OLD | NEW |
(Empty) | |
| 1 #!/usr/bin/env python |
| 2 # ftpserver.py |
| 3 # |
| 4 # pyftpdlib is released under the MIT license, reproduced below: |
| 5 # ====================================================================== |
| 6 # Copyright (C) 2007 Giampaolo Rodola' <g.rodola@gmail.com> |
| 7 # |
| 8 # All Rights Reserved |
| 9 # |
| 10 # Permission to use, copy, modify, and distribute this software and |
| 11 # its documentation for any purpose and without fee is hereby |
| 12 # granted, provided that the above copyright notice appear in all |
| 13 # copies and that both that copyright notice and this permission |
| 14 # notice appear in supporting documentation, and that the name of |
| 15 # Giampaolo Rodola' not be used in advertising or publicity pertaining to |
| 16 # distribution of the software without specific, written prior |
| 17 # permission. |
| 18 # |
| 19 # Giampaolo Rodola' DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, |
| 20 # INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN |
| 21 # NO EVENT Giampaolo Rodola' BE LIABLE FOR ANY SPECIAL, INDIRECT OR |
| 22 # CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS |
| 23 # OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, |
| 24 # NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
| 25 # CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 26 # ====================================================================== |
| 27 |
| 28 |
| 29 """pyftpdlib: RFC-959 asynchronous FTP server. |
| 30 |
| 31 pyftpdlib implements a fully functioning asynchronous FTP server as |
| 32 defined in RFC-959. A hierarchy of classes outlined below implement |
| 33 the backend functionality for the FTPd: |
| 34 |
| 35 [FTPServer] - the base class for the backend. |
| 36 |
| 37 [FTPHandler] - a class representing the server-protocol-interpreter |
| 38 (server-PI, see RFC-959). Each time a new connection occurs |
| 39 FTPServer will create a new FTPHandler instance to handle the |
| 40 current PI session. |
| 41 |
| 42 [ActiveDTP], [PassiveDTP] - base classes for active/passive-DTP |
| 43 backends. |
| 44 |
| 45 [DTPHandler] - this class handles processing of data transfer |
| 46 operations (server-DTP, see RFC-959). |
| 47 |
| 48 [DummyAuthorizer] - an "authorizer" is a class handling FTPd |
| 49 authentications and permissions. It is used inside FTPHandler class |
| 50 to verify user passwords, to get user's home directory and to get |
| 51 permissions when a filesystem read/write occurs. "DummyAuthorizer" |
| 52 is the base authorizer class providing a platform independent |
| 53 interface for managing virtual users. |
| 54 |
| 55 [AbstractedFS] - class used to interact with the file system, |
| 56 providing a high level, cross-platform interface compatible |
| 57 with both Windows and UNIX style filesystems. |
| 58 |
| 59 [CallLater] - calls a function at a later time whithin the polling |
| 60 loop asynchronously. |
| 61 |
| 62 [AuthorizerError] - base class for authorizers exceptions. |
| 63 |
| 64 |
| 65 pyftpdlib also provides 3 different logging streams through 3 functions |
| 66 which can be overridden to allow for custom logging. |
| 67 |
| 68 [log] - the main logger that logs the most important messages for |
| 69 the end user regarding the FTPd. |
| 70 |
| 71 [logline] - this function is used to log commands and responses |
| 72 passing through the control FTP channel. |
| 73 |
| 74 [logerror] - log traceback outputs occurring in case of errors. |
| 75 |
| 76 |
| 77 Usage example: |
| 78 |
| 79 >>> from pyftpdlib import ftpserver |
| 80 >>> authorizer = ftpserver.DummyAuthorizer() |
| 81 >>> authorizer.add_user('user', 'password', '/home/user', perm='elradfmw') |
| 82 >>> authorizer.add_anonymous('/home/nobody') |
| 83 >>> ftp_handler = ftpserver.FTPHandler |
| 84 >>> ftp_handler.authorizer = authorizer |
| 85 >>> address = ("127.0.0.1", 21) |
| 86 >>> ftpd = ftpserver.FTPServer(address, ftp_handler) |
| 87 >>> ftpd.serve_forever() |
| 88 Serving FTP on 127.0.0.1:21 |
| 89 []127.0.0.1:2503 connected. |
| 90 127.0.0.1:2503 ==> 220 Ready. |
| 91 127.0.0.1:2503 <== USER anonymous |
| 92 127.0.0.1:2503 ==> 331 Username ok, send password. |
| 93 127.0.0.1:2503 <== PASS ****** |
| 94 127.0.0.1:2503 ==> 230 Login successful. |
| 95 [anonymous]@127.0.0.1:2503 User anonymous logged in. |
| 96 127.0.0.1:2503 <== TYPE A |
| 97 127.0.0.1:2503 ==> 200 Type set to: ASCII. |
| 98 127.0.0.1:2503 <== PASV |
| 99 127.0.0.1:2503 ==> 227 Entering passive mode (127,0,0,1,9,201). |
| 100 127.0.0.1:2503 <== LIST |
| 101 127.0.0.1:2503 ==> 150 File status okay. About to open data connection. |
| 102 [anonymous]@127.0.0.1:2503 OK LIST "/". Transfer starting. |
| 103 127.0.0.1:2503 ==> 226 Transfer complete. |
| 104 [anonymous]@127.0.0.1:2503 Transfer complete. 706 bytes transmitted. |
| 105 127.0.0.1:2503 <== QUIT |
| 106 127.0.0.1:2503 ==> 221 Goodbye. |
| 107 [anonymous]@127.0.0.1:2503 Disconnected. |
| 108 """ |
| 109 |
| 110 |
| 111 import asyncore |
| 112 import asynchat |
| 113 import socket |
| 114 import os |
| 115 import sys |
| 116 import traceback |
| 117 import errno |
| 118 import time |
| 119 import glob |
| 120 import tempfile |
| 121 import warnings |
| 122 import random |
| 123 import stat |
| 124 import heapq |
| 125 from tarfile import filemode |
| 126 |
| 127 try: |
| 128 import pwd |
| 129 import grp |
| 130 except ImportError: |
| 131 pwd = grp = None |
| 132 |
| 133 |
| 134 __all__ = ['proto_cmds', 'Error', 'log', 'logline', 'logerror', 'DummyAuthorizer
', |
| 135 'AuthorizerError', 'FTPHandler', 'FTPServer', 'PassiveDTP', |
| 136 'ActiveDTP', 'DTPHandler', 'FileProducer', 'BufferedIteratorProducer'
, |
| 137 'AbstractedFS', 'CallLater'] |
| 138 |
| 139 |
| 140 __pname__ = 'Python FTP server library (pyftpdlib)' |
| 141 __ver__ = '0.5.0' |
| 142 __date__ = '2008-09-20' |
| 143 __author__ = "Giampaolo Rodola' <g.rodola@gmail.com>" |
| 144 __web__ = 'http://code.google.com/p/pyftpdlib/' |
| 145 |
| 146 |
| 147 proto_cmds = { |
| 148 # cmd : (perm, auth, arg, path, help) |
| 149 'ABOR': (None, True, False, False, 'Syntax: ABOR (abort transfer).'), |
| 150 'ALLO': (None, True, True, False, 'Syntax: ALLO <SP> bytes (obsolete; allo
cate storage).'), |
| 151 'APPE': ('a', True, True, True, 'Syntax: APPE <SP> file-name (append dat
a to an existent file).'), |
| 152 'CDUP': ('e', True, False, True, 'Syntax: CDUP (go to parent directory).'
), |
| 153 'CWD' : ('e', True, None, True, 'Syntax: CWD [<SP> dir-name] (change cur
rent working directory).'), |
| 154 'DELE': ('d', True, True, True, 'Syntax: DELE <SP> file-name (delete fil
e).'), |
| 155 'EPRT': (None, True, True, False, 'Syntax: EPRT <SP> |proto|ip|port| (set
server in extended active mode).'), |
| 156 'EPSV': (None, True, None, False, 'Syntax: EPSV [<SP> proto/"ALL"] (set se
rver in extended passive mode).'), |
| 157 'FEAT': (None, False, False, False, 'Syntax: FEAT (list all new features sup
ported).'), |
| 158 'HELP': (None, False, None, False, 'Syntax: HELP [<SP> cmd] (show help).'), |
| 159 'LIST': ('l', True, None, True, 'Syntax: LIST [<SP> path-name] (list fil
es).'), |
| 160 'MDTM': (None, True, True, True, 'Syntax: MDTM [<SP> file-name] (get last
modification time).'), |
| 161 'MLSD': ('l', True, None, True, 'Syntax: MLSD [<SP> dir-name] (list file
s in a machine-processable form)'), |
| 162 'MLST': (None, True, None, True, 'Syntax: MLST [<SP> path-name] (show a p
ath in a machine-processable form)'), |
| 163 'MODE': (None, True, True, False, 'Syntax: MODE <SP> mode (obsolete; set d
ata transfer mode).'), |
| 164 'MKD' : ('m', True, True, True, 'Syntax: MDK <SP> dir-name (create direc
tory).'), |
| 165 'NLST': ('l', True, None, True, 'Syntax: NLST [<SP> path-name] (list fil
es in a compact form).'), |
| 166 'NOOP': (None, False, False, False, 'Syntax: NOOP (just do nothing).'), |
| 167 'OPTS': (None, True, True, False, 'Syntax: OPTS <SP> ftp-command [<SP> opt
ion] (specify options for FTP commands)'), |
| 168 'PASS': (None, False, True, False, 'Syntax: PASS <SP> user-name (set user p
assword).'), |
| 169 'PASV': (None, True, False, False, 'Syntax: PASV (set server in passive mod
e).'), |
| 170 'PORT': (None, True, True, False, 'Syntax: PORT <sp> h1,h2,h3,h4,p1,p2 (se
t server in active mode).'), |
| 171 'PWD' : (None, True, False, False, 'Syntax: PWD (get current working direct
ory).'), |
| 172 'QUIT': (None, False, False, False, 'Syntax: QUIT (quit current session).'), |
| 173 'REIN': (None, True, False, False, 'Syntax: REIN (reinitialize / flush acco
unt).'), |
| 174 'REST': (None, True, True, False, 'Syntax: REST <SP> marker (restart file
position).'), |
| 175 'RETR': ('r', True, True, True, 'Syntax: RETR <SP> file-name (retrieve a
file).'), |
| 176 'RMD' : ('d', True, True, True, 'Syntax: RMD <SP> dir-name (remove direc
tory).'), |
| 177 'RNFR': ('f', True, True, True, 'Syntax: RNFR <SP> file-name (file renam
ing (source name)).'), |
| 178 'RNTO': (None, True, True, True, 'Syntax: RNTO <SP> file-name (file renam
ing (destination name)).'), |
| 179 'SIZE': (None, True, True, True, 'Syntax: HELP <SP> file-name (get file s
ize).'), |
| 180 'STAT': ('l', False, None, True, 'Syntax: STAT [<SP> path name] (status i
nformation [list files]).'), |
| 181 'STOR': ('w', True, True, True, 'Syntax: STOR <SP> file-name (store a fi
le).'), |
| 182 'STOU': ('w', True, None, True, 'Syntax: STOU [<SP> file-name] (store a
file with a unique name).'), |
| 183 'STRU': (None, True, True, False, 'Syntax: STRU <SP> type (obsolete; set f
ile structure).'), |
| 184 'SYST': (None, False, False, False, 'Syntax: SYST (get operating system type
).'), |
| 185 'TYPE': (None, True, True, False, 'Syntax: TYPE <SP> [A | I] (set transfer
type).'), |
| 186 'USER': (None, False, True, False, 'Syntax: USER <SP> user-name (set userna
me).'), |
| 187 'XCUP': ('e', True, False, True, 'Syntax: XCUP (obsolete; go to parent di
rectory).'), |
| 188 'XCWD': ('e', True, None, True, 'Syntax: XCWD [<SP> dir-name] (obsolete;
change current directory).'), |
| 189 'XMKD': ('m', True, True, True, 'Syntax: XMDK <SP> dir-name (obsolete; c
reate directory).'), |
| 190 'XPWD': (None, True, False, False, 'Syntax: XPWD (obsolete; get current dir
).'), |
| 191 'XRMD': ('d', True, True, True, 'Syntax: XRMD <SP> dir-name (obsolete; r
emove directory).'), |
| 192 } |
| 193 |
| 194 class _CommandProperty: |
| 195 def __init__(self, perm, auth_needed, arg_needed, check_path, help): |
| 196 self.perm = perm |
| 197 self.auth_needed = auth_needed |
| 198 self.arg_needed = arg_needed |
| 199 self.check_path = check_path |
| 200 self.help = help |
| 201 |
| 202 for cmd, properties in proto_cmds.iteritems(): |
| 203 proto_cmds[cmd] = _CommandProperty(*properties) |
| 204 del cmd, properties |
| 205 |
| 206 |
| 207 # hack around format_exc function of traceback module to grant |
| 208 # backward compatibility with python < 2.4 |
| 209 if not hasattr(traceback, 'format_exc'): |
| 210 try: |
| 211 import cStringIO as StringIO |
| 212 except ImportError: |
| 213 import StringIO |
| 214 |
| 215 def _format_exc(): |
| 216 f = StringIO.StringIO() |
| 217 traceback.print_exc(file=f) |
| 218 data = f.getvalue() |
| 219 f.close() |
| 220 return data |
| 221 |
| 222 traceback.format_exc = _format_exc |
| 223 |
| 224 |
| 225 def _strerror(err): |
| 226 """A wrap around os.strerror() which may be not available on all |
| 227 platforms (e.g. pythonCE). |
| 228 |
| 229 - (instance) err: an EnvironmentError or derived class instance. |
| 230 """ |
| 231 if hasattr(os, 'strerror'): |
| 232 return os.strerror(err.errno) |
| 233 else: |
| 234 return err.strerror |
| 235 |
| 236 # the heap used for the scheduled tasks |
| 237 _tasks = [] |
| 238 |
| 239 def _scheduler(): |
| 240 """Run the scheduled functions due to expire soonest (if any).""" |
| 241 now = time.time() |
| 242 while _tasks and now >= _tasks[0].timeout: |
| 243 call = heapq.heappop(_tasks) |
| 244 if call.repush: |
| 245 heapq.heappush(_tasks, call) |
| 246 call.repush = False |
| 247 continue |
| 248 try: |
| 249 call.call() |
| 250 finally: |
| 251 if not call.cancelled: |
| 252 call.cancel() |
| 253 |
| 254 |
| 255 class CallLater: |
| 256 """Calls a function at a later time. |
| 257 |
| 258 It can be used to asynchronously schedule a call within the polling |
| 259 loop without blocking it. The instance returned is an object that |
| 260 can be used to cancel or reschedule the call. |
| 261 """ |
| 262 |
| 263 def __init__(self, seconds, target, *args, **kwargs): |
| 264 """ |
| 265 - (int) seconds: the number of seconds to wait |
| 266 - (obj) target: the callable object to call later |
| 267 - args: the arguments to call it with |
| 268 - kwargs: the keyword arguments to call it with |
| 269 """ |
| 270 assert callable(target), "%s is not callable" %target |
| 271 assert sys.maxint >= seconds >= 0, "%s is not greater than or equal " \ |
| 272 "to 0 seconds" % (seconds) |
| 273 self.__delay = seconds |
| 274 self.__target = target |
| 275 self.__args = args |
| 276 self.__kwargs = kwargs |
| 277 # seconds from the epoch at which to call the function |
| 278 self.timeout = time.time() + self.__delay |
| 279 self.repush = False |
| 280 self.cancelled = False |
| 281 heapq.heappush(_tasks, self) |
| 282 |
| 283 def __le__(self, other): |
| 284 return self.timeout <= other.timeout |
| 285 |
| 286 def call(self): |
| 287 """Call this scheduled function.""" |
| 288 assert not self.cancelled, "Already cancelled" |
| 289 self.__target(*self.__args, **self.__kwargs) |
| 290 |
| 291 def reset(self): |
| 292 """Reschedule this call resetting the current countdown.""" |
| 293 assert not self.cancelled, "Already cancelled" |
| 294 self.timeout = time.time() + self.__delay |
| 295 self.repush = True |
| 296 |
| 297 def delay(self, seconds): |
| 298 """Reschedule this call for a later time.""" |
| 299 assert not self.cancelled, "Already cancelled." |
| 300 assert sys.maxint >= seconds >= 0, "%s is not greater than or equal " \ |
| 301 "to 0 seconds" %(seconds) |
| 302 self.__delay = seconds |
| 303 newtime = time.time() + self.__delay |
| 304 if newtime > self.timeout: |
| 305 self.timeout = newtime |
| 306 self.repush = True |
| 307 else: |
| 308 # XXX - slow, can be improved |
| 309 self.timeout = newtime |
| 310 heapq.heapify(_tasks) |
| 311 |
| 312 def cancel(self): |
| 313 """Unschedule this call.""" |
| 314 assert not self.cancelled, "Already cancelled" |
| 315 self.cancelled = True |
| 316 del self.__target, self.__args, self.__kwargs |
| 317 if self in _tasks: |
| 318 pos = _tasks.index(self) |
| 319 if pos == 0: |
| 320 heapq.heappop(_tasks) |
| 321 elif pos == len(_tasks) - 1: |
| 322 _tasks.pop(pos) |
| 323 else: |
| 324 _tasks[pos] = _tasks.pop() |
| 325 heapq._siftup(_tasks, pos) |
| 326 |
| 327 |
| 328 # --- library defined exceptions |
| 329 |
| 330 class Error(Exception): |
| 331 """Base class for module exceptions.""" |
| 332 |
| 333 class AuthorizerError(Error): |
| 334 """Base class for authorizer exceptions.""" |
| 335 |
| 336 |
| 337 # --- loggers |
| 338 |
| 339 def log(msg): |
| 340 """Log messages intended for the end user.""" |
| 341 print msg |
| 342 |
| 343 def logline(msg): |
