fix: Do not log an error when connecting to SFTP without a logged in user #45938
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
danxuliu
requested review from
a team,
ArtificialOwl,
yemkareems and
sorbaugh
and removed request for
a team
|
/backport to stable29 |
|
/backport to stable28 |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…user When connecting to a SFTP server from a SFTP storage the host key is checked against the known host keys stored in a file in the data directory of the logged in Nextcloud user. The path to the file is (indirectly) got using "OC_App::getStorage", which logs an error if called when there is no logged in user; this can happen, for example, if the storage is used from a background job or a command. Not being able to read or write the file just causes the host key check to be skipped, but it has no other consequence. Moreover, even with logged in users it is likely that the file can not be read either and the check is also skipped, as the file needs to have been manually created by an admin. Due to all that now the path to the file is directly created using a View rather than relying on "OC_App::getStorage" to prevent the unneeded error from being logged. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
danxuliu
force-pushed
the
do-not-log-an-error-when-connecting-to-sftp-without-a-logged-in-user
branch
from
4329317
to
733e3f6
Compare
icewind1991
approved these changes
Jun 18, 2024
artonge
approved these changes
Jun 24, 2024
artonge
deleted the
do-not-log-an-error-when-connecting-to-sftp-without-a-logged-in-user
branch
This was referenced Jun 24, 2024
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When connecting to a SFTP server from a SFTP storage the host key is checked against the known host keys stored in a file in the data directory of the logged in Nextcloud user. The path to the file is (indirectly) got using
OC_App::getStorage, which logs an error (Can't get app storage, app files_external, user not logged in) if called when there is no logged in user; this can happen, for example, if the storage is used from a background job or a command (likeocc files:scan).Not being able to read or write the file just causes the host key check to be skipped, but it has no other consequence. Moreover, even with logged in users it is likely that the file can not be read either and the check is also skipped, as the file needs to have been manually created by an admin (once created it will be updated with the host key when connecting to an SFTP server for the first time, but this will not happen unless the file was manually created first).
Due to all that now the path to the file is directly created using a
Viewrather than relying onOC_App::getStorageto prevent the unneeded error from being logged.Note that, in order to make it backporteable, this is just a backwards compatible* change that simply removes the error log; it does not address any of the issues mentioned in #14108
*Or, at least, it should be :-) But I am a bit lost with storages, mount points, views... so please check carefully ;-)
How to test
occ files:scan --allResult with this pull request
No errors are logged
Result without this pull request
Can't get app storage, app files_external, user not logged inerror is logged (several times if there are several Nextcloud users with access to the SFTP storage)