beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 07:30:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
sftpgo-mirror/sftpd/internal_test.go

1298 lines
35 KiB
Go
Raw Normal View History

add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
package sftpd
import (
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
"bytes"
"fmt"
"io"
"io/ioutil"
sftpd: refactor connection closing we have not known bugs with the previous implementation anyway this one is cleaner: the underlying network connection is directly related with SFTP/SCP connections. This should better protect us against buggy clients and edge cases
2019-10-10 07:04:17 +00:00
"net"
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
"os"
windows: fix test cases
2019-07-27 19:19:30 +00:00
"runtime"
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
"strings"
transfers: improve errors detection We can now properly report write errors if for example no space left on device. For downloads we check the downloaded size with the expected one
2020-01-10 18:20:22 +00:00
"sync"
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
"testing"
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
"time"
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
add more test cases
2019-08-04 10:35:33 +00:00
"github.com/drakkan/sftpgo/dataprovider"
add a basic web interface The builtin web interface allows to manage users and connections
2019-10-07 16:19:01 +00:00
"github.com/drakkan/sftpgo/utils"
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
"github.com/pkg/sftp"
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
)
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
type MockChannel struct {
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
Buffer *bytes.Buffer
StdErrBuffer *bytes.Buffer
ReadError error
WriteError error
ShortWriteErr bool
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
func (c *MockChannel) Read(data []byte) (int, error) {
if c.ReadError != nil {
return 0, c.ReadError
}
return c.Buffer.Read(data)
}
func (c *MockChannel) Write(data []byte) (int, error) {
if c.WriteError != nil {
return 0, c.WriteError
}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
if c.ShortWriteErr {
return 0, nil
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
return c.Buffer.Write(data)
}
func (c *MockChannel) Close() error {
return nil
}
func (c *MockChannel) CloseWrite() error {
return nil
}
func (c *MockChannel) SendRequest(name string, wantReply bool, payload []byte) (bool, error) {
return true, nil
}
func (c *MockChannel) Stderr() io.ReadWriter {
return c.StdErrBuffer
}
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
func TestWrongActions(t *testing.T) {
actionsCopy := actions
windows: fix test cases
2019-07-27 19:19:30 +00:00
badCommand := "/bad/command"
if runtime.GOOS == "windows" {
badCommand = "C:\\bad\\command"
}
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
actions = Actions{
ExecuteOn: []string{operationDownload},
windows: fix test cases
2019-07-27 19:19:30 +00:00
Command: badCommand,
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
HTTPNotificationURL: "",
}
custom actions: add env vars action parameters can now be readed from env vars too. Added a timeout for the command execution
2020-01-09 11:00:37 +00:00
err := executeAction(operationDownload, "username", "path", "", "", 0)
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
if err == nil {
t.Errorf("action with bad command must fail")
}
custom actions: add env vars action parameters can now be readed from env vars too. Added a timeout for the command execution
2020-01-09 11:00:37 +00:00
err = executeAction(operationDelete, "username", "path", "", "", 0)
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
if err != nil {
t.Errorf("action not configured must silently fail")
}
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
actions.Command = ""
actions.HTTPNotificationURL = "http://foo\x7f.com/"
custom actions: add env vars action parameters can now be readed from env vars too. Added a timeout for the command execution
2020-01-09 11:00:37 +00:00
err = executeAction(operationDownload, "username", "path", "", "", 0)
add support for custom actions Configurable custom commands and/or HTTP notifications on SFTP upload, download, delete or rename
2019-07-27 07:38:09 +00:00
if err == nil {
t.Errorf("action with bad url must fail")
}
actions = actionsCopy
}
func TestRemoveNonexistentTransfer(t *testing.T) {
transfer := Transfer{}
err := removeTransfer(&transfer)
if err == nil {
t.Errorf("remove nonexistent transfer must fail")
}
}
func TestRemoveNonexistentQuotaScan(t *testing.T) {
err := RemoveQuotaScan("username")
if err == nil {
t.Errorf("remove nonexistent transfer must fail")
}
}
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
func TestGetOSOpenFlags(t *testing.T) {
var flags sftp.FileOpenFlags
flags.Write = true
flags.Excl = true
simplify FileOpenFlags to os.Flags conversion
2019-08-04 09:02:38 +00:00
osFlags := getOSOpenFlags(flags)
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
if osFlags&os.O_WRONLY == 0 || osFlags&os.O_EXCL == 0 {
t.Errorf("error getting os flags from sftp file open flags")
}
flags.Append = true
// append flag should be ignored to allow resume
if osFlags&os.O_WRONLY == 0 || osFlags&os.O_EXCL == 0 {
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
t.Errorf("error getting os flags from sftp file open flags")
}
}
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
func TestUploadResumeInvalidOffset(t *testing.T) {
testfile := "testfile"
file, _ := os.Create(testfile)
transfer := Transfer{
file: file,
path: file.Name(),
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: dataprovider.User{
Username: "testuser",
},
connectionID: "",
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: false,