| 344 """Log commands and responses passing through the command channel.""" |
| 345 print msg |
| 346 |
| 347 def logerror(msg): |
| 348 """Log traceback outputs occurring in case of errors.""" |
| 349 sys.stderr.write(str(msg) + '\n') |
| 350 sys.stderr.flush() |
| 351 |
| 352 |
| 353 # --- authorizers |
| 354 |
| 355 class DummyAuthorizer: |
| 356 """Basic "dummy" authorizer class, suitable for subclassing to |
| 357 create your own custom authorizers. |
| 358 |
| 359 An "authorizer" is a class handling authentications and permissions |
| 360 of the FTP server. It is used inside FTPHandler class for verifying |
| 361 user's password, getting users home directory, checking user |
| 362 permissions when a file read/write event occurs and changing user |
| 363 before accessing the filesystem. |
| 364 |
| 365 DummyAuthorizer is the base authorizer, providing a platform |
| 366 independent interface for managing "virtual" FTP users. System |
| 367 dependent authorizers can by written by subclassing this base |
| 368 class and overriding appropriate methods as necessary. |
| 369 """ |
| 370 |
| 371 read_perms = "elr" |
| 372 write_perms = "adfmw" |
| 373 |
| 374 def __init__(self): |
| 375 self.user_table = {} |
| 376 |
| 377 def add_user(self, username, password, homedir, perm='elr', |
| 378 msg_login="Login successful.", msg_quit="Goodbye."): |
| 379 """Add a user to the virtual users table. |
| 380 |
| 381 AuthorizerError exceptions raised on error conditions such as |
| 382 invalid permissions, missing home directory or duplicate usernames. |
| 383 |
| 384 Optional perm argument is a string referencing the user's |
| 385 permissions explained below: |
| 386 |
| 387 Read permissions: |
| 388 - "e" = change directory (CWD command) |
| 389 - "l" = list files (LIST, NLST, MLSD commands) |
| 390 - "r" = retrieve file from the server (RETR command) |
| 391 |
| 392 Write permissions: |
| 393 - "a" = append data to an existing file (APPE command) |
| 394 - "d" = delete file or directory (DELE, RMD commands) |
| 395 - "f" = rename file or directory (RNFR, RNTO commands) |
| 396 - "m" = create directory (MKD command) |
| 397 - "w" = store a file to the server (STOR, STOU commands) |
| 398 |
| 399 Optional msg_login and msg_quit arguments can be specified to |
| 400 provide customized response strings when user log-in and quit. |
| 401 """ |
| 402 if self.has_user(username): |
| 403 raise AuthorizerError('User "%s" already exists' %username) |
| 404 if not os.path.isdir(homedir): |
| 405 raise AuthorizerError('No such directory: "%s"' %homedir) |
| 406 homedir = os.path.realpath(homedir) |
| 407 self._check_permissions(username, perm) |
| 408 dic = {'pwd': str(password), |
| 409 'home': homedir, |
| 410 'perm': perm, |
| 411 'operms': {}, |
| 412 'msg_login': str(msg_login), |
| 413 'msg_quit': str(msg_quit) |
| 414 } |
| 415 self.user_table[username] = dic |
| 416 |
| 417 def add_anonymous(self, homedir, **kwargs): |
| 418 """Add an anonymous user to the virtual users table. |
| 419 |
| 420 AuthorizerError exception raised on error conditions such as |
| 421 invalid permissions, missing home directory, or duplicate |
| 422 anonymous users. |
| 423 |
| 424 The keyword arguments in kwargs are the same expected by |
| 425 add_user method: "perm", "msg_login" and "msg_quit". |
| 426 |
| 427 The optional "perm" keyword argument is a string defaulting to |
| 428 "elr" referencing "read-only" anonymous user's permissions. |
| 429 |
| 430 Using write permission values ("adfmw") results in a |
| 431 RuntimeWarning. |
| 432 """ |
| 433 DummyAuthorizer.add_user(self, 'anonymous', '', homedir, **kwargs) |
| 434 |
| 435 def remove_user(self, username): |
| 436 """Remove a user from the virtual users table.""" |
| 437 del self.user_table[username] |
| 438 |
| 439 def override_perm(self, username, directory, perm, recursive=False): |
| 440 """Override permissions for a given directory.""" |
| 441 self._check_permissions(username, perm) |
| 442 if not os.path.isdir(directory): |
| 443 raise AuthorizerError('No such directory: "%s"' %directory) |
| 444 directory = os.path.normcase(os.path.realpath(directory)) |
| 445 home = os.path.normcase(self.get_home_dir(username)) |
| 446 if directory == home: |
| 447 raise AuthorizerError("Can't override home directory permissions") |
| 448 if not self._issubpath(directory, home): |
| 449 raise AuthorizerError("Path escapes user home directory") |
| 450 self.user_table[username]['operms'][directory] = perm, recursive |
| 451 |
| 452 def validate_authentication(self, username, password): |
| 453 """Return True if the supplied username and password match the |
| 454 stored credentials.""" |
| 455 return self.user_table[username]['pwd'] == password |
| 456 |
| 457 def impersonate_user(self, username, password): |
| 458 """Impersonate another user (noop). |
| 459 |
| 460 It is always called before accessing the filesystem. |
| 461 By default it does nothing. The subclass overriding this |
| 462 method is expected to provide a mechanism to change the |
| 463 current user. |
| 464 """ |
| 465 |
| 466 def terminate_impersonation(self): |
| 467 """Terminate impersonation (noop). |
| 468 |
| 469 It is always called after having accessed the filesystem. |
| 470 By default it does nothing. The subclass overriding this |
| 471 method is expected to provide a mechanism to switch back |
| 472 to the original user. |
| 473 """ |
| 474 |
| 475 def has_user(self, username): |
| 476 """Whether the username exists in the virtual users table.""" |
| 477 return username in self.user_table |
| 478 |
| 479 def has_perm(self, username, perm, path=None): |
| 480 """Whether the user has permission over path (an absolute |
| 481 pathname of a file or a directory). |
| 482 |
| 483 Expected perm argument is one of the following letters: |
| 484 "elradfmw". |
| 485 """ |
| 486 if path is None: |
| 487 return perm in self.user_table[username]['perm'] |
| 488 |
| 489 path = os.path.normcase(path) |
| 490 for dir in self.user_table[username]['operms'].keys(): |
| 491 operm, recursive = self.user_table[username]['operms'][dir] |
| 492 if self._issubpath(path, dir): |
| 493 if recursive: |
| 494 return perm in operm |
| 495 if (path == dir) or (os.path.dirname(path) == dir \ |
| 496 and not os.path.isdir(path)): |
| 497 return perm in operm |
| 498 |
| 499 return perm in self.user_table[username]['perm'] |
| 500 |
| 501 def get_perms(self, username): |
| 502 """Return current user permissions.""" |
| 503 return self.user_table[username]['perm'] |
| 504 |
| 505 def get_home_dir(self, username): |
| 506 """Return the user's home directory.""" |
| 507 return self.user_table[username]['home'] |
| 508 |
| 509 def get_msg_login(self, username): |
| 510 """Return the user's login message.""" |
| 511 return self.user_table[username]['msg_login'] |
| 512 |
| 513 def get_msg_quit(self, username): |
| 514 """Return the user's quitting message.""" |
| 515 return self.user_table[username]['msg_quit'] |
| 516 |
| 517 def _check_permissions(self, username, perm): |
| 518 warned = 0 |
| 519 for p in perm: |
| 520 if p not in 'elradfmw': |
| 521 raise AuthorizerError('No such permission "%s"' %p) |
| 522 if (username == 'anonymous') and (p in "adfmw") and not warned: |
| 523 warnings.warn("Write permissions assigned to anonymous user.", |
| 524 RuntimeWarning) |
| 525 warned = 1 |
| 526 |
| 527 def _issubpath(self, a, b): |
| 528 """Return True if a is a sub-path of b or if the paths are equal.""" |
| 529 p1 = a.rstrip(os.sep).split(os.sep) |
| 530 p2 = b.rstrip(os.sep).split(os.sep) |
| 531 return p1[:len(p2)] == p2 |
| 532 |
| 533 |
| 534 |
| 535 # --- DTP classes |
| 536 |
| 537 class PassiveDTP(asyncore.dispatcher): |
| 538 """This class is an asyncore.disptacher subclass. It creates a |
| 539 socket listening on a local port, dispatching the resultant |
| 540 connection to DTPHandler. |
| 541 |
| 542 - (int) timeout: the timeout for a remote client to establish |
| 543 connection with the listening socket. Defaults to 30 seconds. |
| 544 """ |
| 545 timeout = 30 |
| 546 |
| 547 def __init__(self, cmd_channel, extmode=False): |
| 548 """Initialize the passive data server. |
| 549 |
| 550 - (instance) cmd_channel: the command channel class instance. |
| 551 - (bool) extmode: wheter use extended passive mode response type. |
| 552 """ |
| 553 asyncore.dispatcher.__init__(self) |
| 554 self.cmd_channel = cmd_channel |
| 555 if self.timeout: |
| 556 self.idler = CallLater(self.timeout, self.handle_timeout) |
| 557 else: |
| 558 self.idler = None |
| 559 |
| 560 ip = self.cmd_channel.getsockname()[0] |
| 561 self.create_socket(self.cmd_channel.af, socket.SOCK_STREAM) |
| 562 |
| 563 if self.cmd_channel.passive_ports is None: |
| 564 # By using 0 as port number value we let kernel choose a |
| 565 # free unprivileged random port. |
| 566 self.bind((ip, 0)) |
| 567 else: |
| 568 ports = list(self.cmd_channel.passive_ports) |
| 569 while ports: |
| 570 port = ports.pop(random.randint(0, len(ports) -1)) |
| 571 try: |
| 572 self.bind((ip, port)) |
| 573 except socket.error, why: |
| 574 if why[0] == errno.EADDRINUSE: # port already in use |
| 575 if ports: |
| 576 continue |
| 577 # If cannot use one of the ports in the configured |
| 578 # range we'll use a kernel-assigned port, and log |
| 579 # a message reporting the issue. |
| 580 # By using 0 as port number value we let kernel |
| 581 # choose a free unprivileged random port. |
| 582 else: |
| 583 self.bind((ip, 0)) |
| 584 self.cmd_channel.log( |
| 585 "Can't find a valid passive port in the " |
| 586 "configured range. A random kernel-assigned " |
| 587 "port will be used." |
| 588 ) |
| 589 else: |
| 590 raise |
| 591 else: |
| 592 break |
| 593 self.listen(5) |
| 594 port = self.socket.getsockname()[1] |
| 595 if not extmode: |
| 596 if self.cmd_channel.masquerade_address: |
| 597 ip = self.cmd_channel.masquerade_address |
| 598 # The format of 227 response in not standardized. |
| 599 # This is the most expected: |
| 600 self.cmd_channel.respond('227 Entering passive mode (%s,%d,%d).' %( |
| 601 ip.replace('.', ','), port / 256, port % 256)) |
| 602 else: |
| 603 self.cmd_channel.respond('229 Entering extended passive mode ' |
| 604 '(|||%d|).' %port) |
| 605 |
| 606 # --- connection / overridden |
| 607 |
| 608 def handle_accept(self): |
| 609 """Called when remote client initiates a connection.""" |
| 610 if self.idler and not self.idler.cancelled: |
| 611 self.idler.cancel() |
| 612 sock, addr = self.accept() |
| 613 |
| 614 # Check the origin of data connection. If not expressively |
| 615 # configured we drop the incoming data connection if remote |
| 616 # IP address does not match the client's IP address. |
| 617 if (self.cmd_channel.remote_ip != addr[0]): |
| 618 if not self.cmd_channel.permit_foreign_addresses: |
| 619 try: |
| 620 sock.close() |
| 621 except socket.error: |
| 622 pass |
| 623 msg = 'Rejected data connection from foreign address %s:%s.' \ |
| 624 %(addr[0], addr[1]) |
| 625 self.cmd_channel.respond("425 %s" %msg) |
| 626 self.cmd_channel.log(msg) |
| 627 # do not close listening socket: it couldn't be client's blame |
| 628 return |
| 629 else: |
| 630 # site-to-site FTP allowed |
| 631 msg = 'Established data connection with foreign address %s:%s.'\ |
| 632 %(addr[0], addr[1]) |
| 633 self.cmd_channel.log(msg) |
| 634 # Immediately close the current channel (we accept only one |
| 635 # connection at time) and avoid running out of max connections |
| 636 # limit. |
| 637 self.close() |
| 638 # delegate such connection to DTP handler |
| 639 handler = self.cmd_channel.dtp_handler(sock, self.cmd_channel) |
| 640 self.cmd_channel.data_channel = handler |
| 641 self.cmd_channel.on_dtp_connection() |
| 642 |
| 643 def handle_timeout(self): |
| 644 self.cmd_channel.respond("421 Passive data channel timed out.") |
| 645 self.close() |
| 646 |
| 647 def writable(self): |
| 648 return 0 |
| 649 |
| 650 def handle_error(self): |
| 651 """Called to handle any uncaught exceptions.""" |
| 652 try: |
| 653 raise |
| 654 except (KeyboardInterrupt, SystemExit, asyncore.ExitNow): |
| 655 raise |
| 656 logerror(traceback.format_exc()) |
| 657 self.close() |
| 658 |
| 659 def close(self): |
| 660 if self.idler and not self.idler.cancelled: |
| 661 self.idler.cancel() |
| 662 asyncore.dispatcher.close(self) |
| 663 |
| 664 |
| 665 class ActiveDTP(asyncore.dispatcher): |
| 666 """This class is an asyncore.disptacher subclass. It creates a |
| 667 socket resulting from the connection to a remote user-port, |
| 668 dispatching it to DTPHandler. |
| 669 |
| 670 - (int) timeout: the timeout for us to establish connection with |
| 671 the client's listening data socket. |
| 672 """ |
| 673 timeout = 30 |
| 674 |
| 675 def __init__(self, ip, port, cmd_channel): |
| 676 """Initialize the active data channel attemping to connect |
| 677 to remote data socket. |
| 678 |
| 679 - (str) ip: the remote IP address. |
| 680 - (int) port: the remote port. |
| 681 - (instance) cmd_channel: the command channel class instance. |
| 682 """ |
| 683 asyncore.dispatcher.__init__(self) |
| 684 self.cmd_channel = cmd_channel |
| 685 if self.timeout: |
| 686 self.idler = CallLater(self.timeout, self.handle_timeout) |
| 687 else: |
| 688 self.idler = None |
| 689 self.create_socket(self.cmd_channel.af, socket.SOCK_STREAM) |
| 690 try: |
| 691 self.connect((ip, port)) |
| 692 except socket.gaierror: |
| 693 self.cmd_channel.respond("425 Can't connect to specified address.") |
| 694 self.close() |
| 695 |
| 696 # --- connection / overridden |
| 697 |
| 698 def handle_write(self): |
| 699 # NOOP, overridden to prevent unhandled write event msg to |
| 700 # be printed on Python < 2.6 |
| 701 pass |
| 702 |
| 703 def handle_connect(self): |
| 704 """Called when connection is established.""" |
| 705 if self.idler and not self.idler.cancelled: |
| 706 self.idler.cancel() |
| 707 self.cmd_channel.respond('200 Active data connection established.') |
| 708 # delegate such connection to DTP handler |
| 709 handler = self.cmd_channel.dtp_handler(self.socket, self.cmd_channel) |
| 710 self.cmd_channel.data_channel = handler |
| 711 self.cmd_channel.on_dtp_connection() |
| 712 #self.close() # <-- (done automatically) |
| 713 |
| 714 def handle_timeout(self): |
| 715 self.cmd_channel.respond("421 Active data channel timed out.") |
| 716 self.close() |
| 717 |
| 718 def handle_expt(self): |
| 719 self.cmd_channel.respond("425 Can't connect to specified address.") |
| 720 self.close() |
| 721 |
| 722 def handle_error(self): |
| 723 """Called to handle any uncaught exceptions.""" |
| 724 try: |
| 725 raise |
| 726 except (KeyboardInterrupt, SystemExit, asyncore.ExitNow): |
| 727 raise |
| 728 except socket.error: |
| 729 pass |
| 730 except: |
| 731 logerror(traceback.format_exc()) |
| 732 self.cmd_channel.respond("425 Can't connect to specified address.") |
| 733 self.close() |
| 734 |
| 735 def close(self): |
| 736 if self.idler and not self.idler.cancelled: |
| 737 self.idler.cancel() |
| 738 asyncore.dispatcher.close(self) |
| 739 |
| 740 |
| 741 try: |
| 742 from collections import deque |
| 743 except ImportError: |
| 744 # backward compatibility with Python < 2.4 by replacing deque with a list |
