modules/cmds.py

   1 # vi: encoding=utf-8 ts=8 sts=4 sw=4 et
   2
   3 import os
   4 import time
   5 import config
   6 import common
   7 import md5
   8 import ftptree
   9
  10
  11 def parse(con):
  12     if '\0' not in con.data:
  13         return
  14     cmds=con.data.split('\0')[:-1]
  15
  16     for cmd in cmds:
  17         con.data=con.data[len(cmd)+1:]
  18         cmdname=cmd[:4]
  19         if not con.authorized and cmdname not in ('linp', 'linc', 'name'):
  20             raise BailOut
  21             # TODO: log unauthorized access
  22         if cmdname in cmdlist_noargs:
  23             if len(cmd)==4:
  24                 cmdlist_noargs[cmdname](con)
  25             else:
  26                 pass
  27                 # TODO: log malicious msg
  28         elif cmdname in cmdlist_args:
  29             if len(cmd)>5:
  30                 cmdlist_args[cmdname](con, cmd[5:])
  31             else:
  32                 pass
  33                 # TODO: log malicious msg
  34         else:
  35             raise BailOut
  36             # TODO: log this
  37
  38 def lock(con, arg, hard):
  39     if arg not in locks:
  40         locks[arg]={'hard': hard, 'name': con.name, 'time': int(time.time())}
  41         con.sock.send("OK")
  42     elif locks[arg]['hard']:
  43         con.sock.send("HARD") # Hard lock - you can go get a cup of tea
  44     else:
  45         con.sock.send("SOFT") # Soft lock - try in a second or two
  46
  47 def cmd_unlock(con, arg):
  48     if arg in locks:
  49         del locks[arg]
  50         con.sock.send("OK")
  51     else:
  52         con.sock.send("FAIL")
  53
  54 def cmd_lock_soft(con, arg):
  55     lock(con, arg, False)
  56
  57 def cmd_lock_hard(con, arg):
  58     lock(con, arg, True)
  59
  60 def cmd_show_locks(con):
  61     cmd_log(con, "Dumping locks data:");
  62     if len(locks):
  63         res = ""
  64         for lockdata in locks.iteritems():
  65             tree, data = lockdata
  66             msg = "Tree: %s, Conn name: %s, Hard Lock: %s, Time: %s" % (
  67                     tree, data['name'], data['hard'], time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(data['time'])))
  68             cmd_log(con, msg)
  69             res = res + msg
  70 #        con.sock.send("BLOB:%d" % len(res))
  71         con.sock.send(res)
  72     else:
  73         cmd_log(con, "No locks found.");
  74         con.sock.send("NLCK");
  75
  76 def cmd_log(con, msg):
  77     logfile.write('%s [%s] -- %s\n' % (time.strftime('%Y-%m-%d %H:%M:%S'), con.name, msg))
  78     logfile.flush()
  79
  80 def cmd_name(con, name):
  81     con.name=name
  82
  83 def load_creds():
  84     global users, cookies
  85     users={}
  86     cookies={}
  87     if not common.fileexists(common.ftpadmdir+'/var/passwd'):
  88         return
  89     else:
  90         f=open(common.ftpadmdir+'/var/passwd', 'r')
  91         for line in f.xreadlines():
  92             x=line.strip().split(':')
  93             if len(x)>=2:
  94                 users[x[0]]=x[1]
  95         f.close()
  96     if not common.fileexists(common.ftpadmdir+'/var/cookies'):
  97         return
  98     else:
  99         f=open(common.ftpadmdir+'/var/cookies', 'r')
 100         for line in f.xreadlines():
 101             x=line.strip().split(':')
 102             if len(x)>=2:
 103                 users[x[0]]=x[1]
 104         f.close()
 105
 106 def write_cookies():
 107     f=open(common.ftpadmdir+'/var/cookies', 'w')
 108     for key in cookies.keys():
 109         f.write('%s:%s\n' % (key, cookies[key]))
 110     f.close()
 111
 112 def cmd_login_passwd(con, data):
 113     tmp=data.split('\n')
 114     if len(tmp)!=2:
 115         raise BailOut
 116     login=tmp[0]
 117     passwd=tmp[1]
 118     md5pass=md5.new(passwd).hexdigest()
 119     if login in users and users[login]==md5pass:
 120         cookie=`time.time()`.split('.')[0]+'_'+md5.new(md5pass+salt).hexdigest()
 121         cookies[cookie]=login
 122         write_cookies()
 123         con.username=login
 124         con.authorized=True
 125         con.sock.send('OK '+cookie)
 126     else:
 127         # TODO: log this
 128         con.sock.send('FAIL')
 129         raise BailOut
 130
 131 def cmd_login_cookie(con, cookie):
 132     if cookie in cookies:
 133         con.cookie=cookie
 134         con.authorized=True
 135         con.username=cookies[cookie]
 136         con.sock.send('OK '+cookies[cookie])
 137     else:
 138         # TODO: log this (or not)
 139         con.sock.send('FAIL')
 140
 141 def cmd_logout(con):
 142     if con.cookie in cookies:
 143         del cookies[con.cookie]
 144         write_cookies()
 145
 146 def reloadftptree():
 147     global srctree, pkglist
 148     srctree=ftptree.FtpTree(config.value['default_to'], loadall=True)
 149     pkglist=srctree.keys()
 150     pkglist.sort()
 151
 152 def cmd_gettree(con):
 153     buf=''
 154     for pkgnvr in pkglist:
 155         # TODO: show only user's own pkgs
 156         pkg=srctree[pkgnvr]
 157         line=pkgnvr
 158         if pkg.marked4moving:
 159             line=line+'\n1'
 160         else:
 161             line=line+'\n0'
 162         if pkg.marked4removal:
 163             line=line+'\n1'
 164         else:
 165             line=line+'\n0'
 166         buf=buf+'\0'+line
 167     if buf:
 168         con.sock.send('%.6d' % (len(buf)-1))
 169         con.sock.send(buf[1:])
 170     else:
 171         con.sock.send('000000')
 172
 173
 174 cmdlist_args={'lcks':cmd_lock_soft, 'lckh':cmd_lock_hard, 'ulck':cmd_unlock,
 175          'log1':cmd_log, 'name':cmd_name, 'linp':cmd_login_passwd,
 176          'linc':cmd_login_cookie}
 177
 178 cmdlist_noargs={'lout':cmd_logout, 'gett':cmd_gettree, 'slck':cmd_show_locks}
 179
 180 # Global stuff and initializations
 181
 182 BailOut="BailOut"
 183 locks={}
 184 logfile=open(common.ftpadmdir+'/var/log', 'a')
 185 load_creds()
 186 reloadftptree()
 187 salt=md5.new(`time.time()`).hexdigest()
 188