1
1
# Copyright (C) 2005 Robey Pointer <robey@lag.net>
2
# Copyright (C) 2005, 2006 Canonical Ltd
2
# Copyright (C) 2005, 2006, 2007 Canonical Ltd
4
4
# This program is free software; you can redistribute it and/or modify
5
5
# it under the terms of the GNU General Public License as published by
6
6
# the Free Software Foundation; either version 2 of the License, or
7
7
# (at your option) any later version.
9
9
# This program is distributed in the hope that it will be useful,
10
10
# but WITHOUT ANY WARRANTY; without even the implied warranty of
11
11
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12
12
# GNU General Public License for more details.
14
14
# You should have received a copy of the GNU General Public License
15
15
# along with this program; if not, write to the Free Software
16
16
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18
18
"""Implementation of Transport over SFTP, using paramiko."""
20
# TODO: Remove the transport-based lock_read and lock_write methods. They'll
21
# then raise TransportNotPossible, which will break remote access to any
22
# formats which rely on OS-level locks. That should be fine as those formats
23
# are pretty old, but these combinations may have to be removed from the test
24
# suite. Those formats all date back to 0.7; so we should be able to remove
25
# these methods when we officially drop support for those formats.
33
from bzrlib.config import config_dir, ensure_config_dir_exists
34
from bzrlib.errors import (ConnectionError,
36
TransportNotPossible, NoSuchFile, PathNotChild,
43
from bzrlib.errors import (FileExists,
44
NoSuchFile, PathNotChild,
40
48
ParamikoNotPresent,
42
from bzrlib.osutils import pathjoin, fancy_rename
43
from bzrlib.trace import mutter, warning, error
50
from bzrlib.osutils import pathjoin, fancy_rename, getcwd
51
from bzrlib.symbol_versioning import (
54
from bzrlib.trace import mutter, warning
44
55
from bzrlib.transport import (
45
register_urlparse_netloc_protocol,
51
import bzrlib.urlutils as urlutils
64
# Disable one particular warning that comes from paramiko in Python2.5; if
65
# this is emitted at the wrong time it tends to cause spurious test failures
66
# or at least noise in the test case::
68
# [1770/7639 in 86s, 1 known failures, 50 skipped, 2 missing features]
69
# test_permissions.TestSftpPermissions.test_new_files
70
# /var/lib/python-support/python2.5/paramiko/message.py:226: DeprecationWarning: integer argument expected, got float
71
# self.packet.write(struct.pack('>I', n))
72
warnings.filterwarnings('ignore',
73
'integer argument expected, got float',
74
category=DeprecationWarning,
75
module='paramiko.message')
60
84
CMD_HANDLE, CMD_OPEN)
61
85
from paramiko.sftp_attr import SFTPAttributes
62
86
from paramiko.sftp_file import SFTPFile
63
from paramiko.sftp_client import SFTPClient
66
register_urlparse_netloc_protocol('sftp')
70
# TODO: This should possibly ignore SIGHUP as well, but bzr currently
71
# doesn't handle it itself.
72
# <https://launchpad.net/products/bzr/+bug/41433/+index>
74
signal.signal(signal.SIGINT, signal.SIG_IGN)
77
def os_specific_subprocess_params():
78
"""Get O/S specific subprocess parameters."""
79
if sys.platform == 'win32':
80
# setting the process group and closing fds is not supported on
84
# We close fds other than the pipes as the child process does not need
87
# We also set the child process to ignore SIGINT. Normally the signal
88
# would be sent to every process in the foreground process group, but
89
# this causes it to be seen only by bzr and not by ssh. Python will
90
# generate a KeyboardInterrupt in bzr, and we will then have a chance
91
# to release locks or do other cleanup over ssh before the connection
93
# <https://launchpad.net/products/bzr/+bug/5987>
95
# Running it in a separate process group is not good because then it
96
# can't get non-echoed input of a password or passphrase.
97
# <https://launchpad.net/products/bzr/+bug/40508>
98
return {'preexec_fn': _ignore_sigint,
103
# don't use prefetch unless paramiko version >= 1.5.2 (there were bugs earlier)
104
_default_do_prefetch = False
105
if getattr(paramiko, '__version_info__', (0, 0, 0)) >= (1, 5, 5):
106
_default_do_prefetch = True
110
def _get_ssh_vendor():
111
"""Find out what version of SSH is on the system."""
113
if _ssh_vendor is not None:
118
if 'BZR_SSH' in os.environ:
119
_ssh_vendor = os.environ['BZR_SSH']
120
if _ssh_vendor == 'paramiko':
125
p = subprocess.Popen(['ssh', '-V'],
126
stdin=subprocess.PIPE,
127
stdout=subprocess.PIPE,
128
stderr=subprocess.PIPE,
129
**os_specific_subprocess_params())
130
returncode = p.returncode
131
stdout, stderr = p.communicate()
135
if 'OpenSSH' in stderr:
136
mutter('ssh implementation is OpenSSH')
137
_ssh_vendor = 'openssh'
138
elif 'SSH Secure Shell' in stderr:
139
mutter('ssh implementation is SSH Corp.')
142
if _ssh_vendor != 'none':
145
# XXX: 20051123 jamesh
146
# A check for putty's plink or lsh would go here.
148
mutter('falling back to paramiko implementation')
152
class SFTPSubprocess:
153
"""A socket-like object that talks to an ssh subprocess via pipes."""
