xref: /PHP-5.6/ext/ftp/tests/server.inc (revision af7828a2) 
1<?php
2
3$socket = null;
4$errno = 0;
5$context = stream_context_create(array('ssl' => array('local_cert' => dirname(__FILE__).'/cert.pem')));
6
7for ($i=0; $i<10 && !$socket; ++$i) {
8	$port = rand(50000, 65535);
9
10	$socket = stream_socket_server("tcp://127.0.0.1:$port", $errno, $errstr, STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context);
11}
12//set anther random port that is not the same as $port
13do{
14	$pasv_port = rand(50000, 65535);
15}while($pasv_port == $port);
16
17if (!$socket) {
18	die("could not start/bind the ftp server\n");
19}
20
21
22
23
24$pid = pcntl_fork();
25
26
27
28function pasv_listen($action){
29	global $pasv_port, $tmp_file;
30	$tmp_file = 'nm2.php';
31	$pid = pcntl_fork();
32	if($pid === 0){
33		$soc  = stream_socket_server("tcp://127.0.0.1:$pasv_port");
34		$fs = stream_socket_accept($soc, 3);
35		switch ($action) {
36			case 'fget':
37			case 'get':
38			//listen for 3 seconds 3 seconds
39			fputs($fs, "I am passive.\r\n");
40			break;
41			case 'put':
42			file_put_contents($tmp_file,  stream_get_contents($fs));
43			break;
44			case 'list':
45			fputs($fs, "drwxr-x---   3 owner  group      4096 Jul 12 12:16 .\r\n");
46			fputs($fs, "drwxr-x---   3 owner  group      4096 Jul 12 12:16 ..\r\n");
47			fputs($fs, "drwxr-x---   3 owner  group      4096 Jul 12 12:16 public_ftp\r\n");
48			break;
49			case 'list_null':
50			fputs($fs, "\r\n");
51			break;
52		}
53		fclose($fs);
54		exit;
55	}
56}
57
58
59
60if ($pid) {
61
62	function dump_and_exit($buf)
63	{
64		var_dump($buf);
65		fclose($GLOBALS['s']);
66		exit;
67	}
68
69	function anonymous()
70	{
71		return $GLOBALS['user'] === 'anonymous';
72	}
73
74	/* quick&dirty realpath() like function */
75	function change_dir($dir)
76	{
77		global $cwd;
78
79		if ($dir[0] == '/') {
80			$cwd = $dir;
81			return;
82		}
83
84		$cwd = "$cwd/$dir";
85
86		do {
87			$old = $cwd;
88			$cwd = preg_replace('@/?[^/]+/\.\.@', '', $cwd);
89		} while ($old != $cwd);
90
91		$cwd = strtr($cwd, array('//' => '/'));
92		if (!$cwd) $cwd = '/';
93	}
94
95	$s = stream_socket_accept($socket);
96
97	if (!$s) die("Error accepting a new connection\n");
98
99	fputs($s, "220----- PHP FTP server 0.3 -----\r\n220 Service ready\r\n");
100	$buf = fread($s, 2048);
101
102
103	function user_auth($buf) {
104		global $user, $s, $ssl, $bug37799;
105
106		if (!empty($ssl)) {
107			if ($buf !== "AUTH TLS\r\n") {
108				fputs($s, "500 Syntax error, command unrecognized.\r\n");
109				dump_and_exit($buf);
110			}
111
112			if (empty($bug37799)) {
113				fputs($s, "234 auth type accepted\r\n");
114			} else {
115				fputs($s, "666 dummy\r\n");
116				fputs($s, "666 bogus msg\r\n");
117				exit;
118			}
119
120			if (!stream_socket_enable_crypto($s, true, STREAM_CRYPTO_METHOD_SSLv23_SERVER)) {
121				die("SSLv23 handshake failed.\n");
122			}
123
124			if (!preg_match('/^PBSZ \d+\r\n$/', $buf = fread($s, 2048))) {
125				fputs($s, "501 bogus data\r\n");
126				dump_and_exit($buf);
127			}
128
129			fputs($s, "200 OK\r\n");
130			$buf = fread($s, 2048);
131
132			if ($buf !== "PROT P\r\n") {
133				fputs($s, "504 Wrong protection.\r\n");
134				dump_and_exit($buf);
135			}
136
137			fputs($s, "200 OK\r\n");
138
139			$buf = fread($s, 2048);
140		}
141
142		if ($buf == "AUTH TLS\r\n") {
143		   fputs($s, "500 not supported.\r\n");
144		   return ;
145		} else if (!preg_match('/^USER (\w+)\r\n$/', $buf, $m)) {