| 745 class deque(list): |
| 746 def appendleft(self, obj): |
| 747 list.insert(self, 0, obj) |
| 748 |
| 749 |
| 750 class DTPHandler(asyncore.dispatcher): |
| 751 """Class handling server-data-transfer-process (server-DTP, see |
| 752 RFC-959) managing data-transfer operations involving sending |
| 753 and receiving data. |
| 754 |
| 755 Instance attributes defined in this class, initialized when |
| 756 channel is opened: |
| 757 |
| 758 - (int) timeout: the timeout which roughly is the maximum time we |
| 759 permit data transfers to stall for with no progress. If the |
| 760 timeout triggers, the remote client will be kicked off. |
| 761 |
| 762 - (instance) cmd_channel: the command channel class instance. |
| 763 - (file) file_obj: the file transferred (if any). |
| 764 - (bool) receive: True if channel is used for receiving data. |
| 765 - (bool) transfer_finished: True if transfer completed successfully. |
| 766 - (int) tot_bytes_sent: the total bytes sent. |
| 767 - (int) tot_bytes_received: the total bytes received. |
| 768 |
| 769 DTPHandler implementation note: |
| 770 |
| 771 When a producer is consumed and close_when_done() has been called |
| 772 previously, refill_buffer() erroneously calls close() instead of |
| 773 handle_close() - (see: http://bugs.python.org/issue1740572) |
| 774 |
| 775 To avoid this problem DTPHandler is implemented as a subclass of |
| 776 asyncore.dispatcher instead of asynchat.async_chat. |
| 777 This implementation follows the same approach that asynchat module |
| 778 should use in Python 2.6. |
| 779 |
| 780 The most important change in the implementation is related to |
| 781 producer_fifo, which is a pure deque object instead of a |
| 782 producer_fifo instance. |
| 783 |
| 784 Since we don't want to break backward compatibily with older python |
| 785 versions (deque has been introduced in Python 2.4), if deque is not |
| 786 available we use a list instead. |
| 787 """ |
| 788 |
| 789 timeout = 300 |
| 790 ac_in_buffer_size = 8192 |
| 791 ac_out_buffer_size = 8192 |
| 792 |
| 793 def __init__(self, sock_obj, cmd_channel): |
| 794 """Initialize the command channel. |
| 795 |
| 796 - (instance) sock_obj: the socket object instance of the newly |
| 797 established connection. |
| 798 - (instance) cmd_channel: the command channel class instance. |
| 799 """ |
| 800 asyncore.dispatcher.__init__(self, sock_obj) |
| 801 # we toss the use of the asynchat's "simple producer" and |
| 802 # replace it with a pure deque, which the original fifo |
| 803 # was a wrapping of |
| 804 self.producer_fifo = deque() |
| 805 |
| 806 self.cmd_channel = cmd_channel |
| 807 self.file_obj = None |
| 808 self.receive = False |
| 809 self.transfer_finished = False |
| 810 self.tot_bytes_sent = 0 |
| 811 self.tot_bytes_received = 0 |
| 812 self.data_wrapper = lambda x: x |
| 813 self._lastdata = 0 |
| 814 self._closed = False |
| 815 if self.timeout: |
| 816 self.idler = CallLater(self.timeout, self.handle_timeout) |
| 817 else: |
| 818 self.idler = None |
| 819 |
| 820 # --- utility methods |
| 821 |
| 822 def enable_receiving(self, type): |
| 823 """Enable receiving of data over the channel. Depending on the |
| 824 TYPE currently in use it creates an appropriate wrapper for the |
| 825 incoming data. |
| 826 |
| 827 - (str) type: current transfer type, 'a' (ASCII) or 'i' (binary). |
| 828 """ |
| 829 if type == 'a': |
| 830 self.data_wrapper = lambda x: x.replace('\r\n', os.linesep) |
| 831 elif type == 'i': |
| 832 self.data_wrapper = lambda x: x |
| 833 else: |
| 834 raise TypeError, "Unsupported type" |
| 835 self.receive = True |
| 836 |
| 837 def get_transmitted_bytes(self): |
| 838 "Return the number of transmitted bytes." |
| 839 return self.tot_bytes_sent + self.tot_bytes_received |
| 840 |
| 841 def transfer_in_progress(self): |
| 842 "Return True if a transfer is in progress, else False." |
| 843 return self.get_transmitted_bytes() != 0 |
| 844 |
| 845 # --- connection |
| 846 |
| 847 def handle_read(self): |
| 848 """Called when there is data waiting to be read.""" |
| 849 try: |
| 850 chunk = self.recv(self.ac_in_buffer_size) |
| 851 except socket.error: |
| 852 self.handle_error() |
| 853 else: |
| 854 self.tot_bytes_received += len(chunk) |
| 855 if not chunk: |
| 856 self.transfer_finished = True |
| 857 #self.close() # <-- asyncore.recv() already do that... |
| 858 return |
| 859 # while we're writing on the file an exception could occur |
| 860 # in case that filesystem gets full; if this happens we |
| 861 # let handle_error() method handle this exception, providing |
| 862 # a detailed error message. |
| 863 self.file_obj.write(self.data_wrapper(chunk)) |
| 864 |
| 865 def handle_write(self): |
| 866 """Called when data is ready to be written, initiates send.""" |
| 867 self.initiate_send() |
| 868 |
| 869 def push(self, data): |
| 870 """Push data onto the deque and initiate send.""" |
| 871 sabs = self.ac_out_buffer_size |
| 872 if len(data) > sabs: |
| 873 for i in xrange(0, len(data), sabs): |
| 874 self.producer_fifo.append(data[i:i+sabs]) |
| 875 else: |
| 876 self.producer_fifo.append(data) |
| 877 self.initiate_send() |
| 878 |
| 879 def push_with_producer(self, producer): |
| 880 """Push data using a producer and initiate send.""" |
| 881 self.producer_fifo.append(producer) |
| 882 self.initiate_send() |
| 883 |
| 884 def readable(self): |
| 885 """Predicate for inclusion in the readable for select().""" |
| 886 return self.receive |
| 887 |
| 888 def writable(self): |
| 889 """Predicate for inclusion in the writable for select().""" |
| 890 return self.producer_fifo or (not self.connected) |
| 891 |
| 892 def close_when_done(self): |
| 893 """Automatically close this channel once the outgoing queue is empty.""" |
| 894 self.producer_fifo.append(None) |
| 895 |
| 896 def initiate_send(self): |
| 897 """Attempt to send data in fifo order.""" |
| 898 while self.producer_fifo and self.connected: |
| 899 first = self.producer_fifo[0] |
| 900 # handle empty string/buffer or None entry |
| 901 if not first: |
| 902 del self.producer_fifo[0] |
| 903 if first is None: |
| 904 self.transfer_finished = True |
| 905 self.handle_close() |
| 906 return |
| 907 |
| 908 # handle classic producer behavior |
| 909 obs = self.ac_out_buffer_size |
| 910 try: |
| 911 data = buffer(first, 0, obs) |
| 912 except TypeError: |
| 913 data = first.more() |
| 914 if data: |
| 915 self.producer_fifo.appendleft(data) |
| 916 else: |
| 917 del self.producer_fifo[0] |
| 918 continue |
| 919 |
| 920 # send the data |
| 921 try: |
| 922 num_sent = self.send(data) |
| 923 except socket.error: |
| 924 self.handle_error() |
| 925 return |
| 926 |
| 927 if num_sent: |
| 928 self.tot_bytes_sent += num_sent |
| 929 if num_sent < len(data) or obs < len(first): |
| 930 self.producer_fifo[0] = first[num_sent:] |
| 931 else: |
| 932 del self.producer_fifo[0] |
| 933 # we tried to send some actual data |
| 934 return |
| 935 |
| 936 def handle_timeout(self): |
| 937 """Called cyclically to check if data trasfer is stalling with |
| 938 no progress in which case the client is kicked off. |
| 939 """ |
| 940 if self.get_transmitted_bytes() > self._lastdata: |
| 941 self._lastdata = self.get_transmitted_bytes() |
| 942 self.idler = CallLater(self.timeout, self.handle_timeout) |
| 943 else: |
| 944 msg = "Data connection timed out." |
| 945 self.cmd_channel.log(msg) |
| 946 self.cmd_channel.respond("421 " + msg) |
| 947 self.cmd_channel.close_when_done() |
| 948 self.close() |
| 949 |
| 950 def handle_expt(self): |
| 951 """Called on "exceptional" data events.""" |
| 952 self.cmd_channel.respond("426 Connection error; transfer aborted.") |
| 953 self.close() |
| 954 |
| 955 def handle_error(self): |
| 956 """Called when an exception is raised and not otherwise handled.""" |
| 957 try: |
| 958 raise |
| 959 except (KeyboardInterrupt, SystemExit, asyncore.ExitNow): |
| 960 raise |
| 961 except socket.error, err: |
| 962 # fix around asyncore bug (http://bugs.python.org/issue1736101) |
| 963 if err[0] in (errno.ECONNRESET, errno.ENOTCONN, errno.ESHUTDOWN, \ |
| 964 errno.ECONNABORTED): |
| 965 self.handle_close() |
| 966 return |
| 967 else: |
| 968 error = str(err[1]) |
| 969 # an error could occur in case we fail reading / writing |
| 970 # from / to file (e.g. file system gets full) |
| 971 except EnvironmentError, err: |
| 972 error = _strerror(err) |
| 973 except: |
| 974 # some other exception occurred; we don't want to provide |
| 975 # confidential error messages |
| 976 logerror(traceback.format_exc()) |
| 977 error = "Internal error" |
| 978 self.cmd_channel.respond("426 %s; transfer aborted." %error) |
| 979 self.close() |
| 980 |
| 981 def handle_close(self): |
| 982 """Called when the socket is closed.""" |
| 983 # If we used channel for receiving we assume that transfer is |
| 984 # finished when client close connection , if we used channel |
| 985 # for sending we have to check that all data has been sent |
| 986 # (responding with 226) or not (responding with 426). |
| 987 if self.receive: |
| 988 self.transfer_finished = True |
| 989 action = 'received' |
| 990 else: |
| 991 action = 'sent' |
| 992 if self.transfer_finished: |
| 993 self.cmd_channel.respond("226 Transfer complete.") |
| 994 if self.file_obj: |
| 995 fname = self.cmd_channel.fs.fs2ftp(self.file_obj.name) |
| 996 self.cmd_channel.log('"%s" %s.' %(fname, action)) |
| 997 else: |
| 998 tot_bytes = self.get_transmitted_bytes() |
| 999 msg = "Transfer aborted; %d bytes transmitted." %tot_bytes |
| 1000 self.cmd_channel.respond("426 " + msg) |
| 1001 self.cmd_channel.log(msg) |
| 1002 self.close() |
| 1003 |
| 1004 def close(self): |
| 1005 """Close the data channel, first attempting to close any remaining |
| 1006 file handles.""" |
| 1007 if not self._closed: |
| 1008 self._closed = True |
| 1009 if self.file_obj is not None and not self.file_obj.closed: |
| 1010 self.file_obj.close() |
| 1011 if self.idler and not self.idler.cancelled: |
| 1012 self.idler.cancel() |
| 1013 asyncore.dispatcher.close(self) |
| 1014 self.cmd_channel.on_dtp_close() |
| 1015 |
| 1016 |
| 1017 # --- producers |
| 1018 |
| 1019 class FileProducer: |
| 1020 """Producer wrapper for file[-like] objects.""" |
| 1021 |
| 1022 buffer_size = 65536 |
| 1023 |
| 1024 def __init__(self, file, type): |
| 1025 """Initialize the producer with a data_wrapper appropriate to TYPE. |
| 1026 |
| 1027 - (file) file: the file[-like] object. |
| 1028 - (str) type: the current TYPE, 'a' (ASCII) or 'i' (binary). |
| 1029 """ |
| 1030 self.done = False |
| 1031 self.file = file |
| 1032 if type == 'a': |
| 1033 self.data_wrapper = lambda x: x.replace(os.linesep, '\r\n') |
| 1034 elif type == 'i': |
| 1035 self.data_wrapper = lambda x: x |
| 1036 else: |
| 1037 raise TypeError, "Unsupported type" |
| 1038 |
| 1039 def more(self): |
| 1040 """Attempt a chunk of data of size self.buffer_size.""" |
| 1041 if self.done: |
| 1042 return '' |
| 1043 data = self.data_wrapper(self.file.read(self.buffer_size)) |
| 1044 if not data: |
| 1045 self.done = True |
| 1046 if not self.file.closed: |
| 1047 self.file.close() |
| 1048 return data |
| 1049 |
| 1050 |
| 1051 class BufferedIteratorProducer: |
| 1052 """Producer for iterator objects with buffer capabilities.""" |
| 1053 # how many times iterator.next() will be called before |
| 1054 # returning some data |
| 1055 loops = 20 |
| 1056 |
| 1057 def __init__(self, iterator): |
| 1058 self.iterator = iterator |
| 1059 |
| 1060 def more(self): |
| 1061 """Attempt a chunk of data from iterator by calling |
| 1062 its next() method different times. |
| 1063 """ |
| 1064 buffer = [] |
| 1065 for x in xrange(self.loops): |
| 1066 try: |
| 1067 buffer.append(self.iterator.next()) |
| 1068 except StopIteration: |
| 1069 break |
| 1070 return ''.join(buffer) |
| 1071 |
| 1072 |
| 1073 # --- filesystem |
| 1074 |
| 1075 class AbstractedFS: |
| 1076 """A class used to interact with the file system, providing a high |
| 1077 level, cross-platform interface compatible with both Windows and |
| 1078 UNIX style filesystems. |
| 1079 |
| 1080 It provides some utility methods and some wraps around operations |
| 1081 involved in file creation and file system operations like moving |
| 1082 files or removing directories. |
| 1083 |
| 1084 Instance attributes: |
| 1085 - (str) root: the user home directory. |
| 1086 - (str) cwd: the current working directory. |
| 1087 - (str) rnfr: source file to be renamed. |
| 1088 """ |
| 1089 |
| 1090 def __init__(self): |
| 1091 self.root = None |
| 1092 self.cwd = '/' |
| 1093 self.rnfr = None |
| 1094 |
| 1095 # --- Pathname / conversion utilities |
| 1096 |
| 1097 def ftpnorm(self, ftppath): |
| 1098 """Normalize a "virtual" ftp pathname (tipically the raw string |
| 1099 coming from client) depending on the current working directory. |
| 1100 |
| 1101 Example (having "/foo" as current working directory): |
| 1102 'x' -> '/foo/x' |
| 1103 |
| 1104 Note: directory separators are system independent ("/"). |
| 1105 Pathname returned is always absolutized. |
| 1106 """ |
| 1107 if os.path.isabs(ftppath): |
| 1108 p = os.path.normpath(ftppath) |
| 1109 else: |
| 1110 p = os.path.normpath(os.path.join(self.cwd, ftppath)) |
| 1111 # normalize string in a standard web-path notation having '/' |
| 1112 # as separator. |
| 1113 p = p.replace("\\", "/") |
| 1114 # os.path.normpath supports UNC paths (e.g. "//a/b/c") but we |
| 1115 # don't need them. In case we get an UNC path we collapse |
| 1116 # redundant separators appearing at the beginning of the string |
| 1117 while p[:2] == '//': |
| 1118 p = p[1:] |
| 1119 # Anti path traversal: don't trust user input, in the event |
| 1120 # that self.cwd is not absolute, return "/" as a safety measure. |
| 1121 # This is for extra protection, maybe not really necessary. |
| 1122 if not os.path.isabs(p): |
| 1123 p = "/" |
| 1124 return p |
| 1125 |
| 1126 def ftp2fs(self, ftppath): |
| 1127 """Translate a "virtual" ftp pathname (tipically the raw string |
| 1128 coming from client) into equivalent absolute "real" filesystem |
| 1129 pathname. |
| 1130 |
| 1131 Example (having "/home/user" as root directory): |
| 1132 'x' -> '/home/user/x' |
| 1133 |
| 1134 Note: directory separators are system dependent. |
| 1135 """ |
| 1136 # as far as I know, it should always be path traversal safe... |
| 1137 if os.path.normpath(self.root) == os.sep: |
| 1138 return os.path.normpath(self.ftpnorm(ftppath)) |
| 1139 else: |
| 1140 p = self.ftpnorm(ftppath)[1:] |
| 1141 return os.path.normpath(os.path.join(self.root, p)) |
| 1142 |
| 1143 def fs2ftp(self, fspath): |
| 1144 """Translate a "real" filesystem pathname into equivalent |
| 1145 absolute "virtual" ftp pathname depending on the user's |
| 1146 root directory. |
| 1147 |
| 1148 Example (having "/home/user" as root directory): |
| 1149 '/home/user/x' -> '/x' |
| 1150 |
| 1151 As for ftpnorm, directory separators are system independent |
| 1152 ("/") and pathname returned is always absolutized. |
| 1153 |
| 1154 On invalid pathnames escaping from user's root directory |
| 1155 (e.g. "/home" when root is "/home/user") always return "/". |
