ftpd 0.5.0 → 0.6.0

data/features/support/test_server.rb

@@ -218,6 +218,10 @@ class TestServer
   def_delegator :@server, :'allow_low_data_ports='
   def_delegator :@server, :'auth_level'
   def_delegator :@server, :'auth_level='
+  def_delegator :@server, :'failed_login_delay='
+  def_delegator :@server, :'max_connections='
+  def_delegator :@server, :'max_connections_per_ip='
+  def_delegator :@server, :'max_failed_logins='
   def_delegator :@server, :'server_name'
   def_delegator :@server, :'server_name='
   def_delegator :@server, :'session_timeout='

data/ftpd.gemspec

@@ -5,12 +5,12 @@
 
 Gem::Specification.new do |s|
   s.name = "ftpd"
-  s.version = "0.5.0"
+  s.version = "0.6.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Wayne Conrad"]
-  s.date = "2013-03-10"
-  s.description = "ftpd is a pure Ruby FTP server library.  It supports implicit and explicit TLS, passive and active mode, and is unconditionally complaint per RFC-1123.  It an be used as part of a test fixture or embedded in a program."
+  s.date = "2013-03-19"
+  s.description = "ftpd is a pure Ruby FTP server library.  It supports implicit and explicit TLS, passive and active mode, and is unconditionally compliant per [RFC-1123][1].  It an be used as part of a test fixture or embedded in a program."
   s.email = "wconrad@yagni.com"
   s.extra_rdoc_files = [
     "LICENSE.md",
@@ -25,7 +25,6 @@ Gem::Specification.new do |s|
     "README.md",
     "Rakefile",
     "VERSION",
-    "config/cucumber.yml",
     "doc/benchmarks.md",
     "doc/references.md",
     "doc/rfc-compliance.md",
@@ -35,13 +34,17 @@ Gem::Specification.new do |s|
     "features/example/example.feature",
     "features/example/read_only.feature",
     "features/example/step_definitions/example_server.rb",
+    "features/ftp_server/abort.feature",
     "features/ftp_server/allo.feature",
     "features/ftp_server/append.feature",
     "features/ftp_server/cdup.feature",
     "features/ftp_server/command_errors.feature",
     "features/ftp_server/concurrent_sessions.feature",
+    "features/ftp_server/delay_after_failed_login.feature",
     "features/ftp_server/delete.feature",
     "features/ftp_server/directory_navigation.feature",
+    "features/ftp_server/disconnect_after_failed_logins.feature",
+    "features/ftp_server/features.feature",
     "features/ftp_server/file_structure.feature",
     "features/ftp_server/get.feature",
     "features/ftp_server/get_tls.feature",
@@ -54,21 +57,26 @@ Gem::Specification.new do |s|
     "features/ftp_server/login_auth_level_account.feature",
     "features/ftp_server/login_auth_level_password.feature",
     "features/ftp_server/login_auth_level_user.feature",
+    "features/ftp_server/max_connections.feature",
     "features/ftp_server/mkdir.feature",
     "features/ftp_server/mode.feature",
     "features/ftp_server/name_list.feature",
     "features/ftp_server/name_list_tls.feature",
     "features/ftp_server/noop.feature",
+    "features/ftp_server/options.feature",
     "features/ftp_server/port.feature",
     "features/ftp_server/put.feature",
     "features/ftp_server/put_tls.feature",
     "features/ftp_server/put_unique.feature",
     "features/ftp_server/quit.feature",
+    "features/ftp_server/reinitialize.feature",
     "features/ftp_server/rename.feature",
     "features/ftp_server/rmdir.feature",
+    "features/ftp_server/site.feature",
     "features/ftp_server/status.feature",
     "features/ftp_server/step_definitions/logging.rb",
     "features/ftp_server/step_definitions/test_server.rb",
+    "features/ftp_server/structure_mount.feature",
     "features/ftp_server/syntax_errors.feature",
     "features/ftp_server/syst.feature",
     "features/ftp_server/timeout.feature",
@@ -82,6 +90,7 @@ Gem::Specification.new do |s|
     "features/step_definitions/delete.rb",
     "features/step_definitions/directory_navigation.rb",
     "features/step_definitions/error_replies.rb",
+    "features/step_definitions/features.rb",
     "features/step_definitions/file_structure.rb",
     "features/step_definitions/generic_send.rb",
     "features/step_definitions/get.rb",
@@ -93,6 +102,7 @@ Gem::Specification.new do |s|
     "features/step_definitions/mkdir.rb",
     "features/step_definitions/mode.rb",
     "features/step_definitions/noop.rb",
+    "features/step_definitions/options.rb",
     "features/step_definitions/passive.rb",
     "features/step_definitions/pending.rb",
     "features/step_definitions/port.rb",
@@ -101,11 +111,11 @@ Gem::Specification.new do |s|
     "features/step_definitions/rename.rb",
     "features/step_definitions/rmdir.rb",
     "features/step_definitions/server_files.rb",
+    "features/step_definitions/server_title.rb",
     "features/step_definitions/status.rb",
-    "features/step_definitions/stop_server.rb",
     "features/step_definitions/success_replies.rb",
     "features/step_definitions/system.rb",
-    "features/step_definitions/timeout.rb",
+    "features/step_definitions/timing.rb",
     "features/step_definitions/type.rb",
     "features/support/env.rb",
     "features/support/example_server.rb",
@@ -121,6 +131,9 @@ Gem::Specification.new do |s|
     "lib/ftpd.rb",
     "lib/ftpd/auth_levels.rb",
     "lib/ftpd/command_sequence_checker.rb",
+    "lib/ftpd/config.rb",
+    "lib/ftpd/connection_throttle.rb",
+    "lib/ftpd/connection_tracker.rb",
     "lib/ftpd/disk_file_system.rb",
     "lib/ftpd/error.rb",
     "lib/ftpd/exception_translator.rb",
@@ -146,6 +159,8 @@ Gem::Specification.new do |s|
     "rake_tasks/test.rake",
     "rake_tasks/yard.rake",
     "spec/command_sequence_checker_spec.rb",
+    "spec/connection_throttle_spec.rb",
+    "spec/connection_tracker_spec.rb",
     "spec/disk_file_system_spec.rb",
     "spec/exception_translator_spec.rb",
     "spec/file_info_spec.rb",
@@ -170,7 +185,6 @@ Gem::Specification.new do |s|
       s.add_runtime_dependency(%q<memoizer>, ["~> 1.0.1"])
       s.add_development_dependency(%q<cucumber>, [">= 0"])
       s.add_development_dependency(%q<double-bag-ftps>, [">= 0"])
-      s.add_development_dependency(%q<fuubar-cucumber>, [">= 0"])
       s.add_development_dependency(%q<jeweler>, [">= 0"])
       s.add_development_dependency(%q<rake>, [">= 0"])
       s.add_development_dependency(%q<redcarpet>, [">= 0"])
@@ -181,7 +195,6 @@ Gem::Specification.new do |s|
       s.add_dependency(%q<memoizer>, ["~> 1.0.1"])
       s.add_dependency(%q<cucumber>, [">= 0"])
       s.add_dependency(%q<double-bag-ftps>, [">= 0"])
-      s.add_dependency(%q<fuubar-cucumber>, [">= 0"])
       s.add_dependency(%q<jeweler>, [">= 0"])
       s.add_dependency(%q<rake>, [">= 0"])
       s.add_dependency(%q<redcarpet>, [">= 0"])
@@ -193,7 +206,6 @@ Gem::Specification.new do |s|
     s.add_dependency(%q<memoizer>, ["~> 1.0.1"])
     s.add_dependency(%q<cucumber>, [">= 0"])
     s.add_dependency(%q<double-bag-ftps>, [">= 0"])
-    s.add_dependency(%q<fuubar-cucumber>, [">= 0"])
     s.add_dependency(%q<jeweler>, [">= 0"])
     s.add_dependency(%q<rake>, [">= 0"])
     s.add_dependency(%q<redcarpet>, [">= 0"])

