investtools-ftpd 1.0.1

data/lib/ftpd/session.rb

@@ -0,0 +1,220 @@
+module Ftpd
+  class Session
+
+    include Error
+    include ListPath
+
+    attr_accessor :command_sequence_checker
+    attr_accessor :data_channel_protection_level
+    attr_accessor :data_server
+    attr_accessor :data_type
+    attr_accessor :logged_in
+    attr_accessor :name_prefix
+    attr_accessor :protection_buffer_size_set
+    attr_accessor :socket
+    attr_reader :config
+    attr_reader :data_hostname
+    attr_reader :data_port
+    attr_reader :file_system
+    attr_writer :epsv_all
+    attr_writer :mode
+    attr_writer :structure
+
+    # @params session_config [SessionConfig] Session configuration
+    # @param socket [TCPSocket, OpenSSL::SSL::SSLSocket] The socket
+
+    def initialize(session_config, socket)
+      @config = session_config
+      @socket = socket
+      if @config.tls == :implicit
+        @socket.encrypt
+      end
+      @command_sequence_checker = init_command_sequence_checker
+      set_socket_options
+      @protocols = Protocols.new(@socket)
+      @command_handlers = CommandHandlers.new
+      @command_loop = CommandLoop.new(self)
+      register_commands
+      initialize_session
+    end
+
+    def run
+      @command_loop.read_and_execute_commands
+    end
+
+    private
+
+    def register_commands
+      handlers = CommandHandlerFactory.standard_command_handlers
+      handlers.each do |klass|
+        @command_handlers << klass.new(self)
+      end
+    end
+
+    def valid_command?(command)
+      @command_handlers.has?(command)
+    end
+
+    def execute_command command, argument
+      @command_handlers.execute command, argument
+    end
+
+    def ensure_logged_in
+      return if @logged_in
+      error "Not logged in", 530
+    end
+
+    def ensure_tls_supported
+      unless tls_enabled?
+        error "TLS not enabled", 534
+      end
+    end
+
+    def ensure_not_epsv_all
+      if @epsv_all
+        error "Not allowed after EPSV ALL", 501
+      end
+    end
+
+    def tls_enabled?
+      @config.tls != :off
+    end
+
+    def ensure_protocol_supported(protocol_code)
+      unless @protocols.supports_protocol?(protocol_code)
+        protocol_list = @protocols.protocol_codes.join(',')
+        error("Network protocol #{protocol_code} not supported, "\
+              "use (#{protocol_list})", 522)
+      end
+    end
+
+    def supported_commands
+      @command_handlers.commands.map(&:upcase)
+    end
+
+    def pwd(status_code)
+      reply %Q(#{status_code} "#{@name_prefix}" is current directory)
+    end
+
+    FORMAT_TYPES = {
+      'N'=>['Non-print', true],
+      'T'=>['Telnet format effectors', true],
+      'C'=>['Carriage Control (ASA)', false],
+    }
+
+    DATA_TYPES = {
+      'A'=>['ASCII', true],
+      'E'=>['EBCDIC', false],
+      'I'=>['BINARY', true],
+      'L'=>['LOCAL', false],
+    }
+
+    def expect(command)
+      @command_sequence_checker.expect command
+    end
+
+    def set_file_system(file_system)
+      @file_system = file_system
+    end
+
+    def command_not_needed
+      reply '202 Command not needed at this site'
+    end
+
+    def close_data_server_socket
+      return unless @data_server
+      @data_server.close
+      @data_server = nil
+    end
+
+    def reply(s)
+      if @config.response_delay.to_i != 0
+        @config.log.warn "#{@config.response_delay} second delay before replying"
+        sleep @config.response_delay
+      end
+      @config.log.debug s
+      @socket.write s + "\r\n"
+    end
+
+    def init_command_sequence_checker
+      checker = CommandSequenceChecker.new
+      checker.must_expect 'acct'
+      checker.must_expect 'pass'
+      checker.must_expect 'rnto'
+      checker
+    end
+
+    def authenticate(*args)
+      while args.size < @config.driver.method(:authenticate).arity
+        args << nil
+      end
+      @config.driver.authenticate(*args)
+    end
+
+    def login(*auth_tokens)
+      user = auth_tokens.first
+      unless authenticate(*auth_tokens)
+        failed_auth
+        error "Login incorrect", 530
+      end
+      reply "230 Logged in"
+      set_file_system @config.driver.file_system(user)
+      @logged_in = true
+      reset_failed_auths
+    end
+
+    def set_socket_options
+      disable_nagle @socket
+      receive_oob_data_inline @socket
+    end
+
+    def disable_nagle(socket)
+      socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
+    end
+
+    def receive_oob_data_inline(socket)
+      socket.setsockopt(Socket::SOL_SOCKET, Socket::SO_OOBINLINE, 1)
+    end
+
+    def reset_failed_auths
+      @failed_auths = 0
+    end
+
+    def failed_auth
+      @failed_auths += 1
+      sleep @config.failed_login_delay
+      if @config.max_failed_logins && @failed_auths >= @config.max_failed_logins
+        reply "421 server unavailable"
+        throw :done
+      end
+    end
+
+    def set_active_mode_address(address, port)
+      if port > 0xffff || port < 1024 && !@config.allow_low_data_ports
+        error "Command not implemented for that parameter", 504
+      end
+      @data_hostname = address
+      @data_port = port
+    end
+
+    def initialize_session
+      @logged_in = false
+      @data_type = 'A'
+      @mode = 'S'
+      @structure = 'F'
+      @name_prefix = '/'
+      @data_channel_protection_level = :clear
+      @data_hostname = nil
+      @data_port = nil
+      @protection_buffer_size_set = false
+      @epsv_all = false
+      close_data_server_socket
+      reset_failed_auths
+    end
+
+    def server_name_and_version
+      "#{@config.server_name} #{@config.server_version}"
+    end
+
+  end
+end

