-
Notifications
You must be signed in to change notification settings - Fork 1
/
todo.txt
184 lines (171 loc) · 5.69 KB
/
todo.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
BUGS:
-------------------------------------------------------------
Windows port:
- Crashes early during ft.
- No date/time in log-file.
- Crashes in ssl context when starting up.
v Backslash in config-file / path (interperated as escape by boost)
- Ascii APPE is broken (fails FT)
- FT for dir-listings fails because we miss . and .. entries
REFACTORING:
-------------------------------------------------------------
- Remove CanSeeHiddenDirs() permission - not used
- Make a better file-system iterator, add begin(), end() to Path
UNIT TESTS
-------------------------------------------------------------
FUNCTIONAL TESTS
-------------------------------------------------------------
v Basic functional tests to verify commands, authorzation and authentication
- Test AUTH after TLS is established
- Session timeout
- Transfer timeout
- Long-running transfer to verify that session-timeout is not triggered
- Bogus commands
- Very long command-name
- Very long paths
- Simulate a typical session with some dir, upload, download. Run it several times in parallell.
- Test access to non-recursive dir (and below it, where parent perms applies)
STEPS:
-------------------------------------------------------------
v FTP protocol class
v Add TCP listener and connection loop
v Add session manager
v Add FTP Protocol parser
v Add welcome and simple commands (syst, stat, help)
v Add FTP commands
v RETR
v Implement Session::OpenFile
v Implement WfdeFtpSession::StartTransfer
v Implement a void login/pass handler
v Use exceptions to deal with trannsfer setup errors
v Ensure that we reply unfder all conditions
v Test
v Implement ascii transfer
v STOR
v Implement
v Test
v Implement ascii transfer
v STOU
v APPE
v FEAT
v REST
v ALLO
v ABOR
v CWD
v PWD
v DELE
v RMD
v MKD
v NOOP
v RNFR/RNTO
v HELP
- REIN
v LIST
v Add pure virtual paths
v Format like ls -l
v Hide hidden files/dirs by default
v Options:
-1 (one)
-a (all)
-l (long format - default)
v MLSD
v MLST
v Make sure MLSx always use BINARY transfers
v OPTS MLST
v MDTM
v NLST
v PASV
v STAT
v Fix buffer manipulation in WfdeFtpSession.cpp:121 / FIXME
v Deal with session time-out
v Deal with transfer time-outs (and sessioon to during transfer)
v Add functional test suite (python?)
v Configure the server trough conf-files (to get permissions/paths right)
v Create the required test-files (different sizes)
v Check [almost] all commands
v Upload and download and verify hashes that the files are correctly transferred.
v Check that REST and APPE works
v Add more unit tests
v Add auth manager
v Add auth commands
v Add permissions to the user and merge it upon login
~ Windows port
v Test without TLS
- Add "." and ".." for directory listings
- Re-enable TLS
- Add minidump-support
- Add native service support
- Add protection againts exploits trough "magic" file names (like "con")
ROADMAP:
-------------------------------------------------------------
v Implement the FTP protocol
v Add welcome and auth commands
v Add auth manager
v Add session manager
v Add common transfer commands
v Add file listing (ls)
v Add rest, unique and friends
v Add ACSII transfer
v Add new file listing format
v Add obscure commands
v Add configuration files to wfded
- Check the bind issue in WfdeFtpSession.cpp:611
v Add a simple authentication manager (conf-file based)
v Implement WfdeSesion::OnHousekeeping() - timeout sessions
v Prepare the code for public release
v Finish authentication
v Make sure that all unit tests and performance tests are OK
== RELEASE ALPHA PREVIEW
- Use tools to test for known FTP vulnerabilities
- Deal with PORT and PASV connection establishment time-out (today they will time out with the session)
- Add TLS support
v WfdeSocket for async operations
v WfdeSocket for CC
v WfdeSocket for transfers
v Add TLS socket (transition from normal socket) (Not possible / using TL:S sockets for everything)
v Add AUTH command & friends
v Add PROT command and encrypted transfers
v Enable TLS for PORT mode
v Enable TLS for PASV mode
- Add config for certs
- Allow the server to enforce TLS (config)
~ Add functional tests for FTPS
v Control Channel
v Transfers
- Double AUTH
- Transfer with and without Transfer Encryption
- Add tmp filenames for files being uploaded.
- Add IPv6 support for FTP
~ Port to Windows
- Port to OS/X
- Add statistics manager
- Do proper performance tests
- Add HTTP protocol
- Add basic HTTP 1.0 and 1.1
- Add Auth / Session management
- Use tools to test for common vulnerabilities
=== RELERASE ALPHA
- Stabilize
- Optimize for performance
- ASCII transfers are slow
- Uploads are slow
- Implement suggested features whenever they make sense
- Use tools to test for common vulnerabilities
=== RELEASE BETA ===
- Stabilize
- Optimize memory usage
- Optimize troughput
- Implement suggested features whenever they make sense
- Use tools to test for common vulnerabilities
=== RELEASE RC ===
- Stabilize
- Use tools to test for common vulnerabilities
=== RELEASE ===
FUTURE FEATURES:
-------------------------------------------------------------
- Scalibility for cloud optimized use cases
- Events
- Built in scripting triggereded by events
- C++ based plugins based on simple interfaces.
- Native scp support (limited ssh/sshfs support)
- NFS support with proper authentication and encryption?