protocol: protocolSFTP,
transferError: nil,
isFinished: false,
minWriteOffset: 10,
transfers: improve errors detection We can now properly report write errors if for example no space left on device. For downloads we check the downloaded size with the expected one
2020-01-10 18:20:22 +00:00
lock: new(sync.Mutex),
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
}
_, err := transfer.WriteAt([]byte("test"), 0)
if err == nil {
t.Errorf("upload with invalid offset must fail")
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
}
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
os.Remove(testfile)
add support for atomic upload Atomic uploads are now configurable. The default upload mode remains non atomic
2019-08-04 07:37:58 +00:00
}
add more test cases
2019-08-04 10:35:33 +00:00
transfers: improve errors detection We can now properly report write errors if for example no space left on device. For downloads we check the downloaded size with the expected one
2020-01-10 18:20:22 +00:00
func TestIncompleteDownload(t *testing.T) {
testfile := "testfile"
file, _ := os.Create(testfile)
transfer := Transfer{
file: file,
path: file.Name(),
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: dataprovider.User{
Username: "testuser",
},
connectionID: "",
transferType: transferDownload,
lastActivity: time.Now(),
isNewFile: false,
protocol: protocolSFTP,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
expectedSize: 10,
lock: new(sync.Mutex),
}
err := transfer.Close()
if err == nil {
t.Error("upoload must fail the expected size does not match")
}
os.Remove(testfile)
}
func TestReadWriteErrors(t *testing.T) {
testfile := "testfile"
file, _ := os.Create(testfile)
transfer := Transfer{
file: file,
path: file.Name(),
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: dataprovider.User{
Username: "testuser",
},
connectionID: "",
transferType: transferDownload,
lastActivity: time.Now(),
isNewFile: false,
protocol: protocolSFTP,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
expectedSize: 10,
lock: new(sync.Mutex),
}
file.Close()
_, err := transfer.WriteAt([]byte("test"), 0)
if err == nil {
t.Error("writing to closed file must fail")
}
buf := make([]byte, 32768)
_, err = transfer.ReadAt(buf, 0)
if err == nil {
t.Error("reading from a closed file must fail")
}
err = transfer.Close()
if err == nil {
t.Error("upoload must fail the expected size does not match")
}
os.Remove(testfile)
}
add more test cases
2019-08-04 10:35:33 +00:00
func TestUploadFiles(t *testing.T) {
oldUploadMode := uploadMode
uploadMode = uploadModeAtomic
c := Connection{}
var flags sftp.FileOpenFlags
flags.Write = true
flags.Trunc = true
_, err := c.handleSFTPUploadToExistingFile(flags, "missing_path", "other_missing_path", 0)
if err == nil {
t.Errorf("upload to existing file must fail if one or both paths are invalid")
}
uploadMode = uploadModeStandard
_, err = c.handleSFTPUploadToExistingFile(flags, "missing_path", "other_missing_path", 0)
if err == nil {
t.Errorf("upload to existing file must fail if one or both paths are invalid")
}
missingFile := "missing/relative/file.txt"
if runtime.GOOS == "windows" {
missingFile = "missing\\relative\\file.txt"
}
_, err = c.handleSFTPUploadToNewFile(".", missingFile)
if err == nil {
t.Errorf("upload new file in missing path must fail")
}
uploadMode = oldUploadMode
}
dataprovider move db handle to provider struct This is needed to support non SQL providers
2019-08-11 12:53:37 +00:00
func TestWithInvalidHome(t *testing.T) {
add more test cases
2019-08-04 10:35:33 +00:00
u := dataprovider.User{}
u.HomeDir = "home_rel_path"
Add support for allowed/denied IP/Mask Login can be restricted to specific ranges of IP address or to a specific IP address. Please apply the appropriate SQL upgrade script to add the filter field to your database. The filter database field will allow to add other filters without requiring a new database migration
2019-12-30 17:37:50 +00:00
_, err := loginUser(u, "password", "")
add more test cases
2019-08-04 10:35:33 +00:00
if err == nil {
t.Errorf("login a user with an invalid home_dir must fail")
}
dataprovider move db handle to provider struct This is needed to support non SQL providers
2019-08-11 12:53:37 +00:00
c := Connection{
User: u,
}
err = c.isSubDir("dir_rel_path")
if err == nil {
t.Errorf("tested path is not a home subdir")
}
add more test cases
2019-08-04 10:35:33 +00:00
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
func TestSFTPCmdTargetPath(t *testing.T) {
u := dataprovider.User{}
u.HomeDir = "home_rel_path"
u.Username = "test"
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
u.Permissions = make(map[string][]string)
u.Permissions["/"] = []string{dataprovider.PermAny}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
connection := Connection{
User: u,
}
_, err := connection.getSFTPCmdTargetPath("invalid_path")
sftpd: add support for chmod/chown added matching permissions too and a new setting "setstat_mode". Setting setstat_mode to 1 you can keep the previous behaviour that silently ignore setstat requests
2019-11-15 11:15:07 +00:00
if err != sftp.ErrSSHFxNoSuchFile {
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
t.Errorf("getSFTPCmdTargetPath must fal with the expected error: %v", err)
}
}
sftpd: add support for chmod/chown added matching permissions too and a new setting "setstat_mode". Setting setstat_mode to 1 you can keep the previous behaviour that silently ignore setstat requests
2019-11-15 11:15:07 +00:00
func TestGetSFTPErrorFromOSError(t *testing.T) {
err := os.ErrNotExist
err = getSFTPErrorFromOSError(err)
if err != sftp.ErrSSHFxNoSuchFile {
t.Errorf("unexpected error: %v", err)
}
err = os.ErrPermission
err = getSFTPErrorFromOSError(err)
if err != sftp.ErrSSHFxPermissionDenied {
t.Errorf("unexpected error: %v", err)
}
err = getSFTPErrorFromOSError(nil)