| 1156 """ |
| 1157 if os.path.isabs(fspath): |
| 1158 p = os.path.normpath(fspath) |
| 1159 else: |
| 1160 p = os.path.normpath(os.path.join(self.root, fspath)) |
| 1161 if not self.validpath(p): |
| 1162 return '/' |
| 1163 p = p.replace(os.sep, "/") |
| 1164 p = p[len(self.root):] |
| 1165 if not p.startswith('/'): |
| 1166 p = '/' + p |
| 1167 return p |
| 1168 |
| 1169 # alias for backward compatibility with 0.2.0 |
| 1170 normalize = ftpnorm |
| 1171 translate = ftp2fs |
| 1172 |
| 1173 def validpath(self, path): |
| 1174 """Check whether the path belongs to user's home directory. |
| 1175 Expected argument is a "real" filesystem pathname. |
| 1176 |
| 1177 If path is a symbolic link it is resolved to check its real |
| 1178 destination. |
| 1179 |
| 1180 Pathnames escaping from user's root directory are considered |
| 1181 not valid. |
| 1182 """ |
| 1183 root = self.realpath(self.root) |
| 1184 path = self.realpath(path) |
| 1185 if not self.root.endswith(os.sep): |
| 1186 root = self.root + os.sep |
| 1187 if not path.endswith(os.sep): |
| 1188 path = path + os.sep |
| 1189 if path[0:len(root)] == root: |
| 1190 return True |
| 1191 return False |
| 1192 |
| 1193 # --- Wrapper methods around open() and tempfile.mkstemp |
| 1194 |
| 1195 def open(self, filename, mode): |
| 1196 """Open a file returning its handler.""" |
| 1197 return open(filename, mode) |
| 1198 |
| 1199 def mkstemp(self, suffix='', prefix='', dir=None, mode='wb'): |
| 1200 """A wrap around tempfile.mkstemp creating a file with a unique |
| 1201 name. Unlike mkstemp it returns an object with a file-like |
| 1202 interface. |
| 1203 """ |
| 1204 class FileWrapper: |
| 1205 def __init__(self, fd, name): |
| 1206 self.file = fd |
| 1207 self.name = name |
| 1208 def __getattr__(self, attr): |
| 1209 return getattr(self.file, attr) |
| 1210 |
| 1211 text = not 'b' in mode |
| 1212 # max number of tries to find out a unique file name |
| 1213 tempfile.TMP_MAX = 50 |
| 1214 fd, name = tempfile.mkstemp(suffix, prefix, dir, text=text) |
| 1215 file = os.fdopen(fd, mode) |
| 1216 return FileWrapper(file, name) |
| 1217 |
| 1218 # --- Wrapper methods around os.* |
| 1219 |
| 1220 def chdir(self, path): |
| 1221 """Change the current directory.""" |
| 1222 # temporarily join the specified directory to see if we have |
| 1223 # permissions to do so |
| 1224 basedir = os.getcwd() |
| 1225 try: |
| 1226 os.chdir(path) |
| 1227 except os.error: |
| 1228 raise |
| 1229 else: |
| 1230 os.chdir(basedir) |
| 1231 self.cwd = self.fs2ftp(path) |
| 1232 |
| 1233 def mkdir(self, path): |
| 1234 """Create the specified directory.""" |
| 1235 os.mkdir(path) |
| 1236 |
| 1237 def listdir(self, path): |
| 1238 """List the content of a directory.""" |
| 1239 return os.listdir(path) |
| 1240 |
| 1241 def rmdir(self, path): |
| 1242 """Remove the specified directory.""" |
| 1243 os.rmdir(path) |
| 1244 |
| 1245 def remove(self, path): |
| 1246 """Remove the specified file.""" |
| 1247 os.remove(path) |
| 1248 |
| 1249 def rename(self, src, dst): |
| 1250 """Rename the specified src file to the dst filename.""" |
| 1251 os.rename(src, dst) |
| 1252 |
| 1253 def stat(self, path): |
| 1254 """Perform a stat() system call on the given path.""" |
| 1255 return os.stat(path) |
| 1256 |
| 1257 def lstat(self, path): |
| 1258 """Like stat but does not follow symbolic links.""" |
| 1259 return os.lstat(path) |
| 1260 |
| 1261 if not hasattr(os, 'lstat'): |
| 1262 lstat = stat |
| 1263 |
| 1264 # --- Wrapper methods around os.path.* |
| 1265 |
| 1266 def isfile(self, path): |
| 1267 """Return True if path is a file.""" |
| 1268 return os.path.isfile(path) |
| 1269 |
| 1270 def islink(self, path): |
| 1271 """Return True if path is a symbolic link.""" |
| 1272 return os.path.islink(path) |
| 1273 |
| 1274 def isdir(self, path): |
| 1275 """Return True if path is a directory.""" |
| 1276 return os.path.isdir(path) |
| 1277 |
| 1278 def getsize(self, path): |
| 1279 """Return the size of the specified file in bytes.""" |
| 1280 return os.path.getsize(path) |
| 1281 |
| 1282 def getmtime(self, path): |
| 1283 """Return the last modified time as a number of seconds since |
| 1284 the epoch.""" |
| 1285 return os.path.getmtime(path) |
| 1286 |
| 1287 def realpath(self, path): |
| 1288 """Return the canonical version of path eliminating any |
| 1289 symbolic links encountered in the path (if they are |
| 1290 supported by the operating system). |
| 1291 """ |
| 1292 return os.path.realpath(path) |
| 1293 |
| 1294 def lexists(self, path): |
| 1295 """Return True if path refers to an existing path, including |
| 1296 a broken or circular symbolic link. |
| 1297 """ |
| 1298 if hasattr(os.path, 'lexists'): |
| 1299 return os.path.lexists(path) |
| 1300 # grant backward compatibility with python 2.3 |
| 1301 elif hasattr(os, 'lstat'): |
| 1302 try: |
| 1303 os.lstat(path) |
| 1304 except os.error: |
| 1305 return False |
| 1306 return True |
| 1307 # fallback |
| 1308 else: |
| 1309 return os.path.exists(path) |
| 1310 |
| 1311 exists = lexists # alias for backward compatibility with 0.2.0 |
| 1312 |
| 1313 # --- Listing utilities |
| 1314 |
| 1315 # note: the following operations are no more blocking |
| 1316 |
| 1317 def get_list_dir(self, path): |
| 1318 """"Return an iterator object that yields a directory listing |
| 1319 in a form suitable for LIST command. |
| 1320 """ |
| 1321 if self.isdir(path): |
| 1322 listing = self.listdir(path) |
| 1323 listing.sort() |
| 1324 return self.format_list(path, listing) |
| 1325 # if path is a file or a symlink we return information about it |
| 1326 else: |
| 1327 basedir, filename = os.path.split(path) |
| 1328 self.lstat(path) # raise exc in case of problems |
| 1329 return self.format_list(basedir, [filename]) |
| 1330 |
| 1331 def format_list(self, basedir, listing, ignore_err=True): |
| 1332 """Return an iterator object that yields the entries of given |
| 1333 directory emulating the "/bin/ls -lA" UNIX command output. |
| 1334 |
| 1335 - (str) basedir: the absolute dirname. |
| 1336 - (list) listing: the names of the entries in basedir |
| 1337 - (bool) ignore_err: when False raise exception if os.lstat() |
| 1338 call fails. |
| 1339 |
| 1340 On platforms which do not support the pwd and grp modules (such |
| 1341 as Windows), ownership is printed as "owner" and "group" as a |
| 1342 default, and number of hard links is always "1". On UNIX |
| 1343 systems, the actual owner, group, and number of links are |
| 1344 printed. |
| 1345 |
| 1346 This is how output appears to client: |
| 1347 |
| 1348 -rw-rw-rw- 1 owner group 7045120 Sep 02 3:47 music.mp3 |
| 1349 drwxrwxrwx 1 owner group 0 Aug 31 18:50 e-books |
| 1350 -rw-rw-rw- 1 owner group 380 Sep 02 3:40 module.py |
| 1351 """ |
| 1352 for basename in listing: |
| 1353 file = os.path.join(basedir, basename) |
| 1354 try: |
| 1355 st = self.lstat(file) |
| 1356 except os.error: |
| 1357 if ignore_err: |
| 1358 continue |
| 1359 raise |
| 1360 perms = filemode(st.st_mode) # permissions |
| 1361 nlinks = st.st_nlink # number of links to inode |
| 1362 if not nlinks: # non-posix system, let's use a bogus value |
| 1363 nlinks = 1 |
| 1364 size = st.st_size # file size |
| 1365 if pwd and grp: |
| 1366 # get user and group name, else just use the raw uid/gid |
| 1367 try: |
| 1368 uname = pwd.getpwuid(st.st_uid).pw_name |
| 1369 except KeyError: |
| 1370 uname = st.st_uid |
| 1371 try: |
| 1372 gname = grp.getgrgid(st.st_gid).gr_name |
| 1373 except KeyError: |
| 1374 gname = st.st_gid |
| 1375 else: |
| 1376 # on non-posix systems the only chance we use default |
| 1377 # bogus values for owner and group |
| 1378 uname = "owner" |
| 1379 gname = "group" |
| 1380 # stat.st_mtime could fail (-1) if last mtime is too old |
| 1381 # in which case we return the local time as last mtime |
| 1382 try: |
| 1383 mtime = time.strftime("%b %d %H:%M", time.localtime(st.st_mtime)
) |
| 1384 except ValueError: |
| 1385 mtime = time.strftime("%b %d %H:%M") |
| 1386 # if the file is a symlink, resolve it, e.g. "symlink -> realfile" |
| 1387 if stat.S_ISLNK(st.st_mode) and hasattr(os, 'readlink'): |
| 1388 basename = basename + " -> " + os.readlink(file) |
| 1389 |
| 1390 # formatting is matched with proftpd ls output |
| 1391 yield "%s %3s %-8s %-8s %8s %s %s\r\n" %(perms, nlinks, uname, gname
, |
| 1392 size, mtime, basename) |
| 1393 |
| 1394 def format_mlsx(self, basedir, listing, perms, facts, ignore_err=True): |
| 1395 """Return an iterator object that yields the entries of a given |
| 1396 directory or of a single file in a form suitable with MLSD and |
| 1397 MLST commands. |
| 1398 |
| 1399 Every entry includes a list of "facts" referring the listed |
| 1400 element. See RFC-3659, chapter 7, to see what every single |
| 1401 fact stands for. |
| 1402 |
| 1403 - (str) basedir: the absolute dirname. |
| 1404 - (list) listing: the names of the entries in basedir |
| 1405 - (str) perms: the string referencing the user permissions. |
| 1406 - (str) facts: the list of "facts" to be returned. |
| 1407 - (bool) ignore_err: when False raise exception if os.stat() |
| 1408 call fails. |
| 1409 |
| 1410 Note that "facts" returned may change depending on the platform |
| 1411 and on what user specified by using the OPTS command. |
| 1412 |
| 1413 This is how output could appear to the client issuing |
| 1414 a MLSD request: |
| 1415 |
| 1416 type=file;size=156;perm=r;modify=20071029155301;unique=801cd2; music.mp3 |
| 1417 type=dir;size=0;perm=el;modify=20071127230206;unique=801e33; ebooks |
| 1418 type=file;size=211;perm=r;modify=20071103093626;unique=801e32; module.py |
| 1419 """ |
| 1420 permdir = ''.join([x for x in perms if x not in 'arw']) |
| 1421 permfile = ''.join([x for x in perms if x not in 'celmp']) |
| 1422 if ('w' in perms) or ('a' in perms) or ('f' in perms): |
| 1423 permdir += 'c' |
| 1424 if 'd' in perms: |
| 1425 permdir += 'p' |
| 1426 type = size = perm = modify = create = unique = mode = uid = gid = "" |
| 1427 for basename in listing: |
| 1428 file = os.path.join(basedir, basename) |
| 1429 try: |
| 1430 st = self.stat(file) |
| 1431 except OSError: |
| 1432 if ignore_err: |
| 1433 continue |
| 1434 raise |
| 1435 # type + perm |
| 1436 if stat.S_ISDIR(st.st_mode): |
| 1437 if 'type' in facts: |
| 1438 if basename == '.': |
| 1439 type = 'type=cdir;' |
| 1440 elif basename == '..': |
| 1441 type = 'type=pdir;' |
| 1442 else: |
| 1443 type = 'type=dir;' |
| 1444 if 'perm' in facts: |
| 1445 perm = 'perm=%s;' %permdir |
| 1446 else: |
| 1447 if 'type' in facts: |
| 1448 type = 'type=file;' |
| 1449 if 'perm' in facts: |
| 1450 perm = 'perm=%s;' %permfile |
| 1451 if 'size' in facts: |
| 1452 size = 'size=%s;' %st.st_size # file size |
| 1453 # last modification time |
| 1454 if 'modify' in facts: |
| 1455 try: |
| 1456 modify = 'modify=%s;' %time.strftime("%Y%m%d%H%M%S", |
| 1457 time.localtime(st.st_mtime)) |
| 1458 except ValueError: |
| 1459 # stat.st_mtime could fail (-1) if last mtime is too old |
| 1460 modify = "" |
| 1461 if 'create' in facts: |
| 1462 # on Windows we can provide also the creation time |
| 1463 try: |
| 1464 create = 'create=%s;' %time.strftime("%Y%m%d%H%M%S", |
| 1465 time.localtime(st.st_ctime)) |
| 1466 except ValueError: |
| 1467 create = "" |
| 1468 # UNIX only |
| 1469 if 'unix.mode' in facts: |
| 1470 mode = 'unix.mode=%s;' %oct(st.st_mode & 0777) |
| 1471 if 'unix.uid' in facts: |
| 1472 uid = 'unix.uid=%s;' %st.st_uid |
| 1473 if 'unix.gid' in facts: |
| 1474 gid = 'unix.gid=%s;' %st.st_gid |
| 1475 # We provide unique fact (see RFC-3659, chapter 7.5.2) on |
| 1476 # posix platforms only; we get it by mixing st_dev and |
| 1477 # st_ino values which should be enough for granting an |
| 1478 # uniqueness for the file listed. |
| 1479 # The same approach is used by pure-ftpd. |
| 1480 # Implementors who want to provide unique fact on other |
| 1481 # platforms should use some platform-specific method (e.g. |
| 1482 # on Windows NTFS filesystems MTF records could be used). |
| 1483 if 'unique' in facts: |
| 1484 unique = "unique=%x%x;" %(st.st_dev, st.st_ino) |
| 1485 |
| 1486 yield "%s%s%s%s%s%s%s%s%s %s\r\n" %(type, size, perm, modify, create
, |
| 1487 mode, uid, gid, unique, basename
) |
| 1488 |
| 1489 |
| 1490 # --- FTP |
| 1491 |
| 1492 class FTPHandler(asynchat.async_chat): |
| 1493 """Implements the FTP server Protocol Interpreter (see RFC-959), |
| 1494 handling commands received from the client on the control channel. |
| 1495 |
| 1496 All relevant session information is stored in class attributes |
| 1497 reproduced below and can be modified before instantiating this |
| 1498 class. |
| 1499 |
| 1500 - (int) timeout: |
| 1501 The timeout which is the maximum time a remote client may spend |
| 1502 between FTP commands. If the timeout triggers, the remote client |
| 1503 will be kicked off. Defaults to 300 seconds. |
| 1504 |
| 1505 - (str) banner: the string sent when client connects. |
| 1506 |
| 1507 - (int) max_login_attempts: |
| 1508 the maximum number of wrong authentications before disconnecting |
| 1509 the client (default 3). |
| 1510 |
| 1511 - (bool)permit_foreign_addresses: |
| 1512 FTP site-to-site transfer feature: also referenced as "FXP" it |
| 1513 permits for transferring a file between two remote FTP servers |
| 1514 without the transfer going through the client's host (not |
| 1515 recommended for security reasons as described in RFC-2577). |
| 1516 Having this attribute set to False means that all data |
| 1517 connections from/to remote IP addresses which do not match the |
| 1518 client's IP address will be dropped (defualt False). |
| 1519 |
| 1520 - (bool) permit_privileged_ports: |
| 1521 set to True if you want to permit active data connections (PORT) |
| 1522 over privileged ports (not recommended, defaulting to False). |
| 1523 |
| 1524 - (str) masquerade_address: |
| 1525 the "masqueraded" IP address to provide along PASV reply when |
| 1526 pyftpdlib is running behind a NAT or other types of gateways. |
| 1527 When configured pyftpdlib will hide its local address and |
| 1528 instead use the public address of your NAT (default None). |
| 1529 |
| 1530 - (list) passive_ports: |
| 1531 what ports ftpd will use for its passive data transfers. |
| 1532 Value expected is a list of integers (e.g. range(60000, 65535)). |
| 1533 When configured pyftpdlib will no longer use kernel-assigned |
| 1534 random ports (default None). |
| 1535 |
| 1536 |
| 1537 All relevant instance attributes initialized when client connects |
| 1538 are reproduced below. You may be interested in them in case you |
| 1539 want to subclass the original FTPHandler. |
| 1540 |
| 1541 - (bool) authenticated: True if client authenticated himself. |
| 1542 - (str) username: the name of the connected user (if any). |
| 1543 - (int) attempted_logins: number of currently attempted logins. |
| 1544 - (str) current_type: the current transfer type (default "a") |
| 1545 - (int) af: the address family (IPv4/IPv6) |
| 1546 - (instance) server: the FTPServer class instance. |
| 1547 - (instance) data_server: the data server instance (if any). |
| 1548 - (instance) data_channel: the data channel instance (if any). |
