Home Explore Help
Sign In
fphammerle
/
pyftpd-sink
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1b8e76f0e7
Branches Tags
pyftpd-sink
/
pyftpd_sink.py

pyftpd_sink.py 4.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. import argparse
    2. 

  2. import hashlib
    3. 

  3. import logging
    4. 

  4. import os
    5. 

  5. 

  6. import pyftpdlib.authorizers
    7. 

  7. import pyftpdlib.handlers
    8. 

  8. import pyftpdlib.servers
    9. 

  9. 

  10. LOG_LEVELS = {
    11. 

  11.     'critical': logging.CRITICAL,
    12. 

  12.     'error': logging.ERROR,
    13. 

  13.     'warning': logging.WARNING,
    14. 

  14.     'info': logging.INFO,
    15. 

  15.     'debug': logging.DEBUG,
    16. 

  16. }
    17. 

  17. 

  18. 

  19. class SHA256Authorizer(pyftpdlib.authorizers.DummyAuthorizer):
    20. 

  20. 

  21.     def validate_authentication(self, username, password, handler):
    22. 

  22.         # pyftpdlib/authorizers.py", line 110, in add_user
    23. 

  23.         #   dic = {'pwd': str(password),
    24. 

  24.         # so we can not compare against .digest()
    25. 

  25.         password_hash = hashlib.sha256(password.encode()).hexdigest()
    26. 

  26.         if self.user_table[username]['pwd'] != password_hash.lower():
    27. 

  27.             raise pyftpdlib.authorizers.AuthenticationFailed()
    28. 

  28. 

  29. 

  30. def serve(root_dir_path, username, password_sha256_hexdigest,
    31. 

  31.           control_port, passive_port, passive_address, umask, log_level):
    32. 

  32.     logging.basicConfig(level=log_level)
    33. 

  33.     if umask:
    34. 

  34.         os.umask(umask)
    35. 

  35.         logging.info('umask=0o%o', umask)
    36. 

  36.     assert os.path.isdir(root_dir_path), root_dir_path
    37. 

  37.     authorizer = SHA256Authorizer()
    38. 

  38.     authorizer.add_user(
    39. 

  39.         username,
    40. 

  40.         password_sha256_hexdigest.lower(),
    41. 

  41.         homedir=root_dir_path,
    42. 

  42.         # https://pyftpdlib.readthedocs.io/en/latest/api.html#pyftpdlib.authorizers.DummyAuthorizer.add_user
    43. 

  43.         # e: change dir
    44. 

  44.         # m: mkdir
    45. 

  45.         # w: write
    46. 

  46.         perm='emw',
    47. 

  47.         msg_login='renshi ni hen gaoxing',
    48. 

  48.         msg_quit='zaijian',
    49. 

  49.     )
    50. 

  50.     handler = pyftpdlib.handlers.FTPHandler
    51. 

  51.     handler.authorizer = authorizer
    52. 

  52.     handler.banner = 'ni hao'
    53. 

  53.     handler.passive_ports = (passive_port,)
    54. 

  54.     handler.masquerade_address = passive_address
    55. 

  55.     server = pyftpdlib.servers.FTPServer((None, control_port), handler)
    56. 

  56.     # apparently requires +1 for unknown reasons
    57. 

  57.     server.max_cons = 1 + 1
    58. 

  58.     server.serve_forever()
    59. 

  59. 

  60. 

  61. class EnvDefaultArgparser(argparse.ArgumentParser):
    62. 

  62. 

  63.     def add_argument(self, *args, envvar=None, **kwargs):
    64. 

  64.         if envvar:
    65. 

  65.             envvar_value = os.environ.get(envvar, None)
    66. 

  66.             if envvar_value:
    67. 

  67.                 kwargs['required'] = False
    68. 

  68.                 kwargs['default'] = envvar_value
    69. 

  69.         super().add_argument(*args, **kwargs)
    70. 

  70. 

  71. 

  72. def _init_argparser():
    73. 

  73.     argparser = EnvDefaultArgparser()
    74. 

  74.     argparser.add_argument(
    75. 

  75.         '--root', '--root-dir',
    76. 

  76.         metavar='path',
    77. 

  77.         dest='root_dir_path',
    78. 

  78.         default=os.getcwd(),
    79. 

  79.         help='default: current working directory',
    80. 

  80.     )
    81. 

  81.     argparser.add_argument(
    82. 

  82.         '--user', '--username',
    83. 

  83.         metavar='username',
    84. 

  84.         dest='username',
    85. 

  85.         required=True,
    86. 

  86.         envvar='FTP_USERNAME',
    87. 

  87.         help='default: env var $FTP_USERNAME',
    88. 

  88.     )
    89. 

  89.     argparser.add_argument(
    90. 

  90.         '--pwd-hash', '--password-hash',
    91. 

  91.         metavar='sha256_hexdigest',
    92. 

  92.         dest='password_sha256_hexdigest',
    93. 

  93.         required=True,
    94. 

  94.         envvar='FTP_PASSWORD_SHA256',
    95. 

  95.         help='default: env var $FTP_PASSWORD_SHA256',
    96. 

  96.     )
    97. 

  97.     argparser.add_argument(
    98. 

  98.         '--ctrl-port', '--control-port',
    99. 

  99.         metavar='port',
    100. 

  100.         type=int,
    101. 

  101.         dest='control_port',
    102. 

  102.         envvar='FTP_CONTROL_PORT',
    103. 

  103.         default=2121,
    104. 

  104.         help='default: env var $FTP_CONTROL_PORT or 2121',
    105. 

  105.     )
    106. 

  106.     argparser.add_argument(
    107. 

  107.         '--pasv-port', '--passive-port',
    108. 

  108.         metavar='port',
    109. 

  109.         type=int,
    110. 

  110.         dest='passive_port',
    111. 

  111.         envvar='FTP_PASSIVE_PORT',
    112. 

  112.         default=62121,
    113. 

  113.         help='port for passive (PASV) & extended passive (EPSV) mode;'
    114. 

  114.         + ' default: env var $FTP_PASSIVE_PORT or 62121',
    115. 

  115.     )
    116. 

  116.     argparser.add_argument(
    117. 

  117.         '--pasv-addr', '--passive-address', '--masquerade-address',
    118. 

  118.         metavar='ip_address',
    119. 

  119.         dest='passive_address',
    120. 

  120.         envvar='FTP_PASSIVE_ADDRESS',
    121. 

  121.         default=None,
    122. 

  122.         help='address returned to client (227)'
    123. 

  123.         + ' after opening port for passive mode (PASV)'
    124. 

  124.         + ' default: socket\'s own address',
    125. 

  125.     )
    126. 

  126.     argparser.add_argument(
    127. 

  127.         '--umask',
    128. 

  128.         type=int,
    129. 

  129.         envvar='UMASK',
    130. 

  130.         default=' default: env var $UMASK',
    131. 

  131.     )
    132. 

  132.     argparser.add_argument(
    133. 

  133.         '--log-level',
    134. 

  134.         metavar='level_name',
    135. 

  135.         dest='log_level_name',
    136. 

  136.         default='info',
    137. 

  137.         choices=LOG_LEVELS.keys(),
    138. 

  138.         help='default: %(default)s',
    139. 

  139.     )
    140. 

  140.     return argparser
    141. 

  141. 

  142. 

  143. def main():
    144. 

  144.     args = _init_argparser().parse_args()
    145. 

  145.     args.log_level = LOG_LEVELS[args.log_level_name]
    146. 

  146.     del args.log_level_name
    147. 

  147.     serve(**vars(args))
    148.