data/lib/ftpd.rb

@@ -1,10 +1,12 @@
 require 'fileutils'
+require 'forwardable'
 require 'logger'
 require 'memoizer'
 require 'openssl'
 require 'pathname'
 require 'shellwords'
 require 'socket'
+require 'thread'
 require 'tmpdir'
 
 module Ftpd
@@ -13,6 +15,8 @@ module Ftpd
     autoload :Ls,                      'ftpd/list_format/ls'
   end
   autoload :CommandSequenceChecker,    'ftpd/command_sequence_checker'
+  autoload :ConnectionThrottle,        'ftpd/connection_throttle'
+  autoload :ConnectionTracker,         'ftpd/connection_tracker'
   autoload :DiskFileSystem,            'ftpd/disk_file_system'
   autoload :Error,                     'ftpd/error'
   autoload :ExceptionTranslator,       'ftpd/exception_translator'

data/lib/ftpd/command_sequence_checker.rb

@@ -11,11 +11,13 @@ module Ftpd
 
     def initialize
       @must_expect = []
+      @expected_command = nil
     end
 
     # Set the command to expect next.  If not set, then any command
     # will be accepted, so long as it hasn't been registered using
-    # {#must_expect}.
+    # {#must_expect}.  Otherwise, the set command must be next or a
+    # sequence error will result.
     #
     # @param command [String] The command.  Must be lowercase.
 
