Dev/sftp-basic

Cargo.toml

@@ -12,8 +12,11 @@ rust-version = "1.87"
 [workspace]
 members = [
     "demo/picow",
-    "demo/std", "fuzz",
+    "demo/std",
+    "demo/sftp/std",
+    "fuzz",
     "stdasync",
+    "sftp",
     # workspace.dependencies paths are automatic
 ]
 
@@ -39,7 +42,9 @@ ascii = { version = "1.0", default-features = false }
 arbitrary = { workspace = true, optional = true }
 
 getrandom = "0.2"
-rand_core = { version = "0.6", default-features = false, features = ["getrandom"]}
+rand_core = { version = "0.6", default-features = false, features = [
+    "getrandom",
+] }
 
 ctr = { version = "0.9", features = ["zeroize"] }
 aes = { version = "0.8", features = ["zeroize"] }
@@ -53,14 +58,27 @@ zeroize = { version = "1", default-features = false, features = ["derive"] }
 cipher = { version = "0.4", features = ["zeroize"] }
 subtle = { version = "2.4", default-features = false }
 # ed25519/x25519
-ed25519-dalek = { version = "2.1", default-features = false, features = ["zeroize", "rand_core"] }
-x25519-dalek = { version = "2.0", default-features = false, features = ["zeroize"] }
-curve25519-dalek = { version = "4.1", default-features = false, features = ["zeroize"] }
-ml-kem = { version = "0.2.1", default-features = false, features = ["zeroize"], optional = true }
+ed25519-dalek = { version = "2.1", default-features = false, features = [
+    "zeroize",
+    "rand_core",
+] }
+x25519-dalek = { version = "2.0", default-features = false, features = [
+    "zeroize",
+] }
+curve25519-dalek = { version = "4.1", default-features = false, features = [
+    "zeroize",
+] }
+ml-kem = { version = "0.2.1", default-features = false, features = [
+    "zeroize",
+], optional = true }
 # p521 = { version = "0.13.2", default-features = false, features = ["ecdh", "ecdsa"] }
-rsa = { version = "0.9", default-features = false, optional = true, features = ["sha2"] }
+rsa = { version = "0.9", default-features = false, optional = true, features = [
+    "sha2",
+] }
 # TODO: getrandom feature is a workaround for missing ssh-key dependency with rsa. fixed in pending 0.6
-ssh-key = { version = "0.6", default-features = false, optional = true, features = ["getrandom"] }
+ssh-key = { version = "0.6", default-features = false, optional = true, features = [
+    "getrandom",
+] }
 
 embedded-io = { version = "0.6", optional = true }
 

demo/sftp/std/Cargo.toml

@@ -0,0 +1,40 @@
+[package]
+name = "sunset-demo-sftp-std"
+version = "0.1.2"
+edition = "2021"
+
+[dependencies]
+sunset = { workspace = true, features = ["rsa", "std"] }
+sunset-async.workspace = true
+sunset-demo-common.workspace = true
+sunset-sftp = { version = "0.1.0", path = "../../../sftp", features = ["std"] }
+
+# 131072 was determined empirically
+embassy-executor = { version = "0.7", features = [
+    "executor-thread", "arch-std", "log", "task-arena-size-131072"] }
+embassy-net = { version = "0.7", features = ["tcp", "dhcpv4", "medium-ethernet"] }
+embassy-net-tuntap = { version = "0.1" }
+embassy-sync = { version = "0.7" }
+embassy-futures = { version = "0.1" }
+# embassy-time dep required to link a time driver
+embassy-time = { version = "0.4",  default-features=false, features = ["log", "std"] }
+
+log = { version = "0.4" }
+# default regex feature is huge
+env_logger = { version = "0.11", default-features=false, features = ["auto-color", "humantime"] }
+
+embedded-io-async = "0.6"
+heapless = "0.8"
+
+# for tuntap
+libc = "0.2.101"
+async-io = "1.6.0"
+
+# using local fork
+# menu = "0.3"
+
+
+critical-section = "1.1"
+rand = { version = "0.8", default-features = false, features = ["getrandom"] }
+sha2 = { version = "0.10", default-features = false }
+fnv = "1.0.7"

demo/sftp/std/README.md

@@ -0,0 +1,64 @@
+# sunset-demo-sftp-std
+
+`demo/sftp/std` contains a host-side (`std`) demo that runs an SSH server with SFTP support using the `sunset` and `sunset-sftp` crates. It runs on linux distributions.
+
+It is intended as a **reference implementation** for building your own SFTP server with `sunset-sftp`. It is not a complete implementation and you should make your own choices for your sftp server.
+
+In particular, this demo shows how to:
+
+- implement an `SftpServer` for request handling
+- add a `FileHandleManager` to track/open/close active handles
+- define an `OpaqueFileHandle` format to safely encode/decode handle IDs across requests
+
+Use `src/demosftpserver.rs`, `src/demofilehandlemanager.rs`, and `src/demoopaquefilehandle.rs` together with `main.rs` and common demo files as a reference for custom server development.
+
+## What this folder contains
+
+- `src/main.rs`  
+    Demo entry point. Sets up logging, runtime/executor, network stack, and starts the SSH/SFTP demo server.
+- `src/demosftpserver.rs`  
+    Demo SFTP server wiring and request handling glue.
+- `src/demofilehandlemanager.rs`  
+    Tracks and manages open file handles used by the SFTP session.
+- `src/demoopaquefilehandle.rs`  
+    Defines/encodes opaque file handle values used by the demo protocol layer.
+- `tap.sh`  
+    Helper script to create/configure a TAP interface for local testing.
+- `debug_sftp_client.sh`  
+    Convenience script for running an SFTP client in a debug-friendly way.
+- `testing/`  
+    Test and log scripts (read/write/stat/readdir scenarios, log helpers, and parsing utilities).
+
+## Setup
+
+This demo uses a tap interface to run the server and accept connections. The tap.sh sets this up in a linux environment. I have not find a way to run this on MacOS. On windows I recommend using WSL2.
+
+Run:
+
+```bash
+sudo ./tap.sh
+```
+
+## Build / run
+
+From base project folder `sunset`:
+
+```bash
+cargo run -p sunset-demo-sftp-std
+```
+
+Then connect with an SFTP client using the configured demo host/user settings. The first info log will display the server ipv4 address.
+
+## Testing
+
+`testing/` contains runnable scripts and utilities to validate SFTP behavior end-to-end. It includes scenarios for:
+
+- file reads/writes
+- `stat`/metadata checks
+- directory listing (`readdir`)
+- log capture and parsing helpers (Requires a tshark installation with the current user in wireshark group)
+
+These scripts are useful both for regression checks and as examples of expected server behavior during development.
+
+these scripts have been used through the development of `sunset-sftp` and might not respond to a general use but some particular troubleshooting. I hope that they are useful as a reference for you exploration.
+

demo/sftp/std/debug_sftp_client.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+# This sftp options are meant to help debugging and do not store any host key or known hosts information.
+# That is not a good practice in real life, as it can lead to security issues, but it is useful for debugging purposes.
+
+sftp -vvv -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR any@192.168.69.2

demo/sftp/std/rust-toolchain.toml

@@ -0,0 +1,3 @@
+[toolchain]
+channel = "stable"
+components = [ "rustfmt" ]