154
def __init__(self, hostname, vendor, port=None, user=None):
155
assert vendor in ['openssh', 'ssh']
156
if vendor == 'openssh':
158
'-oForwardX11=no', '-oForwardAgent=no',
159
'-oClearAllForwardings=yes', '-oProtocol=2',
160
'-oNoHostAuthenticationForLocalhost=yes']
162
args.extend(['-p', str(port)])
164
args.extend(['-l', user])
165
args.extend(['-s', hostname, 'sftp'])
166
elif vendor == 'ssh':
169
args.extend(['-p', str(port)])
171
args.extend(['-l', user])
172
args.extend(['-s', 'sftp', hostname])
174
self.proc = subprocess.Popen(args,
175
stdin=subprocess.PIPE,
176
stdout=subprocess.PIPE,
177
**os_specific_subprocess_params())
179
def send(self, data):
180
return os.write(self.proc.stdin.fileno(), data)
182
def recv_ready(self):
183
# TODO: jam 20051215 this function is necessary to support the
184
# pipelined() function. In reality, it probably should use
185
# poll() or select() to actually return if there is data
186
# available, otherwise we probably don't get any benefit
189
def recv(self, count):
190
return os.read(self.proc.stdout.fileno(), count)
193
self.proc.stdin.close()
194
self.proc.stdout.close()
198
class LoopbackSFTP(object):
199
"""Simple wrapper for a socket that pretends to be a paramiko Channel."""
201
def __init__(self, sock):
204
def send(self, data):
205
return self.__socket.send(data)
208
return self.__socket.recv(n)
210
def recv_ready(self):
214
self.__socket.close()
220
# This is a weakref dictionary, so that we can reuse connections
221
# that are still active. Long term, it might be nice to have some
222
# sort of expiration policy, such as disconnect if inactive for
223
# X seconds. But that requires a lot more fanciness.
224
_connected_hosts = weakref.WeakValueDictionary()
226
def clear_connection_cache():
227
"""Remove all hosts from the SFTP connection cache.
229
Primarily useful for test cases wanting to force garbage collection.
231
_connected_hosts.clear()
234
def load_host_keys():
236
Load system host keys (probably doesn't work on windows) and any
237
"discovered" keys from previous sessions.
239
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
241
SYSTEM_HOSTKEYS = paramiko.util.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
243
mutter('failed to load system host keys: ' + str(e))
244
bzr_hostkey_path = pathjoin(config_dir(), 'ssh_host_keys')
246
BZR_HOSTKEYS = paramiko.util.load_host_keys(bzr_hostkey_path)
248
mutter('failed to load bzr host keys: ' + str(e))
252
def save_host_keys():
254
Save "discovered" host keys in $(config)/ssh_host_keys/.
256
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
257
bzr_hostkey_path = pathjoin(config_dir(), 'ssh_host_keys')
258
ensure_config_dir_exists()
261
f = open(bzr_hostkey_path, 'w')
262
f.write('# SSH host keys collected by bzr\n')
263
for hostname, keys in BZR_HOSTKEYS.iteritems():
264
for keytype, key in keys.iteritems():
265
f.write('%s %s %s\n' % (hostname, keytype, key.get_base64()))
268
mutter('failed to save bzr host keys: ' + str(e))
89
_paramiko_version = getattr(paramiko, '__version_info__', (0, 0, 0))
90
# don't use prefetch unless paramiko version >= 1.5.5 (there were bugs earlier)
91
_default_do_prefetch = (_paramiko_version >= (1, 5, 5))
271
94
class SFTPLock(object):
272
"""This fakes a lock in a remote location."""
95
"""This fakes a lock in a remote location.
97
A present lock is indicated just by the existence of a file. This
98
doesn't work well on all transports and they are only used in
99
deprecated storage formats.
273
102
__slots__ = ['path', 'lock_path', 'lock_file', 'transport']
274
104
def __init__(self, path, transport):
275
assert isinstance(transport, SFTPTransport)
277
105
self.lock_file = None
279
107
self.lock_path = path + '.write-lock'
302
130
# What specific errors should we catch here?
305
class SFTPTransport (Transport):
307
Transport implementation for SFTP access.
134
class SFTPTransport(ConnectedTransport):
135
"""Transport implementation for SFTP access."""
309
137
_do_prefetch = _default_do_prefetch
311
def __init__(self, base, clone_from=None):
312
assert base.startswith('sftp://')
313
self._parse_url(base)
314
base = self._unparse_url()
317
super(SFTPTransport, self).__init__(base)
318
if clone_from is None:
321
# use the same ssh connection, etc
322
self._sftp = clone_from._sftp
323
# super saves 'self.base'
325
def should_cache(self):
327
Return True if the data pulled across should be cached locally.
331
def clone(self, offset=None):
333
Return a new SFTPTransport with root at self.base + offset.
334
We share the same SFTP session between such transports, because it's
335
fairly expensive to set them up.
338
return SFTPTransport(self.base, self)
340
return SFTPTransport(self.abspath(offset), self)
342
def abspath(self, relpath):
344
Return the full url to the given relative path.