@@ -34,7 +36,7 @@ module Ftpd
     # Check a command.  If expecting a specific command and this
     # command isn't it, then raise an error that will cause a "503 Bad
     # sequence" error to be sent.  After checking, the expected
-    # command is cleared and any command will be accepted, unless
+    # command is cleared and any command will be accepted until
     # {#expect} is called again.
     #
     # @param command [String] The command.  Must be lowercase.

data/lib/ftpd/config.rb

@@ -0,0 +1,13 @@
+module Ftpd
+  class Config
+
+    # The number of seconds to delay before replying.  This is for
+    # testing client timeouts.
+    # Defaults to 0 (no delay).
+    #
+    # Change to this attribute only take effect for new sessions.
+
+    attr_accessor :response_delay
+
+  end
+end

data/lib/ftpd/connection_throttle.rb

@@ -0,0 +1,56 @@
+module Ftpd
+
+  # This class limits the number of connections
+
+  class ConnectionThrottle
+
+    DEFAULT_MAX_CONNECTIONS = nil
+    DEFAULT_MAX_CONNECTIONS_PER_IP = nil
+
+    # The maximum number of connections, or nil if there is no limit.
+    # @return [Integer]
+
+    attr_accessor :max_connections
+
+    # The maximum number of connections for an IP, or nil if there is
+    # no limit.
+    # @return [Integer]
+
+    attr_accessor :max_connections_per_ip
+
+    # @param connection_tracker [ConnectionTracker]
+
+    def initialize(connection_tracker)
+      @max_connections = DEFAULT_MAX_CONNECTIONS
+      @max_connections_per_ip = DEFAULT_MAX_CONNECTIONS_PER_IP
+      @connection_tracker = connection_tracker
+    end
+
+    # @return [Boolean] true if the connection should be allowed
+
+    def allow?(socket)
+      allow_by_total_count &&
+        allow_by_ip_count(socket)
+    end
+
+    # Reject a connection
+
+    def deny(socket)
+      socket.write "421 Too many connections\r\n"
+    end
+
+    private
+
+    def allow_by_total_count
+      return true unless @max_connections
+      @connection_tracker.connections < @max_connections
+    end
+
+    def allow_by_ip_count(socket)
+      return true unless @max_connections_per_ip
+      @connection_tracker.connections_for(socket) < @max_connections_per_ip
+    end
+
+  end
+
+end

