copyparty 1.19.4__py3-none-any.whl → 1.19.6__py3-none-any.whl

copyparty/__main__.py

@@ -190,35 +190,41 @@ def init_E(EE )  :
             (unicode, "/tmp"),
         ]
         errs = []
-        for chk in [os.listdir, os.mkdir]:
-            for npath, (pf, pa) in enumerate(paths):
-                p = ""
-                try:
-                    p = pf(pa)
-                    # print(chk.__name__, p, pa)
-                    if not p or p.startswith("~"):
-                        continue
-
-                    p = os.path.normpath(p)
-                    chk(p)  # type: ignore
-                    p = os.path.join(p, "copyparty")
-                    if not os.path.isdir(p):
-                        os.mkdir(p)
-
-                    if npath > 1:
-                        t = "Using [%s] for config; filekeys/dirkeys will change on every restart. Consider setting XDG_CONFIG_HOME or giving the unix-user a ~/.config/"
-                        errs.append(t % (p,))
-                    elif errs:
-                        errs.append("Using [%s] instead" % (p,))
-
-                    if errs:
-                        warn(". ".join(errs))
-
-                    return p  # type: ignore
-                except Exception as ex:
-                    if p and npath < 2:
-                        t = "Unable to store config in [%s] due to %r"
-                        errs.append(t % (p, ex))
+        for npath, (pf, pa) in enumerate(paths):
+            p = ""
+            try:
+                p = pf(pa)
+                if not p or p.startswith("~"):
+                    continue
+
+                p = os.path.normpath(p)
+                if os.path.isdir(p) and os.listdir(p):
+                    mkdir = False
+                else:
+                    mkdir = True
+                    os.mkdir(p)
+
+                p = os.path.join(p, "copyparty")
+                if not os.path.isdir(p):
+                    os.mkdir(p)
+
+                if npath > 1:
+                    t = "Using %s/copyparty [%s] for config; filekeys/dirkeys will change on every restart. Consider setting XDG_CONFIG_HOME or giving the unix-user a ~/.config/"
+                    errs.append(t % (pa, p))
+                elif mkdir:
+                    t = "Using %s/copyparty [%s] for config%s (Warning: %s did not exist and was created just now)"
+                    errs.append(t % (pa, p, " instead" if npath else "", pa))
+                elif errs:
+                    errs.append("Using %s/copyparty [%s] instead" % (pa, p))
+
+                if errs:
+                    warn(". ".join(errs))
+
+                return p  # type: ignore
+            except Exception as ex:
+                if p and npath < 2:
+                    t = "Unable to store config in %s [%s] due to %r"
+                    errs.append(t % (pa, p, ex))
 
         raise Exception("could not find a writable path for config")
 
@@ -662,6 +668,42 @@ def get_sects():
             """
             ),
         ],
+        [
+            "auth-ord",
+            "authentication precedence",
+            dedent(
+                """
+            \033[33m--auth-ord\033[0m is a comma-separated list of auth options
+            (one or more of the [\033[35moptions\033[0m] below); first one wins
+
+            [\033[35mpw\033[0m] is conventional login, for example the "\033[36mPW\033[0m" header,
+              or the \033[36m?pw=\033[0m[...] URL-suffix, or a valid session cookie
+              (see \033[33m--help-auth\033[0m)
+
+            [\033[35midp\033[0m] is a username provided in the http-request-header
+              defined by \033[33m--idp-h-usr\033[0m and/or \033[33m--idp-hm-usr\033[0m, which is
+              provided by an authentication middleware such as
+              authentik, authelia, tailscale, ... (see \033[33m--help-idp\033[0m)
+
+            [\033[35midp-h\033[0m] is specifically an \033[33m--idp-h-usr\033[0m header,
+            [\033[35midp-hm\033[0m] is specifically an \033[33m--idp-hm-usr\033[0m header;
+            [\033[35midp\033[0m] is the same as [\033[35midp-hm,idp-h\033[0m]
+
+            [\033[35mipu\033[0m] is a mapping from an IP-address to a username,
+              auto-authing that client-IP to that account
+              (see the description of \033[36m--ipu\033[0m in \033[33m--help\033[0m)
+
+            NOTE: even if an option (\033[35mpw\033[0m/\033[35mipu\033[0m/...) is not in the list,
+              it may still be enabled and can still take effect if
+              none of the other alternatives identify the user
+
+            NOTE: if [\033[35mipu\033[0m] is in the list, it must be FIRST or LAST
+
+            NOTE: if [\033[35mpw\033[0m] is not in the list, the logout-button
+              will be hidden when any idp feature is enabled
+            """
+            ),
+        ],
         [
             "flags",
             "list of volflags",
@@ -767,7 +809,7 @@ def get_sects():
              \033[36mc0\033[35m show all process output (default)
              \033[36mc1\033[35m show only stderr
              \033[36mc2\033[35m show only stdout
-             \033[36mc3\033[35m mute all process otput
+             \033[36mc3\033[35m mute all process output
             \033[0m
             examples:
 