| 1549 """ |
| 1550 # these are overridable defaults |
| 1551 |
| 1552 # default classes |
| 1553 authorizer = DummyAuthorizer() |
| 1554 active_dtp = ActiveDTP |
| 1555 passive_dtp = PassiveDTP |
| 1556 dtp_handler = DTPHandler |
| 1557 abstracted_fs = AbstractedFS |
| 1558 |
| 1559 # session attributes (explained in the docstring) |
| 1560 timeout = 300 |
| 1561 banner = "pyftpdlib %s ready." %__ver__ |
| 1562 max_login_attempts = 3 |
| 1563 permit_foreign_addresses = False |
| 1564 permit_privileged_ports = False |
| 1565 masquerade_address = None |
| 1566 passive_ports = None |
| 1567 |
| 1568 def __init__(self, conn, server): |
| 1569 """Initialize the command channel. |
| 1570 |
| 1571 - (instance) conn: the socket object instance of the newly |
| 1572 established connection. |
| 1573 - (instance) server: the ftp server class instance. |
| 1574 """ |
| 1575 asynchat.async_chat.__init__(self, conn) |
| 1576 self.set_terminator("\r\n") |
| 1577 # try to handle urgent data inline |
| 1578 try: |
| 1579 self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_OOBINLINE, 1) |
| 1580 except socket.error: |
| 1581 pass |
| 1582 |
| 1583 # public session attributes |
| 1584 self.server = server |
| 1585 self.remote_ip, self.remote_port = self.socket.getpeername()[:2] |
| 1586 self.fs = self.abstracted_fs() |
| 1587 self.authenticated = False |
| 1588 self.username = "" |
| 1589 self.password = "" |
| 1590 self.attempted_logins = 0 |
| 1591 self.current_type = 'a' |
| 1592 self.restart_position = 0 |
| 1593 self.quit_pending = False |
| 1594 self.sleeping = False |
| 1595 self.data_server = None |
| 1596 self.data_channel = None |
| 1597 if self.timeout: |
| 1598 self.idler = CallLater(self.timeout, self.handle_timeout) |
| 1599 else: |
| 1600 self.idler = None |
| 1601 if hasattr(self.socket, 'family'): |
| 1602 self.af = self.socket.family |
| 1603 else: # python < 2.5 |
| 1604 ip, port = self.socket.getsockname()[:2] |
| 1605 self.af = socket.getaddrinfo(ip, port, socket.AF_UNSPEC, |
| 1606 socket.SOCK_STREAM)[0][0] |
| 1607 |
| 1608 # private session attributes |
| 1609 self._in_buffer = [] |
| 1610 self._in_buffer_len = 0 |
| 1611 self._epsvall = False |
| 1612 self._in_dtp_queue = None |
| 1613 self._out_dtp_queue = None |
| 1614 self._closed = False |
| 1615 self._current_facts = ['type', 'perm', 'size', 'modify'] |
| 1616 if os.name == 'posix': |
| 1617 self._current_facts.append('unique') |
| 1618 self._available_facts = self._current_facts[:] |
| 1619 if pwd and grp: |
| 1620 self._available_facts += ['unix.mode', 'unix.uid', 'unix.gid'] |
| 1621 if os.name == 'nt': |
| 1622 self._available_facts.append('create') |
| 1623 |
| 1624 def handle(self): |
| 1625 """Return a 220 'Ready' response to the client over the command |
| 1626 channel. |
| 1627 """ |
| 1628 if len(self.banner) <= 75: |
| 1629 self.respond("220 %s" %str(self.banner)) |
| 1630 else: |
| 1631 self.push('220-%s\r\n' %str(self.banner)) |
| 1632 self.respond('220 ') |
| 1633 |
| 1634 def handle_max_cons(self): |
| 1635 """Called when limit for maximum number of connections is reached.""" |
| 1636 msg = "Too many connections. Service temporary unavailable." |
| 1637 self.respond("421 %s" %msg) |
| 1638 self.log(msg) |
| 1639 # If self.push is used, data could not be sent immediately in |
| 1640 # which case a new "loop" will occur exposing us to the risk of |
| 1641 # accepting new connections. Since this could cause asyncore to |
| 1642 # run out of fds (...and exposes the server to DoS attacks), we |
| 1643 # immediately close the channel by using close() instead of |
| 1644 # close_when_done(). If data has not been sent yet client will |
| 1645 # be silently disconnected. |
| 1646 self.close() |
| 1647 |
| 1648 def handle_max_cons_per_ip(self): |
| 1649 """Called when too many clients are connected from the same IP.""" |
| 1650 msg = "Too many connections from the same IP address." |
| 1651 self.respond("421 %s" %msg) |
| 1652 self.log(msg) |
| 1653 self.close_when_done() |
| 1654 |
| 1655 def handle_timeout(self): |
| 1656 """Called when client does not send any command within the time |
| 1657 specified in <timeout> attribute.""" |
| 1658 msg = "Control connection timed out." |
| 1659 self.log(msg) |
| 1660 self.respond("421 " + msg) |
| 1661 self.close_when_done() |
| 1662 |
| 1663 # --- asyncore / asynchat overridden methods |
| 1664 |
| 1665 def readable(self): |
| 1666 # if there's a quit pending we stop reading data from socket |
| 1667 return not self.sleeping |
| 1668 |
| 1669 def collect_incoming_data(self, data): |
| 1670 """Read incoming data and append to the input buffer.""" |
| 1671 self._in_buffer.append(data) |
| 1672 self._in_buffer_len += len(data) |
| 1673 # Flush buffer if it gets too long (possible DoS attacks). |
| 1674 # RFC-959 specifies that a 500 response could be given in |
| 1675 # such cases |
| 1676 buflimit = 2048 |
| 1677 if self._in_buffer_len > buflimit: |
| 1678 self.respond('500 Command too long.') |
| 1679 self.log('Command received exceeded buffer limit of %s.' %(buflimit)
) |
| 1680 self._in_buffer = [] |
| 1681 self._in_buffer_len = 0 |
| 1682 |
| 1683 def found_terminator(self): |
| 1684 r"""Called when the incoming data stream matches the \r\n |
| 1685 terminator. |
| 1686 |
| 1687 Depending on the command received it calls the command's |
| 1688 corresponding method (e.g. for received command "MKD pathname", |
| 1689 ftp_MKD() method is called with "pathname" as the argument). |
| 1690 """ |
| 1691 if self.idler and not self.idler.cancelled: |
| 1692 self.idler.reset() |
| 1693 |
| 1694 line = ''.join(self._in_buffer) |
| 1695 self._in_buffer = [] |
| 1696 self._in_buffer_len = 0 |
| 1697 |
| 1698 cmd = line.split(' ')[0].upper() |
| 1699 space = line.find(' ') |
| 1700 if space != -1: |
| 1701 arg = line[space + 1:] |
| 1702 else: |
| 1703 arg = "" |
| 1704 |
| 1705 if cmd != 'PASS': |
| 1706 self.logline("<== %s" %line) |
| 1707 else: |
| 1708 self.logline("<== %s %s" %(line.split(' ')[0], '*' * 6)) |
| 1709 |
| 1710 # Recognize those commands having "special semantics". They |
| 1711 # may be sent as OOB data but since many ftp clients does |
| 1712 # not follow the procedure from the RFC to send Telnet IP |
| 1713 # and Synch first, we check the last 4 characters only. |
| 1714 if not cmd in proto_cmds: |
| 1715 if cmd[-4:] in ('ABOR', 'STAT', 'QUIT'): |
| 1716 cmd = cmd[-4:] |
| 1717 else: |
| 1718 self.respond('500 Command "%s" not understood.' %cmd) |
| 1719 return |
| 1720 |
| 1721 if not arg and proto_cmds[cmd].arg_needed is True: |
| 1722 self.respond("501 Syntax error: command needs an argument.") |
| 1723 return |
| 1724 if arg and proto_cmds[cmd].arg_needed is False: |
| 1725 self.respond("501 Syntax error: command does not accept arguments.") |
| 1726 return |
| 1727 |
| 1728 if not self.authenticated: |
| 1729 if proto_cmds[cmd].auth_needed or (cmd == 'STAT' and arg): |
| 1730 self.respond("530 Log in with USER and PASS first.") |
| 1731 else: |
| 1732 method = getattr(self, 'ftp_' + cmd) |
| 1733 method(arg) # call the proper ftp_* method |
| 1734 else: |
| 1735 if cmd == 'STAT' and not arg: |
| 1736 self.ftp_STAT('') |
| 1737 return |
| 1738 |
| 1739 # for file-system related commands check whether real path |
| 1740 # destination is valid |
| 1741 if proto_cmds[cmd].check_path and cmd != 'STOU': |
| 1742 if cmd in ('CWD', 'XCWD'): |
| 1743 arg = self.fs.ftp2fs(arg or '/') |
| 1744 elif cmd in ('CDUP', 'XCUP'): |
| 1745 arg = self.fs.ftp2fs('..') |
| 1746 elif cmd == 'LIST': |
| 1747 if arg.lower() in ('-a', '-l', '-al', '-la'): |
| 1748 arg = self.fs.ftp2fs(self.fs.cwd) |
| 1749 else: |
| 1750 arg = self.fs.ftp2fs(arg or self.fs.cwd) |
| 1751 elif cmd == 'STAT': |
| 1752 if glob.has_magic(arg): |
| 1753 self.respond('550 Globbing not supported.') |
| 1754 return |
| 1755 arg = self.fs.ftp2fs(arg or self.fs.cwd) |
| 1756 else: # LIST, NLST, MLSD, MLST |
| 1757 arg = self.fs.ftp2fs(arg or self.fs.cwd) |
| 1758 |
| 1759 if not self.fs.validpath(arg): |
| 1760 line = self.fs.fs2ftp(arg) |
| 1761 err = '"%s" points to a path which is outside ' \ |
| 1762 "the user's root directory" %line |
| 1763 self.respond("550 %s." %err) |
| 1764 self.log('FAIL %s "%s". %s.' %(cmd, line, err)) |
| 1765 return |
| 1766 |
| 1767 # check permission |
| 1768 perm = proto_cmds[cmd].perm |
| 1769 if perm is not None and cmd != 'STOU': |
| 1770 if not self.authorizer.has_perm(self.username, perm, arg): |
| 1771 self.log('FAIL %s "%s". Not enough privileges.' \ |
| 1772 %(cmd, self.fs.fs2ftp(arg))) |
| 1773 self.respond("550 Can't %s. Not enough privileges." %cmd) |
| 1774 return |
| 1775 |
| 1776 # call the proper ftp_* method |
| 1777 method = getattr(self, 'ftp_' + cmd) |
| 1778 method(arg) |
| 1779 |
| 1780 def handle_expt(self): |
| 1781 """Called when there is out of band (OOB) data to be read. |
| 1782 This could happen in case of such clients strictly following |
| 1783 the RFC-959 directives of sending Telnet IP and Synch as OOB |
| 1784 data before issuing ABOR, STAT and QUIT commands. |
| 1785 It should never be called since the SO_OOBINLINE option is |
| 1786 enabled except on some systems like FreeBSD where it doesn't |
| 1787 seem to have effect. |
| 1788 """ |
| 1789 if hasattr(socket, 'MSG_OOB'): |
| 1790 try: |
| 1791 data = self.socket.recv(1024, socket.MSG_OOB) |
| 1792 except socket.error, why: |
| 1793 if why[0] == errno.EINVAL: |
| 1794 return |
| 1795 else: |
| 1796 self._in_buffer.append(data) |
| 1797 return |
| 1798 self.log("Can't handle OOB data.") |
| 1799 self.close() |
| 1800 |
| 1801 def handle_error(self): |
| 1802 try: |
| 1803 raise |
| 1804 except (KeyboardInterrupt, SystemExit, asyncore.ExitNow): |
| 1805 raise |
| 1806 except socket.error, err: |
| 1807 # fix around asyncore bug (http://bugs.python.org/issue1736101) |
| 1808 if err[0] in (errno.ECONNRESET, errno.ENOTCONN, errno.ESHUTDOWN, \ |
| 1809 errno.ECONNABORTED): |
| 1810 self.handle_close() |
| 1811 return |
| 1812 else: |
| 1813 logerror(traceback.format_exc()) |
| 1814 except: |
| 1815 logerror(traceback.format_exc()) |
| 1816 self.close() |
| 1817 |
| 1818 def handle_close(self): |
| 1819 self.close() |
| 1820 |
| 1821 def close(self): |
| 1822 """Close the current channel disconnecting the client.""" |
| 1823 if not self._closed: |
| 1824 self._closed = True |
| 1825 if self.data_server is not None: |
| 1826 self.data_server.close() |
| 1827 del self.data_server |
| 1828 |
| 1829 if self.data_channel is not None: |
| 1830 self.data_channel.close() |
| 1831 del self.data_channel |
| 1832 |
| 1833 del self._out_dtp_queue |
| 1834 del self._in_dtp_queue |
| 1835 |
| 1836 if self.idler and not self.idler.cancelled: |
| 1837 self.idler.cancel() |
| 1838 |
| 1839 # remove client IP address from ip map |
| 1840 self.server.ip_map.remove(self.remote_ip) |
| 1841 asynchat.async_chat.close(self) |
| 1842 self.log("Disconnected.") |
| 1843 |
| 1844 # --- callbacks |
| 1845 |
| 1846 def on_dtp_connection(self): |
| 1847 """Called every time data channel connects (either active or |
| 1848 passive). |
| 1849 |
| 1850 Incoming and outgoing queues are checked for pending data. |
| 1851 If outbound data is pending, it is pushed into the data channel. |
| 1852 If awaiting inbound data, the data channel is enabled for |
| 1853 receiving. |
| 1854 """ |
| 1855 if self.data_server is not None: |
| 1856 self.data_server.close() |
| 1857 self.data_server = None |
| 1858 |
| 1859 # stop the idle timer as long as the data transfer is not finished |
| 1860 if self.idler and not self.idler.cancelled: |
| 1861 self.idler.cancel() |
| 1862 |
| 1863 # check for data to send |
| 1864 if self._out_dtp_queue is not None: |
| 1865 data, isproducer, file = self._out_dtp_queue |
| 1866 if file: |
| 1867 self.data_channel.file_obj = file |
| 1868 if not isproducer: |
| 1869 self.data_channel.push(data) |
| 1870 else: |
| 1871 self.data_channel.push_with_producer(data) |
| 1872 if self.data_channel is not None: |
| 1873 self.data_channel.close_when_done() |
| 1874 self._out_dtp_queue = None |
| 1875 |
| 1876 # check for data to receive |
| 1877 elif self._in_dtp_queue is not None: |
| 1878 self.data_channel.file_obj = self._in_dtp_queue |
| 1879 self.data_channel.enable_receiving(self.current_type) |
| 1880 self._in_dtp_queue = None |
| 1881 |
| 1882 def on_dtp_close(self): |
| 1883 """Called every time the data channel is closed.""" |
| 1884 self.data_channel = None |
| 1885 if self.quit_pending: |
| 1886 self.close_when_done() |
| 1887 elif self.timeout: |
| 1888 # data transfer finished, restart the idle timer |
| 1889 self.idler = CallLater(self.timeout, self.handle_timeout) |
| 1890 |
| 1891 # --- utility |
| 1892 |
| 1893 def respond(self, resp): |
| 1894 """Send a response to the client using the command channel.""" |
| 1895 self.push(resp + '\r\n') |
| 1896 self.logline('==> %s' % resp) |
| 1897 |
| 1898 def push_dtp_data(self, data, isproducer=False, file=None): |
| 1899 """Pushes data into the data channel. |
| 1900 |
| 1901 It is usually called for those commands requiring some data to |
| 1902 be sent over the data channel (e.g. RETR). |
| 1903 If data channel does not exist yet, it queues the data to send |
| 1904 later; data will then be pushed into data channel when |
| 1905 on_dtp_connection() will be called. |
| 1906 |
| 1907 - (str/classobj) data: the data to send which may be a string |
| 1908 or a producer object). |
| 1909 - (bool) isproducer: whether treat data as a producer. |
| 1910 - (file) file: the file[-like] object to send (if any). |
| 1911 """ |
| 1912 if self.data_channel is not None: |
| 1913 self.respond("125 Data connection already open. Transfer starting.") |
| 1914 if file: |
| 1915 self.data_channel.file_obj = file |
| 1916 if not isproducer: |
| 1917 self.data_channel.push(data) |
| 1918 else: |
| 1919 self.data_channel.push_with_producer(data) |
| 1920 if self.data_channel is not None: |
| 1921 self.data_channel.close_when_done() |
| 1922 else: |
| 1923 self.respond("150 File status okay. About to open data connection.") |
| 1924 self._out_dtp_queue = (data, isproducer, file) |
| 1925 |
| 1926 def log(self, msg): |
| 1927 """Log a message, including additional identifying session data.""" |
| 1928 log("[%s]@%s:%s %s" %(self.username, self.remote_ip, |
| 1929 self.remote_port, msg)) |
| 1930 |
| 1931 def logline(self, msg): |
| 1932 """Log a line including additional indentifying session data.""" |
| 1933 logline("%s:%s %s" %(self.remote_ip, self.remote_port, msg)) |
| 1934 |
| 1935 def flush_account(self): |
| 1936 """Flush account information by clearing attributes that need |
| 1937 to be reset on a REIN or new USER command. |
| 1938 """ |
| 1939 if self.data_channel is not None: |
| 1940 if not self.data_channel.transfer_in_progress(): |
| 1941 self.data_channel.close() |
| 1942 self.data_channel = None |
| 1943 if self.data_server is not None: |
| 1944 self.data_server.close() |
| 1945 self.data_server = None |
| 1946 |
| 1947 self.fs.rnfr = None |
| 1948 self.authenticated = False |
| 1949 self.username = "" |
| 1950 self.password = "" |
| 1951 self.attempted_logins = 0 |
| 1952 self.current_type = 'a' |
