyz
847
oWGW+GUjzKxTiiPvVmxFgx5wdsFvF03v34lEVVhMpouqPAYQ15N37K/ir5XY+9m/
848
d8ufMCkjeXsQkKqFbAlQcnWMCRnOoPHS3I4vi6hmnDDeeYTSRvfLbW0fhwIBIwKB
849
gBIiOqZYaoqbeD9OS9z2K9KR2atlTxGxOJPXiP4ESqP3NVScWNwyZ3NXHpyrJLa0
850
EbVtzsQhLn6rF+TzXnOlcipFvjsem3iYzCpuChfGQ6SovTcOjHV9z+hnpXvQ/fon
851
soVRZY65wKnF7IAoUwTmJS9opqgrN6kRgCd3DASAMd1bAkEA96SBVWFt/fJBNJ9H
852
tYnBKZGw0VeHOYmVYbvMSstssn8un+pQpUm9vlG/bp7Oxd/m+b9KWEh2xPfv6zqU
853
avNwHwJBANqzGZa/EpzF4J8pGti7oIAPUIDGMtfIcmqNXVMckrmzQ2vTfqtkEZsA
854
4rE1IERRyiJQx6EJsz21wJmGV9WJQ5kCQQDwkS0uXqVdFzgHO6S++tjmjYcxwr3g
855
H0CoFYSgbddOT6miqRskOQF3DZVkJT3kyuBgU2zKygz52ukQZMqxCb1fAkASvuTv
856
qfpH87Qq5kQhNKdbbwbmd2NxlNabazPijWuphGTdW0VfJdWfklyS2Kr+iqrs/5wV
857
HhathJt636Eg7oIjAkA8ht3MQ+XSl9yIJIS8gVpbPxSw5OMfw0PjVE7tBdQruiSc
858
nvuQES5C9BMHjF39LZiGH1iLQy7FgdHyoP+eodI7
859
-----END RSA PRIVATE KEY-----
863
class SingleListener(threading.Thread):
865
def __init__(self, callback):
866
threading.Thread.__init__(self)
867
self._callback = callback
868
self._socket = socket.socket()
869
self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
870
self._socket.bind(('localhost', 0))
871
self._socket.listen(1)
872
self.port = self._socket.getsockname()[1]
873
self.stop_event = threading.Event()
876
s, _ = self._socket.accept()
877
# now close the listen socket
880
self._callback(s, self.stop_event)
882
pass #Ignore socket errors
884
# probably a failed test
885
warning('Exception from within unit test server thread: %r' % x)
888
self.stop_event.set()
889
# use a timeout here, because if the test fails, the server thread may
890
# never notice the stop_event.
894
class SFTPServer(Server):
895
"""Common code for SFTP server facilities."""
898
self._original_vendor = None
900
self._server_homedir = None
901
self._listener = None
903
self._vendor = 'none'
907
def _get_sftp_url(self, path):
908
"""Calculate an sftp url to this server for path."""
909
return 'sftp://foo:bar@localhost:%d/%s' % (self._listener.port, path)
911
def log(self, message):
912
"""StubServer uses this to log when a new server is created."""
913
self.logs.append(message)
915
def _run_server(self, s, stop_event):
916
ssh_server = paramiko.Transport(s)
917
key_file = os.path.join(self._homedir, 'test_rsa.key')
918
file(key_file, 'w').write(STUB_SERVER_KEY)
919
host_key = paramiko.RSAKey.from_private_key_file(key_file)
920
ssh_server.add_server_key(host_key)
921
server = StubServer(self)
922
ssh_server.set_subsystem_handler('sftp', paramiko.SFTPServer,
923
StubSFTPServer, root=self._root,
924
home=self._server_homedir)
925
event = threading.Event()
926
ssh_server.start_server(event, server)
928
stop_event.wait(30.0)
932
self._original_vendor = _ssh_vendor
933
_ssh_vendor = self._vendor
934
self._homedir = os.getcwdu()
935
if self._server_homedir is None:
936
self._server_homedir = self._homedir
938
# FIXME WINDOWS: _root should be _server_homedir[0]:/
939
self._listener = SingleListener(self._run_server)
940
self._listener.setDaemon(True)
941
self._listener.start()
944
"""See bzrlib.transport.Server.tearDown."""
946
self._listener.stop()
947
_ssh_vendor = self._original_vendor
950
class SFTPFullAbsoluteServer(SFTPServer):
951
"""A test server for sftp transports, using absolute urls and ssh."""
954
"""See bzrlib.transport.Server.get_url."""
955
return self._get_sftp_url(urlescape(self._homedir[1:]))
958
class SFTPServerWithoutSSH(SFTPServer):
959
"""An SFTP server that uses a simple TCP socket pair rather than SSH."""
962
super(SFTPServerWithoutSSH, self).__init__()
963
self._vendor = 'loopback'
965
def _run_server(self, sock, stop_event):
966
class FakeChannel(object):
967
def get_transport(self):
969
def get_log_channel(self):
973
def get_hexdump(self):
976
server = paramiko.SFTPServer(FakeChannel(), 'sftp', StubServer(self), StubSFTPServer,
977
root=self._root, home=self._server_homedir)
978
server.start_subsystem('sftp', None, sock)
979
server.finish_subsystem()
982
class SFTPAbsoluteServer(SFTPServerWithoutSSH):
983
"""A test server for sftp transports, using absolute urls."""
986
"""See bzrlib.transport.Server.get_url."""
987
return self._get_sftp_url(urlescape(self._homedir[1:]))
990
class SFTPHomeDirServer(SFTPServerWithoutSSH):
991
"""A test server for sftp transports, using homedir relative urls."""
994
"""See bzrlib.transport.Server.get_url."""
995
return self._get_sftp_url("~/")
998
class SFTPSiblingAbsoluteServer(SFTPAbsoluteServer):
999
"""A test servere for sftp transports, using absolute urls to non-home."""
1002
self._server_homedir = '/dev/noone/runs/tests/here'
1003
super(SFTPSiblingAbsoluteServer, self).setUp()
1006
def get_test_permutations():
1007
"""Return the permutations to be used in testing."""
1008
return [(SFTPTransport, SFTPAbsoluteServer),
1009
(SFTPTransport, SFTPHomeDirServer),
1010
(SFTPTransport, SFTPSiblingAbsoluteServer),