data/lib/ftpd/session_config.rb

@@ -0,0 +1,111 @@
+module Ftpd
+
+  # All of the configuration needed by a session
+
+  class SessionConfig
+
+    # If true, allow the PORT command to specify privileged data ports
+    # (those below 1024).  Defaults to false.  Setting this to true
+    # makes it easier for an attacker to use the server to attack
+    # another server.  See RFC 2577 section 3.
+    #
+    # @return [Boolean]
+
+    attr_accessor :allow_low_data_ports
+
+    # The authentication level.  One of:
+    #
+    # * Ftpd::AUTH_USER
+    # * Ftpd::AUTH_PASSWORD (default)
+    # * Ftpd::AUTH_ACCOUNT
+    #
+    # @return [Integer] The authentication level
+
+    attr_accessor :auth_level
+
+    # @return driver A driver for the server's dynamic behavior such
+    #   as authentication and file system access.
+    #
+    # The driver should expose these public methods:
+    # * {Example::Driver#authenticate authenticate}
+    # * {Example::Driver#file_system file_system}
+
+    attr_accessor :driver
+
+    # The delay (in seconds) after a failed login.  Defaults to 0.
+    # Setting this makes brute force password guessing less efficient
+    # for the attacker.  RFC-2477 suggests a delay of 5 seconds.
+
+    attr_accessor :failed_login_delay
+
+    # The class for formatting for LIST output.
+    #
+    # @return [class that quacks like Ftpd::ListFormat::Ls]
+
+    attr_accessor :list_formatter
+
+    # The logger.
+    #
+    # @return [Logger]
+
+    attr_accessor :log
+
+    # The maximum number of failed login attempts before disconnecting
+    # the user.  Defaults to nil (no maximum).  When set, this may
+    # makes brute-force password guessing attack less efficient.
+    #
+    # @return [Integer]
+
+    attr_accessor :max_failed_logins
+
+    # The number of seconds to delay before replying.  This is for
+    # testing, when you need to test, for example, client timeouts.
+    # Defaults to 0 (no delay).
+    #
+    # @return [Numeric]
+
+    attr_accessor :response_delay
+
+    # The server's name, sent in a STAT reply.  Defaults to
+    # {Ftpd::FtpServer::DEFAULT_SERVER_NAME}.
+    #
+    # @return [String]
+
+    attr_accessor :server_name
+
+    # The server's version, sent in a STAT reply.
+    #
+    # @return [String]
+
+    attr_accessor :server_version
+
+    # The session timeout.  When a session is awaiting a command, if
+    # one is not received in this many seconds, the session is
+    # disconnected.  If nil, then timeout is disabled.
+    #
+    # @return [Numeric]
+
+    attr_accessor :session_timeout
+
+    # Whether or not to do TLS, and which flavor.
+    #
+    # One of:
+    # * :off
+    # * :explicit
+    # * :implicit
+    #
+    # @return [Symbol]
+
+    attr_accessor :tls
+
+    # The exception handler. When there is an unknown exception,
+    # server replies 451 and calls exception_handler. If nil,
+    # then it's ignored.
+    #
+    # @return [Proc]
+
+    attr_accessor :exception_handler
+
+  end
+
+end

