ftpd 0.5.0 → 0.6.0

data/features/ftp_server/abort.feature

@@ -0,0 +1,13 @@
+Feature: Abort
+
+  As a client
+  I want to know this command is not supported
+  So that I can avoid using it
+
+  Background:
+    Given the test server is started
+
+  Scenario: Unimplemented
+    Given a successful connection
+    When the client sends command "ABOR"
+    Then the server returns an unimplemented command error

data/features/ftp_server/command_errors.feature

@@ -11,15 +11,3 @@ Feature: Command Errors
     Given a successful connection
     When the client sends command "foo"
     Then the server returns a command unrecognized error
-
-  Scenario Outline: Unimplemented command
-    Given a successful connection
-    When the client sends command "<command>"
-    Then the server returns an unimplemented command error
-    Examples:
-      | command |
-      | ABOR    |
-      | REIN    |
-      | REST    |
-      | SITE    |
-      | SMNT    |

data/features/ftp_server/delay_after_failed_login.feature

@@ -0,0 +1,23 @@
+Feature: Delay After Failed Login
+
+  As an administrator
+  I want to make brute force attacks less efficient
+  So that an attacker doesn't gain access
+
+  Scenario: Failed login attempts
+    Given the test server has a failed login delay of 0.2 seconds
+    And the test server is started
+    Given the client connects
+    And the client logs in with bad user
+    And the client logs in with bad user
+    And the client logs in
+    Then it should take at least 0.4 seconds
+
+  Scenario: Failed login attempts
+    Given the test server has a failed login delay of 0.0 seconds
+    And the test server is started
+    Given the client connects
+    And the client logs in with bad user
+    And the client logs in with bad user
+    And the client logs in
+    Then it should take less than 0.4 seconds

data/features/ftp_server/disconnect_after_failed_logins.feature

@@ -0,0 +1,25 @@
+Feature: Disconnect After Failed Logins
+
+  As an administrator
+  I want to make brute force attacks less efficient
+  So that an attacker doesn't gain access
+
+  Scenario: Disconnected after maximum failed attempts
+    Given the test server has a max of 3 failed login attempts
+    And the test server is started
+    Given the client connects
+    And the client logs in with bad user
+    And the client logs in with bad user
+    When the client logs in with bad user
+    Then the server returns a server unavailable error
+    And the client should not be connected
+
+  Scenario: No maximum configured
+    Given the test server has no max failed login attempts
+    And the test server is started
+    Given the client connects
+    And the client logs in with bad user
+    And the client logs in with bad user
+    And the client logs in with bad user
+    Then the server returns a login incorrect error
+    And the client should be connected

data/features/ftp_server/features.feature

@@ -0,0 +1,26 @@
+Feature: Features
+
+  As a client
+  I want to know what FTP extension the server supports
+  So that I can use them without trial-and-error
+
+  Background:
+
+  Scenario: TLS Disabled
+    Given the test server is started
+    And the client connects
+    When the client successfully requests features
+    Then the response should not include TLS features
+
+  Scenario: TLS Enabled
+    Given the test server has TLS mode "explicit"
+    And the test server is started
+    And the client connects
+    When the client successfully requests features
+    Then the response should include TLS features
+
+  Scenario: Argument given
+    Given the test server is started
+    And the client connects
+    When the client sends "FEAT FOO"
+    Then the server returns a syntax error

data/features/ftp_server/max_connections.feature

@@ -0,0 +1,39 @@
+Feature: Max Connections
+
+  As an administrator
+  I want to limit the number of connections
+  To prevent overload
+
+  Scenario: Total connections
+    Given the test server has max_connections set to 2
+    And the test server is started
+    And the 1st client connects
+    And the 2nd client connects
+    When the 3rd client tries to connect
+    Then the server returns a too many connections error
+
+  Scenario: Connections per user
+    And the test server has max_connections_per_ip set to 1
+    And the test server is started
+    And the 1st client connects from 127.0.0.1
+    And the 2nd client connects from 127.0.0.2
+    When the 3rd client tries to connect from 127.0.0.2
+    Then the server returns a too many connections error
+
+  Scenario: TLS
+    Given the test server has max_connections set to 2
+    And the test server has TLS mode "explicit"
+    And the test server is started
+    And the 1st client connects
+    And the 2nd client connects
+    When the 3rd client tries to connect
+    Then the server returns a too many connections error
+
+  Scenario: Connections per user, TLS
+    And the test server has max_connections_per_ip set to 1
+    And the test server has TLS mode "explicit"
+    And the test server is started
+    And the 1st client connects from 127.0.0.1
+    And the 2nd client connects from 127.0.0.2
+    When the 3rd client tries to connect from 127.0.0.2
+    Then the server returns a too many connections error

data/features/ftp_server/options.feature

@@ -0,0 +1,17 @@
+Feature: Options
+
+  As a client
+  I want to know set options
+  To tailor the server's behavior
+
+  Background:
+    Given the test server is started
+    And the client connects
+
+  Scenario: No argument
+    When the client sends "OPTS"
+    Then the server returns a syntax error
+
+  Scenario: Unknown option command
+    When the client sets option "ABC"
+    Then the server returns a bad option error

data/features/ftp_server/put_tls.feature

@@ -8,7 +8,7 @@ Feature: Put TLS
     Given the test server has TLS mode "explicit"
     And the test server is started
 
