Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add glftpd integration test server #1012

Merged
merged 2 commits into from
Oct 19, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions FluentFTP.Dockers/Build.bat
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,6 @@ docker build pyftpdlib -t pyftpdlib:fluentftp

docker build bftpd -t bftpd:fluentftp

docker build glftpd -t glftpd:fluentftp

pause
51 changes: 51 additions & 0 deletions FluentFTP.Dockers/glftpd/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
FROM debian:bullseye-slim

ARG GLFTPD_VERSION=2.12
ARG OPENSSL_VERSION=3.0.1

ENV DEBIAN_FRONTEND=noninteractive
ENV APT_CMD='apt install -y --no-install-recommends'

RUN apt update && apt upgrade -y && apt install -y apt-utils && \
\
$APT_CMD \
iproute2 \
ca-certificates \
libpsl5 \
openssl \
publicsuffix \
wget \
zip unzip \
build-essential \
xinetd ftp procps

RUN cd /tmp && \
wget https://glftpd.io/files/glftpd-LNX-${GLFTPD_VERSION}_${OPENSSL_VERSION}_x64.tgz && \
tar -xzf glftpd-LNX-${GLFTPD_VERSION}_${OPENSSL_VERSION}_x64.tgz && \
\
cd glftpd-LNX-${GLFTPD_VERSION}_${OPENSSL_VERSION}_x64 && \
printf '\nN\nN\n\n\n21\nx\nY\n\n\n\n\n\n' | ./installgl.sh

COPY xinetd.conf /etc/xinetd.conf
RUN sed -i -e "s/\r//" /etc/xinetd.conf

COPY xinetd_glftpd.conf /etc/xinetd.d/glftpd
RUN sed -i -e "s/\r//" /etc/xinetd.d/glftpd

COPY glftpd.conf /etc/glftpd.conf
RUN sed -i -e "s/\r//" /etc/glftpd.conf

COPY run-glftpd.sh /usr/sbin/
RUN sed -i -e "s/\r//" /usr/sbin/run-glftpd.sh && \
chmod +x /usr/sbin/run-glftpd.sh

RUN useradd -m -p savatlcb.1m26 fluentuser && \
mkdir -p /home/fluentuser/ && \
chown -R fluentuser:users /home/fluentuser

VOLUME /home/fluentuser
VOLUME /var/log/glftpd

EXPOSE 20 21

CMD ["/usr/sbin/run-glftpd.sh"]
13 changes: 13 additions & 0 deletions FluentFTP.Dockers/glftpd/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
services:
glftpd:
build:
context: .
network: host
restart: unless-stopped
ports:
- 0.0.0.0:20:20
- 0.0.0.0:21:21
- 21100-21110:21100-21199
volumes:
- ./home:/home/glftpd
- ./logs:/var/log/glftpd
302 changes: 302 additions & 0 deletions FluentFTP.Dockers/glftpd/glftpd.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,302 @@
CERT_FILE /glftpd/etc/ftpd-ecdsa.pem

#by default upload buffer is 256kb but can be overriden here
#upload_buffer 256

#by default download buffer is based on file system st.st_blksize * 2 but
#can be overriden here
#download_buffer 128

#define min and max allowed tls protocols, default is min tls1.2 and max is not defined
#only uncomment these if you really need to change the default
TLS_MIN_PROTOCOL TLSv1.2
TLS_MAX_PROTOCOL TLSv1.2

#TLS1.0-1.2 ciphers
#glftpd uses HIGH+EECDH+TLSv1.2:HIGH+EDH+TLSv1.2:!aNULL:!MD5:!DSS:!COMPLEMENTOFDEFAULT by default

#ciphers for control connection
#CIPHERS_FOR_CTRL xxx
#ciphers for dirlists
#CIPHERS_FOR_DIR xxx
#ciphers for other data transfers
#CIPHERS_FOR_DATA xxx