@@ -1106,6 +1148,10 @@ def add_qr(ap, tty):
     ap2.add_argument("--qrp", metavar="CELLS", type=int, default=4, help="padding (spec says 4 or more, but 1 is usually fine)")
     ap2.add_argument("--qrz", metavar="N", type=int, default=0, help="[\033[32m1\033[0m]=1x, [\033[32m2\033[0m]=2x, [\033[32m0\033[0m]=auto (try [\033[32m2\033[0m] on broken fonts)")
     ap2.add_argument("--qr-pin", metavar="N", type=int, default=0, help="sticky/pin the qr-code to always stay on-screen; [\033[32m0\033[0m]=disabled, [\033[32m1\033[0m]=with-url, [\033[32m2\033[0m]=just-qr")
+    ap2.add_argument("--qr-wait", metavar="SEC", type=float, default=0, help="wait \033[33mSEC\033[0m before printing the qr-code to the log")
+    ap2.add_argument("--qr-every", metavar="SEC", type=float, default=0, help="print the qr-code every \033[33mSEC\033[0m (try this with/without --qr-pin in case of issues)")
+    ap2.add_argument("--qr-winch", metavar="SEC", type=float, default=0, help="when --qr-pin is enabled, check for terminal size change every \033[33mSEC\033[0m")
+    ap2.add_argument("--qr-file", metavar="TXT", type=u, action="append", help="\033[34mREPEATABLE:\033[0m write qr-code to file.\n └─To create txt or svg, \033[33mTXT\033[0m is Filepath:Zoom:Pad, for example [\033[32mqr.txt:1:2\033[0m]\n └─To create png or gif, \033[33mTXT\033[0m is Filepath:Zoom:Pad:Foreground:Background, for example [\033[32mqr.png:8:2:333333:ffcc55\033[0m], or [\033[32mqr.png:8:2::ffcc55\033[0m] for transparent")
 
