[projects/pld-ftp-admin.git] / modules / cmds.py

# vi: encoding=utf-8 ts=8 sts=4 sw=4 et

import os
import time
import config
import common
import md5
import ftptree


def parse(con):
    if '\0' not in con.data:
        return
    cmds=con.data.split('\0')[:-1]

    for cmd in cmds:
        con.data=con.data[len(cmd)+1:]
        cmdname=cmd[:4]
        if not con.authorized and cmdname not in ('linp', 'linc', 'name'):
            raise BailOut
            # TODO: log unauthorized access
        if cmdname in cmdlist_noargs:
            if len(cmd)==4:
                cmdlist_noargs[cmdname](con)
            else:
                pass
                # TODO: log malicious msg
        elif cmdname in cmdlist_args:
            if len(cmd)>5:
                cmdlist_args[cmdname](con, cmd[5:])
            else:
                pass
                # TODO: log malicious msg
        else:
            raise BailOut
            # TODO: log this

def lock(con, arg, hard):
    if arg not in locks:
        locks[arg]={'hard': hard, 'name': con.name, 'time': int(time.time())}
        con.sock.send("OK")
    elif locks[arg]['hard']:
        con.sock.send("HARD") # Hard lock - you can go get a cup of tea
    else:
        con.sock.send("SOFT") # Soft lock - try in a second or two

def cmd_unlock(con, arg):
    if arg in locks:
        del locks[arg]
        con.sock.send("OK")
    else:
        con.sock.send("FAIL")

def cmd_lock_soft(con, arg):
    lock(con, arg, False)

def cmd_lock_hard(con, arg):
    lock(con, arg, True)

def cmd_show_locks(con):
    cmd_log(con, "Dumping locks data:");
    if len(locks):
        res = ""
        for lockdata in locks.iteritems():
            tree, data = lockdata
            msg = "Tree: %s, Conn name: %s, Hard Lock: %s, Time: %s" % (
                    tree, data['name'], data['hard'], time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(data['time'])))
            cmd_log(con, msg)
            res = res + msg
#        con.sock.send("BLOB:%d" % len(res))
        con.sock.send(res)
    else:
        cmd_log(con, "No locks found.");
        con.sock.send("NLCK");

def cmd_log(con, msg):
    logfile.write('%s [%s] -- %s\n' % (time.strftime('%Y-%m-%d %H:%M:%S'), con.name, msg))
    logfile.flush()

def cmd_name(con, name):
    con.name=name

def load_creds():
    global users, cookies
    users={}
    cookies={}
    if not common.fileexists(common.ftpadmdir+'/var/passwd'):
        return
    else:
        f=open(common.ftpadmdir+'/var/passwd', 'r')
        for line in f.xreadlines():
            x=line.strip().split(':')
            if len(x)>=2:
                users[x[0]]=x[1]
        f.close()
    if not common.fileexists(common.ftpadmdir+'/var/cookies'):
        return
    else:
        f=open(common.ftpadmdir+'/var/cookies', 'r')
        for line in f.xreadlines():
            x=line.strip().split(':')
            if len(x)>=2:
                users[x[0]]=x[1]
        f.close()

def write_cookies():
    f=open(common.ftpadmdir+'/var/cookies', 'w')
    for key in cookies.keys():
        f.write('%s:%s\n' % (key, cookies[key]))
    f.close()

def cmd_login_passwd(con, data):
    tmp=data.split('\n')
    if len(tmp)!=2:
        raise BailOut
    login=tmp[0]
    passwd=tmp[1]
    md5pass=md5.new(passwd).hexdigest()
    if login in users and users[login]==md5pass:
        cookie=`time.time()`.split('.')[0]+'_'+md5.new(md5pass+salt).hexdigest()
        cookies[cookie]=login
        write_cookies()
        con.username=login
        con.authorized=True
        con.sock.send('OK '+cookie)
    else:
        # TODO: log this
        con.sock.send('FAIL')
        raise BailOut

def cmd_login_cookie(con, cookie):
    if cookie in cookies:
        con.cookie=cookie
        con.authorized=True
        con.username=cookies[cookie]
        con.sock.send('OK '+cookies[cookie])
    else:
        # TODO: log this (or not)
        con.sock.send('FAIL')

def cmd_logout(con):
    if con.cookie in cookies:
        del cookies[con.cookie]
        write_cookies()

def reloadftptree():
    global srctree, pkglist
    srctree=ftptree.FtpTree(config.value['default_to'], loadall=True)
    pkglist=srctree.keys()
    pkglist.sort()