346
@param relpath: the relative path or path components
347
@type relpath: str or list
349
return self._unparse_url(self._remote_path(relpath))
138
# TODO: jam 20060717 Conceivably these could be configurable, either
139
# by auto-tuning at run-time, or by a configuration (per host??)
140
# but the performance curve is pretty flat, so just going with
141
# reasonable defaults.
142
_max_readv_combine = 200
143
# Having to round trip to the server means waiting for a response,
144
# so it is better to download extra bytes.
145
# 8KiB had good performance for both local and remote network operations
146
_bytes_to_read_before_seek = 8192
148
# The sftp spec says that implementations SHOULD allow reads
149
# to be at least 32K. paramiko.readv() does an async request
150
# for the chunks. So we need to keep it within a single request
151
# size for paramiko <= 1.6.1. paramiko 1.6.2 will probably chop
152
# up the request itself, rather than us having to worry about it
153
_max_request_size = 32768
155
def __init__(self, base, _from_transport=None):
156
super(SFTPTransport, self).__init__(base,
157
_from_transport=_from_transport)
351
159
def _remote_path(self, relpath):
352
160
"""Return the path to be passed along the sftp protocol for relpath.
354
relpath is a urlencoded string.
356
# FIXME: share the common code across transports
357
assert isinstance(relpath, basestring)
358
relpath = urlutils.unescape(relpath).split('/')
359
basepath = self._path.split('/')
360
if len(basepath) > 0 and basepath[-1] == '':
361
basepath = basepath[:-1]
365
if len(basepath) == 0:
366
# In most filesystems, a request for the parent
367
# of root, just returns root.
375
path = '/'.join(basepath)
378
def relpath(self, abspath):
379
username, password, host, port, path = self._split_url(abspath)
381
if (username != self._username):
382
error.append('username mismatch')
383
if (host != self._host):
384
error.append('host mismatch')
385
if (port != self._port):
386
error.append('port mismatch')
387
if (not path.startswith(self._path)):
388
error.append('path mismatch')
390
extra = ': ' + ', '.join(error)
391
raise PathNotChild(abspath, self.base, extra=extra)
393
return path[pl:].strip('/')
162
:param relpath: is a urlencoded string.
164
relative = urlutils.unescape(relpath).encode('utf-8')
165
remote_path = self._combine_paths(self._path, relative)
166
# the initial slash should be removed from the path, and treated as a
167
# homedir relative path (the path begins with a double slash if it is
168
# absolute). see draft-ietf-secsh-scp-sftp-ssh-uri-03.txt
169
# RBC 20060118 we are not using this as its too user hostile. instead
170
# we are following lftp and using /~/foo to mean '~/foo'
171
# vila--20070602 and leave absolute paths begin with a single slash.
172
if remote_path.startswith('/~/'):
173
remote_path = remote_path[3:]
174
elif remote_path == '/~':
178
def _create_connection(self, credentials=None):
179
"""Create a new connection with the provided credentials.
181
:param credentials: The credentials needed to establish the connection.
183
:return: The created connection and its associated credentials.
185
The credentials are only the password as it may have been entered
186
interactively by the user and may be different from the one provided
187
in base url at transport creation time.
189
if credentials is None:
190
password = self._password
192
password = credentials
194
vendor = ssh._get_ssh_vendor()
195
connection = vendor.connect_sftp(self._user, password,
196
self._host, self._port)
197
return connection, password
200
"""Ensures that a connection is established"""
201
connection = self._get_connection()
202
if connection is None:
203
# First connection ever
204
connection, credentials = self._create_connection()
205
self._set_connection(connection, credentials)
395
208
def has(self, relpath):
397
210
Does the target location exist?
400
self._sftp.stat(self._remote_path(relpath))
213
self._get_sftp().stat(self._remote_path(relpath))
412
225
path = self._remote_path(relpath)
413
f = self._sftp.file(path, mode='rb')
226
f = self._get_sftp().file(path, mode='rb')
414
227
if self._do_prefetch and (getattr(f, 'prefetch', None) is not None):
417
230
except (IOError, paramiko.SSHException), e:
231
self._translate_io_exception(e, path, ': error retrieving',
232
failure_exc=errors.ReadError)
234
def _readv(self, relpath, offsets):
235
"""See Transport.readv()"""
236
# We overload the default readv() because we want to use a file
237
# that does not have prefetch enabled.
238
# Also, if we have a new paramiko, it implements an async readv()
243
path = self._remote_path(relpath)
244
fp = self._get_sftp().file(path, mode='rb')
245
readv = getattr(fp, 'readv', None)
247
return self._sftp_readv(fp, offsets, relpath)
248
mutter('seek and read %s offsets', len(offsets))
249
return self._seek_and_read(fp, offsets, relpath)
250
except (IOError, paramiko.SSHException), e:
418
251
self._translate_io_exception(e, path, ': error retrieving')
420
def get_partial(self, relpath, start, length=None):
422
Get just part of a file.
424
:param relpath: Path to the file, relative to base
425
:param start: The starting position to read from
426
:param length: The length to read. A length of None indicates
427
read to the end of the file.
428
:return: A file-like object containing at least the specified bytes.
429
Some implementations may return objects which can be read
430
past this length, but this is not guaranteed.
432
# TODO: implement get_partial_multi to help with knit support
433
f = self.get(relpath)
435
if self._do_prefetch and hasattr(f, 'prefetch'):
439
def put(self, relpath, f, mode=None):
441
Copy the file-like or string object into the location.
253
def recommended_page_size(self):
254
"""See Transport.recommended_page_size().
256
For SFTP we suggest a large page size to reduce the overhead
257
introduced by latency.
261
def _sftp_readv(self, fp, offsets, relpath='<unknown>'):
262
"""Use the readv() member of fp to do async readv.
