modules/cmds.py

   1 # vi: encoding=utf-8 ts=8 sts=4 sw=4 et
   2
   3 import os
   4 import time
   5 import config
   6 import common
   7 import md5
   8 import ftptree
   9
  10
  11 def parse(con):
  12     if '\0' not in con.data:
  13         return
  14     cmds=con.data.split('\0')[:-1]
  15
  16     for cmd in cmds:
  17         con.data=con.data[len(cmd)+1:]
  18         cmdname=cmd[:4]
  19         if not con.authorized and cmdname not in ('linp', 'linc', 'name'):
  20             raise BailOut
  21             # TODO: log unauthorized access
  22         if cmdname in cmdlist_noargs:
  23             if len(cmd)==4:
  24                 cmdlist_noargs[cmdname](con)
  25             else:
  26                 pass
  27                 # TODO: log malicious msg
  28         elif cmdname in cmdlist_args:
  29             if len(cmd)>5:
  30                 cmdlist_args[cmdname](con, cmd[5:])
  31             else:
  32                 pass
  33                 # TODO: log malicious msg
  34         else:
  35             raise BailOut
  36             # TODO: log this
  37
  38
  39 def lock(con, arg, hard):
  40     if arg not in locks:
  41         locks[arg]=hard
  42         con.sock.send("OK")
  43     elif locks[arg]:
  44         con.sock.send("HARD") # Hard lock - you can go get a cup of tea
  45     else:
  46         con.sock.send("SOFT") # Soft lock - try in a second or two
  47
  48
  49 def cmd_unlock(con, arg):
  50     if arg in locks:
  51         del locks[arg]
  52
  53 def cmd_lock_soft(con, arg):
  54     lock(con, arg, False)
  55
  56 def cmd_lock_hard(con, arg):
  57     lock(con, arg, True)
  58
  59
  60 def cmd_log(con, msg):
  61     logfile.write('%s [%s] -- %s\n' % (time.strftime('%Y-%m-%d %H:%M:%S'),
  62                                        con.name, msg))
  63     logfile.flush()
  64
  65 def cmd_name(con, name):
  66     con.name=name
  67
  68
  69 def load_creds():
  70     global users, cookies
  71     users={}
  72     cookies={}
  73     if not common.fileexists(common.ftpadmdir+'var/passwd'):
  74         return
  75     else:
  76         f=open(common.ftpadmdir+'var/passwd', 'r')
  77         for line in f.xreadlines():
  78             x=line.strip().split(':')
  79             if len(x)>=2:
  80                 users[x[0]]=x[1]
  81         f.close()
  82     if not common.fileexists(common.ftpadmdir+'var/cookies'):
  83         return
  84     else:
  85         f=open(common.ftpadmdir+'var/cookies', 'r')
  86         for line in f.xreadlines():
  87             x=line.strip().split(':')
  88             if len(x)>=2:
  89                 users[x[0]]=x[1]
  90         f.close()
  91
  92 def write_cookies():
  93     f=open(common.ftpadmdir+'var/cookies', 'w')
  94     for key in cookies.keys():
  95         f.write('%s:%s\n' % (key, cookies[key]))
  96     f.close()
  97
  98 def cmd_login_passwd(con, data):
  99     tmp=data.split('\n')
 100     if len(tmp)!=2:
 101         raise BailOut
 102     login=tmp[0]
 103     passwd=tmp[1]
 104     md5pass=md5.new(passwd).hexdigest()
 105     if login in users and users[login]==md5pass:
 106         cookie=`time.time()`.split('.')[0]+'_'+md5.new(md5pass+salt).hexdigest()
 107         cookies[cookie]=login
 108         write_cookies()
 109         con.username=login
 110         con.authorized=True
 111         con.sock.send('OK '+cookie)
 112     else:
 113         # TODO: log this
 114         con.sock.send('FAIL')
 115         raise BailOut
 116
 117 def cmd_login_cookie(con, cookie):
 118     if cookie in cookies:
 119         con.cookie=cookie
 120         con.authorized=True
 121         con.username=cookies[cookie]
 122         con.sock.send('OK '+cookies[cookie])
 123     else:
 124         # TODO: log this (or not)
 125         con.sock.send('FAIL')
 126
 127 def cmd_logout(con):
 128     if con.cookie in cookies:
 129         del cookies[con.cookie]
 130         write_cookies()
 131
 132 def reloadftptree():
 133     global srctree, pkglist
 134     srctree=ftptree.FtpTree(config.value['default_to'], loadall=True)
 135     pkglist=srctree.keys()
 136     pkglist.sort()
 137
 138 def cmd_gettree(con):
 139     buf=''
 140     for pkgname in pkglist:
 141         # TODO: show only user's own pkgs
 142         # TODO: show if already marked
 143         pkg=srctree[pkgname]
 144         line=pkgname
 145         if pkg.marked4moving:
 146             line=line+'\n1'
 147         else:
 148             line=line+'\n0'
 149         if pkg.marked4removal:
 150             line=line+'\n1'
 151         else:
 152             line=line+'\n0'
 153         buf=buf+'\0'+line
 154     if buf:
 155         con.sock.send('%.6d' % (len(buf)-1))
 156         con.sock.send(buf[1:])
 157     else:
 158         con.sock.send('000000')
 159
 160
 161 cmdlist_args={'lcks':cmd_lock_soft, 'lckh':cmd_lock_hard, 'ulck':cmd_unlock,
 162          'log1':cmd_log, 'name':cmd_name, 'linp':cmd_login_passwd,
 163          'linc':cmd_login_cookie}
 164
 165 cmdlist_noargs={'lout':cmd_logout, 'gett':cmd_gettree}
 166
 167 # Global stuff and initializations
 168
 169 BailOut="BailOut"
 170 locks={}
 171 logfile=open(common.ftpadmdir+'var/log', 'a')
 172 load_creds()
 173 reloadftptree()
 174 salt=md5.new(`time.time()`).hexdigest()
 175