modules/cmds.py

   1 # vi: encoding=utf-8 ts=8 sts=4 sw=4 et
   2
   3 import os
   4 import time
   5 import config
   6 import common
   7 import md5
   8
   9
  10 def parse(con):
  11     if '\0' not in con.data:
  12         return
  13     cmds=con.data.split('\0')[:-1]
  14
  15     for cmd in cmds:
  16         con.data=con.data[len(cmd)+1:]
  17         cmdname=cmd[:4]
  18         if not con.authorized and not (cmdname=='linp' or cmdname=='linc'):
  19             raise BailOut
  20             # TODO: log unauthorized access
  21         if cmdname in cmdlist_noargs:
  22             if len(cmd)==4:
  23                 cmdlist_noargs[cmdname](con)
  24             else:
  25                 pass
  26                 # TODO: log malicious msg
  27         elif cmdname in cmdlist_args:
  28             if len(cmd)>5:
  29                 cmdlist_args[cmdname](con, cmd[5:])
  30             else:
  31                 pass
  32                 # TODO: log malicious msg
  33         else:
  34             raise BailOut
  35             # TODO: log this
  36
  37
  38 def lock(con, arg, hard):
  39     if arg not in locks:
  40         locks[arg]=hard
  41         con.sock.send("OK")
  42     elif locks[arg]:
  43         con.sock.send("HARD") # Hard lock - you can go get a cup of tea
  44     else:
  45         con.sock.send("SOFT") # Soft lock - try in a second or two
  46
  47
  48 def cmd_unlock(con, arg):
  49     if arg in locks:
  50         del locks[arg]
  51
  52 def cmd_lock_soft(con, arg):
  53     lock(con, arg, False)
  54
  55 def cmd_lock_hard(con, arg):
  56     lock(con, arg, True)
  57
  58
  59 def cmd_log(con, msg):
  60     logfile.write('%s [%s] -- %s\n' % (time.strftime('%Y-%m-%d %H:%M:%S'),
  61                                        con.name, msg))
  62     logfile.flush()
  63
  64 def cmd_name(con, name):
  65     con.name=name
  66
  67
  68 def load_creds():
  69     global users, cookies
  70     users={}
  71     cookies={}
  72     if not common.fileexists(common.ftpadmdir+'var/passwd'):
  73         return
  74     else:
  75         f=open(common.ftpadmdir+'var/passwd', 'r')
  76         for line in f.xreadlines():
  77             x=line.strip().split(':')
  78             if len(x)>=2:
  79                 users[x[0]]=x[1]
  80         f.close()
  81     if not common.fileexists(common.ftpadmdir+'var/cookies'):
  82         return
  83     else:
  84         f=open(common.ftpadmdir+'var/cookies', 'r')
  85         for line in f.xreadlines():
  86             x=line.strip().split(':')
  87             if len(x)>=2:
  88                 users[x[0]]=x[1]
  89         f.close()
  90
  91 def write_cookies():
  92     f=open(common.ftpadmdir+'var/cookies', 'w')
  93     for key in cookies.keys():
  94         f.write('%s:%s\n' % (key, cookies[key]))
  95     f.close()
  96
  97 def cmd_login_passwd(con, data):
  98     tmp=data.split('\n')
  99     if len(tmp)!=2:
 100         raise BailOut
 101     login=tmp[0]
 102     passwd=tmp[1]
 103     if login in users and users[login]==md5.new(passwd).hexdigest():
 104         cookie=md5.new(login+passwd+`time.time()`).hexdigest()
 105         cookies[cookie]=login
 106         write_cookies()
 107         con.authorized=True
 108         con.sock.send('OK '+cookie)
 109     else:
 110         # TODO: log this
 111         con.sock.send('FAIL')
 112         raise BailOut
 113
 114 def cmd_login_cookie(con, cookie):
 115     if cookie in cookies:
 116         con.cookie=cookie
 117         con.authorized=True
 118         con.sock.send('OK '+cookies[cookie])
 119     else:
 120         # TODO: log this (or not)
 121         con.sock.send('FAIL')
 122
 123 def cmd_logout(con):
 124     if con.cookie in cookies:
 125         del cookies[con.cookie]
 126         write_cookies()
 127     pass
 128
 129 cmdlist_args={'lcks':cmd_lock_soft, 'lckh':cmd_lock_hard, 'ulck':cmd_unlock,
 130          'log1':cmd_log, 'name':cmd_name, 'linp':cmd_login_passwd,
 131          'linc':cmd_login_cookie}
 132
 133 cmdlist_noargs={'lout':cmd_logout}
 134
 135 # Global stuff and initializations
 136
 137 BailOut="BailOut"
 138 locks={}
 139 logfile=open(common.ftpadmdir+'var/log', 'a')
 140 load_creds()
 141