forked from bolcom/libunftp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
prot.rs
62 lines (57 loc) · 1.92 KB
/
prot.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
//! The RFC 2228 Data Channel Protection Level (`PROT`) command.
use crate::{
auth::UserDetail,
server::controlchan::{
error::ControlChanError,
handler::{CommandContext, CommandHandler},
Reply, ReplyCode,
},
storage::{Metadata, StorageBackend},
};
use async_trait::async_trait;
// The parameter that can be given to the `PROT` command.
#[derive(Debug, PartialEq, Clone)]
pub enum ProtParam {
// 'C' - Clear - neither Integrity nor Privacy
Clear,
// 'S' - Safe - Integrity without Privacy
Safe,
// 'E' - Confidential - Privacy without Integrity
Confidential,
// 'P' - Private - Integrity and Privacy
Private,
}
#[derive(Debug)]
pub struct Prot {
param: ProtParam,
}
impl Prot {
pub fn new(param: ProtParam) -> Self {
Prot { param }
}
}
#[async_trait]
impl<Storage, User> CommandHandler<Storage, User> for Prot
where
User: UserDetail,
Storage: StorageBackend<User> + 'static,
Storage::Metadata: 'static + Metadata,
{
#[tracing_attributes::instrument]
async fn handle(&self, args: CommandContext<Storage, User>) -> Result<Reply, ControlChanError> {
match (args.tls_configured, self.param.clone()) {
(true, ProtParam::Clear) => {
let mut session = args.session.lock().await;
session.data_tls = false;
Ok(Reply::new(ReplyCode::CommandOkay, "PROT OK. Switching data channel to plaintext"))
}
(true, ProtParam::Private) => {
let mut session = args.session.lock().await;
session.data_tls = true;
Ok(Reply::new(ReplyCode::CommandOkay, "PROT OK. Securing data channel"))
}
(true, _) => Ok(Reply::new(ReplyCode::CommandNotImplementedForParameter, "PROT S/E not implemented")),
(false, _) => Ok(Reply::new(ReplyCode::CommandNotImplemented, "TLS/SSL not configured")),
}
}
}