if err != nil {
t.Errorf("unexpected error: %v", err)
}
}
func TestSetstatModeIgnore(t *testing.T) {
originalMode := setstatMode
setstatMode = 1
connection := Connection{}
err := connection.handleSFTPSetstat("invalid", nil)
if err != nil {
t.Errorf("unexpected error: %v setstat should be silently ignore in mode 1", err)
}
setstatMode = originalMode
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
func TestSFTPGetUsedQuota(t *testing.T) {
u := dataprovider.User{}
u.HomeDir = "home_rel_path"
u.Username = "test_invalid_user"
u.QuotaSize = 4096
u.QuotaFiles = 1
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
u.Permissions = make(map[string][]string)
u.Permissions["/"] = []string{dataprovider.PermAny}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
connection := Connection{
User: u,
}
res := connection.hasSpace(false)
if res != false {
t.Errorf("has space must return false if the user is invalid")
}
}
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
func TestSupportedSSHCommands(t *testing.T) {
cmds := GetSupportedSSHCommands()
if len(cmds) != len(supportedSSHCommands) {
t.Errorf("supported ssh commands does not match")
}
for _, c := range cmds {
if !utils.IsStringInSlice(c, supportedSSHCommands) {
t.Errorf("invalid ssh command: %v", c)
}
}
}
func TestSSHCommandPath(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
}
connection := Connection{
channel: &mockSSHChannel,
}
sshCommand := sshCommand{
command: "test",
connection: connection,
args: []string{},
}
path := sshCommand.getDestPath()
if path != "" {
t.Errorf("path must be empty")
}
sshCommand.args = []string{"-t", "/tmp/../path"}
path = sshCommand.getDestPath()
if path != "/path" {
t.Errorf("unexpected path: %v", path)
}
sshCommand.args = []string{"-t", "/tmp/"}
path = sshCommand.getDestPath()
if path != "/tmp/" {
t.Errorf("unexpected path: %v", path)
}
sshCommand.args = []string{"-t", "tmp/"}
path = sshCommand.getDestPath()
if path != "/tmp/" {
t.Errorf("unexpected path: %v", path)
}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
sshCommand.args = []string{"-t", "/tmp/../../../path"}
path = sshCommand.getDestPath()
if path != "/path" {
t.Errorf("unexpected path: %v", path)
}
sshCommand.args = []string{"-t", ".."}
path = sshCommand.getDestPath()
if path != "/" {
t.Errorf("unexpected path: %v", path)
}
check permissions against sftp path instead of building filesystem paths and then checking permissions against path relative to the home dir that is the initial sftp path
2020-01-05 10:41:25 +00:00
sshCommand.args = []string{"-t", "."}
path = sshCommand.getDestPath()
if path != "/" {
t.Errorf("unexpected path: %v", path)
}
sshCommand.args = []string{"-t", "//"}
path = sshCommand.getDestPath()
if path != "/" {
t.Errorf("unexpected path: %v", path)
}
sshCommand.args = []string{"-t", "../.."}
path = sshCommand.getDestPath()
if path != "/" {
t.Errorf("unexpected path: %v", path)
}
sshCommand.args = []string{"-t", "/.."}
path = sshCommand.getDestPath()
if path != "/" {
t.Errorf("unexpected path: %v", path)
}
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
}
func TestSSHCommandErrors(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
}
server, client := net.Pipe()
defer server.Close()
defer client.Close()
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
user := dataprovider.User{}
user.Permissions = make(map[string][]string)
user.Permissions["/"] = []string{dataprovider.PermAny}
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
connection := Connection{
channel: &mockSSHChannel,
netConn: client,
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
User: user,
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
}
cmd := sshCommand{
command: "md5sum",
connection: connection,
args: []string{},
}
err := cmd.handle()
if err == nil {
t.Errorf("ssh command must fail, we are sending a fake error")
}
cmd = sshCommand{
command: "md5sum",
connection: connection,
args: []string{"/../../test_file.dat"},
}
err = cmd.handle()
if err == nil {
t.Errorf("ssh command must fail, we are requesting an invalid path")
}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
cmd = sshCommand{
command: "git-receive-pack",
connection: connection,
args: []string{"/../../testrepo"},
}
err = cmd.handle()
if err == nil {
t.Errorf("ssh command must fail, we are requesting an invalid path")
}
cmd.connection.User.HomeDir = os.TempDir()
cmd.connection.User.QuotaFiles = 1
cmd.connection.User.UsedQuotaFiles = 2
err = cmd.handle()
if err != errQuotaExceeded {
t.Errorf("unexpected error: %v", err)
}
cmd.connection.User.QuotaFiles = 0
cmd.connection.User.UsedQuotaFiles = 0
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
cmd.connection.User.Permissions = make(map[string][]string)
cmd.connection.User.Permissions["/"] = []string{dataprovider.PermListItems}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
err = cmd.handle()
if err != errPermissionDenied {
t.Errorf("unexpected error: %v", err)
}
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
cmd.connection.User.Permissions["/"] = []string{dataprovider.PermAny}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
cmd.command = "invalid_command"
command, err := cmd.getSystemCommand()
if err != nil {
t.Errorf("unexpected error: %v", err)
}
err = cmd.executeSystemCommand(command)
if err == nil {
t.Errorf("invalid command must fail")
}
command, err = cmd.getSystemCommand()
if err != nil {
t.Errorf("unexpected error: %v", err)
}
command.cmd.StderrPipe()
err = cmd.executeSystemCommand(command)
if err == nil {
t.Errorf("command must fail, pipe was already assigned")
}
err = cmd.executeSystemCommand(command)
if err == nil {
t.Errorf("command must fail, pipe was already assigned")
}
command, err = cmd.getSystemCommand()
if err != nil {
t.Errorf("unexpected error: %v", err)
}
command.cmd.StdoutPipe()
