copyparty 1.18.9__py3-none-any.whl → 1.19.0__py3-none-any.whl

copyparty/cfg.py

@@ -111,6 +111,7 @@ def vf_vmap()   :
         "tail_tmax",
         "tail_who",
         "tcolor",
+        "txt_eol",
         "unlist",
         "u2abort",
         "u2ts",
@@ -322,6 +323,7 @@ flagcats = {
         "exp": "enable textfile expansion; see --help-exp",
         "exp_md": "placeholders to expand in markdown files; see --help",
         "exp_lg": "placeholders to expand in prologue/epilogue; see --help",
+        "txt_eol=lf": "enable EOL conversion when writing docs (LF or CRLF)",
     },
     "tailing": {
         "notail": "disable ?tail (download a growing file continuously)",

copyparty/ftpd.py

@@ -79,7 +79,12 @@ class FtpAuth(DummyAuthorizer):
         uname = "*"
         if username != "anonymous":
             uname = ""
-            for zs in (password, username):
+            if args.usernames:
+                alts = ["%s:%s" % (username, password)]
+            else:
+                alts = password, username
+
+            for zs in alts:
                 zs = asrv.iacct.get(asrv.ah.hash(zs), "")
                 if zs:
                     uname = zs
@@ -603,7 +608,7 @@ class Ftpd(object):
         if "::" in ips:
             ips.append("0.0.0.0")
 
-        ips = [x for x in ips if "unix:" not in x]
+        ips = [x for x in ips if not x.startswith(("unix:", "fd:"))]
 
         if self.args.ftp4:
             ips = [x for x in ips if ":" not in x]

copyparty/httpcli.py

@@ -62,6 +62,7 @@ from .util import (
     alltrace,
     atomic_move,
     b64dec,
+    eol_conv,
     exclude_dotfiles,
     formatdate,
     fsenc,
@@ -257,7 +258,8 @@ class HttpCli(object):
 
     def _assert_safe_rem(self, rem )  :
         # sanity check to prevent any disasters
-        if rem.startswith("/") or rem.startswith("../") or "/../" in rem:
+        # (this function hopefully serves no purpose; validation has already happened at this point, this only exists as a last-ditch effort just in case)
+        if rem.startswith(("/", "../")) or "/../" in rem:
             raise Exception("that was close")
 
     def _gen_fk(self, alg , salt , fspath , fsize , inode )  :
@@ -378,9 +380,20 @@ class HttpCli(object):
                 try:
                     cli_ip = zsl[n].strip()
                 except:
-                    cli_ip = zsl[0].strip()
-                    t = "rproxy={} oob x-fwd {}"
-                    self.log(t.format(self.args.rproxy, zso), c=3)
+                    cli_ip = self.ip
+                    self.bad_xff = True
+                    if self.args.rproxy != 9999999:
+                        t = "global-option --rproxy %d could not be used (out-of-bounds) for the received header [%s]"
+                        self.log(t % (self.args.rproxy, zso), c=3)
+                    else:
+                        zsl = [
+                            "  rproxy: %d   if this client's IP-address is [%s]"
+                            % (-1 - zd, zs.strip())
+                            for zd, zs in enumerate(zsl)
+                        ]
+                        t = 'could not determine the client\'s IP-address because the global-option --rproxy has not been configured, so the request-header [%s] specified by global-option --xff-hdr cannot be used safely! Please see the "reverse-proxy" section in the readme. The best approach is to configure your reverse-proxy to give copyparty the exact IP-address to assume (perhaps in another header), but you may also try the following:'
+                        t = t % (self.args.xff_hdr,)
+                        self.log("%s\n\n%s\n" % (t, "\n".join(zsl)), 3)
 
                 pip = self.conn.addr[0]
                 xffs = self.conn.xff_nm
@@ -653,6 +666,9 @@ class HttpCli(object):
                     self.pw = ""
                     self.uname = idp_usr
                     self.html_head += "<script>var is_idp=1</script>\n"
+                    zs = self.asrv.ases.get(idp_usr)
+                    if zs:
+                        self.set_idp_cookie(zs)
                 else:
                     self.log("unknown username: %r" % (idp_usr,), 1)
 
@@ -1191,15 +1207,6 @@ class HttpCli(object):
                     self.reply(b"ssdp is disabled in server config", 404)
                     return False
 