 
 def add_fs(ap):
@@ -1230,7 +1276,7 @@ def add_auth(ap):
     ses_db = os.path.join(E.cfg, "sessions.db")
     ap2 = ap.add_argument_group("IdP / identity provider / user authentication options")
     ap2.add_argument("--idp-h-usr", metavar="HN", type=u, action="append", help="\033[34mREPEATABLE:\033[0m bypass the copyparty authentication checks if the request-header \033[33mHN\033[0m contains a username to associate the request with (for use with authentik/oauth/...)\n\033[1;31mWARNING:\033[0m if you enable this, make sure clients are unable to specify this header themselves; must be washed away and replaced by a reverse-proxy")
-    ap2.add_argument("--idp-hm-usr", metavar="TXT", type=u, action="append", help="\033[34mREPEATABLE:\033[0m bypass the copyparty authentication checks if the request-header \033[33mHN\033[0m is provided, and its value exists in a mapping defined by this option; see --help-idp")
+    ap2.add_argument("--idp-hm-usr", metavar="T", type=u, action="append", help="\033[34mREPEATABLE:\033[0m bypass the copyparty authentication checks if the request-header \033[33mT\033[0m is provided, and its value exists in a mapping defined by this option; see --help-idp")
     ap2.add_argument("--idp-h-grp", metavar="HN", type=u, default="", help="assume the request-header \033[33mHN\033[0m contains the groupname of the requesting user; can be referenced in config files for group-based access control")
     ap2.add_argument("--idp-h-key", metavar="HN", type=u, default="", help="optional but recommended safeguard; your reverse-proxy will insert a secret header named \033[33mHN\033[0m into all requests, and the other IdP headers will be ignored if this header is not present")
     ap2.add_argument("--idp-gsep", metavar="RE", type=u, default="|:;+,", help="if there are multiple groups in \033[33m--idp-h-grp\033[0m, they are separated by one of the characters in \033[33mRE\033[0m")
@@ -1238,6 +1284,7 @@ def add_auth(ap):
     ap2.add_argument("--idp-store", metavar="N", type=int, default=1, help="how to use \033[33m--idp-db\033[0m; [\033[32m0\033[0m] = entirely disable, [\033[32m1\033[0m] = write-only (effectively disabled), [\033[32m2\033[0m] = remember users, [\033[32m3\033[0m] = remember users and groups.\nNOTE: Will remember and restore the IdP-volumes of all users for all eternity if set to 2 or 3, even when user is deleted from your IdP")
     ap2.add_argument("--idp-adm", metavar="U,U", type=u, default="", help="comma-separated list of users allowed to use /?idp (the cache management UI)")
     ap2.add_argument("--idp-cookie", metavar="S", type=int, default=0, help="generate a session-token for IdP users which is written to cookie \033[33mcppws\033[0m (or \033[33mcppwd\033[0m if plaintext), to reduce the load on the IdP server, lifetime \033[33mS\033[0m seconds.\n └─note: The expiration time is a client hint only; the actual lifetime of the session-token is infinite (until next restart with \033[33m--ses-db\033[0m wiped)")
+    ap2.add_argument("--auth-ord", metavar="TXT", type=u, default="idp,ipu", help="controls auth precedence; examples: [\033[32mpw,idp,ipu\033[0m], [\033[32mipu,pw,idp\033[0m], see --help-auth-ord")
     ap2.add_argument("--no-bauth", action="store_true", help="disable basic-authentication support; do not accept passwords from the 'Authenticate' header at all. NOTE: This breaks support for the android app")
     ap2.add_argument("--bauth-last", action="store_true", help="keeps basic-authentication enabled, but only as a last-resort; if a cookie is also provided then the cookie wins")
     ap2.add_argument("--ses-db", metavar="PATH", type=u, default=ses_db, help="where to store the sessions database (if you run multiple copyparty instances, make sure they use different DBs)")
@@ -1248,6 +1295,10 @@ def add_auth(ap):
     ap2.add_argument("--ipr", metavar="CIDR=USR", type=u, action="append", help="\033[34mREPEATABLE:\033[0m username \033[33mUSR\033[0m can only connect from an IP matching one or more \033[33mCIDR\033[0m (comma-sep.); example: [\033[32m192.168.123.0/24,172.16.0.0/16=dave]")
     ap2.add_argument("--have-idp-hdrs", type=u, default="", help=argparse.SUPPRESS)
     ap2.add_argument("--have-ipu-or-ipr", type=u, default="", help=argparse.SUPPRESS)
+    ap2.add_argument("--ao-idp-before-pw", type=u, default="", help=argparse.SUPPRESS)
+    ap2.add_argument("--ao-h-before-hm", type=u, default="", help=argparse.SUPPRESS)
+    ap2.add_argument("--ao-ipu-wins", type=u, default="", help=argparse.SUPPRESS)
+    ap2.add_argument("--ao-has-pw", type=u, default="", help=argparse.SUPPRESS)
 
 
 def add_chpw(ap):
@@ -1487,6 +1538,7 @@ def add_logging(ap):
     ap2.add_argument("--log-utc", action="store_true", help="do not use local timezone; assume the TZ env-var is UTC (tiny bit faster)")
     ap2.add_argument("--log-tdec", metavar="N", type=int, default=3, help="timestamp resolution / number of timestamp decimals")
     ap2.add_argument("--log-badpwd", metavar="N", type=int, default=2, help="log failed login attempt passwords: 0=terse, 1=plaintext, 2=hashed")
+    ap2.add_argument("--log-badxml", action="store_true", help="log any invalid XML received from a client")
     ap2.add_argument("--log-conn", action="store_true", help="debug: print tcp-server msgs")
     ap2.add_argument("--log-htp", action="store_true", help="debug: print http-server threadpool scaling")
     ap2.add_argument("--ihead", metavar="HEADER", type=u, action='append', help="print request \033[33mHEADER\033[0m; [\033[32m*\033[0m]=all")
@@ -1624,6 +1676,7 @@ def add_db_metadata(ap):
 
