Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 220
  • Last Modified:

Design of Server with FTP server interaction

Hi All,
We are in the process of designing a server to be written in C++ on Linux. Actually calling it a server might be a misnomer because there's no  interaction with the client other than receiving files from it and then going on to process the files. The client is practically left out of the loop thereafter...so it is basically a pure ftp client.

One way we thought this might work is that this "server" might work in conjunction with an FTP server(say vsftp) in such a way that the ftp server notifies our "server" each time a file transfer is effected and completed. Then our "server" reads this file and starts processing it.

We certainly don't want to write a ftp server of our own.

Now the question is....does any FTP server on Linuxoffer some kind of an API or something which allows us to conceive any such thing at all? Something like http://www.ftpserverapi.com that is there for windows for example.

 All our "server" needs is that it should be notified that a particular file transfer is complete...and the file is available in the ftp home directory.

If this is not possible, could anyone suggest any alternative way to do this...without having to write an ftp server of our own.

0
sandeep_th
Asked:
sandeep_th
  • 5
  • 2
2 Solutions
 
KurtVonCommented:
I worked in a shop a year or so ago with similar requirements.  Documents would arrive at an ftp location and the be filed off depending on the type of document it was.  This was on IIS, so we may have a different problem than under linux -- remember the source for several ftpd daemons are available (http://packages.qa.debian.org/b/bsd-ftpd.html) so you could just roll your own fairly easily.

Unfortunately, we were not given that luxury and, with a ridiculous amount of research, we finally just wrote a windows service (linux daemon) that checked the directory every minute to see if anything new had arrived.  It isn't that hard.

Hope this helps.
0
 
KurtVonCommented:
Ah, here's a possibility.  Apparently, it is possible to send an email when the ftp daemon recieves a file.  Not particularly useful, but you could set up the machine as a mailserver, and have it mail itself.  the mail could then trigger a script to process the notification.  I know procmail is capable of this.

Rather circuitous, but possible.

http://www.wu-ftpd.org/man/ftpaccess.html - see the mailserver and incmail settings (there are probably equivalent for other ftp daemons if you have the manual)

0
 
rstaveleyCommented:
wu-ftpd and others have implemented the site exec command, which you can use to execute non-standard commands on the server from the client. I believe you just put the relevant executable into the ~ftp/bin, but I confess I've always used crontab for this kind of thing.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
KurtVonCommented:
Site exec?  Isn't that Latin for "remote root-kit"?  :-)

I think sandeep_th is looking for something to run automatically when a file is uploaded.  Isn't site-exec for programs explicitly activated by the person doing the uploading?  Because of all the vulnerabilities discovered in it, and even if the command itself is made safe the programs it calls can wreak havoc if not perfectly secured, I haven't even given it more than a cursory look, so I suppose it might work if it can be invoked automatically.
0
 
KurtVonCommented:
Oh, and if you do decide to go with the modified ftp daemon, the BSD ftp I linked to above can be modified without violating any copyrights (it's even BSD, so you can sell the modified version without distributing the source).

This is just based on a quick overview of the source (remarkably clean I might add) but it looks like the point you want to hook into is the end of the function "store".  The place in the code is:

...
    if (receive_data(din, fout) == 0) {
        if (unique)
            reply(226, "Transfer complete (unique file name:%s).", name);
        else
            reply(226, "Transfer complete.");

        // The following was added:
        // Set a flag here to detect a completion if you only want to
        // respond to completed files.
        // Don't forget this is a C program, not C++, so declare the
        // flag at the top of the function, not down here.
    }
    (void) fclose(din);

    // The following was added:
    // Check the flag here if you only want to respond to completed files, but
    // either way, call the script/program/whatever at this point.  The name of
    // the file is in "name"

    data = -1;
    pdata = -1;
...

Hope this helps.
0
 
rstaveleyCommented:
It is certainly true to say that ftp-wu had a site exec buffer overflow vulnerability and I read that slackware had a sloppy set-up (http://www.wu-ftpd.org/wu-ftpd-faq.html#QA71), but that's no reason to throw the baby out with the bath water. If clients are using scripts to FTP files, site exec should be a good tool to trigger approved scripts on the server.
0
 
KurtVonCommented:
Well, since the only ftp server I run allows wide-open anonymous FTP (sure it's behind a firewall, but so is our WAP) I'm not exactly the best guy to go to for extreme security :-)

I had forgotten that sandeep_th said they were writing the client too, so you are right, that is a reasonable option.  For some reason I had got it in my head that the client was just an ordinary ftp client.
0
 
tinchosCommented:
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Split: KurtVon {http:#9715464} & rstaveley {http:#9719938}

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Tinchos
EE Cleanup Volunteer
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now