-            if self.vpath.startswith(".cpr/dd/") and self.args.mpmc:
-                if self.args.mpmc == ".":
-                    raise Pebkac(404)
-
-                loc = self.args.mpmc.rstrip("/") + self.vpath[self.vpath.rfind("/") :]
-                h = {"Location": loc, "Cache-Control": "max-age=39"}
-                self.reply(b"", 301, headers=h)
-                return True
-
             if self.vpath == ".cpr/metrics":
                 return self.conn.hsrv.metrics.tx(self)
 
@@ -2075,16 +2082,16 @@ class HttpCli(object):
         rnd, lifetime, xbu, xau = self.upload_flags(vfs)
         lim = vfs.get_dbv(rem)[0].lim
         fdir = vfs.canonical(rem)
-        if lim:
-            fdir, rem = lim.all(
-                self.ip, rem, remains, vfs.realpath, fdir, self.conn.hsrv.broker
-            )
-
         fn = None
         if rem and not self.trailing_slash and not bos.path.isdir(fdir):
             fdir, fn = os.path.split(fdir)
             rem, _ = vsplit(rem)
 
+        if lim:
+            fdir, rem = lim.all(
+                self.ip, rem, remains, vfs.realpath, fdir, self.conn.hsrv.broker
+            )
+
         bos.makedirs(fdir, vf=vfs.flags)
 
         open_ka   = {"fun": open}
@@ -2918,12 +2925,16 @@ class HttpCli(object):
         return True
 
     def handle_chpw(self)  :
+        if self.args.usernames:
+            self.parser.require("uname", 64)
         pwd = self.parser.require("pw", 64)
         self.parser.drop()
 
         ok, msg = self.asrv.chpw(self.conn.hsrv.broker, self.uname, pwd)
         if ok:
             self.cbonk(self.conn.hsrv.gpwc, pwd, "pw", "too many password changes")
+            if self.args.usernames:
+                pwd = "%s:%s" % (self.uname, pwd)
             ok, msg = self.get_pwd_cookie(pwd)
             if ok:
                 msg = "new password OK"
@@ -2935,6 +2946,15 @@ class HttpCli(object):
         return True
 
     def handle_login(self)  :
+        if self.args.usernames and not (
+            self.args.shr and self.vpath.startswith(self.args.shr1)
+        ):
+            try:
+                un = self.parser.require("uname", 64)
+            except:
+                un = ""
+        else:
+            un = ""
         pwd = self.parser.require("cppwd", 64)
         try:
             uhash = self.parser.require("uhash", 256)
@@ -2945,6 +2965,9 @@ class HttpCli(object):
         if not pwd:
             raise Pebkac(422, "password cannot be blank")
 
+        if un:
+            pwd = "%s:%s" % (un, pwd)
+
         dst = self.args.SRS
         if self.vpath:
             dst += quotep(self.vpaths)
@@ -3024,6 +3047,19 @@ class HttpCli(object):
 
         return dur > 0, msg
 
+    def set_idp_cookie(self, ases)  :
+        k = "cppws" if self.is_https else "cppwd"
+        ck = gencookie(
+            k,
+            ases,
+            self.args.R,
+            self.args.cookie_lax,
+            self.is_https,
+            self.args.idp_cookie,
+            "; HttpOnly",
+        )
+        self.out_headers["Set-Cookie"] = ck
+
     def handle_mkdir(self)  :
         new_dir = self.parser.require("name", 512)
         self.parser.drop()
@@ -3559,7 +3595,7 @@ class HttpCli(object):
         rem = "{}/{}".format(rp, fn).strip("/")
         dbv, vrem = vfs.get_dbv(rem)
 
-        if not rem.endswith(".md") and not self.can_delete:
+        if not rem.lower().endswith(".md") and not self.can_delete:
             raise Pebkac(400, "only markdown pls")
 
         if nullwrite:
@@ -3642,6 +3678,9 @@ class HttpCli(object):
         if p_field != "body":
             raise Pebkac(400, "expected body, got {}".format(p_field))
 
+        if "txt_eol" in vfs.flags:
+            p_data = eol_conv(p_data, vfs.flags["txt_eol"])
+
         xbu = vfs.flags.get("xbu")
         if xbu:
             if not runhook(
@@ -4608,7 +4647,9 @@ class HttpCli(object):
         else:
             fn = self.host.split(":")[0]
 