| 1953 self.restart_position = 0 |
| 1954 self.quit_pending = False |
| 1955 self.sleeping = False |
| 1956 self._in_dtp_queue = None |
| 1957 self._out_dtp_queue = None |
| 1958 |
| 1959 def run_as_current_user(self, function, *args, **kwargs): |
| 1960 """Execute a function impersonating the current logged-in user.""" |
| 1961 self.authorizer.impersonate_user(self.username, self.password) |
| 1962 try: |
| 1963 return function(*args, **kwargs) |
| 1964 finally: |
| 1965 self.authorizer.terminate_impersonation() |
| 1966 |
| 1967 # --- connection |
| 1968 |
| 1969 def _make_eport(self, ip, port): |
| 1970 """Establish an active data channel with remote client which |
| 1971 issued a PORT or EPRT command. |
| 1972 """ |
| 1973 # FTP bounce attacks protection: according to RFC-2577 it's |
| 1974 # recommended to reject PORT if IP address specified in it |
| 1975 # does not match client IP address. |
| 1976 if not self.permit_foreign_addresses and ip != self.remote_ip: |
| 1977 self.log("Rejected data connection to foreign address %s:%s." |
| 1978 %(ip, port)) |
| 1979 self.respond("501 Can't connect to a foreign address.") |
| 1980 return |
| 1981 |
| 1982 # ...another RFC-2577 recommendation is rejecting connections |
| 1983 # to privileged ports (< 1024) for security reasons. |
| 1984 if not self.permit_privileged_ports and port < 1024: |
| 1985 self.log('PORT against the privileged port "%s" refused.' %port) |
| 1986 self.respond("501 Can't connect over a privileged port.") |
| 1987 return |
| 1988 |
| 1989 # close existent DTP-server instance, if any. |
| 1990 if self.data_server is not None: |
| 1991 self.data_server.close() |
| 1992 self.data_server = None |
| 1993 if self.data_channel is not None: |
| 1994 self.data_channel.close() |
| 1995 self.data_channel = None |
| 1996 |
| 1997 # make sure we are not hitting the max connections limit |
| 1998 if self.server.max_cons and len(self._map) >= self.server.max_cons: |
| 1999 msg = "Too many connections. Can't open data channel." |
| 2000 self.respond("425 %s" %msg) |
| 2001 self.log(msg) |
| 2002 return |
| 2003 |
| 2004 # open data channel |
| 2005 self.active_dtp(ip, port, self) |
| 2006 |
| 2007 def _make_epasv(self, extmode=False): |
| 2008 """Initialize a passive data channel with remote client which |
| 2009 issued a PASV or EPSV command. |
| 2010 If extmode argument is False we assume that client issued EPSV in |
| 2011 which case extended passive mode will be used (see RFC-2428). |
| 2012 """ |
| 2013 # close existing DTP-server instance, if any |
| 2014 if self.data_server is not None: |
| 2015 self.data_server.close() |
| 2016 self.data_server = None |
| 2017 |
| 2018 if self.data_channel is not None: |
| 2019 self.data_channel.close() |
| 2020 self.data_channel = None |
| 2021 |
| 2022 # make sure we are not hitting the max connections limit |
| 2023 if self.server.max_cons and len(self._map) >= self.server.max_cons: |
| 2024 msg = "Too many connections. Can't open data channel." |
| 2025 self.respond("425 %s" %msg) |
| 2026 self.log(msg) |
| 2027 return |
| 2028 |
| 2029 # open data channel |
| 2030 self.data_server = self.passive_dtp(self, extmode) |
| 2031 |
| 2032 def ftp_PORT(self, line): |
| 2033 """Start an active data channel by using IPv4.""" |
| 2034 if self._epsvall: |
| 2035 self.respond("501 PORT not allowed after EPSV ALL.") |
| 2036 return |
| 2037 if self.af != socket.AF_INET: |
| 2038 self.respond("425 You cannot use PORT on IPv6 connections. " |
| 2039 "Use EPRT instead.") |
| 2040 return |
| 2041 # Parse PORT request for getting IP and PORT. |
| 2042 # Request comes in as: |
| 2043 # > h1,h2,h3,h4,p1,p2 |
| 2044 # ...where the client's IP address is h1.h2.h3.h4 and the TCP |
| 2045 # port number is (p1 * 256) + p2. |
| 2046 try: |
| 2047 addr = map(int, line.split(',')) |
| 2048 assert len(addr) == 6 |
| 2049 for x in addr[:4]: |
| 2050 assert 0 <= x <= 255 |
| 2051 ip = '%d.%d.%d.%d' %tuple(addr[:4]) |
| 2052 port = (addr[4] * 256) + addr[5] |
| 2053 assert 0 <= port <= 65535 |
| 2054 except (AssertionError, ValueError, OverflowError): |
| 2055 self.respond("501 Invalid PORT format.") |
| 2056 return |
| 2057 self._make_eport(ip, port) |
| 2058 |
| 2059 def ftp_EPRT(self, line): |
| 2060 """Start an active data channel by choosing the network protocol |
| 2061 to use (IPv4/IPv6) as defined in RFC-2428. |
| 2062 """ |
| 2063 if self._epsvall: |
| 2064 self.respond("501 EPRT not allowed after EPSV ALL.") |
| 2065 return |
| 2066 # Parse EPRT request for getting protocol, IP and PORT. |
| 2067 # Request comes in as: |
| 2068 # # <d>proto<d>ip<d>port<d> |
| 2069 # ...where <d> is an arbitrary delimiter character (usually "|") and |
| 2070 # <proto> is the network protocol to use (1 for IPv4, 2 for IPv6). |
| 2071 try: |
| 2072 af, ip, port = line.split(line[0])[1:-1] |
| 2073 port = int(port) |
| 2074 assert 0 <= port <= 65535 |
| 2075 except (AssertionError, ValueError, IndexError, OverflowError): |
| 2076 self.respond("501 Invalid EPRT format.") |
| 2077 return |
| 2078 |
| 2079 if af == "1": |
| 2080 if self.af != socket.AF_INET: |
| 2081 self.respond('522 Network protocol not supported (use 2).') |
| 2082 else: |
| 2083 try: |
| 2084 octs = map(int, ip.split('.')) |
| 2085 assert len(octs) == 4 |
| 2086 for x in octs: |
| 2087 assert 0 <= x <= 255 |
| 2088 except (AssertionError, ValueError, OverflowError): |
| 2089 self.respond("501 Invalid EPRT format.") |
| 2090 else: |
| 2091 self._make_eport(ip, port) |
| 2092 elif af == "2": |
| 2093 if self.af == socket.AF_INET: |
| 2094 self.respond('522 Network protocol not supported (use 1).') |
| 2095 else: |
| 2096 self._make_eport(ip, port) |
| 2097 else: |
| 2098 if self.af == socket.AF_INET: |
| 2099 self.respond('501 Unknown network protocol (use 1).') |
| 2100 else: |
| 2101 self.respond('501 Unknown network protocol (use 2).') |
| 2102 |
| 2103 def ftp_PASV(self, line): |
| 2104 """Start a passive data channel by using IPv4.""" |
| 2105 if self._epsvall: |
| 2106 self.respond("501 PASV not allowed after EPSV ALL.") |
| 2107 return |
| 2108 if self.af != socket.AF_INET: |
| 2109 self.respond("425 You cannot use PASV on IPv6 connections. " |
| 2110 "Use EPSV instead.") |
| 2111 else: |
| 2112 self._make_epasv(extmode=False) |
| 2113 |
| 2114 def ftp_EPSV(self, line): |
| 2115 """Start a passive data channel by using IPv4 or IPv6 as defined |
| 2116 in RFC-2428. |
| 2117 """ |
| 2118 # RFC-2428 specifies that if an optional parameter is given, |
| 2119 # we have to determine the address family from that otherwise |
| 2120 # use the same address family used on the control connection. |
| 2121 # In such a scenario a client may use IPv4 on the control channel |
| 2122 # and choose to use IPv6 for the data channel. |
| 2123 # But how could we use IPv6 on the data channel without knowing |
| 2124 # which IPv6 address to use for binding the socket? |
| 2125 # Unfortunately RFC-2428 does not provide satisfing information |
| 2126 # on how to do that. The assumption is that we don't have any way |
| 2127 # to know wich address to use, hence we just use the same address |
| 2128 # family used on the control connection. |
| 2129 if not line: |
| 2130 self._make_epasv(extmode=True) |
| 2131 elif line == "1": |
| 2132 if self.af != socket.AF_INET: |
| 2133 self.respond('522 Network protocol not supported (use 2).') |
| 2134 else: |
| 2135 self._make_epasv(extmode=True) |
| 2136 elif line == "2": |
| 2137 if self.af == socket.AF_INET: |
| 2138 self.respond('522 Network protocol not supported (use 1).') |
| 2139 else: |
| 2140 self._make_epasv(extmode=True) |
| 2141 elif line.lower() == 'all': |
| 2142 self._epsvall = True |
| 2143 self.respond('220 Other commands other than EPSV are now disabled.') |
| 2144 else: |
| 2145 if self.af == socket.AF_INET: |
| 2146 self.respond('501 Unknown network protocol (use 1).') |
| 2147 else: |
| 2148 self.respond('501 Unknown network protocol (use 2).') |
| 2149 |
| 2150 def ftp_QUIT(self, line): |
| 2151 """Quit the current session disconnecting the client.""" |
| 2152 if self.authenticated: |
| 2153 msg_quit = self.authorizer.get_msg_quit(self.username) |
| 2154 else: |
| 2155 msg_quit = "Goodbye." |
| 2156 if len(msg_quit) <= 75: |
| 2157 self.respond("221 %s" %msg_quit) |
| 2158 else: |
| 2159 self.push("221-%s\r\n" %msg_quit) |
| 2160 self.respond("221 ") |
| 2161 |
| 2162 # From RFC-959: |
| 2163 # If file transfer is in progress, the connection will remain |
| 2164 # open for result response and the server will then close it. |
| 2165 # We also stop responding to any further command. |
| 2166 if self.data_channel: |
| 2167 self.quit_pending = True |
| 2168 self.sleeping = True |
| 2169 else: |
| 2170 self.close_when_done() |
| 2171 |
| 2172 # --- data transferring |
| 2173 |
| 2174 def ftp_LIST(self, path): |
| 2175 """Return a list of files in the specified directory to the |
| 2176 client. |
| 2177 """ |
| 2178 # - If no argument, fall back on cwd as default. |
| 2179 # - Some older FTP clients erroneously issue /bin/ls-like LIST |
| 2180 # formats in which case we fall back on cwd as default. |
| 2181 line = self.fs.fs2ftp(path) |
| 2182 try: |
| 2183 iterator = self.run_as_current_user(self.fs.get_list_dir, path) |
| 2184 except OSError, err: |
| 2185 why = _strerror(err) |
| 2186 self.log('FAIL LIST "%s". %s.' %(line, why)) |
| 2187 self.respond('550 %s.' %why) |
| 2188 else: |
| 2189 self.log('OK LIST "%s". Transfer starting.' %line) |
| 2190 producer = BufferedIteratorProducer(iterator) |
| 2191 self.push_dtp_data(producer, isproducer=True) |
| 2192 |
| 2193 def ftp_NLST(self, path): |
| 2194 """Return a list of files in the specified directory in a |
| 2195 compact form to the client. |
| 2196 """ |
| 2197 line = self.fs.fs2ftp(path) |
| 2198 try: |
| 2199 if self.fs.isdir(path): |
| 2200 listing = self.run_as_current_user(self.fs.listdir, path) |
| 2201 else: |
| 2202 # if path is a file we just list its name |
| 2203 self.fs.lstat(path) # raise exc in case of problems |
| 2204 listing = [os.path.basename(path)] |
| 2205 except OSError, err: |
| 2206 why = _strerror(err) |
| 2207 self.log('FAIL NLST "%s". %s.' %(line, why)) |
| 2208 self.respond('550 %s.' %why) |
| 2209 else: |
| 2210 data = '' |
| 2211 if listing: |
| 2212 listing.sort() |
| 2213 data = '\r\n'.join(listing) + '\r\n' |
| 2214 self.log('OK NLST "%s". Transfer starting.' %line) |
| 2215 self.push_dtp_data(data) |
| 2216 |
| 2217 # --- MLST and MLSD commands |
| 2218 |
| 2219 # The MLST and MLSD commands are intended to standardize the file and |
| 2220 # directory information returned by the server-FTP process. These |
| 2221 # commands differ from the LIST command in that the format of the |
| 2222 # replies is strictly defined although extensible. |
| 2223 |
| 2224 def ftp_MLST(self, path): |
| 2225 """Return information about a pathname in a machine-processable |
| 2226 form as defined in RFC-3659. |
| 2227 """ |
| 2228 line = self.fs.fs2ftp(path) |
| 2229 basedir, basename = os.path.split(path) |
| 2230 perms = self.authorizer.get_perms(self.username) |
| 2231 try: |
| 2232 iterator = self.run_as_current_user(self.fs.format_mlsx, basedir, |
| 2233 [basename], perms, self._current_facts, ignore_err=False) |
| 2234 data = ''.join(iterator) |
| 2235 except OSError, err: |
| 2236 why = _strerror(err) |
| 2237 self.log('FAIL MLST "%s". %s.' %(line, why)) |
| 2238 self.respond('550 %s.' %why) |
| 2239 else: |
| 2240 # since TVFS is supported (see RFC-3659 chapter 6), a fully |
| 2241 # qualified pathname should be returned |
| 2242 data = data.split(' ')[0] + ' %s\r\n' %line |
| 2243 # response is expected on the command channel |
| 2244 self.push('250-Listing "%s":\r\n' %line) |
| 2245 # the fact set must be preceded by a space |
| 2246 self.push(' ' + data) |
| 2247 self.respond('250 End MLST.') |
| 2248 |
| 2249 def ftp_MLSD(self, path): |
| 2250 """Return contents of a directory in a machine-processable form |
| 2251 as defined in RFC-3659. |
| 2252 """ |
| 2253 line = self.fs.fs2ftp(path) |
| 2254 # RFC-3659 requires 501 response code if path is not a directory |
| 2255 if not self.fs.isdir(path): |
| 2256 err = 'No such directory' |
| 2257 self.log('FAIL MLSD "%s". %s.' %(line, err)) |
| 2258 self.respond("501 %s." %err) |
| 2259 return |
| 2260 try: |
| 2261 listing = self.run_as_current_user(self.fs.listdir, path) |
| 2262 except OSError, err: |
| 2263 why = _strerror(err) |
| 2264 self.log('FAIL MLSD "%s". %s.' %(line, why)) |
| 2265 self.respond('550 %s.' %why) |
| 2266 else: |
| 2267 perms = self.authorizer.get_perms(self.username) |
| 2268 iterator = self.fs.format_mlsx(path, listing, perms, |
| 2269 self._current_facts) |
| 2270 producer = BufferedIteratorProducer(iterator) |
| 2271 self.log('OK MLSD "%s". Transfer starting.' %line) |
| 2272 self.push_dtp_data(producer, isproducer=True) |
| 2273 |
| 2274 def ftp_RETR(self, file): |
| 2275 """Retrieve the specified file (transfer from the server to the |
| 2276 client) |
| 2277 """ |
| 2278 line = self.fs.fs2ftp(file) |
| 2279 try: |
| 2280 fd = self.run_as_current_user(self.fs.open, file, 'rb') |
| 2281 except IOError, err: |
| 2282 why = _strerror(err) |
| 2283 self.log('FAIL RETR "%s". %s.' %(line, why)) |
| 2284 self.respond('550 %s.' %why) |
| 2285 return |
| 2286 |
| 2287 if self.restart_position: |
| 2288 # Make sure that the requested offset is valid (within the |
| 2289 # size of the file being resumed). |
| 2290 # According to RFC-1123 a 554 reply may result in case that |
| 2291 # the existing file cannot be repositioned as specified in |
| 2292 # the REST. |
| 2293 ok = 0 |
| 2294 try: |
| 2295 assert not self.restart_position > self.fs.getsize(file) |
| 2296 fd.seek(self.restart_position) |
| 2297 ok = 1 |
| 2298 except AssertionError: |
| 2299 why = "Invalid REST parameter" |
| 2300 except IOError, err: |
| 2301 why = _strerror(err) |
| 2302 self.restart_position = 0 |
| 2303 if not ok: |
| 2304 self.respond('554 %s' %why) |
| 2305 self.log('FAIL RETR "%s". %s.' %(line, why)) |
| 2306 return |
| 2307 self.log('OK RETR "%s". Download starting.' %line) |
| 2308 producer = FileProducer(fd, self.current_type) |
| 2309 self.push_dtp_data(producer, isproducer=True, file=fd) |
| 2310 |
| 2311 def ftp_STOR(self, file, mode='w'): |
| 2312 """Store a file (transfer from the client to the server).""" |
| 2313 # A resume could occur in case of APPE or REST commands. |
| 2314 # In that case we have to open file object in different ways: |
| 2315 # STOR: mode = 'w' |
| 2316 # APPE: mode = 'a' |
| 2317 # REST: mode = 'r+' (to permit seeking on file object) |
| 2318 if 'a' in mode: |
| 2319 cmd = 'APPE' |
| 2320 else: |
| 2321 cmd = 'STOR' |
| 2322 line = self.fs.fs2ftp(file) |
| 2323 if self.restart_position: |
| 2324 mode = 'r+' |
| 2325 try: |
| 2326 fd = self.run_as_current_user(self.fs.open, file, mode + 'b') |
| 2327 except IOError, err: |
| 2328 why = _strerror(err) |
| 2329 self.log('FAIL %s "%s". %s.' %(cmd, line, why)) |
| 2330 self.respond('550 %s.' %why) |
| 2331 return |
| 2332 |
| 2333 if self.restart_position: |
| 2334 # Make sure that the requested offset is valid (within the |
| 2335 # size of the file being resumed). |