err = cmd.executeSystemCommand(command)
if err == nil {
t.Errorf("command must fail, pipe was already assigned")
}
}
func TestSSHCommandQuotaScan(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
}
server, client := net.Pipe()
defer server.Close()
defer client.Close()
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
permissions := make(map[string][]string)
permissions["/"] = []string{dataprovider.PermAny}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
connection := Connection{
channel: &mockSSHChannel,
netConn: client,
User: dataprovider.User{
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
Permissions: permissions,
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
QuotaFiles: 1,
HomeDir: "invalid_path",
},
}
cmd := sshCommand{
command: "git-receive-pack",
connection: connection,
args: []string{"/testrepo"},
}
err := cmd.rescanHomeDir()
if err == nil {
t.Errorf("scanning an invalid home dir must fail")
}
}
add rsync support ... and better document quota management issues for system commands. rsync and git are not enabled in the default config so don't install them in sample Dockerfiles, simply add a comment to facilitate their installation if needed Fixes #44
2019-11-29 14:24:56 +00:00
func TestRsyncOptions(t *testing.T) {
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
permissions := make(map[string][]string)
permissions["/"] = []string{dataprovider.PermAny}
add rsync support ... and better document quota management issues for system commands. rsync and git are not enabled in the default config so don't install them in sample Dockerfiles, simply add a comment to facilitate their installation if needed Fixes #44
2019-11-29 14:24:56 +00:00
conn := Connection{
User: dataprovider.User{
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
Permissions: permissions,
add rsync support ... and better document quota management issues for system commands. rsync and git are not enabled in the default config so don't install them in sample Dockerfiles, simply add a comment to facilitate their installation if needed Fixes #44
2019-11-29 14:24:56 +00:00
HomeDir: os.TempDir(),
},
}
sshCmd := sshCommand{
command: "rsync",
connection: conn,
args: []string{"--server", "-vlogDtprze.iLsfxC", ".", "/"},
}
cmd, err := sshCmd.getSystemCommand()
if err != nil {
t.Errorf("unexpected error: %v", err)
}
if !utils.IsStringInSlice("--safe-links", cmd.cmd.Args) {
t.Errorf("--safe-links must be added if the user has the create symlinks permission")
}
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
permissions["/"] = []string{dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermCreateDirs,
dataprovider.PermListItems, dataprovider.PermOverwrite, dataprovider.PermDelete, dataprovider.PermRename}
add rsync support ... and better document quota management issues for system commands. rsync and git are not enabled in the default config so don't install them in sample Dockerfiles, simply add a comment to facilitate their installation if needed Fixes #44
2019-11-29 14:24:56 +00:00
conn = Connection{
User: dataprovider.User{
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
Permissions: permissions,
HomeDir: os.TempDir(),
add rsync support ... and better document quota management issues for system commands. rsync and git are not enabled in the default config so don't install them in sample Dockerfiles, simply add a comment to facilitate their installation if needed Fixes #44
2019-11-29 14:24:56 +00:00
},
}
sshCmd = sshCommand{
command: "rsync",
connection: conn,
args: []string{"--server", "-vlogDtprze.iLsfxC", ".", "/"},
}
cmd, err = sshCmd.getSystemCommand()
if err != nil {
t.Errorf("unexpected error: %v", err)
}
if !utils.IsStringInSlice("--munge-links", cmd.cmd.Args) {
t.Errorf("--munge-links must be added if the user has the create symlinks permission")
}
}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
func TestSystemCommandErrors(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: writeErr,
}
server, client := net.Pipe()
defer server.Close()
defer client.Close()
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
permissions := make(map[string][]string)
permissions["/"] = []string{dataprovider.PermAny}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
connection := Connection{
channel: &mockSSHChannel,
netConn: client,
User: dataprovider.User{
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
Permissions: permissions,
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
HomeDir: os.TempDir(),
},
}
sshCmd := sshCommand{
command: "ls",
connection: connection,
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
args: []string{"/"},
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
}
systemCmd, err := sshCmd.getSystemCommand()
if err != nil {
t.Errorf("unexpected error: %v", err)
}
systemCmd.cmd.Dir = os.TempDir()
// FIXME: the command completes but the fake client was unable to read the response
// no error is reported in this case
sshCmd.executeSystemCommand(systemCmd)
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: nil,
}
sshCmd.connection.channel = &mockSSHChannel
transfers: improve errors detection We can now properly report write errors if for example no space left on device. For downloads we check the downloaded size with the expected one
2020-01-10 18:20:22 +00:00
transfer := Transfer{
transferType: transferDownload,
lock: new(sync.Mutex)}
add support for Git over SSH We use the system commands "git-receive-pack", "git-upload-pack" and "git-upload-archive". they need to be installed and in your system's PATH. Since we execute system commands we have no direct control on file creation/deletion and so quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Quotas are recalculated at the command end with a full home directory scan, this could be heavy for big directories.