-        if vn.flags.get("zipmax") and (not self.uname or not "zipmaxu" in vn.flags):
+        if vn.flags.get("zipmax") and not (
+            vn.flags.get("zipmaxu") and self.uname != "*"
+        ):
             maxs = vn.flags.get("zipmaxs_v") or 0
             maxn = vn.flags.get("zipmaxn_v") or 0
             nf = 0
@@ -4662,7 +4703,7 @@ class HttpCli(object):
         # for f in fgen: print(repr({k: f[k] for k in ["vp", "ap"]}))
         cfmt = ""
         if self.thumbcli and not self.args.no_bacode:
-            for zs in ("opus", "mp3", "w", "j", "p"):
+            for zs in ("opus", "mp3", "flac", "wav", "w", "j", "p"):
                 if zs in self.ouparam or uarg == zs:
                     cfmt = zs
 
@@ -5001,7 +5042,7 @@ class HttpCli(object):
             wvol = [x for x in wvol if "unlistcw" not in allvols[x[1:-1]].flags]
 
         fmt = self.uparam.get("ls", "")
-        if not fmt and (self.ua.startswith("curl/") or self.ua.startswith("fetch")):
+        if not fmt and self.ua.startswith(("curl/", "fetch")):
             fmt = "v"
 
         if fmt in ["v", "t", "txt"]:
@@ -5041,6 +5082,13 @@ class HttpCli(object):
             self.reply(zb, mime="text/plain; charset=utf-8")
             return True
 
+        re_btn = ""
+        nre = self.args.ctl_re
+        if "re" in self.uparam:
+            self.out_headers["Refresh"] = str(nre)
+        elif nre:
+            re_btn = "&re=%s" % (nre,)
+
         html = self.j2s(
             "splash",
             this=self,
@@ -5058,6 +5106,7 @@ class HttpCli(object):
             mtpq=vs["mtpq"],
             dbwt=vs["dbwt"],
             url_suf=suf,
+            re=re_btn,
             k304=self.k304(),
             no304=self.no304(),
             k304vis=self.args.k304 > 0,
@@ -5103,7 +5152,7 @@ class HttpCli(object):
             t = '<h1 id="n">404 not found &nbsp;┐( ´ -`)┌</h1><p><a id="r" href="{}/?h">go home</a></p>'
             pt = "404 not found  ┐( ´ -`)┌"
 
-        if self.ua.startswith("curl/") or self.ua.startswith("fetch"):
+        if self.ua.startswith(("curl/", "fetch")):
             pt = "# acct: %s\n%s\n" % (self.uname, pt)
             self.reply(pt.encode("utf-8"), status=rc)
             return True
@@ -5417,6 +5466,8 @@ class HttpCli(object):
                 elif nfi == 3:
                     if not vp.endswith(vfi):
                         continue
+                else:
+                    continue
 
                 n -= 1
                 if not n:
@@ -5540,6 +5591,8 @@ class HttpCli(object):
                 elif nfi == 3:
                     if not vp.endswith(vfi):
                         continue
+                else:
+                    continue
 
                 if not dots and "/." in vp:
                     continue
@@ -5970,6 +6023,12 @@ class HttpCli(object):
         else:
             [x.pop(k) for k in ["name", "dt"] for y in [dirs, files] for x in y]
 
+            # nonce (tlnote: norwegian for flake as in snowflake)
+            if self.args.no_fnugg:
+                ls["fnugg"] = "nei"
+            elif "fnugg" in self.headers:
+                ls["fnugg"] = self.headers["fnugg"]
+
             ret = json.dumps(ls)
             mime = "application/json"
 
@@ -6152,7 +6211,8 @@ class HttpCli(object):
                 if not use_filekey:
                     return self.tx_404(True)
 