264
And then read them using paramiko.readv(). paramiko.readv()
265
does not support ranges > 64K, so it caps the request size, and
266
just reads until it gets all the stuff it wants
268
offsets = list(offsets)
269
sorted_offsets = sorted(offsets)
271
# The algorithm works as follows:
272
# 1) Coalesce nearby reads into a single chunk
273
# This generates a list of combined regions, the total size
274
# and the size of the sub regions. This coalescing step is limited
275
# in the number of nearby chunks to combine, and is allowed to
276
# skip small breaks in the requests. Limiting it makes sure that
277
# we can start yielding some data earlier, and skipping means we
278
# make fewer requests. (Beneficial even when using async)
279
# 2) Break up this combined regions into chunks that are smaller
280
# than 64KiB. Technically the limit is 65536, but we are a
281
# little bit conservative. This is because sftp has a maximum
282
# return chunk size of 64KiB (max size of an unsigned short)
283
# 3) Issue a readv() to paramiko to create an async request for
285
# 4) Read in the data as it comes back, until we've read one
286
# continuous section as determined in step 1
287
# 5) Break up the full sections into hunks for the original requested
288
# offsets. And put them in a cache
289
# 6) Check if the next request is in the cache, and if it is, remove
290
# it from the cache, and yield its data. Continue until no more
291
# entries are in the cache.
292
# 7) loop back to step 4 until all data has been read
294
# TODO: jam 20060725 This could be optimized one step further, by
295
# attempting to yield whatever data we have read, even before
296
# the first coallesced section has been fully processed.
298
# When coalescing for use with readv(), we don't really need to
299
# use any fudge factor, because the requests are made asynchronously
300
coalesced = list(self._coalesce_offsets(sorted_offsets,
301
limit=self._max_readv_combine,
305
for c_offset in coalesced:
306
start = c_offset.start
307
size = c_offset.length
309
# We need to break this up into multiple requests
311
next_size = min(size, self._max_request_size)
312
requests.append((start, next_size))
316
mutter('SFTP.readv() %s offsets => %s coalesced => %s requests',
317
len(offsets), len(coalesced), len(requests))
319
# Queue the current read until we have read the full coalesced section
322
cur_coalesced_stack = iter(coalesced)
323
cur_coalesced = cur_coalesced_stack.next()
325
# Cache the results, but only until they have been fulfilled
327
# turn the list of offsets into a stack
328
offset_stack = iter(offsets)
329
cur_offset_and_size = offset_stack.next()
331
for data in fp.readv(requests):
333
cur_data_len += len(data)
335
if cur_data_len < cur_coalesced.length:
337
if cur_data_len != cur_coalesced.length:
338
raise AssertionError(
339
"Somehow we read too much: %s != %s"
340
% (cur_data_len, cur_coalesced.length))
341
all_data = ''.join(cur_data)
345
for suboffset, subsize in cur_coalesced.ranges:
346
key = (cur_coalesced.start+suboffset, subsize)
347
data_map[key] = all_data[suboffset:suboffset+subsize]
349
# Now that we've read some data, see if we can yield anything back
350
while cur_offset_and_size in data_map:
351
this_data = data_map.pop(cur_offset_and_size)
352
yield cur_offset_and_size[0], this_data
353
cur_offset_and_size = offset_stack.next()
355
# We read a coalesced entry, so mark it as done
357
# Now that we've read all of the data for this coalesced section
359
cur_coalesced = cur_coalesced_stack.next()
361
if cur_coalesced is not None:
362
raise errors.ShortReadvError(relpath, cur_coalesced.start,
363
cur_coalesced.length, len(data))
365
def put_file(self, relpath, f, mode=None):
367
Copy the file-like object into the location.
443
369
:param relpath: Location to put the contents, relative to base.
444
:param f: File-like or string object.
370
:param f: File-like object.
445
371
:param mode: The final mode for the file
447
373
final_path = self._remote_path(relpath)
448
self._put(final_path, f, mode=mode)
374
return self._put(final_path, f, mode=mode)
450
376
def _put(self, abspath, f, mode=None):
451
377
"""Helper function so both put() and copy_abspaths can reuse the code"""
478
self._sftp.remove(tmp_abspath)
418
self._get_sftp().remove(tmp_abspath)
480
420
# raise the saved except
482
422
# raise the original with its traceback if we can.
425
def _put_non_atomic_helper(self, relpath, writer, mode=None,
426
create_parent_dir=False,
428
abspath = self._remote_path(relpath)
430
# TODO: jam 20060816 paramiko doesn't publicly expose a way to
431
# set the file mode at create time. If it does, use it.
432
# But for now, we just chmod later anyway.
434
def _open_and_write_file():
435
"""Try to open the target file, raise error on failure"""
439
fout = self._get_sftp().file(abspath, mode='wb')
440
fout.set_pipelined(True)
442
except (paramiko.SSHException, IOError), e:
443
self._translate_io_exception(e, abspath,
446
# This is designed to chmod() right before we close.
447
# Because we set_pipelined() earlier, theoretically we might
448
# avoid the round trip for fout.close()
450
self._get_sftp().chmod(abspath, mode)
455
if not create_parent_dir:
456
_open_and_write_file()
459
# Try error handling to create the parent directory if we need to
461
_open_and_write_file()
463
# Try to create the parent directory, and then go back to
465
parent_dir = os.path.dirname(abspath)
466
self._mkdir(parent_dir, dir_mode)
467
_open_and_write_file()
469
def put_file_non_atomic(self, relpath, f, mode=None,
470
create_parent_dir=False,
472
"""Copy the file-like object into the target location.