-  Scenario: TLS
+  Scenario: TLS, Active
     pending "TLS not supported in active mode (see README)"
 
   Scenario: TLS, Passive

data/features/ftp_server/reinitialize.feature

@@ -0,0 +1,13 @@
+Feature: Reinitialize
+
+  As a client
+  I want to know this command is not supported
+  So that I can avoid using it
+
+  Background:
+    Given the test server is started
+
+  Scenario: Unimplemented
+    Given a successful connection
+    When the client sends command "REIN"
+    Then the server returns an unimplemented command error

data/features/ftp_server/site.feature

@@ -0,0 +1,13 @@
+Feature: Site
+
+  As a client
+  I want to know this command is not supported
+  So that I can avoid using it
+
+  Background:
+    Given the test server is started
+
+  Scenario: Unimplemented
+    Given a successful connection
+    When the client sends command "SITE"
+    Then the server returns an unimplemented command error

data/features/ftp_server/status.feature

@@ -15,5 +15,4 @@ Feature: Status
   Scenario: Server status
     Given a successful login
     When the client successfully requests status
-    Then the server returns its name
-    And the server returns its version
+    Then the server returns its title

data/features/ftp_server/step_definitions/test_server.rb

@@ -39,3 +39,23 @@ end
 Given /^the test server allows low data ports$/ do
   server.allow_low_data_ports = true
 end
+
+Given /^the test server has max_connections set to (\d+)$/ do |s|
+  server.max_connections = s.to_i
+end
+
+Given /^the test server has max_connections_per_ip set to (\d+)$/ do |s|
+  server.max_connections_per_ip = s.to_i
+end
+
+Given /^the test server has no max failed login attempts$/ do
+  server.max_failed_logins = nil
+end
+
+Given /^the test server has a max of (\d+) failed login attempts$/ do |s|
+  server.max_failed_logins = s.to_i
+end
+
+Given /^the test server has a failed login delay of (\S+) seconds$/ do |s|
+  server.failed_login_delay = s.to_f
+end

data/features/ftp_server/structure_mount.feature

@@ -0,0 +1,13 @@
+Feature: Structure Mount
+
+  As a client
+  I want to know this command is not supported
+  So that I can avoid using it
+
+  Background:
+    Given the test server is started
+
+  Scenario: Unimplemented
+    Given a successful connection
+    When the client sends command "SMNT"
+    Then the server returns an unimplemented command error

data/features/ftp_server/timeout.feature

@@ -9,18 +9,18 @@ Feature: Port
     And the test server is started
     And a successful login
     When the client is idle for 0.6 seconds
-    Then the client is not connected
+    Then the client should not be connected
 
   Scenario: Session not idle too long
     Given the test server has session timeout set to 0.5 seconds
     And the test server is started
     And a successful login
     When the client is idle for 0 seconds
-    Then the client is connected
+    Then the client should be connected
 
   Scenario: Timeout disabled
     Given the test server has session timeout disabled
     And the test server is started
     And a successful login
     When the client is idle for 0.6 seconds
-    Then the client is connected
+    Then the client should be connected

data/features/step_definitions/append.rb

@@ -6,10 +6,10 @@ end
 
 When /^the client successfully appends text "(.*?)" onto "(.*?)"$/ do
 |local_path, remote_path|
-  @client.append_text local_path, remote_path
+  client.append_text local_path, remote_path
 end
 
 When /^the client successfully appends binary "(.*?)" onto "(.*?)"$/ do
 |local_path, remote_path|
-  @client.append_binary local_path, remote_path
+  client.append_binary local_path, remote_path
 end

data/features/step_definitions/client.rb

@@ -1,14 +1,24 @@
-def client_variable_name(client_name)
-  var = '@' + [
-    client_name,
-    'client',
-  ].compact.map(&:strip).join('_')
-end
+require 'singleton'
+
+class Clients
+
+  include Singleton
+
+  def initialize
+    @clients = {}
+  end
+
+  def [](client_name)
+    @clients[client_name] ||= TestClient.new
+  end
+
+  def close
+    @clients.values.each(&:close)
+  end
 