def cmd_gettree(con):
    buf=''
    for pkgnvr in pkglist:
        # TODO: show only user's own pkgs
        pkg=srctree[pkgnvr]
        line=pkgnvr
        if pkg.marked4moving:
            line=line+'\n1'
        else:
            line=line+'\n0'
        if pkg.marked4removal:
            line=line+'\n1'
        else:
            line=line+'\n0'
        buf=buf+'\0'+line
    if buf:
        con.sock.send('%.6d' % (len(buf)-1))
        con.sock.send(buf[1:])
    else:
        con.sock.send('000000')


cmdlist_args={'lcks':cmd_lock_soft, 'lckh':cmd_lock_hard, 'ulck':cmd_unlock,
         'log1':cmd_log, 'name':cmd_name, 'linp':cmd_login_passwd,
         'linc':cmd_login_cookie}

cmdlist_noargs={'lout':cmd_logout, 'gett':cmd_gettree, 'slck':cmd_show_locks}

# Global stuff and initializations

BailOut="BailOut"
locks={}
logfile=open(common.ftpadmdir+'/var/log', 'a')
load_creds()
reloadftptree()
salt=md5.new(`time.time()`).hexdigest()
Commit	Line	Data
e3aced8e MM	1	# vi: encoding=utf-8 ts=8 sts=4 sw=4 et
e3aced8e MM	2
459e7d48 MM	3	import os
459e7d48 MM	4	import time
88d4cb67 MM	5	import config
	6	import common
	7	import md5
08b49edd	8	import ftptree
459e7d48	9
459e7d48	10
e3aced8e MM	11	def parse(con):
	12	if '\0' not in con.data:
	13	return
	14	cmds=con.data.split('\0')[:-1]
	15
	16	for cmd in cmds:
	17	con.data=con.data[len(cmd)+1:]
	18	cmdname=cmd[:4]
08b49edd	19	if not con.authorized and cmdname not in ('linp', 'linc', 'name'):
5fcf3f9a MM	20	raise BailOut
5fcf3f9a MM	21	# TODO: log unauthorized access
6992b18d MM	22	if cmdname in cmdlist_noargs:
	23	if len(cmd)==4:
	24	cmdlist_noargs[cmdname](con)
	25	else:
	26	pass
	27	# TODO: log malicious msg
	28	elif cmdname in cmdlist_args:
	29	if len(cmd)>5:
	30	cmdlist_args[cmdname](con, cmd[5:])
	31	else:
	32	pass
	33	# TODO: log malicious msg
e3aced8e	34	else:
5fcf3f9a	35	raise BailOut
e3aced8e MM	36	# TODO: log this
e3aced8e MM	37
e3aced8e MM	38	def lock(con, arg, hard):
e3aced8e MM	39	if arg not in locks:
135e7889	40	locks[arg]={'hard': hard, 'name': con.name, 'time': int(time.time())}
e3aced8e	41	con.sock.send("OK")
135e7889	42	elif locks[arg]['hard']:
e3aced8e MM	43	con.sock.send("HARD") # Hard lock - you can go get a cup of tea
	44	else:
	45	con.sock.send("SOFT") # Soft lock - try in a second or two
461bc5ab	46
b55905f2	47	def cmd_unlock(con, arg):
e3aced8e MM	48	if arg in locks:
e3aced8e MM	49	del locks[arg]
6b4b841a AM	50	con.sock.send("OK")
	51	else:
	52	con.sock.send("FAIL")
e3aced8e	53
b55905f2	54	def cmd_lock_soft(con, arg):
e3aced8e MM	55	lock(con, arg, False)
e3aced8e MM	56
b55905f2	57	def cmd_lock_hard(con, arg):
e3aced8e MM	58	lock(con, arg, True)
e3aced8e MM	59
6b4b841a AM	60	def cmd_show_locks(con):
	61	cmd_log(con, "Dumping locks data:");
	62	if len(locks):
461bc5ab	63	res = ""
6b4b841a AM	64	for lockdata in locks.iteritems():
6b4b841a AM	65	tree, data = lockdata
461bc5ab ER	66	msg = "Tree: %s, Conn name: %s, Hard Lock: %s, Time: %s" % (
	67	tree, data['name'], data['hard'], time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(data['time'])))
	68	cmd_log(con, msg)
	69	res = res + msg
	70	# con.sock.send("BLOB:%d" % len(res))
	71	con.sock.send(res)
6b4b841a AM	72	else:
6b4b841a AM	73	cmd_log(con, "No locks found.");
461bc5ab	74	con.sock.send("NLCK");
459e7d48	75
b55905f2	76	def cmd_log(con, msg):