#TLS1.3 ciphers
#we dont overrite the openssl default by default
#see https://www.openssl.org/docs/man1.1.1/man1/ciphers.html and section TLS v1.3 cipher suites section

#TLS1.3 ciphers for control connection
#CIPHERS13_FOR_CTRL xxx
#TLS1.3 ciphers for dirlists
#CIPHERS13_FOR_DIR xxx
#TLS1.3 ciphers for data transfers
#CIPHERS13_FOR_DATA xxx

#enable this if you need glftpd to do a full shutdown and wait for other side when closing a data connection
#this is normally not needed but there are special issues with TLS1.3 (see changelog for more info)
#SSL_CLEAN_SHUTDOWN 1

#TLS_FTPS 0

#dont use unless you want to override the openssl defaults
#ECDHE_CURVES P-521:P-384:P-256

pasv_ports 21100-21199

active_ports 20

# Server shutdown: 0=server open, 1=deny all but siteops, !*=deny all, etc
#shutdown 1

xdupe *.zip *.[Rr][0-9][0-9] *.[Rr][Aa][Rr] *.[mM][pP][3]

sitename_long FluentFTP[:space:]IntegrationTest[:space:]Server
sitename_short FIS
email [email protected]

rootpath /glftpd

# Path relative to the ROOTPATH.
datapath /ftp-data

welcome_msg /ftp-data/misc/welcome.msg *
goodbye_msg /ftp-data/misc/goodbye.msg *
newsfile /ftp-data/misc/newsfile *
banner /ftp-data/misc/banner

# TLS enforcements.
userrejectsecure !*
userrejectinsecure !*
denydiruncrypted !*
denydatauncrypted !*

# we will not show the dir/file listings in color
color_mode 0

##############################################################################
# SECTION # KEYWORD DIRECTORY SEPARATE CREDITS #
##############################################################################
stat_section DEFAULT * yes

##############################################################################
################## THE RIGHTS SECTION BEGINS HERE ####################
##############################################################################
# (you can use a ! in front of any group/user/flag to negate it) #
# The default is no, you don't need to add "!*" at the end #
# #
# Function Path =GROUP or -username or X (flag) #
##############################################################################

upload * *
resume * *
makedir * *
download * *
dirlog * *
rename * 1 =STAFF
filemove * 1 =STAFF
renameown * *
nuke * *
unnuke * *
delete * 1
deleteown * *

##############################################################################
################### THE RIGHTS SECTION ENDS HERE #####################
##############################################################################

##############################################################################
# secure_pass mask users to whom this rule applies #
##############################################################################

#secure_pass a2.. *

##############################################################################
# secure_ip min. fields min. CIDR bits allow hostnames? need ident? users to whom this applies
##############################################################################
secure_ip 1 8 0 1 *

##############################################################################
#path-filter group path/msgfile filters
path-filter * /ftp-data/misc/pathmsg ^[-A-Za-z0-9_.()[:space:]]*$ ^\. ^-

#show_extension_utf8

use_dir_size k /site/incoming
#display_size_unit m
#display_speed_unit k

#if enabled, allow uploading of txt files in ASCII mode
#allow_ascii_uploads *.txt

#if enabled dont allow ASCII downloads for any file size and any file type
#ascii_downloads -1 *

show_totals 10 *
show_diz .message *

free_space 20
max_users 15 5
total_users 300
# dupecheck how many days? ignore file case like Windows?
dupe_check 7 no

dl_incomplete 1
noretrieve passwd passwd- group group-

min_homedir /site

#############################################################################
# <cap 1st letter> <lower/upper> character conversions...
#file_names 0 lower [:space:]_
#dir_names 1 none [:space:]_
#############################################################################

#tagline No[:space:]Tagline[:space:]Set

ignore_type *.[tT][xX][tT] *.[nN][fF][oO] [rR][eE][aA][dD][mM][eE] .message
ignore_type *.[sS][fF][vV] *.[cC][rR][cC] *.[dD][iI][zZ]

