Smalltalk/X Webserver

Documentation of class 'AbstractFTPSession':

Class: AbstractFTPSession

Inheritance
Description
Class protocol
- defaults
- queries
Instance protocol

Inheritance:

   Object
   |
   +--AbstractTCPSession
      |
      +--AbstractFTPSession
         |
         +--FTPSession
         |
         +--SmalltalkFTPSession

Package:: stx:goodies/communication

Category:: Net-Communication-FTP

Version:: rev: 1.33 date: 2024/03/26 12:58:44; user: cg; file: AbstractFTPSession.st directory: goodies/communication; module: stx stc-classLibrary: communication

Description:

Helper class for the FTPServer.

Common code for FTP serverSessions - add concrete subclass
The stuff implemented here realizes the protocol;
real file operations and authorization must be implemented in subclasses.

Methods which should be redefined are found in the 'must be redefined' category.

Be aware, that FTPSessions may allow a client to GET all files
which are readable by me (except for the white- and blacklists below).

To limit access to certain folders, you can explicitly whiteList
allowed folders (by setting whiteListedFolders) and/or exclude individual folders
via a blackList (setting blackListedFolders).

Whitelisting is done first, then blacklisting
i.e. it is possible to allow everything under '/foo/...' by adding '/foo' to the whitelist,
and still exclude individual subdirectories under it by adding (say) '/foo/bar/baz' to the blacklist.


    
    FTPServer start.
    FTPServer startOnPort:portNr.

    (FTPServer forPort:12345)
        sessionClass:SmalltalkFTPSession;
        start

    then, on the command line, try:
        ftp loalhost 12345

copyrightCOPYRIGHT (c) 2003 by eXept Software AG
             All Rights Reserved

This software is furnished under a license and may be used
only in accordance with the terms of that license and with the
inclusion of the above copyright notice.   This software may not
be provided or otherwise made available to, or used by, any
other person.  No title to or ownership of the software is
hereby transferred.

protocolList of commands supported by this session framework
(however, subclasses may extend this by (re-)defining listOfSupportedCommands
and implementing a corresponding method.

Command         Supported           Notes
-----------------------------------------
ABOR                -
ACCT                -
ADAT                -
ALLO                -
APPE                -
CCC                 -
CDUP                Yes
CONF                -
CWD                 Yes
DELE                Yes
ENC                 -
EPRT                -
EPSV                Yes
FEAT                Yes
HELP                Yes
HOST                -
LANG                -
LIST                Yes
LPRT                -
LPSV                -
MDTM                -
MIC                 -
MKD                 Yes
MLSD                -
MLST                -
MODE                -
NLST                Yes
NOOP                Yes
OPTS                -
PASS                Yes
PASV                Yes
PBSZ                -
PORT                Yes
PROT                -
PWD                 Yes
QUIT                Yes
REIN                Yes
REST                -
RETR                Yes
RMD                 Yes
RNFR                -
RNTO                -
SITE                Yes
SIZE                -
SMNT                -
STAT                Yes
STOR                Yes
STOU                Yes
STRU                -
SYST                Yes
TYPE                Yes
USER                Yes
XCUP                -
XMKD                -
XPWD                -
XRMD                -
XRSQ                -
XSEM                -
XSEN                -

Class protocol:

defaults

ftpVersion

queries

isAbstract: Return if this class is an abstract class.
True is returned here for myself only; false for subclasses.
Abstract subclasses must redefine this again.

Instance protocol:

accessing

allowOnlyEPSV: if set to true, all data connections but EPASV are rejected
blackListedFoldersForReading: if non-nil, folders whose names match any in the given list will
NOT be visible to clients
blackListedFoldersForReading: aListOfGlobPatterns: if non-nil, folders whose names match any in the given list will
NOT be visible to clients
blackListedFoldersForWriting: if non-nil, folders whose names match any in the given list will
NOT be allowed to be written into by clients
blackListedFoldersForWriting: aListOfGlobPatterns: if non-nil, folders whose names match any in the given list will
NOT be allowed to be written into by clients
exitOnBadCommand: aBoolean: can be set to enforce connection closing, whenever a bad command arrives
whiteListedFoldersForReading: if non-nil, only folders whose names match any in the given list will
be visible to clients
whiteListedFoldersForReading: aListOfGlobPatterns: if non-nil, only folders whose names match any in the given list will
be visible to clients
whiteListedFoldersForWriting: if non-nil, only folders whose names match any in the given list will
NOT be allowed to be written into by clients
whiteListedFoldersForWriting: aListOfGlobPatterns: if non-nil, only folders whose names match any in the given list will
NOT be allowed to be written into by clients

debugging

logCommand: aMessage

ftp system commands

EPSV

incoming EPASV command.
Open a listening socket on a random port,
wait for the session partner to connect to it.
Timeout after some time, if he does not connect to me.
(separate data connection)

FEAT

return list of features

Usage example(s):

^ socket nextPutLine:('501 FEAT command syntax')

