eclipse-ecal / fineftp-server Goto Github PK

I build fineftp in win10 (Visual Studio 2019), When I running .exe in win7, They say:
"The program can't start because MSVCP140D.dll is missing from your computer."
how build .exe support win7 ?

My system: Windows 8
Why fineftp shows 0.0.0.0?
How to set shared directory as read-only in path.txt?
FineFTP is great tool! Thank you, very much!

Test 4 clients, each 100 threads, transmission 10000 files(each 2M)，finally, more than ten files were lost, many files can`t be deleted. 

Add trace log for each FtpSession, found that:There are some data connection failures at the client, and the control channel ‘QUIT’ fails.
Then, much FtpSession cant be released(such as: FtpSession() called 100 times, ~FtpSession() called 90 times, all clients were closed), and data socket in FtpSession listen always, and files opened in session cant be deleted.

Hi,

I'm currently trying to update from v1.0.5 to v1.4.1 and experience some problems when downloading an empty file from the ftp server.

I've tried to debug this issue and found the following:

1. The error occurs here: https://github.com/eclipse-ecal/fineftp-server/blob/master/fineftp-server/src/ftp_session.cpp#L535
2. When I follow the const auto file = ReadableFile::get(local_path); call right before, I found that the line
   https://github.com/eclipse-ecal/fineftp-server/blob/v1.4.1/fineftp-server/src/unix/file_man.cpp#L66 fails.
3. I then checked the man-page of mmap (https://man7.org/linux/man-pages/man2/mmap.2.html) and found that
   The length argument specifies the length of the mapping (which must be greater than 0). The variable st.st_size is actually 0, so I think, that this is the reason the call fails.

Would it make sense to exclude this check for empty files?
Or do I have to configure something in my request (I'm using curl) to avoid this behaviour?
In v1.0.5 everything works fine.

I hacked something on my machine that fixes the issue for me:

  void* map_start = nullptr;
  if(st.st_size > 0){
  map_start = ::mmap(nullptr, st.st_size, PROT_READ, MAP_SHARED, handle, 0);
    if (MAP_FAILED == map_start)
    {
      ::close(handle);
      return {};
    }
  }

...but I'm a bit concerned that the null-pointer is put into the file struct later on.

Thanks and best regards
oz

Good afternoon,
I've run this server in docker, forwarded port 21 to host network, but I couldn't connect to the server from dolphin. I've tried to run it outside docker, opened up dolphin, and it worked. I've done some research and found out what's wrong. The problem is in Passive mode. Especially in its implementation. Every request of data port, the server would initialize a new random port and send it to the client for communication. Docker has no functionality to forward all ports (if run the server on host network - port 21 can't be open, 'cause of errno 13 (Access denied)). The simplest solution for all of this - set fixed data port.
So, can you please add this feature and let users decide in constructor whether to set fixed data port or leave it as it is?
Best regards,
imperzer0.

Do you have any plan for starting from configuration file ?

Suppose an attacker has a credential to access FTP server.

And suppose a user using fineFTP wants to share only a specific directory, as shown below.

#include <fineftp/server.h>

#include <iostream>
#include <thread>
#include <string>

int main()
{

	const std::string local_root =  "/home/kong2204/Desktop/";

	fineftp::FtpServer server(2121);

	server.addUserAnonymous(local_root, fineftp::Permission::All);
	server.addUser         ("MyUser",   "MyPassword", local_root, fineftp::Permission::ReadOnly);
	server.addUser         ("Uploader", "123456",     local_root, fineftp::Permission::DirList | fineftp::Permission::DirCreate | fineftp::Permission::FileWrite | fineftp::Permission::FileAppend);

	server.start(4);

	for (;;)
	{
		std::this_thread::sleep_for(std::chrono::milliseconds(100));
	}

	return 0;
}

In this case, an attacker can access unauthorized directories via path traversal.

Here's why.