#############################################################################
#pre_dir_check /bin/dirscript
#pre_check /bin/dupescript

#post_check /bin/zipscript
#calc_crc *
#############################################################################

############## Location #################### Max number of lines in Display #
requests /ftp-data/misc/requests 10
#############################################################################

oneliners 10
lastonline 0

############################################################################
# Nukedir_Style:
# 1st. Option [Format: %N = DIR]
# 2nd. Option 0 = Delete ALL, 1 = Save main dir., 2 = Save ALL (UNNUKE)
# 3 = Save ALL incl empty dirs
# 3rd. Option [Byte Size] if below, treat as empty dir.
############################################################################
nukedir_style NUKED-%N 2 50000
#nukesubdir_style by[:space:]%U[:space:]-[:space:]%M

empty_nuke 25000
multiplier_max 20

############################################################################
# Private Groups: privgroup GROUPNAME GROUPDESC #
############################################################################
privgroup STAFF My[:space:]Private[:space:]Group

############################################################################
# PRIVPATHS: Directories should be uniquely named (no wildcards) #
############################################################################
#privpath /site/privatedir 1 =STAFF

############################################################################
# CUSTOM SITE COMMANDS #
# site_cmd [CMD NAME] [EXEC/TEXT] [PATH TO FILE] #
############################################################################
site_cmd RULES TEXT /ftp-data/misc/site.rules
site_cmd LOCATE EXEC /bin/locate.sh

# Some aliases for group stats commands
site_cmd GRPWKUP IS GPWK
site_cmd GRPWKDN IS GPWD
site_cmd GRPMONTHUP IS GPMONTHUP
site_cmd GRPMONTHDN IS GPMONTHDN
site_cmd GRPALUP IS GPAL
site_cmd GRPALDN IS GPAD
site_cmd GRPDAYUP IS GPDAYUP
site_cmd GRPDAYDN IS GPDAYDN
custom-grpwkup !8 *
custom-grpwkdn !8 *
custom-grpmonthup !8 *
custom-grpmonthdn !8 *
custom-grpalup !8 *
custom-grpaldn !8 *
custom-grpdayup !8 *
custom-grpdaydn !8 *


custom-rules !8 *

#locate allows users to search priv dirs !!!!, do not use it
custom-locate 1

-addip 1 2 7
-adduser 1 2 7
-change 1 7
-changeallot 1 2 7
-changeflags 1
-changeratio 1 2 7
-changesratio 1 7
-changehomedir 1
-chmod 1
-chgadmin 1 7
-chgrp 1 7
-chgrp-priv 1
-chpass 1 2
-chpgrp 1 7
-delip 1 2 7
-delownip !8 *
-deluser 1 2 7
-dirs !8 *
-errlog 1
-flags 1 2 7
-gadduser 1 2 7
-ginfo 2 H
-give G
-group !3 *
-groups 1 7
-grp 1 2 7
-groupcomment 1
-grpadd 1
-grpchange 1
-grpdel 1
-grpnfo 1 2
-grpren 1
-grpstats *
-help !8 *
-info !8 *
-kick D
-kill E
-logins 1
-misc !8 *
-msg !8 *
-msg* 1
-msg= 1
-msg{ !8 *
-nuke A
-onel !8 *
-oneladd !8 *
-passwd !8 *
-predupe C
-purge 1
-readd 1 2 7
-renuser 1 7
-reqlog 1 A B 7
-request !8 *
-requestadd !8 *
-show 1
-showhiddenusers 1
-stat !8 *
-stats !8 *
-swho =STAFF 1 E
-take F
-syslog 1 =STAFF
-undupe C
-unnuke B
-update 1
-user !8 *
-users H
-usercomment 1 7
-userextra 1 2 7
-who !8 *
-wipe 1
-seen 1
-laston 1
-userothers 1
-traffic 1 7
Loading