-            if add_og and not abspath.lower().endswith(".md"):
+            is_md = abspath.lower().endswith(".md")
+            if add_og and not is_md:
                 if og_ua or self.host not in self.headers.get("referer", ""):
                     self.vpath, og_fn = vsplit(self.vpath)
                     vpath = self.vpath
@@ -6164,10 +6224,10 @@ class HttpCli(object):
                     vpnodes.pop()
 
             if (
-                (abspath.endswith(".md") or self.can_delete)
+                (is_md or self.can_delete)
                 and "nohtml" not in vn.flags
                 and (
-                    ("v" in self.uparam and abspath.endswith(".md"))
+                    (is_md and "v" in self.uparam)
                     or "edit" in self.uparam
                     or "edit2" in self.uparam
                 )
@@ -6224,11 +6284,7 @@ class HttpCli(object):
         is_ls = "ls" in self.uparam
         is_js = self.args.force_js or self.cookies.get("js") == "y"
 
-        if (
-            not is_ls
-            and not add_og
-            and (self.ua.startswith("curl/") or self.ua.startswith("fetch"))
-        ):
+        if not is_ls and not add_og and self.ua.startswith(("curl/", "fetch")):
             self.uparam["ls"] = "v"
             is_ls = True
 

copyparty/httpsrv.py

@@ -319,7 +319,8 @@ class HttpSrv(object):
             spins = 0
             while self.ncli >= self.nclimax:
                 if not spins:
-                    self.log(self.name, "at connection limit; waiting", 3)
+                    t = "at connection limit (global-option 'nc'); waiting"
+                    self.log(self.name, t, 3)
 
                 spins += 1
                 time.sleep(0.1)

copyparty/mtag.py

@@ -61,6 +61,8 @@ HAVE_FFPROBE = not os.environ.get("PRTY_NO_FFPROBE") and have_ff("ffprobe")
 CBZ_PICS = set("png jpg jpeg gif bmp tga tif tiff webp avif".split())
 CBZ_01 = re.compile(r"(^|[^0-9v])0+[01]\b")
 
+FMT_AU = set("mp3 ogg flac wav".split())
+
 
 class MParser(object):
     def __init__(self, cmdline )  :
@@ -236,7 +238,7 @@ def parse_ffprobe(txt )      :
     ret   = {}  # processed
     md   = {}  # raw tags
 
-    is_audio = fmt.get("format_name") in ["mp3", "ogg", "flac", "wav"]
+    is_audio = fmt.get("format_name") in FMT_AU
     if fmt.get("filename", "").split(".")[-1].lower() in ["m4a", "aac"]:
         is_audio = True
 
@@ -264,6 +266,8 @@ def parse_ffprobe(txt )      :
                 ["channel_layout", "chs"],
                 ["sample_rate", ".hz"],
                 ["bit_rate", ".aq"],
+                ["bits_per_sample", ".bps"],
+                ["bits_per_raw_sample", ".bprs"],
                 ["duration", ".dur"],
             ]
 

copyparty/multicast.py

@@ -180,11 +180,7 @@ class MCast(object):
                 srv.ips[oth_ip.split("/")[0]] = ipaddress.ip_network(oth_ip, False)
 
             # gvfs breaks if a linklocal ip appears in a dns reply
-            ll = {
-                k: v
-                for k, v in srv.ips.items()
-                if k.startswith("169.254") or k.startswith("fe80")
-            }
+            ll = {k: v for k, v in srv.ips.items() if k.startswith(("169.254", "fe80"))}
             rt = {k: v for k, v in srv.ips.items() if k not in ll}
 
             if self.args.ll or not rt:

copyparty/pwhash.py

@@ -147,6 +147,10 @@ class PWHash(object):
     def cli(self)  :
         import getpass
 
+        if self.args.usernames:
+            t = "since you have enabled --usernames, please provide username:password"
+            print(t)
+
         while True:
             try:
                 p1 = getpass.getpass("password> ")

copyparty/svchub.py

@@ -840,15 +840,6 @@ class SvcHub(object):
 
     def _check_env(self)  :
         al = self.args
-        try:
-            files = os.listdir(E.cfg)
-        except:
-            files = []
-
-        hits = [x for x in files if x.lower().endswith(".conf")]
-        if hits:
-            t = "WARNING: found config files in [%s]: %s\n  config files are not expected here, and will NOT be loaded (unless your setup is intentionally hella funky)"
-            self.log("root", t % (E.cfg, ", ".join(hits)), 3)
 
         if self.args.no_bauth:
             t = "WARNING: --no-bauth disables support for the Android app; you may want to use --bauth-last instead"
@@ -858,7 +849,7 @@ class SvcHub(object):
 