 def add_txt(ap):
     ap2 = ap.add_argument_group("textfile options")
+    ap2.add_argument("--md-no-br", action="store_true", help="markdown: disable newline-is-newline; will only render a newline into the html given two trailing spaces or a double-newline (volflag=md_no_br)")
     ap2.add_argument("--md-hist", metavar="TXT", type=u, default="s", help="where to store old version of markdown files; [\033[32ms\033[0m]=subfolder, [\033[32mv\033[0m]=volume-histpath, [\033[32mn\033[0m]=nope/disabled (volflag=md_hist)")
     ap2.add_argument("--txt-eol", metavar="TYPE", type=u, default="", help="enable EOL conversion when writing documents; supported: CRLF, LF (volflag=txt_eol)")
     ap2.add_argument("-mcr", metavar="SEC", type=int, default=60, help="the textfile editor will check for serverside changes every \033[33mSEC\033[0m seconds")
@@ -1957,7 +2010,7 @@ def main(argv  = None)  :
     if not HAVE_IPV6 and al.i == "::":
         al.i = "0.0.0.0"
 
-    al.i = al.i.split(",")
+    al.i = [x.strip() for x in al.i.split(",")]
     try:
         if "-" in al.p:
             lo, hi = [int(x) for x in al.p.split("-")]

copyparty/__version__.py

@@ -1,8 +1,8 @@
 # coding: utf-8
 
-VERSION = (1, 19, 4)
+VERSION = (1, 19, 6)
 CODENAME = "usernames"
-BUILD_DT = (2025, 8, 17)
+BUILD_DT = (2025, 8, 27)
 
 S_VERSION = ".".join(map(str, VERSION))
 S_BUILD_DT = "{0:04d}-{1:02d}-{2:02d}".format(*BUILD_DT)

copyparty/authsrv.py

@@ -1320,6 +1320,10 @@ class AuthSrv(object):
                 zt = split_cfg_ln(ln)
                 for zs, za in zt.items():
                     zs = zs.lstrip("-")
+                    if "=" in zs:
+                        t = "WARNING: found an option named [%s] in your [global] config; did you mean to say [%s: %s] instead?"
+                        zs1, zs2 = zs.split("=", 1)
+                        self.log(t % (zs, zs1, zs2), 3)
                     if za is True:
                         self._e("└─argument [{}]".format(zs))
                     else:
@@ -1329,6 +1333,10 @@ class AuthSrv(object):
             if cat == cata:
                 try:
                     u, p = [zs.strip() for zs in ln.split(":", 1)]
+                    if "=" in u and not p:
+                        t = "WARNING: found username [%s] in your [accounts] config; did you mean to say [%s: %s] instead?"
+                        zs1, zs2 = u.split("=", 1)
+                        self.log(t % (u, zs1, zs2), 3)
                     self._l(ln, 5, "account [{}], password [{}]".format(u, p))
                     acct[u] = p
                 except:
@@ -1399,6 +1407,10 @@ class AuthSrv(object):
                     zd = split_cfg_ln(ln)
                     fstr = ""
                     for sk, sv in zd.items():
+                        if "=" in sk:
+                            t = "WARNING: found a volflag named [%s] in your config; did you mean to say [%s: %s] instead?"
+                            zs1, zs2 = sk.split("=", 1)
+                            self.log(t % (sk, zs1, zs2), 3)
                         bad = re.sub(r"[a-z0-9_-]", "", sk).lstrip("-")
                         if bad:
                             err = "bad characters [{}] in volflag name [{}]; "
@@ -1639,6 +1651,7 @@ class AuthSrv(object):
                     # accept both , and : as separators between usernames
                     zs1, zs2 = x.replace("=", ":").split(":", 1)
                     grps[zs1] = zs2.replace(":", ",").split(",")
+                    grps[zs1] = [x.strip() for x in grps[zs1]]
                 except:
                     t = '\n  invalid value "{}" for argument --grp, must be groupname:username1,username2,...'
                     raise Exception(t.format(x))
@@ -1692,6 +1705,7 @@ class AuthSrv(object):
 