461bc5ab	77	logfile.write('%s [%s] -- %s\n' % (time.strftime('%Y-%m-%d %H:%M:%S'), con.name, msg))
459e7d48	78	logfile.flush()
e3aced8e	79
b55905f2 MM	80	def cmd_name(con, name):
	81	con.name=name
	82
88d4cb67 MM	83	def load_creds():
	84	global users, cookies
	85	users={}
	86	cookies={}
304fcc79	87	if not common.fileexists(common.ftpadmdir+'/var/passwd'):
88d4cb67 MM	88	return
88d4cb67 MM	89	else:
304fcc79	90	f=open(common.ftpadmdir+'/var/passwd', 'r')
88d4cb67 MM	91	for line in f.xreadlines():
	92	x=line.strip().split(':')
	93	if len(x)>=2:
	94	users[x[0]]=x[1]
	95	f.close()
304fcc79	96	if not common.fileexists(common.ftpadmdir+'/var/cookies'):
88d4cb67 MM	97	return
88d4cb67 MM	98	else:
304fcc79	99	f=open(common.ftpadmdir+'/var/cookies', 'r')
88d4cb67 MM	100	for line in f.xreadlines():
	101	x=line.strip().split(':')
	102	if len(x)>=2:
	103	users[x[0]]=x[1]
	104	f.close()
	105
	106	def write_cookies():
304fcc79	107	f=open(common.ftpadmdir+'/var/cookies', 'w')
88d4cb67 MM	108	for key in cookies.keys():
	109	f.write('%s:%s\n' % (key, cookies[key]))
	110	f.close()
	111
6992b18d MM	112	def cmd_login_passwd(con, data):
	113	tmp=data.split('\n')
	114	if len(tmp)!=2:
	115	raise BailOut
	116	login=tmp[0]
	117	passwd=tmp[1]
38492fee MM	118	md5pass=md5.new(passwd).hexdigest()
	119	if login in users and users[login]==md5pass:
	120	cookie=`time.time()`.split('.')[0]+'_'+md5.new(md5pass+salt).hexdigest()
88d4cb67 MM	121	cookies[cookie]=login
88d4cb67 MM	122	write_cookies()
08b49edd	123	con.username=login
88d4cb67 MM	124	con.authorized=True
88d4cb67 MM	125	con.sock.send('OK '+cookie)
6992b18d MM	126	else:
	127	# TODO: log this
	128	con.sock.send('FAIL')
	129	raise BailOut
	130
	131	def cmd_login_cookie(con, cookie):
88d4cb67 MM	132	if cookie in cookies:
	133	con.cookie=cookie
	134	con.authorized=True
08b49edd	135	con.username=cookies[cookie]
88d4cb67	136	con.sock.send('OK '+cookies[cookie])
6992b18d MM	137	else:
	138	# TODO: log this (or not)
	139	con.sock.send('FAIL')
	140
	141	def cmd_logout(con):
88d4cb67 MM	142	if con.cookie in cookies:
	143	del cookies[con.cookie]
	144	write_cookies()
08b49edd MM	145
	146	def reloadftptree():
	147	global srctree, pkglist
	148	srctree=ftptree.FtpTree(config.value['default_to'], loadall=True)
	149	pkglist=srctree.keys()
	150	pkglist.sort()
	151
	152	def cmd_gettree(con):
	153	buf=''
85f3481a	154	for pkgnvr in pkglist:
08b49edd	155	# TODO: show only user's own pkgs
85f3481a MM	156	pkg=srctree[pkgnvr]
85f3481a MM	157	line=pkgnvr
5d490a9c MM	158	if pkg.marked4moving:
	159	line=line+'\n1'
	160	else:
	161	line=line+'\n0'
	162	if pkg.marked4removal:
	163	line=line+'\n1'
	164	else:
	165	line=line+'\n0'
	166	buf=buf+'\0'+line
08b49edd MM	167	if buf:
	168	con.sock.send('%.6d' % (len(buf)-1))
	169	con.sock.send(buf[1:])
	170	else:
	171	con.sock.send('000000')
	172
6992b18d MM	173
	174	cmdlist_args={'lcks':cmd_lock_soft, 'lckh':cmd_lock_hard, 'ulck':cmd_unlock,
	175	'log1':cmd_log, 'name':cmd_name, 'linp':cmd_login_passwd,
	176	'linc':cmd_login_cookie}
	177
6b4b841a	178	cmdlist_noargs={'lout':cmd_logout, 'gett':cmd_gettree, 'slck':cmd_show_locks}
6992b18d	179
88d4cb67 MM	180	# Global stuff and initializations
	181
	182	BailOut="BailOut"
	183	locks={}
304fcc79	184	logfile=open(common.ftpadmdir+'/var/log', 'a')
88d4cb67	185	load_creds()
08b49edd	186	reloadftptree()
38492fee	187	salt=md5.new(`time.time()`).hexdigest()
e3aced8e	188