data/lib/ftpd/connection_tracker.rb

@@ -0,0 +1,110 @@
+module Ftpd
+
+  # This class keeps track of connections
+
+  class ConnectionTracker
+
+    def initialize
+      @mutex = Mutex.new
+      @connections = {}
+      @socket_ips ={}
+    end
+
+    # Return the total number of connections
+
+    def connections
+      @mutex.synchronize do
+        @connections.values.inject(0, &:+)
+      end
+    end
+
+    # Return the number of connections for a socket
+
+    def connections_for(socket)
+      @mutex.synchronize do
+        ip = peer_ip(socket)
+        @connections[ip] || 0
+      end
+    end
+
+    # Track a connection.  Yields to a block; the connection is
+    # tracked until the block returns.
+
+    def track(socket)
+      start_track socket
+      begin
+        yield
+      ensure
+        stop_track socket
+      end
+    end
+
+    # Return the number of known IPs.  This exists for the benefit of
+    # the test, so that it can know the tracker has properly forgotten
+    # about an IP with no connections.
+
+    def known_ip_count
+      @mutex.synchronize do
+        @connections.size
+      end
+    end
+
+    private
+
+    # Start tracking a connection
+
+    def start_track(socket)
+      @mutex.synchronize do
+        ip = peer_ip(socket)
+        @connections[ip] ||= 0
+        @connections[ip] += 1
+        @socket_ips[socket.object_id] = ip
+      end
+    end
+
+    # Stop tracking a connection
+
+    def stop_track(socket)
+      @mutex.synchronize do
+        ip = @socket_ips.delete(socket.object_id)
+        if (@connections[ip] -= 1) == 0
+          @connections.delete(ip)
+        end
+      end
+    end
+
+    # Obtain the IP that the client connected _from_.
+    #
+    # How this is done depends upon which type of socket (SSL or not)
+    # and what version of Ruby.
+    #
+    # * SSL socket
+    #   * #peeraddr.  Uses BasicSocket.do_not_reverse_lookup.
+    # * Ruby 1.8.7
+    #   * #peeraddr, which does not take the "reverse lookup"
+    #     argument, relying instead using
+    #     BasicSocket.do_not_reverse_lookup.
+    #   * #getpeername, which does not do a reverse lookup.  It is a
+    #     little uglier than #peeraddr.
+    # * Ruby >=1.9.3
+    #   * #peeraddr, which takes the "reverse lookup" argument.
+    #   * #getpeername - same as 1.8.7
+
+    # @return [String] IP address
+
+    def peer_ip(socket)
+      if socket.respond_to?(:getpeername)
+        # Non SSL
+        sockaddr = socket.getpeername
+        port, host = Socket.unpack_sockaddr_in(sockaddr)
+        host
+      else
+        # SSL
+        BasicSocket.do_not_reverse_lookup = true
+        socket.peeraddr.last
+      end
+     end
+
+  end
+
+end

data/lib/ftpd/disk_file_system.rb

@@ -125,7 +125,7 @@ module Ftpd
 
       # Write a file to disk.
       # @param ftp_path [String] The virtual path
-      # @contents [String] The file's contents
+      # @param contents [String] The file's contents
       #
       # Called for:
       # * STOR
@@ -153,7 +153,7 @@ module Ftpd
 
       # Append to a file.  If the file does not exist, create it.
       # @param ftp_path [String] The virtual path
-      # @contents [String] The file's contents
+      # @param contents [String] The file's contents
       #
       # Called for:
       # * APPE

data/lib/ftpd/ftp_server.rb

@@ -3,61 +3,125 @@
 module Ftpd
   class FtpServer < TlsServer
 
+    extend Forwardable
+
     DEFAULT_SERVER_NAME = 'wconrad/ftpd'
     DEFAULT_SESSION_TIMEOUT = 300 # seconds
 
-    # The number of seconds to delay before replying.  This is for
-    # testing, when you need to test, for example, client timeouts.
-    # Defaults to 0 (no delay).
+    # If true, allow the PORT command to specify privileged data ports
+    # (those below 1024).  Defaults to false.  Setting this to true
+    # makes it easier for an attacker to use the server to attack
+    # another server.  See RFC 2577 section 3.
     #
-    # Change to this attribute only take effect for new sessions.
-
-    attr_accessor :response_delay
-
-    # The class for formatting for LIST output.  Defaults to
-    # {Ftpd::ListFormat::Ls}.  Changes to this attribute only take
-    # effect for new sessions.
+    # Set this before calling #start.
+    #
+    # @return [Boolean]
 
-    attr_accessor :list_formatter
+    attr_accessor :allow_low_data_ports
 
-    # @return [Integer] The authentication level
-    # One of:
+    # The authentication level.  One of:
+    #
     # * Ftpd::AUTH_USER
     # * Ftpd::AUTH_PASSWORD (default)
     # * Ftpd::AUTH_ACCOUNT
+    #
+    # @return [Integer] The authentication level
 