| 2336 # According to RFC-1123 a 554 reply may result in case |
| 2337 # that the existing file cannot be repositioned as |
| 2338 # specified in the REST. |
| 2339 ok = 0 |
| 2340 try: |
| 2341 assert not self.restart_position > self.fs.getsize(file) |
| 2342 fd.seek(self.restart_position) |
| 2343 ok = 1 |
| 2344 except AssertionError: |
| 2345 why = "Invalid REST parameter" |
| 2346 except IOError, err: |
| 2347 why = _strerror(err) |
| 2348 self.restart_position = 0 |
| 2349 if not ok: |
| 2350 self.respond('554 %s' %why) |
| 2351 self.log('FAIL %s "%s". %s.' %(cmd, line, why)) |
| 2352 return |
| 2353 |
| 2354 self.log('OK %s "%s". Upload starting.' %(cmd, line)) |
| 2355 if self.data_channel is not None: |
| 2356 self.respond("125 Data connection already open. Transfer starting.") |
| 2357 self.data_channel.file_obj = fd |
| 2358 self.data_channel.enable_receiving(self.current_type) |
| 2359 else: |
| 2360 self.respond("150 File status okay. About to open data connection.") |
| 2361 self._in_dtp_queue = fd |
| 2362 |
| 2363 |
| 2364 def ftp_STOU(self, line): |
| 2365 """Store a file on the server with a unique name.""" |
| 2366 # Note 1: RFC-959 prohibited STOU parameters, but this |
| 2367 # prohibition is obsolete. |
| 2368 # Note 2: 250 response wanted by RFC-959 has been declared |
| 2369 # incorrect in RFC-1123 that wants 125/150 instead. |
| 2370 # Note 3: RFC-1123 also provided an exact output format |
| 2371 # defined to be as follow: |
| 2372 # > 125 FILE: pppp |
| 2373 # ...where pppp represents the unique path name of the |
| 2374 # file that will be written. |
| 2375 |
| 2376 # watch for STOU preceded by REST, which makes no sense. |
| 2377 if self.restart_position: |
| 2378 self.respond("450 Can't STOU while REST request is pending.") |
| 2379 return |
| 2380 |
| 2381 if line: |
| 2382 basedir, prefix = os.path.split(self.fs.ftp2fs(line)) |
| 2383 prefix = prefix + '.' |
| 2384 else: |
| 2385 basedir = self.fs.ftp2fs(self.fs.cwd) |
| 2386 prefix = 'ftpd.' |
| 2387 try: |
| 2388 fd = self.run_as_current_user(self.fs.mkstemp, prefix=prefix, |
| 2389 dir=basedir) |
| 2390 except IOError, err: |
| 2391 # hitted the max number of tries to find out file with |
| 2392 # unique name |
| 2393 if err.errno == errno.EEXIST: |
| 2394 why = 'No usable unique file name found' |
| 2395 # something else happened |
| 2396 else: |
| 2397 why = _strerror(err) |
| 2398 self.respond("450 %s." %why) |
| 2399 self.log('FAIL STOU "%s". %s.' %(self.fs.ftpnorm(line), why)) |
| 2400 return |
| 2401 |
| 2402 if not self.authorizer.has_perm(self.username, 'w', fd.name): |
| 2403 try: |
| 2404 fd.close() |
| 2405 self.run_as_current_user(self.fs.remove, fd.name) |
| 2406 except os.error: |
| 2407 pass |
| 2408 self.log('FAIL STOU "%s". Not enough privileges' |
| 2409 %self.fs.ftpnorm(line)) |
| 2410 self.respond("550 Can't STOU: not enough privileges.") |
| 2411 return |
| 2412 |
| 2413 # now just acts like STOR except that restarting isn't allowed |
| 2414 filename = os.path.basename(fd.name) |
| 2415 self.log('OK STOU "%s". Upload starting.' %filename) |
| 2416 if self.data_channel is not None: |
| 2417 self.respond("125 FILE: %s" %filename) |
| 2418 self.data_channel.file_obj = fd |
| 2419 self.data_channel.enable_receiving(self.current_type) |
| 2420 else: |
| 2421 self.respond("150 FILE: %s" %filename) |
| 2422 self._in_dtp_queue = fd |
| 2423 |
| 2424 |
| 2425 def ftp_APPE(self, file): |
| 2426 """Append data to an existing file on the server.""" |
| 2427 # watch for APPE preceded by REST, which makes no sense. |
| 2428 if self.restart_position: |
| 2429 self.respond("550 Can't APPE while REST request is pending.") |
| 2430 else: |
| 2431 self.ftp_STOR(file, mode='a') |
| 2432 |
| 2433 def ftp_REST(self, line): |
| 2434 """Restart a file transfer from a previous mark.""" |
| 2435 try: |
| 2436 marker = int(line) |
| 2437 if marker < 0: |
| 2438 raise ValueError |
| 2439 except (ValueError, OverflowError): |
| 2440 self.respond("501 Invalid parameter.") |
| 2441 else: |
| 2442 self.respond("350 Restarting at position %s. " \ |
| 2443 "Now use RETR/STOR for resuming." %marker) |
| 2444 self.log("OK REST %s." %marker) |
| 2445 self.restart_position = marker |
| 2446 |
| 2447 def ftp_ABOR(self, line): |
| 2448 """Abort the current data transfer.""" |
| 2449 |
| 2450 # ABOR received while no data channel exists |
| 2451 if (self.data_server is None) and (self.data_channel is None): |
| 2452 resp = "225 No transfer to abort." |
| 2453 else: |
| 2454 # a PASV was received but connection wasn't made yet |
| 2455 if self.data_server is not None: |
| 2456 self.data_server.close() |
| 2457 self.data_server = None |
| 2458 resp = "225 ABOR command successful; data channel closed." |
| 2459 |
| 2460 # If a data transfer is in progress the server must first |
| 2461 # close the data connection, returning a 426 reply to |
| 2462 # indicate that the transfer terminated abnormally, then it |
| 2463 # must send a 226 reply, indicating that the abort command |
| 2464 # was successfully processed. |
| 2465 # If no data has been transmitted we just respond with 225 |
| 2466 # indicating that no transfer was in progress. |
| 2467 if self.data_channel is not None: |
| 2468 if self.data_channel.transfer_in_progress(): |
| 2469 self.data_channel.close() |
| 2470 self.data_channel = None |
| 2471 self.respond("426 Connection closed; transfer aborted.") |
| 2472 self.log("OK ABOR. Transfer aborted, data channel closed.") |
| 2473 resp = "226 ABOR command successful." |
| 2474 else: |
| 2475 self.data_channel.close() |
| 2476 self.data_channel = None |
| 2477 self.log("OK ABOR. Data channel closed.") |
| 2478 resp = "225 ABOR command successful; data channel closed." |
| 2479 self.respond(resp) |
| 2480 |
| 2481 |
| 2482 # --- authentication |
| 2483 |
| 2484 def ftp_USER(self, line): |
| 2485 """Set the username for the current session.""" |
| 2486 # we always treat anonymous user as lower-case string. |
| 2487 if line.lower() == "anonymous": |
| 2488 line = "anonymous" |
| 2489 |
| 2490 # RFC-959 specifies a 530 response to the USER command if the |
| 2491 # username is not valid. If the username is valid is required |
| 2492 # ftpd returns a 331 response instead. In order to prevent a |
| 2493 # malicious client from determining valid usernames on a server, |
| 2494 # it is suggested by RFC-2577 that a server always return 331 to |
| 2495 # the USER command and then reject the combination of username |
| 2496 # and password for an invalid username when PASS is provided later. |
| 2497 if not self.authenticated: |
| 2498 self.respond('331 Username ok, send password.') |
| 2499 else: |
| 2500 # a new USER command could be entered at any point in order |
| 2501 # to change the access control flushing any user, password, |
| 2502 # and account information already supplied and beginning the |
| 2503 # login sequence again. |
| 2504 self.flush_account() |
| 2505 msg = 'Previous account information was flushed' |
| 2506 self.log('OK USER "%s". %s.' %(line, msg)) |
| 2507 self.respond('331 %s, send password.' %msg) |
| 2508 self.username = line |
| 2509 |
| 2510 def ftp_PASS(self, line): |
| 2511 """Check username's password against the authorizer.""" |
| 2512 if self.authenticated: |
| 2513 self.respond("503 User already authenticated.") |
| 2514 return |
| 2515 if not self.username: |
| 2516 self.respond("503 Login with USER first.") |
| 2517 return |
| 2518 |
| 2519 def auth_failed(msg="Authentication failed."): |
| 2520 if not self._closed: |
| 2521 self.attempted_logins += 1 |
| 2522 if self.attempted_logins >= self.max_login_attempts: |
| 2523 msg = "530 " + msg + " Disconnecting." |
| 2524 self.respond(msg) |
| 2525 self.log(msg) |
| 2526 self.close_when_done() |
| 2527 else: |
| 2528 self.respond("530 " + msg) |
| 2529 self.log(msg) |
| 2530 self.sleeping = False |
| 2531 |
| 2532 # username ok |
| 2533 if self.authorizer.has_user(self.username): |
| 2534 if self.username == 'anonymous' \ |
| 2535 or self.authorizer.validate_authentication(self.username, line): |
| 2536 msg_login = self.authorizer.get_msg_login(self.username) |
| 2537 if len(msg_login) <= 75: |
| 2538 self.respond('230 %s' %msg_login) |
| 2539 else: |
| 2540 self.push("230-%s\r\n" %msg_login) |
| 2541 self.respond("230 ") |
| 2542 |
| 2543 self.authenticated = True |
| 2544 self.password = line |
| 2545 self.attempted_logins = 0 |
| 2546 self.fs.root = self.authorizer.get_home_dir(self.username) |
| 2547 self.log("User %s logged in." %self.username) |
| 2548 else: |
| 2549 CallLater(5, auth_failed) |
| 2550 self.username = "" |
| 2551 self.sleeping = True |
| 2552 # wrong username |
| 2553 else: |
| 2554 if self.username.lower() == 'anonymous': |
| 2555 CallLater(5, auth_failed, "Anonymous access not allowed.") |
| 2556 else: |
| 2557 CallLater(5, auth_failed) |
| 2558 self.username = "" |
| 2559 self.sleeping = True |
| 2560 |
| 2561 def ftp_REIN(self, line): |
| 2562 """Reinitialize user's current session.""" |
| 2563 # From RFC-959: |
| 2564 # REIN command terminates a USER, flushing all I/O and account |
| 2565 # information, except to allow any transfer in progress to be |
| 2566 # completed. All parameters are reset to the default settings |
| 2567 # and the control connection is left open. This is identical |
| 2568 # to the state in which a user finds himself immediately after |
| 2569 # the control connection is opened. |
| 2570 self.log("OK REIN. Flushing account information.") |
| 2571 self.flush_account() |
| 2572 # Note: RFC-959 erroneously mention "220" as the correct response |
| 2573 # code to be given in this case, but this is wrong... |
| 2574 self.respond("230 Ready for new user.") |
| 2575 |
| 2576 |
| 2577 # --- filesystem operations |
| 2578 |
| 2579 def ftp_PWD(self, line): |
| 2580 """Return the name of the current working directory to the client.""" |
| 2581 self.respond('257 "%s" is the current directory.' %self.fs.cwd) |
| 2582 |
| 2583 def ftp_CWD(self, path): |
| 2584 """Change the current working directory.""" |
| 2585 line = self.fs.fs2ftp(path) |
| 2586 try: |
| 2587 self.run_as_current_user(self.fs.chdir, path) |
| 2588 except OSError, err: |
| 2589 why = _strerror(err) |
| 2590 self.log('FAIL CWD "%s". %s.' %(line, why)) |
| 2591 self.respond('550 %s.' %why) |
| 2592 else: |
| 2593 self.log('OK CWD "%s".' %self.fs.cwd) |
| 2594 self.respond('250 "%s" is the current directory.' %self.fs.cwd) |
| 2595 |
| 2596 def ftp_CDUP(self, line): |
| 2597 """Change into the parent directory.""" |
| 2598 # Note: RFC-959 says that code 200 is required but it also says |
| 2599 # that CDUP uses the same codes as CWD. |
| 2600 self.ftp_CWD('..') |
| 2601 |
| 2602 def ftp_SIZE(self, path): |
| 2603 """Return size of file in a format suitable for using with |
| 2604 RESTart as defined in RFC-3659. |
| 2605 |
| 2606 Implementation note: |
| 2607 properly handling the SIZE command when TYPE ASCII is used would |
| 2608 require to scan the entire file to perform the ASCII translation |
| 2609 logic (file.read().replace(os.linesep, '\r\n')) and then |
| 2610 calculating the len of such data which may be different than |
| 2611 the actual size of the file on the server. Considering that |
| 2612 calculating such result could be very resource-intensive it |
| 2613 could be easy for a malicious client to try a DoS attack, thus |
| 2614 we do not perform the ASCII translation. |
| 2615 |
| 2616 However, clients in general should not be resuming downloads in |
| 2617 ASCII mode. Resuming downloads in binary mode is the recommended |
| 2618 way as specified in RFC-3659. |
| 2619 """ |
| 2620 line = self.fs.fs2ftp(path) |
| 2621 if self.fs.isdir(path): |
| 2622 why = "%s is not retrievable" %line |
| 2623 self.log('FAIL SIZE "%s". %s.' %(line, why)) |
| 2624 self.respond("550 %s." %why) |
| 2625 return |
| 2626 try: |
| 2627 size = self.run_as_current_user(self.fs.getsize, path) |
| 2628 except OSError, err: |
| 2629 why = _strerror(err) |
| 2630 self.log('FAIL SIZE "%s". %s.' %(line, why)) |
| 2631 self.respond('550 %s.' %why) |
| 2632 else: |
| 2633 self.respond("213 %s" %size) |
| 2634 self.log('OK SIZE "%s".' %line) |
| 2635 |
| 2636 def ftp_MDTM(self, path): |
| 2637 """Return last modification time of file to the client as an ISO |
| 2638 3307 style timestamp (YYYYMMDDHHMMSS) as defined in RFC-3659. |
| 2639 """ |
| 2640 line = self.fs.fs2ftp(path) |
| 2641 if not self.fs.isfile(self.fs.realpath(path)): |
| 2642 why = "%s is not retrievable" %line |
| 2643 self.log('FAIL MDTM "%s". %s.' %(line, why)) |
| 2644 self.respond("550 %s." %why) |
| 2645 return |
| 2646 try: |
| 2647 lmt = self.run_as_current_user(self.fs.getmtime, path) |
| 2648 except OSError, err: |
| 2649 why = _strerror(err) |
| 2650 self.log('FAIL MDTM "%s". %s.' %(line, why)) |
| 2651 self.respond('550 %s.' %why) |
| 2652 else: |
| 2653 lmt = time.strftime("%Y%m%d%H%M%S", time.localtime(lmt)) |
| 2654 self.respond("213 %s" %lmt) |
| 2655 self.log('OK MDTM "%s".' %line) |
| 2656 |
| 2657 def ftp_MKD(self, path): |
| 2658 """Create the specified directory.""" |
| 2659 line = self.fs.fs2ftp(path) |
| 2660 try: |
| 2661 self.run_as_current_user(self.fs.mkdir, path) |
| 2662 except OSError, err: |
| 2663 why = _strerror(err) |
| 2664 self.log('FAIL MKD "%s". %s.' %(line, why)) |
| 2665 self.respond('550 %s.' %why) |
| 2666 else: |
| 2667 self.log('OK MKD "%s".' %line) |
| 2668 self.respond("257 Directory created.") |
| 2669 |
| 2670 def ftp_RMD(self, path): |
| 2671 """Remove the specified directory.""" |
| 2672 line = self.fs.fs2ftp(path) |
| 2673 if self.fs.realpath(path) == self.fs.realpath(self.fs.root): |
| 2674 msg = "Can't remove root directory." |
| 2675 self.respond("550 %s" %msg) |
| 2676 self.log('FAIL MKD "/". %s' %msg) |
| 2677 return |
| 2678 try: |
| 2679 self.run_as_current_user(self.fs.rmdir, path) |
| 2680 except OSError, err: |
| 2681 why = _strerror(err) |
| 2682 self.log('FAIL RMD "%s". %s.' %(line, why)) |
| 2683 self.respond('550 %s.' %why) |
| 2684 else: |
| 2685 self.log('OK RMD "%s".' %line) |
| 2686 self.respond("250 Directory removed.") |
| 2687 |
| 2688 def ftp_DELE(self, path): |
| 2689 """Delete the specified file.""" |
| 2690 line = self.fs.fs2ftp(path) |
| 2691 try: |
| 2692 self.run_as_current_user(self.fs.remove, path) |
| 2693 except OSError, err: |
| 2694 why = _strerror(err) |
| 2695 self.log('FAIL DELE "%s". %s.' %(line, why)) |
| 2696 self.respond('550 %s.' %why) |
| 2697 else: |
| 2698 self.log('OK DELE "%s".' %line) |
| 2699 self.respond("250 File removed.") |
| 2700 |
| 2701 def ftp_RNFR(self, path): |
| 2702 """Rename the specified (only the source name is specified |
| 2703 here, see RNTO command)""" |
| 2704 if not self.fs.lexists(path): |
| 2705 self.respond("550 No such file or directory.") |
| 2706 elif self.fs.realpath(path) == self.fs.realpath(self.fs.root): |
| 2707 self.respond("550 Can't rename the home directory.") |
| 2708 else: |
| 2709 self.fs.rnfr = path |
| 2710 self.respond("350 Ready for destination name.") |
| 2711 |
| 2712 def ftp_RNTO(self, path): |
| 2713 """Rename file (destination name only, source is specified with |
| 2714 RNFR). |
| 2715 """ |
| 2716 if not self.fs.rnfr: |