The implementation of the toLocalPath function used by fineFTP to handle paths is shown below.

	std::string FtpSession::toLocalPath(const std::string& ftp_path) const
	{
		assert(logged_in_user_);

		// First make the ftp path absolute if it isn't already
		const std::string absolute_ftp_path = toAbsoluteFtpPath(ftp_path);

		// Now map it to the local filesystem
		return fineftp::Filesystem::cleanPathNative(logged_in_user_->local_root_path_ + "/" + absolute_ftp_path);
	}

	std::string FtpSession::toAbsoluteFtpPath(const std::string& rel_or_abs_ftp_path) const
	{
		std::string absolute_ftp_path;

		if (!rel_or_abs_ftp_path.empty() && (rel_or_abs_ftp_path[0] == '/'))
		{
			absolute_ftp_path = rel_or_abs_ftp_path;
		}
		else
		{
			absolute_ftp_path = fineftp::Filesystem::cleanPath(ftp_working_directory_ + "/" + rel_or_abs_ftp_path, false, '/');
		}

		return absolute_ftp_path;
	}

A logic is needed that checks whether the return string of toLocalPath is a subdirectory of the local root (or the local root itself). However, there isn't

Thus, if /../../../../ (or /..\..\..\..\..\ on Windows) is used, depending on the account's permissions, file reads or writes for unauthorized paths can become possible.

I upload a file(named "FASTSTARTKIT_TRK-MPC5604P_SDK.zip") with size 760 MB (797,657,236 byte) using Ftp Client FileZilla v3.59.0. In fact, it fails to transfer the file and error occurs, but the server responses with "226 Done"
Then I check the file uploaded on the server , and its size is only 314 MB (329,515,008 bytes) less than 760MB.

The following is FileZilla client log:

Command:	CWD /
Response:	250 Working directory changed to /
Command:	TYPE I
Response:	200 Switching to binary mode
Command:	PASV
Response:	227 Entering passive mode (127,0,0,1,14,85)
Command:	STOR FASTSTARTKIT_TRK-MPC5604P_SDK.zip
Response:	150 Receiving file
Error:		Can't read “F:\Documents\FileZillaFTPRoot\linux\FASTSTARTKIT_TRK-MPC5604P_SDK.zip”。
Response:	226 Done
Error:		Transfer 329,515,008 bytes (use 4 seconds) , than fatal transfer error occurs.

When uploading files and immediatelly renaming them with RNFR + RNTO, the rename sometimes fails on Windows. It seems to work fine on Linux and macOS.

When checking with Wireshark, one can see that fineFTP Server properly returns DONE to indicate that the file-transfer is successful (from server-side), but then the rename fails with the issue:
"The Process cannot access the file, as it is still being used by another process".

The following pcap file shows the issue of one renamed file.
fineftp_rename_issue.zip

I assume, that Windows has some fancy algorithms in place that aim to flush the files in the background.

The following branch has tests in place that reproduce the issue easily by using multiple CURL clients: https://github.com/eclipse-ecal/fineftp-server/tree/test/memory_mapped_files

@bjuulp: If you have any more input feel free to post it here 😊

Btw: If I recall correctly, other FTP Servers like FileZilla have the same issue, but I would still prefer to have that fixed for fineFTP.

Hello,

First of all a kind thank you for this great library!

Secondly, I was wondering if you are considering to add support for the MDTM command to get the last modified date of a single file?

Thanks again!

The 550 message send by sendFtpMessage contains two CRLFs, which causes the FTP client to be abnormal.

Hi,

First of all, kudos for this project! I just give it a try to the FTP server and works like a charm. The codebase looks quite clean and the code is easy to read 💯

While I was trying to integrate your library in my own project, I noticed that you are not exporting the public symbols in the API. Since in my CMake code I have the following lines:

set(CMAKE_CXX_VISIBILITY_PRESET hidden)
set(CMAKE_VISIBILITY_INLINES_HIDDEN 1)

I get "undefined reference" linking errors when trying to use the FtpServer class.

It would be nice to add the export of public symbols by using the GeneraExportHeader feature in CMake:
https://cmake.org/cmake/help/latest/module/GenerateExportHeader.html

I actually would like to contribute to the project with that addition. I hope I can find sometime to do it in the next days 😇

          Do you have plan  to add  a  cmake build system for arm/aarch ?