         have_tcp = False
         for zs in al.i:
-            if not zs.startswith("unix:"):
+            if not zs.startswith(("unix:", "fd:")):
                 have_tcp = True
         if not have_tcp:
             zb = False
@@ -868,7 +859,7 @@ class SvcHub(object):
                     setattr(al, zs, False)
                     zb = True
             if zb:
-                t = "only listening on unix-sockets; cannot enable zeroconf/mdns/ssdp as requested"
+                t = "not listening on any ip-addresses (only unix-sockets and/or FDs); cannot enable zeroconf/mdns/ssdp as requested"
                 self.log("root", t, 3)
 
         if not self.args.no_dav:

copyparty/tcpsrv.py

@@ -242,8 +242,10 @@ class TcpSrv(object):
 
     def _listen(self, ip , port )  :
         uds_perm = uds_gid = -1
+        bound  = None
+        tcp = False
+
         if "unix:" in ip:
-            tcp = False
             ipv = socket.AF_UNIX
             uds = ip.split(":")
             ip = uds[-1]
@@ -256,7 +258,12 @@ class TcpSrv(object):
                     import grp
 
                     uds_gid = grp.getgrnam(uds[2]).gr_gid
+        elif "fd:" in ip:
+            fd = ip[3:]
+            bound = socket.socket(fileno=int(fd))
 
+            tcp = bound.proto == socket.IPPROTO_TCP
+            ipv = bound.family
         elif ":" in ip:
             tcp = True
             ipv = socket.AF_INET6
@@ -264,7 +271,7 @@ class TcpSrv(object):
             tcp = True
             ipv = socket.AF_INET
 
-        srv = socket.socket(ipv, socket.SOCK_STREAM)
+        srv = bound or socket.socket(ipv, socket.SOCK_STREAM)
 
         if not ANYWIN or self.args.reuseaddr:
             srv.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
@@ -282,6 +289,10 @@ class TcpSrv(object):
         if getattr(self.args, "freebind", False):
             srv.setsockopt(socket.SOL_IP, socket.IP_FREEBIND, 1)
 
+        if bound:
+            self.srv.append(srv)
+            return
+
         try:
             if tcp:
                 srv.bind((ip, port))
@@ -434,7 +445,7 @@ class TcpSrv(object):
     def detect_interfaces(self, listen_ips )   :
         from .stolen.ifaddr import get_adapters
 
-        listen_ips = [x for x in listen_ips if "unix:" not in x]
+        listen_ips = [x for x in listen_ips if not x.startswith(("unix:", "fd:"))]
 
         nics = get_adapters(True)
         eps   = {}
@@ -580,8 +591,7 @@ class TcpSrv(object):
         if not ip:
             return ""
 
-        if ":" in ip:
-            ip = "[{}]".format(ip)
+        hip = "[%s]" % (ip,) if ":" in ip else ip
 
         if self.args.http_only:
             https = ""
@@ -593,7 +603,7 @@ class TcpSrv(object):
         ports = t1.get(ip, t2.get(ip, []))
         dport = 443 if https else 80
         port = "" if dport in ports or not ports else ":{}".format(ports[0])
-        txt = "http{}://{}{}/{}".format(https, ip, port, self.args.qrl)
+        txt = "http{}://{}{}/{}".format(https, hip, port, self.args.qrl)
 
         btxt = txt.encode("utf-8")
         if PY2:

copyparty/tftpd.py

@@ -176,7 +176,7 @@ class Tftpd(object):
         if "::" in ips:
             ips.append("0.0.0.0")
 
-        ips = [x for x in ips if "unix:" not in x]
+        ips = [x for x in ips if not x.startswith(("unix:", "fd:"))]
 
         if self.args.tftp4:
             ips = [x for x in ips if ":" not in x]

copyparty/th_cli.py

@@ -85,7 +85,7 @@ class ThumbCli(object):
         if rem.startswith(".hist/th/") and rem.split(".")[-1] in ["webp", "jpg", "png"]:
             return os.path.join(ptop, rem)
 