146			fputs($s, "500 Syntax error, command unrecognized.\r\n");
147			dump_and_exit($buf);
148		}
149		$user = $m[1];
150		if ($user !== 'user' && $user !== 'anonymous') {
151			fputs($s, "530 Not logged in.\r\n");
152			fclose($s);
153			exit;
154		}
155
156		if (anonymous()) {
157			fputs($s, "230 Anonymous user logged in\r\n");
158
159		} else {
160			fputs($s, "331 User name ok, need password\r\n");
161
162			if (!preg_match('/^PASS (\w+)\r\n$/', $buf = fread($s, 100), $m)) {
163				fputs($s, "500 Syntax error, command unrecognized.\r\n");
164				dump_and_exit($buf);
165			}
166
167			$pass = $m[1];
168			if ($pass === 'pass') {
169				fputs($s, "230 User logged in\r\n");
170			} else {
171				fputs($s, "530 Not logged in.\r\n");
172				fclose($s);
173				exit;
174			}
175		}
176	}
177
178	user_auth($buf);
179
180	$cwd = '/';
181	$num_bogus_cmds = 0;
182
183	while($buf = fread($s, 4098)) {
184		if (!empty($bogus)) {
185			fputs($s, "502 Command not implemented (".$num_bogus_cmds++.").\r\n");
186
187		} else if ($buf === "HELP\r\n") {
188			fputs($s, "214-There is help available for the following commands:\r\n");
189			fputs($s, " USER\r\n");
190			fputs($s, " HELP\r\n");
191			fputs($s, "214 end of list\r\n");
192
193		} elseif ($buf === "HELP HELP\r\n") {
194			fputs($s, "214 Syntax: HELP [<SP> <string>] <CRLF>\r\n");
195
196		} elseif ($buf === "PWD\r\n") {
197			fputs($s, "257 \"$cwd\" is current directory.\r\n");
198
199		} elseif ($buf === "CDUP\r\n") {
200			change_dir('..');
201			fputs($s, "250 CDUP command successful.\r\n");
202
203		} elseif ($buf === "SYST\r\n") {
204			if (isset($bug27809)) {
205				fputs($s, "215   OS/400 is the remote operating system. The TCP/IP version is \"V5R2M0\"\r\n");
206			} else {
207				fputs($s, "215 UNIX Type: L8.\r\n");
208			}
209
210		} elseif ($buf === "TYPE A\r\n") {
211			$ascii = true;
212			fputs($s, "200 OK\r\n");
213
214		} elseif ($buf === "AUTH SSL\r\n") {
215			$ascii = true;
216			fputs($s, "500 not supported\r\n");
217
218		} elseif ($buf === "TYPE I\r\n") {
219			$ascii = false;
220			fputs($s, "200 OK\r\n");
221
222		} elseif ($buf === "QUIT\r\n") {
223			break;
224
225		} elseif (preg_match("~^PORT (\d+),(\d+),(\d+),(\d+),(\d+),(\d+)\r\n$~", $buf, $m)) {
226			$host = "$m[1].$m[2].$m[3].$m[4]";
227			$port = ((int)$m[5] << 8) + (int)$m[6];
228			fputs($s, "200 OK.\r\n");
229
230		} elseif (preg_match("~^STOR ([\w/.-]+)\r\n$~", $buf, $m)) {
231			fputs($s, "150 File status okay; about to open data connection\r\n");
232
233			if(empty($pasv))
234			{
235				if (!$fs = stream_socket_client("tcp://$host:$port")) {
236					fputs($s, "425 Can't open data connection\r\n");
237					continue;
238				}
239
240				$data = stream_get_contents($fs);
241				$orig = file_get_contents(dirname(__FILE__).'/'.$m[1]);
242
243
244				if (isset($ascii) && !$ascii && $orig === $data) {
245					fputs($s, "226 Closing data Connection.\r\n");
246
247				} elseif ((!empty($ascii) || isset($bug39583)) && $data === strtr($orig, array("\r\n" => "\n", "\r" => "\n", "\n" => "\r\n"))) {
248					fputs($s, "226 Closing data Connection.\r\n");
249
250				} else {
251					var_dump($data);
252					var_dump($orig);
253					fputs($s, "552 Requested file action aborted.\r\n");
254				}
255				fclose($fs);
256			}else{
257				$data = file_get_contents('nm2.php');
258				$orig = file_get_contents(dirname(__FILE__).'/'.$m[1]);
259				if ( $orig === $data) {
260					fputs($s, "226 Closing data Connection.\r\n");