Originally posted by @aimybbe in #10 (comment)

See the screenshot below where the client sends the "LIST" command, but the server is shown sending the directory listing to full completion prior to sending 150 reply code.
This seems to almost always cause my java FTPClient to fail the first time it make a directory listing call.
Note: I added some debug prints to the sendDirectoryListing() method to print the ec return code as well as the files I have in my FTP directory.

There is a FTP command (file size) that I needed, and it's not implemented in fineFTP.
If this request is eligible, I can implement this command and create a pull request.

Definition of SIZE command in RFC-3659

我在浏览器输入了地址和端口号，进入登陆验证阶段后输入用户名密码之后无法成功登陆，系统自动给我退出了服务器

$ cmake -B ./iOS_Build -DCMAKE_SYSTEM_NAME=iOS -G Xcode

CMake Error in fineftp-server/CMakeLists.txt:
Imported target "asio::asio" includes non-existent path

"Asio_INCLUDE_DIR-NOTFOUND"

in its INTERFACE_INCLUDE_DIRECTORIES. Possible reasons include:

• The path was deleted, renamed, or moved to another location.

• An install or uninstall procedure did not complete successfully.

• The installation package was faulty and references files it does not
  provide.

I wrote a client program myself and successfully connected to your FTP server, but failed to create and delete folders on your server. Can you help me find out what went wrong? Grateful.

void del(char *usr_cmd) { time_t t_time; t_time=time(NULL); struct tm* tv=localtime(&t_time); char *cmd = strchr(usr_cmd,' '); char filename[1024]; if(cmd == NULL) { printf("command error!\n"); cout<<asctime(tv); return; } else { while(*cmd == ' ') cmd++; } if(cmd == NULL||cmd =="\0") { printf("command error!\n"); asctime(tv); return; } else { strncpy(filename,cmd,strlen(cmd)); filename[strlen(cmd)]='\0'; ftp_send_cmd("DELE ",filename,sock_control); ftp_get_reply(sock_control); } }

int ftp_send_cmd(const char *s1, const char *s2, int sock_fd) { time_t t_time; t_time=time(NULL); struct tm* tv=localtime(&t_time); char send_buf[256]; int send_err, len; if(s1) { strcpy(send_buf,s1); if(s2) { strcat(send_buf, s2); strcat(send_buf,"\r\n"); len = strlen(send_buf); send_err = send(sock_fd, send_buf, len, 0); } else { strcat(send_buf,"\r\n"); len = strlen(send_buf); send_err = send(sock_fd, send_buf, len, 0); } } if(send_err < 0) printf("send() error!\n"); cout<<asctime(tv); return send_err; }
error message：
FTP << DELE stats FTP >> 450 Unable to delete file

MS FTP.exe does not support the passive mode.
Can i use FTP.exe in MS ALL Windows OS ?

fineftp-server should get at leas some basic automated CI tests to ensure its quality. Probably using gtest.

I think for keeping it simple it should be ok to just invoke curl from a system command

Tasks:

• #51
• Add CMake options for building fineftp tests
• Add basic tests using gtest
• Modify GH actions yml files so they execute the tests

Severity Code Description Project File Line Suppression State
Error LNK2019 unresolved external symbol "public: __thiscall fineftp::FtpServer::FtpServer(unsigned short)" (??0FtpServer@fineftp@@QAE@G@Z) referenced in function "void __cdecl startFtp(void)" (?startFtp@@yaxxz) ftpProject\main.obj 1

when i run it generates a .lib file and tries to execute it.

and an error is thrown out.

Currently, the server can only be configured with a port.

It would be great if we could choose a specific network interface (via IP address) to bind to.

for example:

std::string address = "10.1.30.88";
fineftp::FtpServer server(address, port);

Hello, how to make a client from this server by an easy way?
I know that server and client have almost equal code but I tried so hard and without success.

Hi,

I'd like to package this library for conan center. Could you please release a version for that?

Thanks,

Alex

Can you add some new features in your free time?

1、Password validation：After the client enters the user password, it encrypts it, and then verifies it with the cipher text of the server. Only after they match each other can they log in to the server.

2、Log record：The client's request message and connection time as well as the client's operation record and operation time are recorded through the log.

Thank you very much !