     attr_accessor :auth_level
 
-    # The session timeout.  When a session is awaiting a command, if
-    # one is not received in this many seconds, the session is
-    # disconnected.  Defaults to {DEFAULT_SESSION_TIMEOUT}.  If nil,
-    # then timeout is disabled.
+    # The delay (in seconds) after a failed login.  Defaults to 0.
+    # Setting this makes brute force password guessing less efficient
+    # for the attacker.  RFC-2477 suggests a delay of 5 seconds.
+
+    attr_accessor :failed_login_delay
+
+    # The class for formatting for LIST output.  Defaults to
+    # {Ftpd::ListFormat::Ls} (unix "ls -l" style).
+    #
+    # Set this before calling #start.
+    # @return [class that quacks like Ftpd::ListFormat::Ls]
+
+    attr_accessor :list_formatter
+
+    # The logger.  Defaults to nil (no logging).
+    #
+    # Set this before calling #start.
+    #
+    # @return [Logger]
+
+    attr_accessor :log
+
+    # The maximum number of connections the server will allow.
+    # Defaults to {ConnectionThrottle::DEFAULT_MAX_CONNECTIONS}.
+    #
+    # Set this before calling #start.
+    #
+    # @!attribute max_connections
+    # @return [Integer]
+
+    def_delegator :@connection_throttle, :'max_connections'
+    def_delegator :@connection_throttle, :'max_connections='
+
+    # The maximum number of connections the server will allow from a
+    # given IP.  Defaults to
+    # {ConnectionThrottle::DEFAULT_MAX_CONNECTIONS_PER_IP}.
+    #
+    # Set this before calling #start.
+    #
+    # @!attribute max_connections_per_ip
+    # @return [Integer]
+
+    def_delegator :@connection_throttle, :'max_connections_per_ip'
+    def_delegator :@connection_throttle, :'max_connections_per_ip='
+
+    # The maximum number of failed login attempts before disconnecting
+    # the user.  Defaults to nil (no maximum).  When set, this may
+    # makes brute-force password guessing attack less efficient.
+    #
+    # Set this before calling #start.
+    #
+    # @return [Integer]
+
+    attr_accessor :max_failed_logins
+
+    # The number of seconds to delay before replying.  This is for
+    # testing, when you need to test, for example, client timeouts.
+    # Defaults to 0 (no delay).
+    #
+    # Set this before calling #start.
+    #
     # @return [Numeric]
 
-    attr_accessor :session_timeout
+    attr_accessor :response_delay
 
     # The server's name, sent in a STAT reply.  Defaults to
     # {DEFAULT_SERVER_NAME}.
+    #
+    # Set this before calling #start.
+    #
+    # @return [String]
 
     attr_accessor :server_name
 
     # The server's version, sent in a STAT reply.  Defaults to the
     # contents of the VERSION file.
+    #
+    # Set this before calling #start.
+    #
+    # @return [String]
 
     attr_accessor :server_version
 
-    # The logger.  Defaults to nil (no logging).
-    # @return [Logger]
-
-    attr_accessor :log
-
-    # Allow PORT command to specify data ports below 1024.  Defaults
-    # to false.  Setting this to true makes it easier for an attacker
-    # to use the server to attack another server.  See RFC 2577
-    # section 3.
-    # @return [Boolean]
+    # The session timeout.  When a session is awaiting a command, if
+    # one is not received in this many seconds, the session is
+    # disconnected.  Defaults to {DEFAULT_SESSION_TIMEOUT}.  If nil,
+    # then timeout is disabled.
+    #
+    # Set this before calling #start.
+    #
+    # @return [Numeric]
 
-    attr_accessor :allow_low_data_ports
+    attr_accessor :session_timeout
 
     # Create a new FTP server.  The server won't start until the
     # #start method is called.
@@ -79,23 +143,42 @@ module Ftpd
       @server_name = DEFAULT_SERVER_NAME
       @server_version = read_version_file
       @allow_low_data_ports = false
+      @failed_login_delay = 0
       @log = nil
+      @connection_tracker = ConnectionTracker.new
+      @connection_throttle = ConnectionThrottle.new(@connection_tracker)
     end
 
     private
 
+    def allow_session?(socket)
+      @connection_throttle.allow?(socket)
+    end
+
+    def deny_session socket
+      @connection_throttle.deny socket
+    end
+
     def session(socket)
-      Session.new(:socket => socket,
+      @connection_tracker.track(socket) do
+        run_session socket
+      end
+    end
+
+    def run_session(socket)
+      Session.new(:allow_low_data_ports => allow_low_data_ports,
+                  :auth_level => @auth_level,
                   :driver => @driver,
+                  :failed_login_delay => @failed_login_delay,
                   :list_formatter => @list_formatter,
+                  :log => log,
+                  :max_failed_logins => @max_failed_logins,
                   :response_delay => response_delay,
-                  :tls => @tls,
-                  :auth_level => @auth_level,
-                  :session_timeout => @session_timeout,
                   :server_name => @server_name,
                   :server_version => @server_version,
-                  :log => log,
-                  :allow_low_data_ports => allow_low_data_ports).run
+                  :session_timeout => @session_timeout,
+                  :socket => socket,
+                  :tls => @tls).run
     end
 
     def read_version_file