474
This function is not strictly safe to use. It is only meant to
475
be used when you already know that the target does not exist.
476
It is not safe, because it will open and truncate the remote
477
file. So there may be a time when the file has invalid contents.
479
:param relpath: The remote location to put the contents.
480
:param f: File-like object.
481
:param mode: Possible access permissions for new file.
482
None means do not set remote permissions.
483
:param create_parent_dir: If we cannot create the target file because
484
the parent directory does not exist, go ahead and
485
create it, and then try again.
489
self._put_non_atomic_helper(relpath, writer, mode=mode,
490
create_parent_dir=create_parent_dir,
493
def put_bytes_non_atomic(self, relpath, bytes, mode=None,
494
create_parent_dir=False,
498
self._put_non_atomic_helper(relpath, writer, mode=mode,
499
create_parent_dir=create_parent_dir,
485
502
def iter_files_recursive(self):
486
503
"""Walk the relative paths of all files in this transport."""
487
504
queue = list(self.list_dir('.'))
489
relpath = urllib.quote(queue.pop(0))
506
relpath = queue.pop(0)
490
507
st = self.stat(relpath)
491
508
if stat.S_ISDIR(st.st_mode):
492
509
for i, basename in enumerate(self.list_dir(relpath)):
514
def _mkdir(self, abspath, mode=None):
520
self._get_sftp().mkdir(abspath, local_mode)
522
# chmod a dir through sftp will erase any sgid bit set
523
# on the server side. So, if the bit mode are already
524
# set, avoid the chmod. If the mode is not fine but
525
# the sgid bit is set, report a warning to the user
526
# with the umask fix.
527
stat = self._get_sftp().lstat(abspath)
528
mode = mode & 0777 # can't set special bits anyway
529
if mode != stat.st_mode & 0777:
530
if stat.st_mode & 06000:
531
warning('About to chmod %s over sftp, which will result'
532
' in its suid or sgid bits being cleared. If'
533
' you want to preserve those bits, change your '
534
' environment on the server to use umask 0%03o.'
535
% (abspath, 0777 - mode))
536
self._get_sftp().chmod(abspath, mode=mode)
537
except (paramiko.SSHException, IOError), e:
538
self._translate_io_exception(e, abspath, ': unable to mkdir',
539
failure_exc=FileExists)
497
541
def mkdir(self, relpath, mode=None):
498
542
"""Create a directory at the given path."""
543
self._mkdir(self._remote_path(relpath), mode=mode)
545
def open_write_stream(self, relpath, mode=None):
546
"""See Transport.open_write_stream."""
547
# initialise the file to zero-length
548
# this is three round trips, but we don't use this
549
# api more than once per write_group at the moment so
550
# it is a tolerable overhead. Better would be to truncate
551
# the file after opening. RBC 20070805
552
self.put_bytes_non_atomic(relpath, "", mode)
553
abspath = self._remote_path(relpath)
554
# TODO: jam 20060816 paramiko doesn't publicly expose a way to
555
# set the file mode at create time. If it does, use it.
556
# But for now, we just chmod later anyway.
500
path = self._remote_path(relpath)
501
# In the paramiko documentation, it says that passing a mode flag
502
# will filtered against the server umask.
503
# StubSFTPServer does not do this, which would be nice, because it is
504
# what we really want :)
505
# However, real servers do use umask, so we really should do it that way
506
self._sftp.mkdir(path)
508
self._sftp.chmod(path, mode=mode)
559
handle = self._get_sftp().file(abspath, mode='wb')
560
handle.set_pipelined(True)
509
561
except (paramiko.SSHException, IOError), e:
510
self._translate_io_exception(e, path, ': unable to mkdir',
511
failure_exc=FileExists)
562
self._translate_io_exception(e, abspath,
564
_file_streams[self.abspath(relpath)] = handle
565
return FileFileStream(self, relpath, handle)
513
def _translate_io_exception(self, e, path, more_info='',
567
def _translate_io_exception(self, e, path, more_info='',
514
568
failure_exc=PathError):
515
569
"""Translate a paramiko or IOError into a friendlier exception.
527
581
# paramiko seems to generate detailless errors.
528
582
self._translate_error(e, path, raise_generic=False)
529
if hasattr(e, 'args'):
583
if getattr(e, 'args', None) is not None:
530
584
if (e.args == ('No such file or directory',) or
531
585
e.args == ('No such file',)):
532
586
raise NoSuchFile(path, str(e) + more_info)
533
if (e.args == ('mkdir failed',)):
587
if (e.args == ('mkdir failed',) or
588
e.args[0].startswith('syserr: File exists')):
534
589
raise FileExists(path, str(e) + more_info)
535
590
# strange but true, for the paramiko server.
536
591
if (e.args == ('Failure',)):
537
592
raise failure_exc(path, str(e) + more_info)
538
593
mutter('Raising exception with args %s', e.args)
539
if hasattr(e, 'errno'):
594
if getattr(e, 'errno', None) is not None:
540
595
mutter('Raising exception with errno %s', e.errno)
543
def append(self, relpath, f, mode=None):
598
def append_file(self, relpath, f, mode=None):
545
600
Append the text in the file-like object into the final
549
604
path = self._remote_path(relpath)
550
fout = self._sftp.file(path, 'ab')
605
fout = self._get_sftp().file(path, 'ab')
551
606
if mode is not None:
552
self._sftp.chmod(path, mode)
607
self._get_sftp().chmod(path, mode)
553
608
result = fout.tell()
554
609
self._pump(f, fout)