HELP

send all commands supported by FTP server

LPSV

incoming LPSV command.
Open a listening socket on a random port,
wait for the session partner to connect to it.
Timeout after some time, if he does not connect to me.
(separate data connection)

NOOP

no instruction command

PASS

password from user; already read in from USER command

PASV

incoming PASV command.
Open a listening socket on a random port,
wait for the session partner to connect to it.
Timeout after some time, if he does not connect to me.
(separate data connection)

PORT

incoming PORT command.
Connect to the session partner (separate data connection)

QUIT

shutdown session

REIN

reinitialize session

SITE

incoming SITE command.
sends back some statistic info;
or allows the idle timeout to be changed (SITE IDLE <seconds>)

STAT

incoming STAT command.
sends back some statistic info

SYST

incoming SYST command.
send back the system type

USER

incoming USER command.
login to a new session

ftp user commands

CDUP: change to parent directory
CWD: change working directory
DELE: delete file or (empty) directory
LIST: show directory contents; longFormat
MKD: make directory
NLST: show directory contents; shortFormat
PWD: get current working directory
RETR: incoming RETR command.
retrieve a file (i.e. download as seen from client)
RMD: recursive delete directory
STOR: incoming STOR command.
upload as seen from ftp client
STOU: incoming STOU command.
upload as seen from ftp client
TYPE: set mode:
bin (I or i) := #binary
ascii(A or a) := #ascii

must be redefined

canChangeWorkingDirectory: newDirectory: raise an error: must be redefined in concrete subclass(es)

** This method must be redefined in concrete classes (subclassResponsibility) **
checkPassword: arg1 for: arg2: raise an error: must be redefined in concrete subclass(es)

** This method must be redefined in concrete classes (subclassResponsibility) **
defaultDirectoryForUser: userName: raise an error: must be redefined in concrete subclass(es)

** This method must be redefined in concrete classes (subclassResponsibility) **
doDELETE: recursive: raise an error: must be redefined in concrete subclass(es)
doLIST: arg: raise an error: must be redefined in concrete subclass(es)
doMKD: arg: raise an error: must be redefined in concrete subclass(es)
doRETR: file onTo: outStream: raise an error: must be redefined in concrete subclass(es)
doSTORE: arg: raise an error: must be redefined in concrete subclass(es)
loginUserNeedsPassword: arg: raise an error: must be redefined in concrete subclass(es)

** This method must be redefined in concrete classes (subclassResponsibility) **

private

closeDataConnection
doReinitialize: reinitialize the system; called when:
- user logged out
- system before shutdown
- reinitialize request
- during startup
doUserLoggedIn: aUser: setup user context
listOfSupportedCommands: ^ self class methodDictionary keys
listOfSupportedFeatures
nextCommand: reads the next command from socket; if a timeout occurs nil is returned otherwise
the command as string and the lastArgument is set to the received argument
serveNextCommandFromSocket: make sure that nobody sends funny messages to me or my superclass
serveSocket: aSocket: (comment from inherited method)
redefine in concrete classes to something like:

private ftp

checkAndGetArgFilename
checkAndGetCWD
checkAndGetDataConnection

protocol testing

allowedToSeeDirectory: dir: |ftp|
ftp := FTPSession basicNew.
ftp whiteListedFoldersForReading:#( '/foo' '/bar*' ).
ftp blackListedFoldersForReading:#( '/foo/bar' '/bar/baz/').
self assert:( ftp allowedToSeeDirectory:'/foo' ).
self assert:( ftp allowedToSeeDirectory:'/fooo' ) not.
self assert:( ftp allowedToSeeDirectory:'/foo/bar' ) not.
self assert:( ftp allowedToSeeDirectory:'/foo/baz' ).
allowedToWriteIntoDirectory: dir: |ftp|
ftp := FTPSession basicNew.
ftp whiteListedFoldersForWriting:#( '/foo' '/bar*' ).
ftp blackListedFoldersForWriting:#( '/foo/bar' '/bar/baz/').
self assert:( ftp allowedToWriteIntoDirectory:'/foo' ).
isPath: aFilename inList: aWhiteOrBlackList: |ftp|
ftp := FTPSession basicNew.
self assert:( ftp isPath:'/foo' inList:#( '/foo' '/bar*' ) ).
self assert:( ftp isPath:'/barr' inList:#( '/foo' '/bar*' ) ).
self assert:( ftp isPath:'/bar/bla' inList:#( '/foo' '/bar*' ) ).
self assert:( ftp isPath:'/baz' inList:#( '/foo' '/bar*' ) ) not.
self assert:( ftp isPath:'/fooo' inList:#( '/foo' '/bar*' ) ) not.
self assert:( ftp isPath:'/fooo' inList:#( '/foo*' '/bar*' ) ).

queries

isBinary

serving

clientOn: aSocket: process for new client

ST/X 7.7.0.0; WebServer 1.702 at 20f6060372b9.unknown:8081; Mon, 18 Nov 2024 04:39:29 GMT