2019-11-26 21:26:42 +00:00
destBuff := make([]byte, 65535)
dst := bytes.NewBuffer(destBuff)
_, err = transfer.copyFromReaderToWriter(dst, sshCmd.connection.channel, 0)
if err != readErr {
t.Errorf("unexpected error: %v", err)
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: nil,
}
sshCmd.connection.channel = &mockSSHChannel
_, err = transfer.copyFromReaderToWriter(dst, sshCmd.connection.channel, 1)
if err != errQuotaExceeded {
t.Errorf("unexpected error: %v", err)
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: nil,
ShortWriteErr: true,
}
sshCmd.connection.channel = &mockSSHChannel
_, err = transfer.copyFromReaderToWriter(sshCmd.connection.channel, dst, 0)
if err != io.ErrShortWrite {
t.Errorf("unexpected error: %v", err)
}
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
}
func TestGetConnectionInfo(t *testing.T) {
c := ConnectionStatus{
Username: "test_user",
ConnectionID: "123",
ClientVersion: "client",
RemoteAddress: "127.0.0.1:1234",
Protocol: protocolSSH,
SSHCommand: "sha1sum /test_file.dat",
}
info := c.GetConnectionInfo()
if !strings.Contains(info, "sha1sum /test_file.dat") {
t.Errorf("ssh command not found in connection info")
}
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
func TestSCPFileMode(t *testing.T) {
mode := getFileModeAsString(0, true)
if mode != "0755" {
t.Errorf("invalid file mode: %v expected: 0755", mode)
}
mode = getFileModeAsString(0700, true)
if mode != "0700" {
t.Errorf("invalid file mode: %v expected: 0700", mode)
}
mode = getFileModeAsString(0750, true)
if mode != "0750" {
t.Errorf("invalid file mode: %v expected: 0750", mode)
}
mode = getFileModeAsString(0777, true)
if mode != "0777" {
t.Errorf("invalid file mode: %v expected: 0777", mode)
}
mode = getFileModeAsString(0640, false)
if mode != "0640" {
t.Errorf("invalid file mode: %v expected: 0640", mode)
}
mode = getFileModeAsString(0600, false)
if mode != "0600" {
t.Errorf("invalid file mode: %v expected: 0600", mode)
}
mode = getFileModeAsString(0, false)
if mode != "0644" {
t.Errorf("invalid file mode: %v expected: 0644", mode)
}
fileMode := uint32(0777)
fileMode = fileMode | uint32(os.ModeSetgid)
fileMode = fileMode | uint32(os.ModeSetuid)
fileMode = fileMode | uint32(os.ModeSticky)
mode = getFileModeAsString(os.FileMode(fileMode), false)
if mode != "7777" {
t.Errorf("invalid file mode: %v expected: 7777", mode)
}
fileMode = uint32(0644)
fileMode = fileMode | uint32(os.ModeSetgid)
mode = getFileModeAsString(os.FileMode(fileMode), false)
if mode != "4644" {
t.Errorf("invalid file mode: %v expected: 4644", mode)
}
fileMode = uint32(0600)
fileMode = fileMode | uint32(os.ModeSetuid)
mode = getFileModeAsString(os.FileMode(fileMode), false)
if mode != "2600" {
t.Errorf("invalid file mode: %v expected: 2600", mode)
}
fileMode = uint32(0044)
fileMode = fileMode | uint32(os.ModeSticky)
mode = getFileModeAsString(os.FileMode(fileMode), false)
if mode != "1044" {
t.Errorf("invalid file mode: %v expected: 1044", mode)
}
}
func TestSCPParseUploadMessage(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
channel: &mockSSHChannel,
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-t", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
_, _, err := scpCommand.parseUploadMessage("invalid")
if err == nil {
t.Errorf("parsing invalid upload message must fail")
}
_, _, err = scpCommand.parseUploadMessage("D0755 0")
if err == nil {
t.Errorf("parsing incomplete upload message must fail")
}
_, _, err = scpCommand.parseUploadMessage("D0755 invalidsize testdir")
if err == nil {
t.Errorf("parsing upload message with invalid size must fail")
}
_, _, err = scpCommand.parseUploadMessage("D0755 0 ")
if err == nil {
t.Errorf("parsing upload message with invalid name must fail")
}
}
func TestSCPProtocolMessages(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: writeErr,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
channel: &mockSSHChannel,
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-t", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
_, err := scpCommand.readProtocolMessage()
if err == nil || err != readErr {
t.Errorf("read protocol message must fail, we are sending a fake error")
}
err = scpCommand.sendConfirmationMessage()
if err != writeErr {
t.Errorf("write confirmation message must fail, we are sending a fake error")
}
err = scpCommand.sendProtocolMessage("E\n")
if err != writeErr {
t.Errorf("write confirmation message must fail, we are sending a fake error")
}
_, err = scpCommand.getNextUploadProtocolMessage()
if err == nil || err != readErr {
t.Errorf("read next upload protocol message must fail, we are sending a fake read error")
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer([]byte("T1183832947 0 1183833773 0\n")),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: writeErr,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
_, err = scpCommand.getNextUploadProtocolMessage()
if err == nil || err != writeErr {
t.Errorf("read next upload protocol message must fail, we are sending a fake write error")
}
respBuffer := []byte{0x02}
protocolErrorMsg := "protocol error msg"
respBuffer = append(respBuffer, protocolErrorMsg...)