| 2717 self.respond("503 Bad sequence of commands: use RNFR first.") |
| 2718 return |
| 2719 src = self.fs.rnfr |
| 2720 self.fs.rnfr = None |
| 2721 try: |
| 2722 self.run_as_current_user(self.fs.rename, src, path) |
| 2723 except OSError, err: |
| 2724 why = _strerror(err) |
| 2725 self.log('FAIL RNFR/RNTO "%s ==> %s". %s.' \ |
| 2726 %(self.fs.fs2ftp(src), self.fs.fs2ftp(path), why)) |
| 2727 self.respond('550 %s.' %why) |
| 2728 else: |
| 2729 self.log('OK RNFR/RNTO "%s ==> %s".' \ |
| 2730 %(self.fs.fs2ftp(src), self.fs.fs2ftp(path))) |
| 2731 self.respond("250 Renaming ok.") |
| 2732 |
| 2733 |
| 2734 # --- others |
| 2735 |
| 2736 def ftp_TYPE(self, line): |
| 2737 """Set current type data type to binary/ascii""" |
| 2738 line = line.upper() |
| 2739 if line in ("A", "AN", "A N"): |
| 2740 self.respond("200 Type set to: ASCII.") |
| 2741 self.current_type = 'a' |
| 2742 elif line in ("I", "L8", "L 8"): |
| 2743 self.respond("200 Type set to: Binary.") |
| 2744 self.current_type = 'i' |
| 2745 else: |
| 2746 self.respond('504 Unsupported type "%s".' %line) |
| 2747 |
| 2748 def ftp_STRU(self, line): |
| 2749 """Set file structure (obsolete).""" |
| 2750 # obsolete (backward compatibility with older ftp clients) |
| 2751 if line in ('f','F'): |
| 2752 self.respond('200 File transfer structure set to: F.') |
| 2753 else: |
| 2754 self.respond('504 Unimplemented STRU type.') |
| 2755 |
| 2756 def ftp_MODE(self, line): |
| 2757 """Set data transfer mode (obsolete)""" |
| 2758 # obsolete (backward compatibility with older ftp clients) |
| 2759 if line in ('s', 'S'): |
| 2760 self.respond('200 Transfer mode set to: S') |
| 2761 else: |
| 2762 self.respond('504 Unimplemented MODE type.') |
| 2763 |
| 2764 def ftp_STAT(self, path): |
| 2765 """Return statistics about current ftp session. If an argument |
| 2766 is provided return directory listing over command channel. |
| 2767 |
| 2768 Implementation note: |
| 2769 |
| 2770 RFC-959 does not explicitly mention globbing but many FTP |
| 2771 servers do support it as a measure of convenience for FTP |
| 2772 clients and users. |
| 2773 |
| 2774 In order to search for and match the given globbing expression, |
| 2775 the code has to search (possibly) many directories, examine |
| 2776 each contained filename, and build a list of matching files in |
| 2777 memory. Since this operation can be quite intensive, both CPU- |
| 2778 and memory-wise, we do not support globbing. |
| 2779 """ |
| 2780 # return STATus information about ftpd |
| 2781 if not path: |
| 2782 s = [] |
| 2783 s.append('Connected to: %s:%s' %self.socket.getsockname()[:2]) |
| 2784 if self.authenticated: |
| 2785 s.append('Logged in as: %s' %self.username) |
| 2786 else: |
| 2787 if not self.username: |
| 2788 s.append("Waiting for username.") |
| 2789 else: |
| 2790 s.append("Waiting for password.") |
| 2791 if self.current_type == 'a': |
| 2792 type = 'ASCII' |
| 2793 else: |
| 2794 type = 'Binary' |
| 2795 s.append("TYPE: %s; STRUcture: File; MODE: Stream" %type) |
| 2796 if self.data_server is not None: |
| 2797 s.append('Passive data channel waiting for connection.') |
| 2798 elif self.data_channel is not None: |
| 2799 bytes_sent = self.data_channel.tot_bytes_sent |
| 2800 bytes_recv = self.data_channel.tot_bytes_received |
| 2801 s.append('Data connection open:') |
| 2802 s.append('Total bytes sent: %s' %bytes_sent) |
| 2803 s.append('Total bytes received: %s' %bytes_recv) |
| 2804 else: |
| 2805 s.append('Data connection closed.') |
| 2806 |
| 2807 self.push('211-FTP server status:\r\n') |
| 2808 self.push(''.join([' %s\r\n' %item for item in s])) |
| 2809 self.respond('211 End of status.') |
| 2810 # return directory LISTing over the command channel |
| 2811 else: |
| 2812 line = self.fs.fs2ftp(path) |
| 2813 try: |
| 2814 iterator = self.run_as_current_user(self.fs.get_list_dir, path) |
| 2815 except OSError, err: |
| 2816 why = _strerror(err) |
| 2817 self.log('FAIL STAT "%s". %s.' %(line, why)) |
| 2818 self.respond('550 %s.' %why) |
| 2819 else: |
| 2820 self.push('213-Status of "%s":\r\n' %line) |
| 2821 self.push_with_producer(BufferedIteratorProducer(iterator)) |
| 2822 self.respond('213 End of status.') |
| 2823 |
| 2824 def ftp_FEAT(self, line): |
| 2825 """List all new features supported as defined in RFC-2398.""" |
| 2826 features = ['EPRT','EPSV','MDTM','MLSD','REST STREAM','SIZE','TVFS'] |
| 2827 s = '' |
| 2828 for fact in self._available_facts: |
| 2829 if fact in self._current_facts: |
| 2830 s += fact + '*;' |
| 2831 else: |
| 2832 s += fact + ';' |
| 2833 features.append('MLST ' + s) |
| 2834 features.sort() |
| 2835 self.push("211-Features supported:\r\n") |
| 2836 self.push("".join([" %s\r\n" %x for x in features])) |
| 2837 self.respond('211 End FEAT.') |
| 2838 |
| 2839 def ftp_OPTS(self, line): |
| 2840 """Specify options for FTP commands as specified in RFC-2389.""" |
| 2841 try: |
| 2842 assert (not line.count(' ') > 1), 'Invalid number of arguments' |
| 2843 if ' ' in line: |
| 2844 cmd, arg = line.split(' ') |
| 2845 assert (';' in arg), 'Invalid argument' |
| 2846 else: |
| 2847 cmd, arg = line, '' |
| 2848 # actually the only command able to accept options is MLST |
| 2849 assert (cmd.upper() == 'MLST'), 'Unsupported command "%s"' %cmd |
| 2850 except AssertionError, err: |
| 2851 self.respond('501 %s.' %err) |
| 2852 else: |
| 2853 facts = [x.lower() for x in arg.split(';')] |
| 2854 self._current_facts = [x for x in facts if x in self._available_fact
s] |
| 2855 f = ''.join([x + ';' for x in self._current_facts]) |
| 2856 self.respond('200 MLST OPTS ' + f) |
| 2857 |
| 2858 def ftp_NOOP(self, line): |
| 2859 """Do nothing.""" |
| 2860 self.respond("200 I successfully done nothin'.") |
| 2861 |
| 2862 def ftp_SYST(self, line): |
| 2863 """Return system type (always returns UNIX type: L8).""" |
| 2864 # This command is used to find out the type of operating system |
| 2865 # at the server. The reply shall have as its first word one of |
| 2866 # the system names listed in RFC-943. |
| 2867 # Since that we always return a "/bin/ls -lA"-like output on |
| 2868 # LIST we prefer to respond as if we would on Unix in any case. |
| 2869 self.respond("215 UNIX Type: L8") |
| 2870 |
| 2871 def ftp_ALLO(self, line): |
| 2872 """Allocate bytes for storage (obsolete).""" |
| 2873 # obsolete (always respond with 202) |
| 2874 self.respond("202 No storage allocation necessary.") |
| 2875 |
| 2876 def ftp_HELP(self, line): |
| 2877 """Return help text to the client.""" |
| 2878 if line: |
| 2879 line = line.upper() |
| 2880 if line in proto_cmds: |
| 2881 self.respond("214 %s" %proto_cmds[line].help) |
| 2882 else: |
| 2883 self.respond("501 Unrecognized command.") |
| 2884 else: |
| 2885 # provide a compact list of recognized commands |
| 2886 def formatted_help(): |
| 2887 cmds = [] |
| 2888 keys = proto_cmds.keys() |
| 2889 keys.sort() |
| 2890 while keys: |
| 2891 elems = tuple((keys[0:8])) |
| 2892 cmds.append(' %-6s' * len(elems) %elems + '\r\n') |
| 2893 del keys[0:8] |
| 2894 return ''.join(cmds) |
| 2895 |
| 2896 self.push("214-The following commands are recognized:\r\n") |
| 2897 self.push(formatted_help()) |
| 2898 self.respond("214 Help command successful.") |
| 2899 |
| 2900 |
| 2901 # --- support for deprecated cmds |
| 2902 |
| 2903 # RFC-1123 requires that the server treat XCUP, XCWD, XMKD, XPWD |
| 2904 # and XRMD commands as synonyms for CDUP, CWD, MKD, LIST and RMD. |
| 2905 # Such commands are obsoleted but some ftp clients (e.g. Windows |
| 2906 # ftp.exe) still use them. |
| 2907 |
| 2908 def ftp_XCUP(self, line): |
| 2909 """Change to the parent directory. Synonym for CDUP. Deprecated.""" |
| 2910 self.ftp_CDUP(line) |
| 2911 |
| 2912 def ftp_XCWD(self, line): |
| 2913 """Change the current working directory. Synonym for CWD. Deprecated.""" |
| 2914 self.ftp_CWD(line) |
| 2915 |
| 2916 def ftp_XMKD(self, line): |
| 2917 """Create the specified directory. Synonym for MKD. Deprecated.""" |
| 2918 self.ftp_MKD(line) |
| 2919 |
| 2920 def ftp_XPWD(self, line): |
| 2921 """Return the current working directory. Synonym for PWD. Deprecated.""" |
| 2922 self.ftp_PWD(line) |
| 2923 |
| 2924 def ftp_XRMD(self, line): |
| 2925 """Remove the specified directory. Synonym for RMD. Deprecated.""" |
| 2926 self.ftp_RMD(line) |
| 2927 |
| 2928 |
| 2929 class FTPServer(asyncore.dispatcher): |
| 2930 """This class is an asyncore.disptacher subclass. It creates a FTP |
| 2931 socket listening on <address>, dispatching the requests to a <handler> |
| 2932 (typically FTPHandler class). |
| 2933 |
| 2934 Depending on the type of address specified IPv4 or IPv6 connections |
| 2935 (or both, depending from the underlying system) will be accepted. |
| 2936 |
| 2937 All relevant session information is stored in class attributes |
| 2938 described below. |
| 2939 Overriding them is strongly recommended to avoid running out of |
| 2940 file descriptors (DoS)! |
| 2941 |
| 2942 - (int) max_cons: |
| 2943 number of maximum simultaneous connections accepted (defaults |
| 2944 to 0 == unlimited). |
| 2945 |
| 2946 - (int) max_cons_per_ip: |
| 2947 number of maximum connections accepted for the same IP address |
| 2948 (defaults to 0 == unlimited). |
| 2949 """ |
| 2950 |
| 2951 max_cons = 0 |
| 2952 max_cons_per_ip = 0 |
| 2953 |
| 2954 def __init__(self, address, handler): |
| 2955 """Initiate the FTP server opening listening on address. |
| 2956 |
| 2957 - (tuple) address: the host:port pair on which the command |
| 2958 channel will listen. |
| 2959 |
| 2960 - (classobj) handler: the handler class to use. |
| 2961 """ |
| 2962 asyncore.dispatcher.__init__(self) |
| 2963 self.handler = handler |
| 2964 self.ip_map = [] |
| 2965 host, port = address |
| 2966 |
| 2967 # AF_INET or AF_INET6 socket |
| 2968 # Get the correct address family for our host (allows IPv6 addresses) |
| 2969 try: |
| 2970 info = socket.getaddrinfo(host, port, socket.AF_UNSPEC, |
| 2971 socket.SOCK_STREAM, 0, socket.AI_PASSIVE) |
| 2972 except socket.gaierror: |
| 2973 # Probably a DNS issue. Assume IPv4. |
| 2974 self.create_socket(socket.AF_INET, socket.SOCK_STREAM) |
| 2975 self.set_reuse_addr() |
| 2976 self.bind((host, port)) |
| 2977 else: |
| 2978 for res in info: |
| 2979 af, socktype, proto, canonname, sa = res |
| 2980 try: |
| 2981 self.create_socket(af, socktype) |
| 2982 self.set_reuse_addr() |
| 2983 self.bind(sa) |
| 2984 except socket.error, msg: |
| 2985 if self.socket: |
| 2986 self.socket.close() |
| 2987 self.socket = None |
| 2988 continue |
| 2989 break |
| 2990 if not self.socket: |
| 2991 raise socket.error, msg |
| 2992 self.listen(5) |
| 2993 |
| 2994 def set_reuse_addr(self): |
| 2995 # Overridden for convenience. Avoid to reuse address on Windows. |
| 2996 if (os.name in ('nt', 'ce')) or (sys.platform == 'cygwin'): |
| 2997 return |
| 2998 asyncore.dispatcher.set_reuse_addr(self) |
| 2999 |
| 3000 def serve_forever(self, timeout=1, use_poll=False, map=None, count=None): |
| 3001 """A wrap around asyncore.loop(); starts the asyncore polling |
| 3002 loop including running the scheduler. |
| 3003 The arguments are the same expected by original asyncore.loop() |
| 3004 function. |
| 3005 """ |
| 3006 if map is None: |
| 3007 map = asyncore.socket_map |
| 3008 # backward compatibility for python versions < 2.4 |
| 3009 if not hasattr(self, '_map'): |
| 3010 self._map = self.handler._map = map |
| 3011 |
| 3012 if use_poll and hasattr(asyncore.select, 'poll'): |
| 3013 poll_fun = asyncore.poll2 |
| 3014 else: |
| 3015 poll_fun = asyncore.poll |
| 3016 |
| 3017 if count is None: |
| 3018 log("Serving FTP on %s:%s" %self.socket.getsockname()[:2]) |
| 3019 try: |
| 3020 while map or _tasks: |
| 3021 if map: |
| 3022 poll_fun(timeout, map) |
| 3023 if _tasks: |
| 3024 _scheduler() |
| 3025 except (KeyboardInterrupt, SystemExit, asyncore.ExitNow): |
| 3026 log("Shutting down FTP server.") |
| 3027 self.close_all() |
| 3028 else: |
| 3029 while (map or _tasks) and count > 0: |
| 3030 if map: |
| 3031 poll_fun(timeout, map) |
| 3032 if _tasks: |
| 3033 _scheduler() |
| 3034 count = count - 1 |
| 3035 |
| 3036 def handle_accept(self): |
| 3037 """Called when remote client initiates a connection.""" |
| 3038 sock_obj, addr = self.accept() |
| 3039 log("[]%s:%s Connected." %addr[:2]) |
| 3040 |
| 3041 handler = self.handler(sock_obj, self) |
| 3042 ip = addr[0] |
| 3043 self.ip_map.append(ip) |
| 3044 |
| 3045 # For performance and security reasons we should always set a |
| 3046 # limit for the number of file descriptors that socket_map |
| 3047 # should contain. When we're running out of such limit we'll |
| 3048 # use the last available channel for sending a 421 response |
| 3049 # to the client before disconnecting it. |
| 3050 if self.max_cons: |
| 3051 if len(self._map) > self.max_cons: |
| 3052 handler.handle_max_cons() |
| 3053 return |
| 3054 |
| 3055 # accept only a limited number of connections from the same |
| 3056 # source address. |
| 3057 if self.max_cons_per_ip: |
| 3058 if self.ip_map.count(ip) > self.max_cons_per_ip: |
| 3059 handler.handle_max_cons_per_ip() |
| 3060 return |
| 3061 |
| 3062 handler.handle() |
| 3063 |
| 3064 def writable(self): |
| 3065 return 0 |
| 3066 |
| 3067 def handle_error(self): |
| 3068 """Called to handle any uncaught exceptions.""" |
| 3069 try: |
| 3070 raise |
| 3071 except (KeyboardInterrupt, SystemExit, asyncore.ExitNow): |
| 3072 raise |
| 3073 logerror(traceback.format_exc()) |
| 3074 self.close() |
| 3075 |
| 3076 def close_all(self, map=None, ignore_all=False): |
| 3077 """Stop serving; close all existent connections disconnecting |
| 3078 clients. |
| 3079 |
| 3080 - (dict) map: |
| 3081 A dictionary whose items are the channels to close. |
| 3082 If map is omitted, the default asyncore.socket_map is used. |
| 3083 |
| 3084 - (bool) ignore_all: |
| 3085 having it set to False results in raising exception in case |
| 3086 of unexpected errors. |
| 3087 |
| 3088 Implementation note: |
| 3089 |
| 3090 Instead of using the current asyncore.close_all() function |
| 3091 which only close sockets, we iterate over all existent channels |
| 3092 calling close() method for each one of them, avoiding memory |
| 3093 leaks. |
| 3094 |
| 3095 This is how asyncore.close_all() function should work in |
| 3096 Python 2.6. |
| 3097 """ |
| 3098 if map is None: |
| 3099 map = self._map |
| 3100 for x in map.values(): |
| 3101 try: |
| 3102 x.close() |
| 3103 except OSError, x: |
| 3104 if x[0] == errno.EBADF: |
| 3105 pass |
| 3106 elif not ignore_all: |
| 3107 raise |
| 3108 except (asyncore.ExitNow, KeyboardInterrupt, SystemExit): |
| 3109 raise |
| 3110 except: |
| 3111 if not ignore_all: |
| 3112 raise |
| 3113 map.clear() |
| 3114 |
| 3115 |
| 3116 def test(): |
| 3117 # cmd line usage (provide a read-only anonymous ftp server): |
| 3118 # python -m pyftpdlib.FTPServer |
| 3119 authorizer = DummyAuthorizer() |
| 3120 authorizer.add_anonymous(os.getcwd()) |
| 3121 FTPHandler.authorizer = authorizer |
| 3122 address = ('', 21) |
| 3123 ftpd = FTPServer(address, FTPHandler) |
| 3124 ftpd.serve_forever() |
| 3125 |
| 3126 if __name__ == '__main__': |
| 3127 test() |
OLD | NEW |