Support sftp in wrap file #14772
Support sftp in wrap file #14772
Conversation
ampleyfly
force-pushed
the
support-sftp-in-wrap-file-2
branch
2 times, most recently
from
aa52575 to
4a41116
Compare
|
Turns out the test doesn't work in the CI here. At least in the Suse case, it is because apparently sshd won't use keys stored in a mounted volume. I've reproduced the problem locally, so will try to solve it from there. I have yet to figure out what is going wrong in the other case, where it seems even starting sshd is problematic. EDIT: Turns out there's an option that disables the checks sshd does, so most of the problems were solved by that. The rest of the messing about is to do with msys. |
ampleyfly
force-pushed
the
support-sftp-in-wrap-file-2
branch
21 times, most recently
from
b9a71a0 to
9623c76
Compare
This requires any credentials to be supplied in the url, or some other means of authentication (such as an identity file configured for the user) to be used. Supplying a password in the URL is not supported. Mainly for testing purposes, "source_identityfile" can be used to point out an identity file. Also mainly for testing purposes, "source_hostkey" can be used to specify a trusted public key for the host.
ampleyfly
force-pushed
the
support-sftp-in-wrap-file-2
branch
from
9623c76 to
98e526f
Compare
Also add a python script that can recreate the archive of the foo sources used by the test.
ampleyfly
force-pushed
the
support-sftp-in-wrap-file-2
branch
from
98e526f to
e9e361c
Compare
| f.write(f'[{url.hostname}]:{url.port} {self.wrap.get("source_hostkey")}') | ||
| args += ['-o', 'UserKnownHostsFile=known_hosts'] | ||
| if 'source_identityfile' in self.wrap.values: | ||
| args += ['-o', f'IdentityFile={self.wrap.get("source_identityfile")}'] |
There was a problem hiding this comment.
Code that fiddles with the end user's crypto setup makes me especially anxious. If you set these arguments in the wrap file, then that file can only work on the machine it has been generated on (or en exact replica of it). There might also be some sort of a information leakage vulnerability here, but I don't have the skills to say so one way or another.
Because of these and similar reasons we try to stay away from access control as much as possible. Are these features absolutely necessary or can we just say "set up access control outside Meson"?
Add and test basic support for sftp in wrap-file. The functionality depends on the "sftp" cli tool being installed, and fails with a helpful message if it is not.
This solution requires any credentials to be supplied in the url, or some other
means of authentication (such as an identity file configured for the
user) to be used.
Mainly for testing purposes, "source_identityfile" can be used to point
out an identity file. Also mainly for testing purposes, "source_hostkey"
can be used to specify a trusted public key for the host.
The test sets up a temporary local ssh server using generated keys (committing them yields complaints from GitGuardian).