respBuffer = append(respBuffer, 0x0A)
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(respBuffer),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
err = scpCommand.readConfirmationMessage()
if err == nil || err.Error() != protocolErrorMsg {
t.Errorf("read confirmation message must return the expected protocol error, actual err: %v", err)
}
}
func TestSCPTestDownloadProtocolMessages(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: writeErr,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
channel: &mockSSHChannel,
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-f", "-p", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
path := "testDir"
os.Mkdir(path, 0777)
stat, _ := os.Stat(path)
err := scpCommand.sendDownloadProtocolMessages(path, stat)
if err != writeErr {
t.Errorf("sendDownloadProtocolMessages must return the expected error: %v", err)
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: nil,
}
err = scpCommand.sendDownloadProtocolMessages(path, stat)
if err != readErr {
t.Errorf("sendDownloadProtocolMessages must return the expected error: %v", err)
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: writeErr,
}
scpCommand.args = []string{"-f", "/tmp"}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
err = scpCommand.sendDownloadProtocolMessages(path, stat)
if err != writeErr {
t.Errorf("sendDownloadProtocolMessages must return the expected error: %v", err)
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
err = scpCommand.sendDownloadProtocolMessages(path, stat)
if err != readErr {
t.Errorf("sendDownloadProtocolMessages must return the expected error: %v", err)
}
os.Remove(path)
}
func TestSCPCommandHandleErrors(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: writeErr,
}
sftpd: refactor connection closing we have not known bugs with the previous implementation anyway this one is cleaner: the underlying network connection is directly related with SFTP/SCP connections. This should better protect us against buggy clients and edge cases
2019-10-10 07:04:17 +00:00
server, client := net.Pipe()
defer server.Close()
defer client.Close()
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
channel: &mockSSHChannel,
sftpd: refactor connection closing we have not known bugs with the previous implementation anyway this one is cleaner: the underlying network connection is directly related with SFTP/SCP connections. This should better protect us against buggy clients and edge cases
2019-10-10 07:04:17 +00:00
netConn: client,
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-f", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
err := scpCommand.handle()
if err == nil || err != readErr {
t.Errorf("scp download must fail, we are sending a fake error")
}
scpCommand.args = []string{"-i", "/tmp"}
err = scpCommand.handle()
if err == nil {
t.Errorf("invalid scp command must fail")
}
}
simplify scp upload code and add some test cases
2019-08-24 20:44:01 +00:00
func TestSCPRecursiveDownloadErrors(t *testing.T) {
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: writeErr,
}
sftpd: refactor connection closing we have not known bugs with the previous implementation anyway this one is cleaner: the underlying network connection is directly related with SFTP/SCP connections. This should better protect us against buggy clients and edge cases
2019-10-10 07:04:17 +00:00
server, client := net.Pipe()
defer server.Close()
defer client.Close()
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
channel: &mockSSHChannel,
sftpd: refactor connection closing we have not known bugs with the previous implementation anyway this one is cleaner: the underlying network connection is directly related with SFTP/SCP connections. This should better protect us against buggy clients and edge cases
2019-10-10 07:04:17 +00:00
netConn: client,
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-r", "-f", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
path := "testDir"
os.Mkdir(path, 0777)
stat, _ := os.Stat(path)
err := scpCommand.handleRecursiveDownload("invalid_dir", stat)
if err != writeErr {
t.Errorf("recursive upload download must fail with the expected error: %v", err)
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
err = scpCommand.handleRecursiveDownload("invalid_dir", stat)
if err == nil {
t.Errorf("recursive upload download must fail for a non existing dir")
}
os.Remove(path)
}
simplify scp upload code and add some test cases
2019-08-24 20:44:01 +00:00
func TestSCPRecursiveUploadErrors(t *testing.T) {
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: writeErr,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
channel: &mockSSHChannel,
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-r", "-t", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
err := scpCommand.handleRecursiveUpload()
if err == nil {
t.Errorf("recursive upload must fail, we send a fake error message")
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
err = scpCommand.handleRecursiveUpload()
if err == nil {
t.Errorf("recursive upload must fail, we send a fake error message")
}
}
func TestSCPCreateDirs(t *testing.T) {
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
u := dataprovider.User{}
u.HomeDir = "home_rel_path"
u.Username = "test"
