The attached archive sftp-mv_patches.tar.gz contains a patch to introduce additional commands into sftp ( mvput , mvget ).
Both commands delete the source after successful transfer and use a dotted unique filename for write during upload – once upload is finished successfully, the temporary (hidden) filename is renamed, to what was given on the command line. Thus miming atomicity of mv command.
To manually apply the patch(es) and specs-file(s) supplied in sftp-mv_patches.tar.gz to the following (instructions also in info.txt ):
# install the original SuSE source-package openssh-4.2p1-18.36.src.rpm # (or openssh-5.2p1) and patch it as shown below # after un-tar-ing on /usr/local/src do: : cp /usr/local/src/sftp/openssh-4.2p1.spec /usr/src/packages/SPECS/openssh-specs : cp /usr/local/src/sftp/openssh-4.2p1-CVE-2010-mvputget.patch /usr/src/packages/SOURCES : cd /usr/src/packages/SPECS : rpmbuild -bb openssh.spec : cp /usr/src/packages/BUILD/openssh-4.2p1/sftp /usr/bin/sftp-mv or install the whole new rpm-package # done
As base source to be patched install either openssh-4.2p1 (SLES10) or openssh-5.2p1.
Part of the new sftp-commands, mvput and mvget the resulting sftp-binary also got a new option:
-p <status-prompt > ( -p “mystat” or -p 999 )
With this, sftp will print out an additional status-line before the usual prompt, which can be used to easily control sftp from within a shell-script (example script included).
If you start the command with -p 999, then it would print old ftp-like numeric status-codes (226 success or 550 error ) – or with -p “mystat” (or any other string) it would just print “mystat success” or “mystat error” , which at least gives a recognizable prompt, different from the regular sftp-prompt.
The sftp-session output looks like this:
# sftp -p 999 remuser@remhost Connecting to remuser@remhost... Password: 226 success sftp > cd /home/gpo/in Couldn't canonicalise: No such file or directory 550 error sftp > cd out 226 success sftp > mvput cron.gpo /* new command invoked */ Uploading cron.gpo to /home/gpo/out/.31348.xXG8fU cron.gpo 100% 392 0.4KB/s 00:00 Renaming /home/gpo/out/.31348.xXG8fU to /home/gpo/out/cron.gpo Deleting local file cron.gpo /* deletes only on success - of course */ Transferred cron.gpo to /home/gpo/out/cron.gpo 226 updone cron.gpo to /home/gpo/out/cron.gpo 226 success sftp >
For more details on status-codes (updone, upfail, dndone, dnfail, renfail, delfail ) and their usage have a look into “sftp_poll” function in the included script example_sftp-mv.sh.
The shell-function sftp_poll() is generic, but to start it you need to adjust path/file names.
Wouldn’t it be a nice new feature – a solution cool enough – to be included into standard?
BTW – there was a memory-leak in the old openssh-4.2p1 source ( tmp pointer never release ) – this is corrected as well in the patch.