Skip to content

fix(sftp): resolve connection poisoning with enterprise SFTP servers #4153

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kayaj1009 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(sftp): resolve connection poisoning with enterprise SFTP servers #4153

kayaj1009 wants to merge 1 commit into from
+193 −46

Conversation

@kayaj1009
Copy link

@kayaj1009 kayaj1009 commented Jan 6, 2026
edited
Loading

Description

This PR fixes SFTP connection poisoning and concurrent race conditions when using the SFTP binding with enterprise SFTP servers like Axway MFT.

Changes

  • Close file handles properly inside mutex-protected closures - File handles are now opened, used, and closed within the same atomic operation
  • Use Lock() instead of RLock() for full operation serialization - Prevents concurrent operations that confuse strict SFTP servers
  • Make create/write atomic within mutex protection - The entire create+write operation now happens as a single protected unit
  • Improve shouldReconnect() error classification - Properly detects StatusError types via errors.As() to avoid unnecessary reconnection attempts
  • Add string matching for wrapped errors - Catches errors like "permission denied", "not a directory", "file exists" that shouldn't trigger reconnection
  • Add unit tests for error classification - Comprehensive test coverage for shouldReconnect() logic

Issue reference

Fixes #4078

Checklist

  • Code compiles correctly
  • Created/updated tests
  • Extended the documentation
  • Created the dapr/docs PR

@kayaj1009
fix(sftp): resolve connection poisoning with enterprise SFTP servers
90e9890 
Fixes dapr#4078

- Close file handles properly inside mutex-protected closures
- Use Lock() instead of RLock() for full operation serialization
- Make create/write atomic within mutex protection
- Improve shouldReconnect() error classification for SFTP StatusError
- Add string matching for wrapped errors (permission denied, not a directory, etc.)
- Add unit tests for error classification

Signed-off-by: kayaj1009 <[email protected]>
@kayaj1009 kayaj1009 requested review from a team as code owners January 6, 2026 05:07
@kayaj1009 kayaj1009 mentioned this pull request Jan 6, 2026
Open
javier-aliaga
javier-aliaga reviewed Jan 7, 2026
View reviewed changes
bindings/sftp/client.go
Comment on lines 204 to 208
func (c *Client) do(fn func() error) error {
c.lock.RLock()
defer c.lock.RUnlock()
c.lock.Lock()
defer c.lock.Unlock()
return fn()
}
Copy link
Contributor

@javier-aliaga javier-aliaga Jan 7, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kayaj1009 I think we should go with a configurable approach as not all sftp server needs this strict sync. Probably better if you add a component config to set strict to true in case you need it. Then we should have do and doStrict funcs and use them based on config.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@javier-aliaga javier-aliaga javier-aliaga left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

SFTP binding broken with Axway MFT - connection poisoning on first error

2 participants

@kayaj1009 @javier-aliaga