add per directory permissions we can now have permissions such as these ones {"/":["*"],"/somedir":["list","download"]} The old permissions are automatically converted to the new structure, no database migration is needed
2019-12-25 17:20:19 +00:00
u.Permissions = make(map[string][]string)
u.Permissions["/"] = []string{dataprovider.PermAny}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
User: u,
channel: &mockSSHChannel,
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-r", "-t", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
err := scpCommand.handleCreateDir("invalid_dir")
if err == nil {
t.Errorf("create invalid dir must fail")
}
}
func TestSCPDownloadFileData(t *testing.T) {
testfile := "testfile"
buf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
stdErrBuf := make([]byte, 65535)
mockSSHChannelReadErr := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: nil,
}
mockSSHChannelWriteErr := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: writeErr,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
channel: &mockSSHChannelReadErr,
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-r", "-f", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
ioutil.WriteFile(testfile, []byte("test"), 0666)
stat, _ := os.Stat(testfile)
err := scpCommand.sendDownloadFileData(testfile, stat, nil)
if err != readErr {
t.Errorf("send download file data must fail with the expected error: %v", err)
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannelWriteErr
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
err = scpCommand.sendDownloadFileData(testfile, stat, nil)
if err != writeErr {
t.Errorf("send download file data must fail with the expected error: %v", err)
}
scpCommand.args = []string{"-r", "-p", "-f", "/tmp"}
err = scpCommand.sendDownloadFileData(testfile, stat, nil)
if err != writeErr {
t.Errorf("send download file data must fail with the expected error: %v", err)
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannelReadErr
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
err = scpCommand.sendDownloadFileData(testfile, stat, nil)
if err != readErr {
t.Errorf("send download file data must fail with the expected error: %v", err)
}
os.Remove(testfile)
}
func TestSCPUploadFiledata(t *testing.T) {
testfile := "testfile"
buf := make([]byte, 65535)
stdErrBuf := make([]byte, 65535)
readErr := fmt.Errorf("test read error")
writeErr := fmt.Errorf("test write error")
mockSSHChannel := MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: writeErr,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
connection := Connection{
User: dataprovider.User{
Username: "testuser",
},
protocol: protocolSCP,
channel: &mockSSHChannel,
}
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
scpCommand := scpCommand{
sftpd: add support for some SSH commands md5sum, sha1sum are used by rclone. cd, pwd improve the support for RemoteFiles mobile app. These commands are all implemented inside SFTPGo so they work even if the matching system commands are not available, for example on Windows
2019-11-18 22:30:37 +00:00
sshCommand: sshCommand{
command: "scp",
connection: connection,
args: []string{"-r", "-t", "/tmp"},
},
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
file, _ := os.Create(testfile)
transfer := Transfer{
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
file: file,
path: file.Name(),
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: scpCommand.connection.User,
connectionID: "",
transferType: transferDownload,
lastActivity: time.Now(),
isNewFile: true,
protocol: connection.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
transfers: improve errors detection We can now properly report write errors if for example no space left on device. For downloads we check the downloaded size with the expected one
2020-01-10 18:20:22 +00:00
lock: new(sync.Mutex),
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
}
addTransfer(&transfer)
err := scpCommand.getUploadFileData(2, &transfer)
if err == nil {
t.Errorf("upload must fail, we send a fake write error message")
}
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: readErr,
WriteError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
file, _ = os.Create(testfile)
transfer.file = file
addTransfer(&transfer)
err = scpCommand.getUploadFileData(2, &transfer)
if err == nil {
t.Errorf("upload must fail, we send a fake read error message")
}
respBuffer := []byte("12")
respBuffer = append(respBuffer, 0x02)
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(respBuffer),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: nil,
}
connections: close the ssh channel before the network connection This way if pkg/sftp is stuck in Serve() method should be unlocked.
2019-09-11 14:29:56 +00:00
scpCommand.connection.channel = &mockSSHChannel
add SCP support SCP is an experimental feature, we have our own SCP implementation since we can't rely on scp system command to proper handle permissions, quota and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedbacks before enabling it by default. We may not handle some borderline cases or have sneaky bugs. This commit contains some breaking changes to the REST API. SFTPGo API should be stable now and I hope no more breaking changes before the first stable release.
