[darcs-devel] darcs and sftp

Pekka Pessi ppessi at gmail.com
Wed Oct 18 04:50:04 PDT 2006


Hello,

Some time ago I was struggling in securing the darcs ssh access. It
looks like darcs is using three or four commands over ssh, like scp
-f, sftp and darcs apply possible preceded by cd to the repository
directory. Those are handled by my Python script darcswrap.py based on
the darcs-wrapper.pl. I also stole an sftp implementation for it from
a Python framework called Twisted Conch.

It looks to me that sftp is a very straightforward mapping of POSIX
file operations to a simple binary protocol, and I wonder if it would
be possible to include implementation of an sftp client in the darcs
itself. That way all the file operations could be executed within a
single sftp session and all the remote darcs operations save push
could use just one ssh session. (I realize that there is now a
solution using ssh ControlMaster).

darcs push could also use the same sftp pipe if the "darcs apply" was
defined as an extension operation to the sftp protocol. If the
extension in an existing sftp connection fails, the darcs push could
spawn a separate ssh connection for executing "darcs apply" in the
repository host just like it does now.

Additionally, the functionality of the darcswrap.py could be
integrated to the darcs itself. That would provide pretty easy way to
provide secure-ish write access to darcs repositories over network.
For bakcwards-compatibility, it could spawn scp when needed or even
implement scp protocol. scp should pretty simple protocol by Timo J.,
too, although I have not looked in the sources.

Any comments? Is sftp too much bloat or do you feel this kind of
wrapper functionality belongs to external scripts?

-- 
Pekka.Pessi mail at nokia.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: darcswrap.py
Type: application/x-python
Size: 2837 bytes
Desc: not available
Url : http://lists.osuosl.org/pipermail/darcs-devel/attachments/20061018/3d9c8863/darcswrap.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sftp.py
Type: application/x-python
Size: 25180 bytes
Desc: not available
Url : http://lists.osuosl.org/pipermail/darcs-devel/attachments/20061018/3d9c8863/sftp.bin


More information about the darcs-devel mailing list