-def set_client(client_name, client)
-  instance_variable_set client_variable_name(client_name), client
 end
 
 def client(client_name = nil)
-  instance_variable_get(client_variable_name(client_name))
+  client_name ||= 'client'
+  Clients.instance[client_name]
 end

data/features/step_definitions/client_and_server_files.rb

@@ -7,7 +7,7 @@ Then /^the remote file "(.*?)" should( exactly)? match the local file$/ do
 |remote_path, exactly|
   local_path = File.basename(remote_path)
   remote_contents = server.file_contents(remote_path)
-  local_contents = @client.file_contents(local_path)
+  local_contents = client.file_contents(local_path)
   remote_contents = unix_line_endings(exactly, remote_contents)
   local_contents = unix_line_endings(exactly, local_contents)
   remote_contents.should == local_contents
@@ -17,7 +17,7 @@ Then /^the local file "(.*?)" should( exactly)? match the remote file$/ do
 |local_path, exactly|
   remote_path = local_path
   remote_contents = server.file_contents(remote_path)
-  local_contents = @client.file_contents(local_path)
+  local_contents = client.file_contents(local_path)
   remote_contents = unix_line_endings(exactly, remote_contents)
   local_contents = unix_line_endings(exactly, local_contents)
   local_contents.should == remote_contents

data/features/step_definitions/client_files.rb

@@ -1,14 +1,14 @@
 Given /^the client has file "(.*?)"$/ do |local_path|
-  @client.add_file local_path
+  client.add_file local_path
 end
 
 Then /^the local file "(.*?)" should have (unix|windows) line endings$/ do
 |local_path, line_ending_type|
-  line_ending_type(@client.file_contents(local_path)).should ==
+  line_ending_type(client.file_contents(local_path)).should ==
     line_ending_type.to_sym
 end
 
 Then /^the local file "(.*?)" should match its template$/ do |local_path|
-  @client.template(local_path).should ==
-    @client.file_contents(local_path)
+  client.template(local_path).should ==
+    client.file_contents(local_path)
 end

data/features/step_definitions/command.rb

@@ -1,5 +1,5 @@
 When /^the client sends command "(.*?)"$/ do |command|
   capture_error do
-    @client.raw command
+    client.raw command
   end
 end

data/features/step_definitions/connect.rb

@@ -4,11 +4,34 @@ require 'net/ftp'
 When /^the( \w+)? client connects(?: with (\w+) TLS)?$/ do
 |client_name, tls_mode|
   tls_mode ||= :off
-  client = TestClient.new(:tls => tls_mode.to_sym)
-  client.connect(server.host, server.port)
-  set_client client_name, client
+  client(client_name).tls_mode = tls_mode.to_sym
+  client(client_name).start
+  client(client_name).connect(server.host, server.port)
 end
 
-After do
-  @client.close if @client
+When /^the (\d+)rd client tries to connect$/ do |client_name|
+  client(client_name).start
+  capture_error do
+    client(client_name).connect(server.host, server.port)
+  end
+end
+
+When /^the (\S+) client connects from (\S+)$/ do
+|client_name, source_ip|
+  client(client_name).connect_from(source_ip, server.host, server.port)
+end
+
+When /^the (\S+) client tries to connect from (\S+)$/ do
+|client_name, source_ip|
+  capture_error do
+    step "the #{client_name} client connects from #{source_ip}"
+  end
+end
+
+Then /^the client should be connected$/ do
+  client.should be_connected
+end
+
+Then /^the client should not be connected$/ do
+  client.should_not be_connected
 end

data/features/step_definitions/delete.rb

@@ -5,11 +5,11 @@ When /^the client deletes "(.*?)"$/ do |path|
 end
 
 When /^the client successfully deletes "(.*?)"$/ do |path|
-  @client.delete path
+  client.delete path
 end
 
 When /^the client deletes with no path$/ do
   capture_error do
-    @client.raw 'DELE'
+    client.raw 'DELE'
   end
 end

data/features/step_definitions/directory_navigation.rb

@@ -10,17 +10,17 @@ end
 # ensure that CDUP is sent and therefore tested.
 
 When /^the client successfully cd's up$/ do
-  @client.raw 'CDUP'
+  client.raw 'CDUP'
 end
 
 When /^the client successfully cd's to "(.*?)"$/ do |path|
-  @client.chdir path
+  client.chdir path
 end
 
 Then /^the current directory should be "(.*?)"$/ do |path|
-  @client.pwd.should == path
+  client.pwd.should == path
 end
 
 Then /^the XPWD directory should be "(.*?)"$/ do |path|
-  @client.xpwd.should == path
+  client.xpwd.should == path
 end