2019-08-24 12:41:15 +00:00
file, _ = os.Create(testfile)
transfer.file = file
addTransfer(&transfer)
err = scpCommand.getUploadFileData(2, &transfer)
if err == nil {
t.Errorf("upload must fail, we have not enough data to read")
}
// the file is already closed so we have an error on trasfer closing
mockSSHChannel = MockChannel{
Buffer: bytes.NewBuffer(buf),
StdErrBuffer: bytes.NewBuffer(stdErrBuf),
ReadError: nil,
WriteError: nil,
}
addTransfer(&transfer)
err = scpCommand.getUploadFileData(0, &transfer)
if err == nil {
t.Errorf("upload must fail, the file is closed")
}
os.Remove(testfile)
}
atomic upload mode: remove temporary file on error If a transfer error is detected, then the partial temporary file will be removed and not renamed to requested path
2019-09-10 16:47:21 +00:00
func TestUploadError(t *testing.T) {
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
oldUploadMode := uploadMode
uploadMode = uploadModeAtomic
atomic upload mode: remove temporary file on error If a transfer error is detected, then the partial temporary file will be removed and not renamed to requested path
2019-09-10 16:47:21 +00:00
connection := Connection{
User: dataprovider.User{
Username: "testuser",
},
protocol: protocolSCP,
}
testfile := "testfile"
fileTempName := "temptestfile"
file, _ := os.Create(fileTempName)
transfer := Transfer{
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
file: file,
path: testfile,
start: time.Now(),
bytesSent: 0,
bytesReceived: 100,
user: connection.User,
connectionID: "",
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: true,
protocol: connection.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
transfers: improve errors detection We can now properly report write errors if for example no space left on device. For downloads we check the downloaded size with the expected one
2020-01-10 18:20:22 +00:00
lock: new(sync.Mutex),
atomic upload mode: remove temporary file on error If a transfer error is detected, then the partial temporary file will be removed and not renamed to requested path
2019-09-10 16:47:21 +00:00
}
addTransfer(&transfer)
transfer.TransferError(fmt.Errorf("fake error"))
transfer.Close()
if transfer.bytesReceived > 0 {
transfers: improve errors detection We can now properly report write errors if for example no space left on device. For downloads we check the downloaded size with the expected one
2020-01-10 18:20:22 +00:00
t.Errorf("bytes received should be 0 for a failed transfer: %v", transfer.bytesReceived)
atomic upload mode: remove temporary file on error If a transfer error is detected, then the partial temporary file will be removed and not renamed to requested path
2019-09-10 16:47:21 +00:00
}
_, err := os.Stat(testfile)
if !os.IsNotExist(err) {
t.Errorf("file uploaded must be deleted after an error: %v", err)
}
_, err = os.Stat(fileTempName)
if !os.IsNotExist(err) {
t.Errorf("file uploaded must be deleted after an error: %v", err)
}
sftpd: add support for upload resume we support resume only if the client sets the correct offset while resuming the upload. Based on the specs the offset is optional for resume, but all the tested clients sets a right offset. If an invalid offset is given we interrupt the transfer with the error "Invalid write offset ..." See https://github.com/pkg/sftp/issues/295 This commit add a new upload mode: "atomic with resume support", this acts as atomic but if there is an upload error the temporary file is renamed to the requested path and not deleted, this way a client can reconnect and resume the upload
2019-10-09 15:33:30 +00:00
uploadMode = oldUploadMode
atomic upload mode: remove temporary file on error If a transfer error is detected, then the partial temporary file will be removed and not renamed to requested path
2019-09-10 16:47:21 +00:00
}
add a basic web interface The builtin web interface allows to manage users and connections
2019-10-07 16:19:01 +00:00
func TestConnectionStatusStruct(t *testing.T) {
var transfers []connectionTransfer
transferUL := connectionTransfer{
OperationType: operationUpload,
StartTime: utils.GetTimeAsMsSinceEpoch(time.Now()),
Size: 123,
LastActivity: utils.GetTimeAsMsSinceEpoch(time.Now()),
Path: "/test.upload",
}
transferDL := connectionTransfer{
OperationType: operationDownload,
StartTime: utils.GetTimeAsMsSinceEpoch(time.Now()),
Size: 123,
LastActivity: utils.GetTimeAsMsSinceEpoch(time.Now()),
Path: "/test.download",
}
transfers = append(transfers, transferUL)
transfers = append(transfers, transferDL)
c := ConnectionStatus{
Username: "test",
ConnectionID: "123",
ClientVersion: "fakeClient-1.0.0",
RemoteAddress: "127.0.0.1:1234",
ConnectionTime: utils.GetTimeAsMsSinceEpoch(time.Now()),
LastActivity: utils.GetTimeAsMsSinceEpoch(time.Now()),
Protocol: "SFTP",
Transfers: transfers,
}
durationString := c.GetConnectionDuration()
if len(durationString) == 0 {
t.Errorf("error getting connection duration")
}
transfersString := c.GetTransfersAsString()
if len(transfersString) == 0 {
t.Errorf("error getting transfers as string")
}
connInfo := c.GetConnectionInfo()
if len(connInfo) == 0 {
t.Errorf("error getting connection info")
}
}
sftpd: explicitly configure supported SFTP extensions update pkg/sftp to a git revision that includes the needed patch https://github.com/pkg/sftp/pull/315
2019-11-12 06:37:47 +00:00
func TestSFTPExtensions(t *testing.T) {
initialSFTPExtensions := sftpExtensions
c := Configuration{}
err := c.configureSFTPExtensions()
if err != nil {
t.Errorf("error configuring SFTP extensions")
}
sftpExtensions = append(sftpExtensions, "invalid@example.com")
err = c.configureSFTPExtensions()
if err == nil {
t.Errorf("configuring invalid SFTP extensions must fail")
}
sftpExtensions = initialSFTPExtensions
}
Reference in a new issue Copy permalink