-        if fmt[:1] in "jw":
+        if fmt[:1] in "jw" and fmt != "wav":
             sfmt = fmt[:1]
 
             if sfmt == "j" and self.args.th_no_jpg:
@@ -126,7 +126,7 @@ class ThumbCli(object):
 
         tpath = thumb_path(histpath, rem, mtime, fmt, self.fmt_ffa)
         tpaths = [tpath]
-        if fmt[:1] == "w":
+        if fmt[:1] == "w" and fmt != "wav":
             # also check for jpg (maybe webp is unavailable)
             tpaths.append(tpath.rsplit(".", 1)[0] + ".jpg")
 

copyparty/th_srv.py

@@ -47,7 +47,7 @@ HAVE_AVIF = False
 HAVE_WEBP = False
 
 EXTS_TH = set(["jpg", "webp", "png"])
-EXTS_AC = set(["opus", "owa", "caf", "mp3"])
+EXTS_AC = set(["opus", "owa", "caf", "mp3", "flac", "wav"])
 EXTS_SPEC_SAFE = set("aif aiff flac mp3 opus wav".split())
 
 PTN_TS = re.compile("^-?[0-9a-f]{8,10}$")
@@ -352,8 +352,10 @@ class ThumbSrv(object):
                 tex = tpath.rsplit(".", 1)[-1]
                 want_mp3 = tex == "mp3"
                 want_opus = tex in ("opus", "owa", "caf")
+                want_flac = tex == "flac"
+                want_wav = tex == "wav"
                 want_png = tex == "png"
-                want_au = want_mp3 or want_opus
+                want_au = want_mp3 or want_opus or want_flac or want_wav
                 for lib in self.args.th_dec:
                     can_au = lib == "ff" and (
                         ext in self.fmt_ffa or ext in self.fmt_ffv
@@ -368,6 +370,10 @@ class ThumbSrv(object):
                             funs.append(self.conv_opus)
                         elif want_mp3:
                             funs.append(self.conv_mp3)
+                        elif want_flac:
+                            funs.append(self.conv_flac)
+                        elif want_wav:
+                            funs.append(self.conv_wav)
                         elif want_png:
                             funs.append(self.conv_waves)
                             png_ok = True
@@ -803,6 +809,66 @@ class ThumbSrv(object):
         # fmt: on
         self._run_ff(cmd, vn, oom=300)
 
+    def conv_flac(self, abspath , tpath , fmt , vn )  :
+        if self.args.no_acode or not self.args.allow_flac:
+            raise Exception("flac not permitted in server config")
+
+        self.wait4ram(0.2, tpath)
+        tags, rawtags = ffprobe(abspath, int(vn.flags["convt"] / 2))
+        if "ac" not in tags:
+            raise Exception("not audio")
+
+        self.log("conv2 flac", 6)
+
+        # fmt: off
+        cmd = [
+            b"ffmpeg",
+            b"-nostdin",
+            b"-v", b"error",
+            b"-hide_banner",
+            b"-i", fsenc(abspath),
+            b"-map", b"0:a:0",
+            b"-c:a", b"flac",
+            fsenc(tpath)
+        ]
+        # fmt: on
+        self._run_ff(cmd, vn, oom=300)
+
+    def conv_wav(self, abspath , tpath , fmt , vn )  :
+        if self.args.no_acode or not self.args.allow_wav:
+            raise Exception("wav not permitted in server config")
+
+        self.wait4ram(0.2, tpath)
+        tags, rawtags = ffprobe(abspath, int(vn.flags["convt"] / 2))
+        if "ac" not in tags:
+            raise Exception("not audio")
+
+        bits = tags[".bps"][1]
+        if bits == 0.0:
+            bits = tags[".bprs"][1]
+
+        codec = b"pcm_s32le"
+        if bits <= 16.0:
+            codec = b"pcm_s16le"
+        elif bits <= 24.0:
+            codec = b"pcm_s24le"
+
+        self.log("conv2 wav", 6)
+
+        # fmt: off
+        cmd = [
+            b"ffmpeg",
+            b"-nostdin",
+            b"-v", b"error",
+            b"-hide_banner",
+            b"-i", fsenc(abspath),
+            b"-map", b"0:a:0",
+            b"-c:a", codec,
+            fsenc(tpath)
+        ]
+        # fmt: on
+        self._run_ff(cmd, vn, oom=300)
+
     def conv_opus(self, abspath , tpath , fmt , vn )  :
         if self.args.no_acode or not self.args.q_opus:
             raise Exception("disabled in server config")