261
262				} else {
263					var_dump($data);
264					var_dump($orig);
265					fputs($s, "552 Requested file action aborted.\r\n");
266				}
267			}
268
269		} elseif (preg_match("~^CWD ([A-Za-z./]+)\r\n$~", $buf, $m)) {
270			change_dir($m[1]);
271			fputs($s, "250 CWD command successful.\r\n");
272
273		} elseif (preg_match("~^NLST(?: ([A-Za-z./]+))?\r\n$~", $buf, $m)) {
274
275			if (isset($m[1]) && (($m[1] === 'bogusdir') || ($m[1] === '/bogusdir'))) {
276				fputs($s, "250 $m[1]: No such file or directory\r\n");
277				continue;
278			}
279
280			// there are some servers that don't open the ftp-data socket if there's nothing to send
281			if (isset($bug39458) && isset($m[1]) && $m[1] === 'emptydir') {
282				fputs($s, "226 Transfer complete.\r\n");
283				continue;
284			}
285
286			if (empty($pasv)) {
287				fputs($s, "150 File status okay; about to open data connection\r\n");
288				if (!$fs = stream_socket_client("tcp://$host:$port")) {
289					fputs($s, "425 Can't open data connection\r\n");
290					continue;
291				}
292			} else {
293				fputs($s, "125 Data connection already open; transfer starting.\r\n");
294				$fs=$pasvs;
295			}
296
297
298			if ((!empty($ssl)) && (!stream_socket_enable_crypto($pasvs, true, STREAM_CRYPTO_METHOD_SSLv23_SERVER))) {
299				die("SSLv23 handshake failed.\n");
300			}
301
302			if (empty($m[1]) || $m[1] !== 'emptydir') {
303				fputs($fs, "file1\r\nfile1\r\nfile\nb0rk\r\n");
304			}
305
306			fputs($s, "226 Closing data Connection.\r\n");
307			fclose($fs);
308
309		} elseif (preg_match("~^MKD ([A-Za-z./]+)\r\n$~", $buf, $m)) {
310			if (isset($bug7216)) {
311				fputs($s, "257 OK.\r\n");
312			} else {
313				fputs($s, "257 \"/path/to/ftproot$cwd$m[1]\" created.\r\n");
314			}
315
316		} elseif (preg_match('/^USER /', $buf)) {
317			user_auth($buf);
318
319		} elseif (preg_match('/^MDTM ([\w\h]+)/', $buf, $matches)) {
320			switch ($matches [1]){
321				case "A":
322				fputs($s, "213 19980615100045.014\r\n");
323				break;
324				case "B":
325				fputs($s, "213 19980615100045.014\r\n");
326				break;
327				case "C":
328				fputs($s, "213 19980705132316\r\n");
329				break;
330				case "19990929043300 File6":
331				fputs($s, "213 19991005213102\r\n");
332				break;
333				default :
334				fputs($s, "550 No file named \"{$matches [1]}\"\r\n");
335				break;
336			}
337		}elseif (preg_match('/^RETR ([\w\h]+)/', $buf, $matches)) {
338			if(!empty($pasv)){
339				;
340			}
341			else if (!$fs = stream_socket_client("tcp://$host:$port")) {
342				fputs($s, "425 Can't open data connection\r\n");
343				continue;
344			}
345
346			switch($matches[1]){
347
348				case "pasv":
349					fputs($s, "150 File status okay; about to open data connection.\r\n");
350					//the data connection is handled in another forked process
351					// called from outside this while loop
352					fputs($s, "226 Closing data Connection.\r\n");
353					break;
354				case "a story":
355					fputs($s, "150 File status okay; about to open data connection.\r\n");
356					fputs($fs, "For sale: baby shoes, never worn.\r\n");
357					fputs($s, "226 Closing data Connection.\r\n");
358					break;
359				case "binary data":
360					fputs($s, "150 File status okay; about to open data connection.\r\n");
361					$transfer_type = $ascii? 'ASCII' : 'BINARY' ;
362					fputs($fs, $transfer_type."Foo\0Bar\r\n");
363					fputs($s, "226 Closing data Connection.\r\n");
364					break;
365				case "fget":
