[Twisted-Python] Asking for suggestions in new-new ftp server implementation

John Abel john.abel at pa.press.net
Thu Dec 18 02:25:28 EST 2003


Jonathan Simms wrote:

>On Mon, 2003-12-15 at 07:48, John Abel wrote:
>  
>
>>Andrew Bennetts wrote:
>>
>>    
>>
>>>On Mon, Dec 15, 2003 at 03:24:35AM -0500, Jonathan Simms wrote:
>>> 
>>>
>>>      
>>>
>>>>cred-code should go. Also, there's been some considerable trouble
>>>>        
>>>>
>caused
>  
>
>>>>by the fact that my avatar implemenation is not windows-friendly.
>>>>        
>>>>
>Any
>  
>
>>>>thoughts on how to either adapt it, or if some kindly windows-user
>>>>        
>>>>
>could
>  
>
>>>>implement a windows-compatable version, would be greatly
>>>>        
>>>>
>appreciated.
>  
>
>>>>   
>>>>
>>>>        
>>>>
>>>Is the problem with windows the lack of pwd and grp modules?  I
>>>      
>>>
>presume you
>  
>
>>>need these for authentication and permission checking?  If that's the
>>>      
>>>
>case,
>  
>
>>>perhaps you could implement a simpler avatar for windows that only
>>>      
>>>
>supports
>  
>
>>>anonymous, read-only access to any files that the server has
>>>      
>>>
>permission to
>  
>
>>>read?  (i.e. basically what the old server supported anyway)
>>>
>>> 
>>>
>>>      
>>>
>>I have code for authentication on 2000/XP platforms, if you're 
>>interested? It is used in the medusa ftp example.
>>
>>    
>>
>
>YES! I'm interested!
>
>
>  
>
Here ya go.  I'm afraid it requires win32all, but I wouldn't have 
thought there'd be too many Win32 people without it.  It also requires 
the user running the script to be added to the policy entry "Act As Part 
Of The OS".

import win32security, win32con, win32api, win32net
import ntsecuritycon, pywintypes

class Win32Authorizer:

    def authorize (self, channel, userName, passWord):
        self.AdjustPrivilege( ntsecuritycon.SE_CHANGE_NOTIFY_NAME )
        self.AdjustPrivilege( ntsecuritycon.SE_ASSIGNPRIMARYTOKEN_NAME )
        self.AdjustPrivilege( ntsecuritycon.SE_TCB_NAME )
        try:
            logonHandle = win32security.LogonUser( userName,
                                                   None,
                                                   passWord,
                                                    
win32con.LOGON32_LOGON_INTERACTIVE,
                                                    
win32con.LOGON32_PROVIDER_DEFAULT )
        except pywintypes.error, ErrorMsg:
            return 0, ErrorMsg[ 2 ], None

        userInfo = win32net.NetUserGetInfo( None, userName, 1 )


    def AdjustPrivilege( self, priv ):
        flags = ntsecuritycon.TOKEN_ADJUST_PRIVILEGES | 
ntsecuritycon.TOKEN_QUERY
        htoken =  
win32security.OpenProcessToken(win32api.GetCurrentProcess(), flags)
        id = win32security.LookupPrivilegeValue(None, priv)
        newPrivileges = [(id, ntsecuritycon.SE_PRIVILEGE_ENABLED)]
        win32security.AdjustTokenPrivileges(htoken, 0, newPrivileges)

Hope that's of use.

Regards

John




More information about the Twisted-Python mailing list