sshmitm.interfaces.sftp module

class sshmitm.interfaces.sftp.BaseSFTPServerInterface(serverinterface: BaseServerInterface)

Bases: SFTPServerInterface, BaseModule

class sshmitm.interfaces.sftp.SFTPProxyServerInterface(serverinterface: BaseServerInterface)

Bases: BaseSFTPServerInterface

sftp subsystem implementation for SSH-MITM

chattr(path: str, attr: SFTPAttributes) → int

Change the attributes of a file. The attr object will contain only those fields provided by the client in its request, so you should check for the presence of fields before using them.

Parameters:

• path (str) – requested path (relative or absolute) of the file to change.

• attr – requested attributes to change on the file (an .SFTPAttributes object)

Returns:

an error code int like SFTP_OK.

list_folder(path: str) → List[SFTPAttributes] | int

Return a list of files within a given folder. The path will use posix notation ("/" separates folder names) and may be an absolute or relative path.

The list of files is expected to be a list of .SFTPAttributes objects, which are similar in structure to the objects returned by os.stat. In addition, each object should have its filename field filled in, since this is important to a directory listing and not normally present in os.stat results. The method .SFTPAttributes.from_stat will usually do what you want.

In case of an error, you should return one of the SFTP_* error codes, such as SFTP_PERMISSION_DENIED.

Parameters:

path (str) – the requested path (relative or absolute) to be listed.

Returns:

a list of the files in the given folder, using .SFTPAttributes objects.

Note

You should normalize the given path first (see the os.path module) and check appropriate permissions before returning the list of files. Be careful of malicious clients attempting to use relative paths to escape restricted folders, if you’re doing a direct translation from the SFTP server path to your local filesystem.

lstat(path: str) → SFTPAttributes | int

Return an .SFTPAttributes object for a path on the server, or an error code. If your server supports symbolic links (also known as “aliases”), you should not follow them – instead, you should return data on the symlink or alias itself. (stat is the corresponding call that follows symlinks/aliases.)

Parameters:

path (str) – the requested path (relative or absolute) to fetch file statistics for.

Returns:

an .SFTPAttributes object for the given file, or an SFTP error code (like SFTP_PERMISSION_DENIED).

mkdir(path: str, attr: SFTPAttributes) → int

Create a new directory with the given attributes. The attr object may be considered a “hint” and ignored.

The attr object will contain only those fields provided by the client in its request, so you should use hasattr to check for the presence of fields before using them. In some cases, the attr object may be completely empty.

Parameters:

• path (str) – requested path (relative or absolute) of the new folder.

• attr (.SFTPAttributes) – requested attributes of the new folder.

Returns:

an SFTP error code int like SFTP_OK.

open(path: str, flags: int, attr: SFTPAttributes) → SFTPHandle | int

Open a file on the server and create a handle for future operations on that file. On success, a new object subclassed from .SFTPHandle should be returned. This handle will be used for future operations on the file (read, write, etc). On failure, an error code such as SFTP_PERMISSION_DENIED should be returned.

flags contains the requested mode for opening (read-only, write-append, etc) as a bitset of flags from the os module:

• os.O_RDONLY

• os.O_WRONLY

• os.O_RDWR

• os.O_APPEND

• os.O_CREAT

• os.O_TRUNC

• os.O_EXCL

(One of os.O_RDONLY, os.O_WRONLY, or os.O_RDWR will always be set.)

The attr object contains requested attributes of the file if it has to be created. Some or all attribute fields may be missing if the client didn’t specify them.

Note

The SFTP protocol defines all files to be in “binary” mode. There is no equivalent to Python’s “text” mode.

Parameters:

• path (str) – the requested path (relative or absolute) of the file to be opened.

• flags (int) – flags or’d together from the os module indicating the requested mode for opening the file.

• attr (.SFTPAttributes) – requested attributes of the file if it is newly created.

Returns:

a new .SFTPHandle or error code.

readlink(path: str) → str | int

Return the target of a symbolic link (or shortcut) on the server. If the specified path doesn’t refer to a symbolic link, an error should be returned.

Parameters:

path (str) – path (relative or absolute) of the symbolic link.

Returns:

the target str path of the symbolic link, or an error code like SFTP_NO_SUCH_FILE.

remove(path: str) → int

Delete a file, if possible.

Parameters:

path (str) – the requested path (relative or absolute) of the file to delete.

Returns:

an SFTP error code int like SFTP_OK.

rename(oldpath: str, newpath: str) → int

Rename (or move) a file. The SFTP specification implies that this method can be used to move an existing file into a different folder, and since there’s no other (easy) way to move files via SFTP, it’s probably a good idea to implement “move” in this method too, even for files that cross disk partition boundaries, if at all possible.

Note

You should return an error if a file with the same name as newpath already exists. (The rename operation should be non-desctructive.)

Note

This method implements ‘standard’ SFTP RENAME behavior; those seeking the OpenSSH “POSIX rename” extension behavior should use posix_rename.

Parameters:

• oldpath (str) – the requested path (relative or absolute) of the existing file.

• newpath (str) – the requested new path of the file.

Returns:

an SFTP error code int like SFTP_OK.

rmdir(path: str) → int

Remove a directory if it exists. The path should refer to an existing, empty folder – otherwise this method should return an error.

Parameters:

path (str) – requested path (relative or absolute) of the folder to remove.

Returns:

an SFTP error code int like SFTP_OK.

stat(path: str) → SFTPAttributes | int

Return an .SFTPAttributes object for a path on the server, or an error code. If your server supports symbolic links (also known as “aliases”), you should follow them. (lstat is the corresponding call that doesn’t follow symlinks/aliases.)

Parameters:

path (str) – the requested path (relative or absolute) to fetch file statistics for.

Returns:

an .SFTPAttributes object for the given file, or an SFTP error code (like SFTP_PERMISSION_DENIED).

symlink(target_path: str, path: str) → int

Create a symbolic link on the server, as new pathname path, with target_path as the target of the link.

Parameters:

• target_path (str) – path (relative or absolute) of the target for this new symbolic link.

• path (str) – path (relative or absolute) of the symbolic link to create.

Returns:

an error code int like SFTP_OK.