648
714
# that we have taken the lock.
649
715
return SFTPLock(relpath, self)
651
def _unparse_url(self, path=None):
654
path = urllib.quote(path)
655
# handle homedir paths
656
if not path.startswith('/'):
658
netloc = urllib.quote(self._host)
659
if self._username is not None:
660
netloc = '%s@%s' % (urllib.quote(self._username), netloc)
661
if self._port is not None:
662
netloc = '%s:%d' % (netloc, self._port)
663
return urlparse.urlunparse(('sftp', netloc, path, '', '', ''))
665
def _split_url(self, url):
666
(scheme, username, password, host, port, path) = split_url(url)
667
assert scheme == 'sftp'
669
# the initial slash should be removed from the path, and treated
670
# as a homedir relative path (the path begins with a double slash
671
# if it is absolute).
672
# see draft-ietf-secsh-scp-sftp-ssh-uri-03.txt
673
# RBC 20060118 we are not using this as its too user hostile. instead
674
# we are following lftp and using /~/foo to mean '~/foo'.
675
# handle homedir paths
676
if path.startswith('/~/'):
680
return (username, password, host, port, path)
682
def _parse_url(self, url):
683
(self._username, self._password,
684
self._host, self._port, self._path) = self._split_url(url)
686
def _sftp_connect(self):
687
"""Connect to the remote sftp server.
688
After this, self._sftp should have a valid connection (or
689
we raise an TransportError 'could not connect').
691
TODO: Raise a more reasonable ConnectionFailed exception
693
global _connected_hosts
695
idx = (self._host, self._port, self._username)
697
self._sftp = _connected_hosts[idx]
702
vendor = _get_ssh_vendor()
703
if vendor == 'loopback':
704
sock = socket.socket()
706
sock.connect((self._host, self._port))
707
except socket.error, e:
708
raise ConnectionError('Unable to connect to SSH host %s:%s: %s'
709
% (self._host, self._port, e))
710
self._sftp = SFTPClient(LoopbackSFTP(sock))
711
elif vendor != 'none':
712
sock = SFTPSubprocess(self._host, vendor, self._port,
714
self._sftp = SFTPClient(sock)
716
self._paramiko_connect()
718
_connected_hosts[idx] = self._sftp
720
def _paramiko_connect(self):
721
global SYSTEM_HOSTKEYS, BZR_HOSTKEYS
726
t = paramiko.Transport((self._host, self._port or 22))
727
t.set_log_channel('bzr.paramiko')
729
except paramiko.SSHException, e:
730
raise ConnectionError('Unable to reach SSH host %s:%s: %s'
731
% (self._host, self._port, e))
733
server_key = t.get_remote_server_key()
734
server_key_hex = paramiko.util.hexify(server_key.get_fingerprint())
735
keytype = server_key.get_name()
736
if SYSTEM_HOSTKEYS.has_key(self._host) and SYSTEM_HOSTKEYS[self._host].has_key(keytype):
737
our_server_key = SYSTEM_HOSTKEYS[self._host][keytype]
738
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
739
elif BZR_HOSTKEYS.has_key(self._host) and BZR_HOSTKEYS[self._host].has_key(keytype):
740
our_server_key = BZR_HOSTKEYS[self._host][keytype]
741
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
743
warning('Adding %s host key for %s: %s' % (keytype, self._host, server_key_hex))
744
if not BZR_HOSTKEYS.has_key(self._host):
745
BZR_HOSTKEYS[self._host] = {}
746
BZR_HOSTKEYS[self._host][keytype] = server_key
747
our_server_key = server_key
748
our_server_key_hex = paramiko.util.hexify(our_server_key.get_fingerprint())
750
if server_key != our_server_key:
751
filename1 = os.path.expanduser('~/.ssh/known_hosts')
752
filename2 = pathjoin(config_dir(), 'ssh_host_keys')
753
raise TransportError('Host keys for %s do not match! %s != %s' % \
754
(self._host, our_server_key_hex, server_key_hex),
755
['Try editing %s or %s' % (filename1, filename2)])
760
self._sftp = t.open_sftp_client()
761
except paramiko.SSHException, e:
762
raise ConnectionError('Unable to start sftp client %s:%d' %
763
(self._host, self._port), e)
765
def _sftp_auth(self, transport):