data/lib/ftpd/stream.rb

@@ -0,0 +1,80 @@
+module Ftpd
+
+  class Stream
+
+    CHUNK_SIZE = 1024 * 100 # 100kb
+
+    attr_reader :data_type
+    attr_reader :byte_count
+
+    # @param io [IO] The stream to read from or write to
+    # @param data_type [String] The FTP data type of the stream
+
+    def initialize(io, data_type)
+      @io, @data_type = io, data_type
+      @byte_count = 0
+    end
+
+    # Read and convert a chunk of up to CHUNK_SIZE from the stream
+    # @return [String] if any bytes remain to read from the stream
+    # @return [NilClass] if no bytes remain
+
+    def read
+      chunk = converted_chunk(@io)
+      return unless chunk
+      chunk = nvt_ascii_to_unix(chunk) if data_type == 'A'
+      record_bytes(chunk)
+      chunk
+    end
+
+    # Convert and write a chunk of up to CHUNK_SIZE to the stream from the
+    # provided IO object
+    #
+    # @param io [IO] The data to be written to the stream
+
+    def write(io)
+      while chunk = converted_chunk(io)
+        chunk = unix_to_nvt_ascii(chunk) if data_type == 'A'
+        result = @io.write(chunk)
+        record_bytes(chunk)
+        result
+      end
+    end
+
+    private
+
+    # We never want to break up any \r\n sequences in the file. To avoid
+    # this in an efficient way, we always pull an "extra" character from the
+    # stream and add it to the buffer. If the character is a \r, then we put
+    # it back onto the stream instead of adding it to the buffer.
+
+    def converted_chunk(io)
+      chunk = io.read(CHUNK_SIZE)
+      return unless chunk
+      if data_type == 'A'
+        next_char = io.getc
+        if next_char == "\r"
+          io.ungetc(next_char)
+        elsif next_char
+          chunk += next_char
+        end
+      end
+      chunk
+    end
+
+    def unix_to_nvt_ascii(s)
+      return s if s =~ /\r\n/
+      s.gsub(/\n/, "\r\n")
+    end
+
+    def nvt_ascii_to_unix(s)
+      s.gsub(/\r\n/, "\n")
+    end
+
+    def record_bytes(chunk)
+      @byte_count += chunk.size if chunk
+    end
+
+  end
+
+end

data/lib/ftpd/telnet.rb

@@ -0,0 +1,114 @@
+# -*- ruby encoding: us-ascii -*-
+
+module Ftpd
+
+  # Handle the limited processing of Telnet sequences required by the
+  # FTP RFCs.
+  #
+  # Telnet option processing is quite complex, but we need do only a
+  # simple subset of it, since we can disagree with any request by the
+  # client to turn on an option (RFC-1123 4.1.2.12).  Adhering to
+  # RFC-1143 ("The Q Method of Implementing TELNET Option Negiation"),
+  # and supporting only what's needed to keep all options turned off:
+  #
+  # * Reply to WILL sequence with DONT sequence
+  # * Reply to DO sequence with WONT sequence
+  # * Ignore WONT sequence
+  # * Ignore DONT sequence
+  #
+  # We also handle the "interrupt process" and "data mark" sequences,
+  # which the client sends before the ABORT command, by ignoring them.
+  #
+  # All Telnet sequence start with an IAC, followed by at least one
+  # character.  Here are the sequences we care about:
+  #
+  #     SEQUENCE             CODES
+  #     -----------------    --------------------
+  #     WILL                 IAC WILL option-code
+  #     WONT                 IAC WONT option-code
+  #     DO                   IAC DO option-code
+  #     DONT                 IAC DONT option-code
+  #     escaped 255          IAC IAC
+  #     interrupt process    IAC IP
+  #     data mark            IAC DM
+  #
+  # Any pathalogical sequence (e.g. IAC + \x01), or any sequence we
+  # don't recognize, we pass through.
+
+  class Telnet
+
+    # The command with recognized Telnet sequences removed
+
+    attr_reader :plain
+
+    # Any Telnet sequences to send
+
+    attr_reader :reply
+
+    # Create a new instance with a command that may contain Telnet
+    # sequences.
+    # @param command [String]
+
+    def initialize(command)
+      parse_command command
+    end
+
+    private
+
+    module Codes
+      IAC  = 255.chr    # 0xff
+      DONT = 254.chr    # 0xfe
+      DO   = 253.chr    # 0xfd
+      WONT = 252.chr    # 0xfc
+      WILL = 251.chr    # 0xfb
+      IP   = 244.chr    # 0xf4
+      DM   = 242.chr    # 0xf2
+    end
+    include Codes
+
+    def accept(scanner)
+      @plain << scanner[1]
+    end
+
+    def reply_dont(scanner)
+      @reply << IAC + DONT + scanner[1]
+    end
+
+    def reply_wont(scanner)
+      @reply << IAC + WONT + scanner[1]
+    end
+
+    def ignore(scanner)
+    end
+
+    # Telnet sequences to handle, and how to handle them
+
+    SEQUENCES = [
+      [/#{IAC}(#{IAC})/, :accept],
+      [/#{IAC}#{WILL}(.)/m, :reply_dont],
+      [/#{IAC}#{WONT}(.)/m, :ignore],
+      [/#{IAC}#{DO}(.)/m, :reply_wont],
+      [/#{IAC}#{DONT}(.)/m, :ignore],
+      [/#{IAC}#{IP}/, :ignore],
+      [/#{IAC}#{DM}/, :ignore],
+      [/(.)/m, :accept],
+    ]
+
+    # Parse the the command.  Sets @plain and @reply
+
+    def parse_command(command)
+      @plain = ''
+      @reply = ''
+      scanner = StringScanner.new(command)
+      while !scanner.eos?
+        SEQUENCES.each do |regexp, method|
+          if scanner.scan(regexp)
+            send method, scanner
+            break
+          end
+        end
+      end
+    end
+
+  end
+end