[PATCH] add sftp-server option to force temp files

Damien Miller djm at mindrot.org
Wed Feb 23 12:37:48 AEDT 2022


On Sun, 20 Feb 2022, Nathan Wagner wrote:

> The following patch will add a -T option to sftp-server.c that forces
> use of a temp file for uploads to the server.  It takes an argument that
> has 'XXXXXX' added to the end and used as a template string for
> mkstemp(3).

IMO sftp-server is the wrong place to do this - as you probably observed
while implementing this, the SFTP protocol is agnostic to the concept of
uploads, instead operating more at the level of the Unix syscall level
(i.e. exposing read/write/stat/open/close operations).

Adding temporary file support to the server breaks this model and will
break any use of sftp that doesn't adhere to the expected sequence of
operations. E.g.

> -               fd = open(name, flags, mode);
> +               if (forcetemp) {
> +                       tmpname = xstrdup(forcetemp);
> +                       fd = mkstemp(tmpname);
> +                       fchmod(fd, mode);
> +               } else {
> +                       fd = open(name, flags, mode);
> +               }

will AFAIK break downloads of files, since the interposition of the
temporary name is performed regardless of whether the file was opened
for reading or writing.

That particular case could be fixed, but it would also break resumed
uploads via common commandline tools as well as sshfs. I don't think
these could be fixed.

Implementing uploads that go via a temporary file in the client seems
much more feasible as it would be subject to these considerations.

-d


More information about the openssh-unix-dev mailing list