         self.args.have_idp_hdrs = bool(self.args.idp_h_usr or self.args.idp_hm_usr)
         self.args.have_ipu_or_ipr = bool(self.args.ipu or self.args.ipr)
+        self.setup_auth_ord()
 
         self.setup_pwhash(acct)
         defpw = acct.copy()
@@ -2790,7 +2804,8 @@ class AuthSrv(object):
                 "have_mv": not self.args.no_mv,
                 "have_del": not self.args.no_del,
                 "have_unpost": int(self.args.unpost),
-                "have_emp": self.args.emp,
+                "have_emp": int(self.args.emp),
+                "md_no_br": int(vf.get("md_no_br") or 0),
                 "ext_th": vf.get("ext_th_d") or {},
                 "sb_md": "" if "no_sb_md" in vf else (vf.get("md_sbf") or "y"),
                 "sba_md": vf.get("md_sba") or "",
@@ -2840,6 +2855,18 @@ class AuthSrv(object):
             zs = str(vol.flags.get("tcolor") or self.args.tcolor)
             vol.flags["tcolor"] = zs.lstrip("#")
 
+    def setup_auth_ord(self)  :
+        ao = [x.strip() for x in self.args.auth_ord.split(",")]
+        if "idp" in ao:
+            zi = ao.index("idp")
+            ao = ao[:zi] + ["idp-hm", "idp-h"] + ao[zi:]
+        zsl = "pw idp-h idp-hm ipu".split()
+        pw, h, hm, ipu = [ao.index(x) if x in ao else 99 for x in zsl]
+        self.args.ao_idp_before_pw = min(h, hm) < pw
+        self.args.ao_h_before_hm = h < hm
+        self.args.ao_ipu_wins = ipu == 0
+        self.args.ao_have_pw = pw < 99
+
     def load_idp_db(self, quiet=False)  :
         # mutex me
         level = self.args.idp_store

copyparty/broker_util.py

@@ -2,7 +2,6 @@
 from __future__ import print_function, unicode_literals
 
 import argparse
-import traceback
 
 from queue import Queue
 

copyparty/cert.py

@@ -126,6 +126,7 @@ def _gen_srv(log , args, netdevs  ):
     nlog  = lambda msg, c=0: log("cert-gen-srv", msg, c)
 
     names = args.crt_ns.split(",") if args.crt_ns else []
+    names = [x.strip() for x in names]
     if not args.crt_exact:
         for n in names[:]:
             names.append("*.{}".format(n))

copyparty/cfg.py

@@ -44,6 +44,7 @@ def vf_bmap()   :
         "gsel",
         "hardlink",
         "magic",
+        "md_no_br",
         "no_db_ip",
         "no_sb_md",
         "no_sb_lg",
@@ -324,6 +325,7 @@ flagcats = {
         "og_ua": "if defined: only send OG html if useragent matches this regex",
     },
     "textfiles": {
+        "md_no_br": "newline only on double-newline or two tailing spaces",
         "md_hist": "where to put markdown backups; s=subfolder, v=volHist, n=nope",
         "exp": "enable textfile expansion; see --help-exp",
         "exp_md": "placeholders to expand in markdown files; see --help",

copyparty/ftpd.py

@@ -64,13 +64,13 @@ class FtpAuth(DummyAuthorizer):
         if ip.startswith("::ffff:"):
             ip = ip[7:]
 
-        ip = ipnorm(ip)
+        ipn = ipnorm(ip)
         bans = self.hub.bans
-        if ip in bans:
-            rt = bans[ip] - time.time()
+        if ipn in bans:
+            rt = bans[ipn] - time.time()
             if rt < 0:
                 logging.info("client unbanned")
-                del bans[ip]
+                del bans[ipn]
             else:
                 raise AuthenticationFailed("banned")
 