766
# paramiko requires a username, but it might be none if nothing was supplied
767
# use the local username, just in case.
768
# We don't override self._username, because if we aren't using paramiko,
769
# the username might be specified in ~/.ssh/config and we don't want to
770
# force it to something else
771
# Also, it would mess up the self.relpath() functionality
772
username = self._username or getpass.getuser()
774
# Paramiko tries to open a socket.AF_UNIX in order to connect
775
# to ssh-agent. That attribute doesn't exist on win32 (it does in cygwin)
776
# so we get an AttributeError exception. For now, just don't try to
777
# connect to an agent if we are on win32
778
if sys.platform != 'win32':
779
agent = paramiko.Agent()
780
for key in agent.get_keys():
781
mutter('Trying SSH agent key %s' % paramiko.util.hexify(key.get_fingerprint()))
783
transport.auth_publickey(username, key)
785
except paramiko.SSHException, e:
788
# okay, try finding id_rsa or id_dss? (posix only)
789
if self._try_pkey_auth(transport, paramiko.RSAKey, username, 'id_rsa'):
791
if self._try_pkey_auth(transport, paramiko.DSSKey, username, 'id_dsa'):
796
transport.auth_password(username, self._password)
798
except paramiko.SSHException, e:
801
# FIXME: Don't keep a password held in memory if you can help it
802
#self._password = None
804
# give up and ask for a password
805
password = bzrlib.ui.ui_factory.get_password(
806
prompt='SSH %(user)s@%(host)s password',
807
user=username, host=self._host)
809
transport.auth_password(username, password)
810
except paramiko.SSHException, e:
811
raise ConnectionError('Unable to authenticate to SSH host as %s@%s' %
812
(username, self._host), e)
814
def _try_pkey_auth(self, transport, pkey_class, username, filename):
815
filename = os.path.expanduser('~/.ssh/' + filename)
817
key = pkey_class.from_private_key_file(filename)
818
transport.auth_publickey(username, key)
820
except paramiko.PasswordRequiredException:
821
password = bzrlib.ui.ui_factory.get_password(
822
prompt='SSH %(filename)s password',
825
key = pkey_class.from_private_key_file(filename, password)
826
transport.auth_publickey(username, key)
828
except paramiko.SSHException:
829
mutter('SSH authentication via %s key failed.' % (os.path.basename(filename),))
830
except paramiko.SSHException:
831
mutter('SSH authentication via %s key failed.' % (os.path.basename(filename),))
836
717
def _sftp_open_exclusive(self, abspath, mode=None):
837
718
"""Open a remote path exclusively.
847
728
:param abspath: The remote absolute path where the file should be opened
848
729
:param mode: The mode permissions bits for the new file
850
path = self._sftp._adjust_cwd(abspath)
731
# TODO: jam 20060816 Paramiko >= 1.6.2 (probably earlier) supports
732
# using the 'x' flag to indicate SFTP_FLAG_EXCL.
733
# However, there is no way to set the permission mode at open
734
# time using the sftp_client.file() functionality.
735
path = self._get_sftp()._adjust_cwd(abspath)
736
# mutter('sftp abspath %s => %s', abspath, path)
851
737
attr = SFTPAttributes()
852
738
if mode is not None:
853
739
attr.st_mode = mode
854
740
omode = (SFTP_FLAG_WRITE | SFTP_FLAG_CREATE
855
741
| SFTP_FLAG_TRUNC | SFTP_FLAG_EXCL)
857
t, msg = self._sftp._request(CMD_OPEN, path, omode, attr)
743
t, msg = self._get_sftp()._request(CMD_OPEN, path, omode, attr)
858
744
if t != CMD_HANDLE:
859
745
raise TransportError('Expected an SFTP handle')
860
746
handle = msg.get_string()
861
return SFTPFile(self._sftp, handle, 'wb', -1)
747
return SFTPFile(self._get_sftp(), handle, 'wb', -1)
862
748
except (paramiko.SSHException, IOError), e:
863
749
self._translate_io_exception(e, abspath, ': unable to open',
864
750
failure_exc=FileExists)
752
def _can_roundtrip_unix_modebits(self):
753
if sys.platform == 'win32':
867
759
# ------------- server test implementation --------------
871
762
from bzrlib.tests.stub_sftp import StubServer, StubSFTPServer
899
790
self._socket.bind(('localhost', 0))
900
791
self._socket.listen(1)
901
792
self.port = self._socket.getsockname()[1]
902
self.stop_event = threading.Event()
905
s, _ = self._socket.accept()
906
# now close the listen socket
909
self._callback(s, self.stop_event)
911
pass #Ignore socket errors
913
# probably a failed test
914
warning('Exception from within unit test server thread: %r' % x)
793
self._stop_event = threading.Event()
917
self.stop_event.set()
796
# called from outside this thread
797
self._stop_event.set()
918
798
# use a timeout here, because if the test fails, the server thread may
919
799
# never notice the stop_event.
805
readable, writable_unused, exception_unused = \
806
select.select([self._socket], [], [], 0.1)
807
if self._stop_event.isSet():
809
if len(readable) == 0:
812
s, addr_unused = self._socket.accept()
813
# because the loopback socket is inline, and transports are
814
# never explicitly closed, best to launch a new thread.
815
threading.Thread(target=self._callback, args=(s,)).start()
816
except socket.error, x:
817
sys.excepthook(*sys.exc_info())
818
warning('Socket error during accept() within unit test server'
821
# probably a failed test; unit test thread will log the
823
sys.excepthook(*sys.exc_info())
824
warning('Exception from within unit test server thread: %r' %
828
class SocketDelay(object):
829
"""A socket decorator to make TCP appear slower.
831
This changes recv, send, and sendall to add a fixed latency to each python
832
call if a new roundtrip is detected. That is, when a recv is called and the
833
flag new_roundtrip is set, latency is charged. Every send and send_all
836
In addition every send, sendall and recv sleeps a bit per character send to
839
Not all methods are implemented, this is deliberate as this class is not a
840
replacement for the builtin sockets layer. fileno is not implemented to
841
prevent the proxy being bypassed.
845
_proxied_arguments = dict.fromkeys([
846
"close", "getpeername", "getsockname", "getsockopt", "gettimeout",
847
"setblocking", "setsockopt", "settimeout", "shutdown"])
849
def __init__(self, sock, latency, bandwidth=1.0,
852
:param bandwith: simulated bandwith (MegaBit)
853
:param really_sleep: If set to false, the SocketDelay will just
854
increase a counter, instead of calling time.sleep. This is useful for
855
unittesting the SocketDelay.
