[buildd-tools-devel] SFTP protocol implementation
Roger Leigh
rleigh at codelibre.net
Sun Sep 13 17:49:21 UTC 2009
Hi folks,
Just a short note to keep you in the loop about progress on
implementing the SFTP protocol. This is really named the
"SSH File Transfer Protocol", and is documented in
http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13
sftp itself implements an earlier version 2 of the protocol
while this is version 6. The end implementation should
implement and negotiate protocols 2-6 plus version-specific
and version-independent extensions.
The latest code for this is at
http://git.debian.org/?p=users/rleigh/schroot.git;a=tree;f=sftp;h=272e0482c62f9edfb1ea3ca3e85e2ab272d8a414;hb=f48181c472113c84806bb4a0000413ef3d2f1f82
(sorry, horrific URI, it's actually the client-server-protocol
branch at http://git.debian.org/?p=users/rleigh/schroot.git;a=summary
looking at the sftp directory).
The aim of this is to define a protocol so that schroot can
(initally optionally) run as a daemon instead of a single-shot
setuid- root executable. The schroot executable would no longer be
setuid, and would instead communicate with the main daemon using this
protocol. This would have several advantages, including the potential
to support other virtualisation technologies than chroots and to
support Linux features which are currently not possible to take
advantage of, such as per-process namespaces. Disadvantage: there
will be a performance hit since currently I/O is just based on the fds
passed by the shell and this will require that to go over the
client/server connection. This is likely negligable for local users
unless you're streaming a *lot* of data over stdin/stdout.
The protocol is extensible, so schroot-specific requests can be
added in addition to the core set which deals exclusively with
file transfer. The protocol is suited to the task because most
of the client-server communication would be transfer of file data
(well, pipe I/O, but the protocol implements read() and write()).
The file transfer capabilities are potentially of use to sbuild
as a deamon as well, since it provides the means to submit and
retrieve jobs (sent sources and receive built packages, logs and
other data).
While there's still a lot of work remaining, some parts are
now complete, and others on the way to completion.
Done:
- fundamental type serialisation (signed two's-complement integer
logic needs checking) to byte stream
- string serialisation of fundamental types
- string serialisation of compound types
There are also testcases for this. This is the core code implementing
the protocol wire format and conversion to and from native
types/structures/classes.
In progress:
- server request handlers.
Wire vars in place, just need filling from packet buffer and then
using.
- client request submission and reply handling.
Submission is done, handling and error propagation needs adding.
To Do:
- event loops to process the client and server packet buffers and
despatch handlers. Will probably use polling for performance.
- Add per-file request queues to allow parallelisation of requests?
- POSIX API to wrap the low level client interface.
- Handle earlier protocol versions than 6 (add conditionals and
possibly compound type variants). Realistically, we only need
to achieve sftp version 2 compatibility, but doing a complete
job isn't hard (or required).
- Implement schroot-specific requests.
- Add client/server support to schroot.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
More information about the Buildd-tools-devel
mailing list