@@ -382,7 +382,7 @@ class FtpFs(AbstractedFS):
         svp = join(self.cwd, src).lstrip("/")
         dvp = join(self.cwd, dst).lstrip("/")
         try:
-            self.hub.up2k.handle_mv(self.uname, self.h.cli_ip, svp, dvp)
+            self.hub.up2k.handle_mv("", self.uname, self.h.cli_ip, svp, dvp)
         except Exception as ex:
             raise FSE(str(ex))
 

copyparty/httpcli.py

@@ -12,7 +12,6 @@ import random
 import re
 import socket
 import stat
-import string
 import sys
 import threading  # typechk
 import time
@@ -31,7 +30,7 @@ try:
 except:
     pass
 
-from .__init__ import ANYWIN, PY2, RES, TYPE_CHECKING, EnvParams, unicode
+from .__init__ import ANYWIN, RES, TYPE_CHECKING, EnvParams, unicode
 from .__version__ import S_VERSION
 from .authsrv import LEELOO_DALLAS, VFS  # typechk
 from .bos import bos
@@ -66,6 +65,7 @@ from .util import (
     exclude_dotfiles,
     formatdate,
     fsenc,
+    gen_content_disposition,
     gen_filekey,
     gen_filekey_dbg,
     gencookie,
@@ -389,10 +389,10 @@ class HttpCli(object):
                         zsl = [
                             "  rproxy: %d   if this client's IP-address is [%s]"
                             % (-1 - zd, zs.strip())
-                            for zd, zs in enumerate(zsl)
+                            for zd, zs in enumerate(zsl[::-1])
                         ]
-                        t = 'could not determine the client\'s IP-address because the global-option --rproxy has not been configured, so the request-header [%s] specified by global-option --xff-hdr cannot be used safely! Please see the "reverse-proxy" section in the readme. The best approach is to configure your reverse-proxy to give copyparty the exact IP-address to assume (perhaps in another header), but you may also try the following:'
-                        t = t % (self.args.xff_hdr,)
+                        t = 'could not determine the client\'s IP-address because the global-option --rproxy has not been configured, so the request-header [%s] specified by global-option --xff-hdr cannot be used safely! The raw header value was [%s]. Please see the "reverse-proxy" section in the readme. The best approach is to configure your reverse-proxy to give copyparty the exact IP-address to assume (perhaps in another header), but you may also try the following:'
+                        t = t % (self.args.xff_hdr, zso)
                         self.log("%s\n\n%s\n" % (t, "\n".join(zsl)), 3)
 
                 pip = self.conn.addr[0]
@@ -619,7 +619,9 @@ class HttpCli(object):
             or "*"
         )
 
-        if self.args.have_idp_hdrs:
+        if self.args.have_idp_hdrs and (
+            self.uname == "*" or self.args.ao_idp_before_pw
+        ):
             idp_usr = ""
             if self.args.idp_hm_usr:
                 for hn, hmv in self.args.idp_hm_usr_p.items():
@@ -632,9 +634,9 @@ class HttpCli(object):
                     if idp_usr:
                         break
             for hn in self.args.idp_h_usr:
-                if idp_usr:
+                if idp_usr and not self.args.ao_h_before_hm:
                     break
-                idp_usr = self.headers.get(hn)
+                idp_usr = self.headers.get(hn) or idp_usr
             if idp_usr:
                 idp_grp = (
                     self.headers.get(self.args.idp_h_grp) or ""
@@ -683,7 +685,10 @@ class HttpCli(object):
                 if idp_usr in self.asrv.vfs.aread:
                     self.pw = ""
                     self.uname = idp_usr
-                    self.html_head += "<script>var is_idp=1</script>\n"
+                    if self.args.ao_have_pw:
+                        self.html_head += "<script>var is_idp=1</script>\n"
+                    else:
+                        self.html_head += "<script>var is_idp=2</script>\n"
                     zs = self.asrv.ases.get(idp_usr)
                     if zs:
                         self.set_idp_cookie(zs)
@@ -691,7 +696,7 @@ class HttpCli(object):
                     self.log("unknown username: %r" % (idp_usr,), 1)
 
         if self.args.have_ipu_or_ipr:
-            if self.args.ipu and self.uname == "*":
+            if self.args.ipu and (self.uname == "*" or self.args.ao_ipu_wins):
                 self.uname = self.conn.ipu_iu[self.conn.ipu_nm.map(self.ip)]
             ipr = self.conn.hsrv.ipr
             if ipr and self.uname in ipr:
@@ -809,6 +814,15 @@ class HttpCli(object):
                         6 if em.startswith("client d/c ") else 3,
                     )
 