858
self.latency = latency
859
self.really_sleep = really_sleep
860
self.time_per_byte = 1 / (bandwidth / 8.0 * 1024 * 1024)
861
self.new_roundtrip = False
864
if self.really_sleep:
867
SocketDelay.simulated_time += s
869
def __getattr__(self, attr):
870
if attr in SocketDelay._proxied_arguments:
871
return getattr(self.sock, attr)
872
raise AttributeError("'SocketDelay' object has no attribute %r" %
876
return SocketDelay(self.sock.dup(), self.latency, self.time_per_byte,
879
def recv(self, *args):
880
data = self.sock.recv(*args)
881
if data and self.new_roundtrip:
882
self.new_roundtrip = False
883
self.sleep(self.latency)
884
self.sleep(len(data) * self.time_per_byte)
887
def sendall(self, data, flags=0):
888
if not self.new_roundtrip:
889
self.new_roundtrip = True
890
self.sleep(self.latency)
891
self.sleep(len(data) * self.time_per_byte)
892
return self.sock.sendall(data, flags)
894
def send(self, data, flags=0):
895
if not self.new_roundtrip:
896
self.new_roundtrip = True
897
self.sleep(self.latency)
898
bytes_sent = self.sock.send(data, flags)
899
self.sleep(bytes_sent * self.time_per_byte)
923
903
class SFTPServer(Server):
924
904
"""Common code for SFTP server facilities."""
906
def __init__(self, server_interface=StubServer):
927
907
self._original_vendor = None
928
908
self._homedir = None
929
909
self._server_homedir = None
930
910
self._listener = None
931
911
self._root = None
932
self._vendor = 'none'
912
self._vendor = ssh.ParamikoVendor()
913
self._server_interface = server_interface
933
914
# sftp server logs
936
918
def _get_sftp_url(self, path):
937
919
"""Calculate an sftp url to this server for path."""
941
923
"""StubServer uses this to log when a new server is created."""
942
924
self.logs.append(message)
944
def _run_server(self, s, stop_event):
926
def _run_server_entry(self, sock):
927
"""Entry point for all implementations of _run_server.
929
If self.add_latency is > 0.000001 then sock is given a latency adding
932
if self.add_latency > 0.000001:
933
sock = SocketDelay(sock, self.add_latency)
934
return self._run_server(sock)
936
def _run_server(self, s):
945
937
ssh_server = paramiko.Transport(s)
946
key_file = os.path.join(self._homedir, 'test_rsa.key')
947
file(key_file, 'w').write(STUB_SERVER_KEY)
938
key_file = pathjoin(self._homedir, 'test_rsa.key')
939
f = open(key_file, 'w')
940
f.write(STUB_SERVER_KEY)
948
942
host_key = paramiko.RSAKey.from_private_key_file(key_file)
949
943
ssh_server.add_server_key(host_key)
950
server = StubServer(self)
944
server = self._server_interface(self)
951
945
ssh_server.set_subsystem_handler('sftp', paramiko.SFTPServer,
952
946
StubSFTPServer, root=self._root,
953
947
home=self._server_homedir)
954
948
event = threading.Event()
955
949
ssh_server.start_server(event, server)
957
stop_event.wait(30.0)
961
self._original_vendor = _ssh_vendor
962
_ssh_vendor = self._vendor
963
self._homedir = os.getcwd()
952
def setUp(self, backing_server=None):
953
# XXX: TODO: make sftpserver back onto backing_server rather than local
955
if not (backing_server is None or
956
isinstance(backing_server, local.LocalURLServer)):
957
raise AssertionError(
958
"backing_server should not be %r, because this can only serve the "
959
"local current working directory." % (backing_server,))
960
self._original_vendor = ssh._ssh_vendor_manager._cached_ssh_vendor
961
ssh._ssh_vendor_manager._cached_ssh_vendor = self._vendor
962
if sys.platform == 'win32':
963
# Win32 needs to use the UNICODE api
964
self._homedir = getcwd()
966
# But Linux SFTP servers should just deal in bytestreams
967
self._homedir = os.getcwd()
964
968
if self._server_homedir is None:
965
969
self._server_homedir = self._homedir
967
# FIXME WINDOWS: _root should be _server_homedir[0]:/
968
self._listener = SingleListener(self._run_server)
971
if sys.platform == 'win32':
973
self._listener = SocketListener(self._run_server_entry)
969
974
self._listener.setDaemon(True)
970
975
self._listener.start()
972
977
def tearDown(self):
973
978
"""See bzrlib.transport.Server.tearDown."""
975
979
self._listener.stop()
976
_ssh_vendor = self._original_vendor
980
ssh._ssh_vendor_manager._cached_ssh_vendor = self._original_vendor
978
982
def get_bogus_url(self):
979
983
"""See bzrlib.transport.Server.get_bogus_url."""
980
# this is chosen to try to prevent trouble with proxies, wierd dns,
982
return 'sftp://127.0.0.1:1/'
984
# this is chosen to try to prevent trouble with proxies, wierd dns, etc
985
# we bind a random socket, so that we get a guaranteed unused port
986
# we just never listen on that port
988
s.bind(('localhost', 0))
989
return 'sftp://%s:%s/' % s.getsockname()
986
992
class SFTPFullAbsoluteServer(SFTPServer):
added
removed
bzrlib/transport/sftp.py
