[Zope] FTP Malarky with Gibberish Users

Edward Pollard pollej at uleth.ca
Tue Jan 27 16:23:22 EST 2004 

On Jan 27, 2004, at 2:02 AM, Tino Wildenhain wrote:

The else part is what we want here, so we can simple sourge it
out, for example if we modify all userids to contain @ and the
desired path, like this:

between 466 and 477:
          self.userid=self.userid.split("@")[0]+"@/rootpathforallusers"

Thank you for the exemplary advice.

I changed the code as follows (sorry, no line numbers). Please advise 
if you think I've done a horrible thing. I wanted to allow users to 
specify different directories for where they exist, so I only take 
unspecified usernames and bind them against the LDAPUserFolder at /www. 
This will allow superusers to still FTP as normal into Zope.

         i=self.userid.find('@')
         if i ==-1:
             self.userid=self.userid+"@/www"
             i = self.userid.find('@')
#       if i ==-1:
#            if self.server.limiter.check_limit(self):
#                self.respond ('230 Login successful.')
#                self.authorized = 1
#                self.anonymous = 1
#                self.log_info ('Successful login.')
#            else:
#                self.respond('421 User limit reached. Closing 
connection.')
#                self.close_when_done()
#        else:
         path=self.userid[i+1:]

The remainder of the function has been brought back one indent level, 
there is no else clause anymore.

But I have a problem. I beg indulgence as this seems to perhaps not be 
a problem with Zope, but with Dreamweaver. Before I go into details, 
let me explain why I'm bringing it to you all: as far as I am aware, it 
is standard in FTP that the user have read access to the entire tree 
above his or her connection point. So as far as I can tell some of the 
things DW is trying to do with its connection, while uneccesary, are 
valid. Medusa is not actually changing the root directory for the user 
(regardless of the comments in ZServer.py implying that it would), so 
CWD / is failing.

This seems to be the source of my consternation.

So, as follows:

Dreamweaver is our primary FTP client. And with this change, it works - 
50% of the time. If I go into the site manager, and click connect, it 
connects fine. Z2.log excerpt follows (IP's sanitized for privacy):

0.0.0.0 50839 ==> 220 castor FTP server (Medusa Async V1.21 
[experimental]) ready.
0.0.0.0 50839 <== USER pollej
0.0.0.0 50839 ==> 331 Password required.
0.0.0.0 50839 <== PASS <password>
0.0.0.0 50839 ==> 230 Login successful.
0.0.0.0 50839 <== SYST
0.0.0.0 50839 ==> 215 UNIX Type: L8
0.0.0.0 50839 <== CWD /www/ftptest          <--------------------- Note 
this line
0.0.0.0 50839 ==> 250 CWD command successful.
0.0.0.0 50839 <== CWD /www/ftptest/_mm
0.0.0.0 50839 ==> 550 No such directory.
0.0.0.0 50839 <== CWD /
0.0.0.0 50839 ==> 530 Unauthorized.
0.0.0.0 50839 <== CWD /
0.0.0.0 50839 ==> 530 Unauthorized.
0.0.0.0 50839 <== CWD /
0.0.0.0 50839 ==> 530 Unauthorized.
0.0.0.0 50839 <== PWD
0.0.0.0 50839 ==> 257 "/www/ftptest" is the current directory.
0.0.0.0 50839 <== TYPE A
0.0.0.0 50839 ==> 200 Type set to ASCII.
0.0.0.0 50839 <== PASV
0.0.0.0 50839 ==> 227 Entering Passive Mode (142,66,0,0,226,201)
0.0.0.0 50839 <== LIST
0.0.0.0 50839 ==> 150 Opening ASCII mode data connection for file list
0.0.0.0 50839 ==> 226 Transfer complete

Everything is fine. I now disconnect, and then reconnect.

0.0.0.0 50841 ==> 220 castor FTP server (Medusa Async V1.21 
[experimental]) ready.
0.0.0.0 50841 <== USER pollej
0.0.0.0 50841 ==> 331 Password required.
0.0.0.0 50841 <== PASS <password>
0.0.0.0 50841 ==> 230 Login successful.
0.0.0.0 50841 <== SYST
0.0.0.0 50841 ==> 215 UNIX Type: L8
0.0.0.0 50841 <== CWD /www/ftptest/_mm
0.0.0.0 50841 ==> 550 No such directory.
0.0.0.0 50841 <== CWD /
0.0.0.0 50841 ==> 530 Unauthorized.
0.0.0.0 50841 <== CWD /
0.0.0.0 50841 ==> 530 Unauthorized.
0.0.0.0 50841 <== CWD /
0.0.0.0 50841 ==> 530 Unauthorized.
0.0.0.0 50841 <== PWD
0.0.0.0 50841 ==> 257 "/www" is the current directory.
0.0.0.0 50841 <== TYPE A
0.0.0.0 50841 ==> 200 Type set to ASCII.
0.0.0.0 50841 <== PASV
0.0.0.0 50841 ==> 227 Entering Passive Mode (142,66,0,0,226,202)
0.0.0.0 50841 <== LIST
0.0.0.0 50841 ==> 150 Opening ASCII mode data connection for file list
0.0.0.0 50841 ==> 226 Transfer complete

You will notice one important line is missing in the second log 
excerpt. Why? I don't know.

What is even more peculiar is that Dreamweaver thinks it is in the same 
directory in both conditions, "/www/ftptest", but it is not. In the 
second instance displays the content of "/www" is displayed. Attempting 
to navigate the server under this condition results in failure, as it 
issues CWD commands as if it were already in "/www/ftptest" (ie. 
clicking on ftptest issues a "CWD /www/ftptest/ftptest" command)

If I enable FTP Access for Anonymous the entire problem goes away - 
Dreamweaver connections are always succesful and behave properly. 
However gibberish users can now connect and download to their hearts 
content.

I hope I've managed to explain my problem sensibly, and I hope even 
more someone can present some insight on how to make Zope play nice 
with this particular FTP client, if that is at all possible.

More information about the Zope mailing list