+                if self.hint and self.hint.startswith("<xml> "):
+                    if self.args.log_badxml:
+                        t = "invalid XML received from client: %r"
+                        self.log(t % (self.hint[6:],), 6)
+                    else:
+                        t = "received invalid XML from client; enable --log-badxml to see the whole XML in the log"
+                        self.log(t, 6)
+                    self.hint = ""
+
                 msg = "%s\r\nURL: %s\r\n" % (em, self.vpath)
                 if self.hint:
                     msg += "hint: %s\r\n" % (self.hint,)
@@ -1525,7 +1539,9 @@ class HttpCli(object):
                 if not rbuf or len(buf) >= 32768:
                     break
 
-            xroot = parse_xml(buf.decode(enc, "replace"))
+            sbuf = buf.decode(enc, "replace")
+            self.hint = "<xml> " + sbuf
+            xroot = parse_xml(sbuf)
             xtag = next((x for x in xroot if x.tag.split("}")[-1] == "prop"), None)
             if xtag is not None:
                 props = set([y.tag.split("}")[-1] for y in xtag])
@@ -1731,6 +1747,7 @@ class HttpCli(object):
         uenc = enc.upper()
 
         txt = buf.decode(enc, "replace")
+        self.hint = "<xml> " + txt
         ET.register_namespace("D", "DAV:")
         xroot = mkenod("D:orz")
         xroot.insert(0, parse_xml(txt))
@@ -1788,6 +1805,7 @@ class HttpCli(object):
         uenc = enc.upper()
 
         txt = buf.decode(enc, "replace")
+        self.hint = "<xml> " + txt
         ET.register_namespace("D", "DAV:")
         lk = parse_xml(txt)
         assert lk.tag == "{DAV:}lockinfo"
@@ -3995,6 +4013,13 @@ class HttpCli(object):
         if not editions:
             return self.tx_404()
 
+        #
+        # force download
+
+        if "dl" in self.ouparam:
+            cdis = gen_content_disposition(os.path.basename(req_path))
+            self.out_headers["Content-Disposition"] = cdis
+
         #
         # if-modified
 
@@ -4162,6 +4187,13 @@ class HttpCli(object):
         if not editions:
             return self.tx_404()
 
+        #
+        # force download
+
+        if "dl" in self.ouparam:
+            cdis = gen_content_disposition(os.path.basename(req_path))
+            self.out_headers["Content-Disposition"] = cdis
+
         #
         # if-modified
 
@@ -4707,24 +4739,7 @@ class HttpCli(object):
                     if maxn < nf:
                         raise Pebkac(400, t)
 
-        safe = (string.ascii_letters + string.digits).replace("%", "")
-        afn = "".join([x if x in safe.replace('"', "") else "_" for x in fn])
-        bascii = unicode(safe).encode("utf-8")
-        zb = fn.encode("utf-8", "xmlcharrefreplace")
-        if not PY2:
-            zbl = [
-                chr(x).encode("utf-8")
-                if x in bascii
-                else "%{:02x}".format(x).encode("ascii")
-                for x in zb
-            ]
-        else:
-            zbl = [unicode(x) if x in bascii else "%{:02x}".format(ord(x)) for x in zb]
-
-        ufn = b"".join(zbl).decode("ascii")
-
-        cdis = "attachment; filename=\"{}.{}\"; filename*=UTF-8''{}.{}"
-        cdis = cdis.format(afn, ext, ufn, ext)
+        cdis = gen_content_disposition("%s.%s" % (fn, ext))
         self.log(repr(cdis))
         self.send_headers(None, mime=mime, headers={"Content-Disposition": cdis})
 