366					fputs($s, "150 File status okay; about to open data connection.\r\n");
367					$transfer_type = $ascii? 'ASCII' : 'BINARY' ;
368					fputs($fs, $transfer_type."FooBar\r\n");
369					fputs($s, "226 Closing data Connection.\r\n");
370					break;
371				case "fgetresume":
372					fputs($s, "150 File status okay; about to open data connection.\r\n");
373					$transfer_type = $ascii? 'ASCII' : 'BINARY' ;
374					fputs($fs, "Bar\r\n");
375					fputs($s, "226 Closing data Connection.\r\n");
376                                        break;
377                                case "fget_large":
378					fputs($s, "150 File status okay; about to open data connection.\r\n");
379                                        $transfer_type = $ascii? 'ASCII' : 'BINARY' ;
380                                        if ($GLOBALS['rest_pos'] == '5368709119') {
381					    fputs($fs, "X");
382                                        } else {
383					    fputs($fs, "Y");
384                                        }
385					fputs($s, "226 Closing data Connection.\r\n");
386                                        break;
387				case "mediumfile":
388					fputs($s, "150 File status okay; about to open data connection.\r\n");
389					for($i = 0; $i < 150; $i++){
390						fputs($fs, "This is line $i of the test data.\n");
391					}
392					fputs($s, "226 Closing data Connection.\r\n");
393
394				default:
395					fputs($s, "550 {$matches[1]}: No such file or directory \r\n");
396					break;
397			}
398			if(isset($fs))
399				fclose($fs);
400
401
402		}elseif (preg_match('/^PASV/', $buf, $matches)) {
403			$pasv=true;
404			$p2 = $pasv_port % ((int) 1 << 8);
405			$p1 = ($pasv_port-$p2)/((int) 1 << 8);
406			$host = "127.0.0.1";
407			if (!empty($ssl)) {
408				$soc = stream_socket_server("tcp://127.0.0.1:$pasv_port", $errno, $errstr, STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context);
409			} else {
410				$soc = stream_socket_server("tcp://127.0.0.1:$pasv_port");
411			}
412
413			fputs($s, "227 Entering Passive Mode. (127,0,0,1,{$p1},{$p2})\r\n");
414
415			$pasvs = stream_socket_accept($soc,10);
416
417		}elseif (preg_match('/^EPSV/', $buf, $matches)) {
418			fputs($s, "550 Extended passsive mode not supported.\r\n");
419		} elseif (preg_match('/^SITE EXEC/', $buf, $matches)) {
420			fputs($s, "200 OK\r\n");
421
422		} elseif (preg_match('/^RMD/', $buf, $matches)) {
423			fputs($s, "250 OK\r\n");
424
425		} elseif (preg_match('/^SITE CHMOD/', $buf, $matches)) {
426			fputs($s, "200 OK\r\n");
427
428		} elseif (preg_match('/^ALLO (\d+)/', $buf, $matches)) {
429			fputs($s, "200 " . $matches[1] . " bytes allocated\r\n");
430
431		}elseif (preg_match('/^LIST www\//', $buf, $matches)) {
432			fputs($s, "150 Opening ASCII mode data connection for file list\r\n");
433			fputs($s, "226 Transfer complete\r\n");
434
435		}elseif (preg_match('/^LIST no_exists\//', $buf, $matches)) {
436			fputs($s, "425 Error establishing connection\r\n");
437
438                }elseif (preg_match('/^REST (\d+)/', $buf, $matches)) {
439                        $GLOBALS['rest_pos'] = $matches[1];
440			fputs($s, "350 OK\r\n");
441                }elseif (preg_match('/^SIZE largefile/', $buf)) {
442                        fputs($s, "213 5368709120\r\n");
443                }else {
444			fputs($s, "500 Syntax error, command unrecognized.\r\n");
445			dump_and_exit($buf);
446		}
447	}
448	fclose($s);
449	exit;
450}
451
452fclose($socket);
453?>
454