@@ -4911,7 +4926,8 @@ class HttpCli(object):
             "lastmod": int(ts_md * 1000),
             "lang": self.args.lang,
             "favico": self.args.favico,
-            "have_emp": self.args.emp,
+            "have_emp": int(self.args.emp),
+            "md_no_br": int(vn.flags.get("md_no_br") or 0),
             "md_chk_rate": self.args.mcr,
             "md": boundary,
             "arg_base": arg_base,

copyparty/mdns.py

@@ -27,7 +27,7 @@ from .stolen.dnslib import (
     DNSRecord,
     set_avahi_379,
 )
-from .util import CachedSet, Daemon, Netdev, list_ips, min_ex
+from .util import IP6_LL, CachedSet, Daemon, Netdev, list_ips, min_ex
 
 if TYPE_CHECKING:
     from .svchub import SvcHub
@@ -371,7 +371,7 @@ class MDNS(MCast):
         cip = addr[0]
         v6 = ":" in cip
         if (cip.startswith("169.254") and not self.ll_ok) or (
-            v6 and not cip.startswith("fe80")
+            v6 and not cip.startswith(IP6_LL)
         ):
             return
 

copyparty/multicast.py

@@ -15,7 +15,7 @@ from ipaddress import (
 )
 
 from .__init__ import MACOS, TYPE_CHECKING
-from .util import Daemon, Netdev, find_prefix, min_ex, spack
+from .util import IP6_LL, IP64_LL, Daemon, Netdev, find_prefix, min_ex, spack
 
 if TYPE_CHECKING:
     from .svchub import SvcHub
@@ -142,7 +142,7 @@ class MCast(object):
         all_selected = ips[:]
 
         # discard non-linklocal ipv6
-        ips = [x for x in ips if ":" not in x or x.startswith("fe80")]
+        ips = [x for x in ips if ":" not in x or x.startswith(IP6_LL)]
 
         if not ips:
             raise NoIPs()
@@ -180,7 +180,7 @@ class MCast(object):
                 srv.ips[oth_ip.split("/")[0]] = ipaddress.ip_network(oth_ip, False)
 
             # gvfs breaks if a linklocal ip appears in a dns reply
-            ll = {k: v for k, v in srv.ips.items() if k.startswith(("169.254", "fe80"))}
+            ll = {k: v for k, v in srv.ips.items() if k.startswith(IP64_LL)}
             rt = {k: v for k, v in srv.ips.items() if k not in ll}
 
             if self.args.ll or not rt:

copyparty/pwhash.py

@@ -25,6 +25,7 @@ class PWHash(object):
         self.args = args
 
         zsl = args.ah_alg.split(",")
+        zsl = [x.strip() for x in zsl]
         alg = zsl[0]
         if alg == "none":
             alg = ""

copyparty/smbd.py

@@ -315,7 +315,7 @@ class SMB(object):
             t = "blocked rename (no-move-acc %s): /%s @%s"
             yeet(t % (vfs1.axs.umove, vp1, uname))
 
-        self.hub.up2k.handle_mv(uname, "1.7.6.2", vp1, vp2)
+        self.hub.up2k.handle_mv("", uname, "1.7.6.2", vp1, vp2)
         try:
             bos.makedirs(ap2, vf=vfs2.flags)
         except:

copyparty/stolen/qrcodegen.py

@@ -195,6 +195,25 @@ class QrCode(object):
 
         return "\n".join(rows)
 
+    def to_png(self, zoom, pad, bg, fg, ap)  :
+        from PIL import Image
+
+        tab = self.modules
+        sz = self.size
+        psz = sz + pad * 2
+        if bg:
+            img = Image.new("RGB", (psz, psz), bg)
+        else:
+            img = Image.new("RGBA", (psz, psz), (0, 0, 0, 0))
+            fg = (fg[0], fg[1], fg[2], 255)
+        for y in range(sz):
+            for x in range(sz):
+                if tab[y][x]:
+                    img.putpixel((x + pad, y + pad), fg)
+        if zoom != 1:
+            img = img.resize((sz * zoom, sz * zoom), Image.Resampling.NEAREST)
+        img.save(ap)
+
     def _draw_function_patterns(self)  :
         # Draw horizontal and vertical timing patterns
         for i in range(self.size):