fix: update engine (#298)

This will prevent users of node 10  and below from installing and using >= v4.6

.circleci/config.yml

@@ -1,97 +1,112 @@
-version: 2
+version: 2.1
+
+orbs:
+  node: circleci/node@5.0.2
+
+commands:
+  setup_git_bot:
+    description: set up the bot git user to make changes
+    steps:
+      - run:
+          name: "Git: Botovance"
+          command: |
+            git config --global user.name "Bot Vance"
+            git config --global user.email bot@autovance.com
+
+executors:
+  node-lts:
+    parameters:
+      node-version:
+        type: string
+        default: lts
+    docker:
+      - image: cimg/node:<< parameters.node-version >>
 
 jobs:
-  build:
-    docker:
-      - image: &node-image circleci/node:lts
-    steps:
-      - checkout
-      - restore_cache:
-          keys:
-            - &npm-cache-key npm-cache-{{ .Branch }}-{{ .Revision }}
-            - npm-cache-{{ .Branch }}
-            - npm-cache
-      - run:
-          name: Install
-          command: npm ci
-      - persist_to_workspace:
-          root: .
-          paths:
-            - node_modules
-      - save_cache:
-          key: *npm-cache-key
-          paths:
-            - ~/.npm/_cacache
-
   lint:
-    docker:
-      - image: *node-image
+    executor: node-lts
     steps:
       - checkout
-      - attach_workspace:
-          at: .
+      - node/install-packages
       - run:
           name: Lint
           command: npm run verify
 
-  test:
-    docker:
-      - image: *node-image
-    steps:
-      - checkout
-      - attach_workspace:
-          at: .
-      - deploy:
-          name: Test
-          command: |
-            npm run test
-
   release_dry_run:
-    docker:
-      - image: *node-image
+    executor: node-lts
     steps:
       - checkout
-      - attach_workspace:
-          at: .
+      - node/install-packages
+      - setup_git_bot
       - deploy:
           name: Dry Release
           command: |
-            npm run semantic-release -- --dry-run
+            git branch -u "origin/${CIRCLE_BRANCH}"
+            npx semantic-release --dry-run
 
   release:
-    docker:
-      - image: *node-image
+    executor: node-lts
     steps:
       - checkout
-      - attach_workspace:
-          at: .
+      - node/install-packages
+      - setup_git_bot
       - deploy:
           name: Release
           command: |
-            npm run semantic-release
+            git branch -u "origin/${CIRCLE_BRANCH}"
+            npx semantic-release
 
 workflows:
   version: 2
-  publish:
+
+  release_scheduled:
+    triggers:
+      # 6:03 UTC (mornings) 1 monday
+      - schedule:
+          cron: "3 6 * * 1"
+          filters:
+            branches:
+              only:
+                - main
     jobs:
-      - build
-      - lint:
+      - lint
+      - node/test:
+          matrix:
+            parameters:
+              version:
+                - '12.22'
+                - '14.19'
+                - '16.14'
+                - 'current'
+      - release:
+          context: npm-deploy-av
           requires:
-            - build
-      - test:
-          requires:
-            - build
+            - node/test
+            - lint
+
+  test:
+    jobs:
+      - lint
+      - node/test:
+          matrix:
+            parameters:
+              version:
+                - '12.22'
+                - '14.19'
+                - '16.14'
+                - 'current'
       - release_dry_run:
           filters:
             branches:
-              only: master
+              only: main
           requires:
-            - test
+            - node/test
             - lint
       - hold_release:
           type: approval
           requires:
             - release_dry_run
       - release:
+          context: npm-deploy-av
           requires:
             - hold_release

CODEOWNERS

@@ -0,0 +1,5 @@
+# Lines starting with '#' are comments.
+# Each line is a file pattern followed by one or more owners.
+# Order is important. The last matching pattern has the most precedence.
+
+*                                                 @quorumdms/team-gbt

README.md

@@ -1,5 +1,5 @@
 <p align="center">
-  <a href="https://github.com/trs/ftp-srv">
+  <a href="https://github.com/autovance/ftp-srv">
     <img alt="ftp-srv" src="logo.png" width="600px"  />
   </a>
 </p>
@@ -14,25 +14,13 @@
     <img alt="npm" src="https://img.shields.io/npm/dm/ftp-srv.svg?style=for-the-badge" />
   </a>
 
-  <a href="https://circleci.com/gh/trs/workflows/ftp-srv/tree/master">
-    <img alt="circleci" src="https://img.shields.io/circleci/project/github/trs/ftp-srv/master.svg?style=for-the-badge" />
+  <a href="https://circleci.com/gh/autovance/workflows/ftp-srv/tree/master">
+    <img alt="circleci" src="https://img.shields.io/circleci/project/github/autovance/ftp-srv/master.svg?style=for-the-badge" />
   </a>
 </p>
 
 ---
 
-- [Overview](#overview)
-- [Features](#features)
-- [Install](#install)
-- [Usage](#usage)
-  - [API](#api)
-  - [CLI](#cli)
-  - [Events](#events)
-  - [Supported Commands](#supported-commands)
-  - [File System](#file-system)
-- [Contributing](#contributing)
-- [License](#license)
-
 ## Overview
 `ftp-srv` is a modern and extensible FTP server designed to be simple yet configurable.
 
@@ -48,16 +36,25 @@
 ## Usage
 
 ```js
-// Quick start
-
+// Quick start, create an active ftp server.
 const FtpSrv = require('ftp-srv');
-const ftpServer = new FtpSrv({ options ... });
 
-ftpServer.on('login', (data, resolve, reject) => { ... });
-...
+const port=21;
+const ftpServer = new FtpSrv({
+    url: "ftp://0.0.0.0:" + port,
+    anonymous: true
+});
 
-ftpServer.listen()
-.then(() => { ... });
+ftpServer.on('login', (data, resolve, reject) => { 
+    if(data.username === 'anonymous' && data.password === 'anonymous'){
+        return resolve({ root:"/" });    
+    }
+    return reject(new errors.GeneralError('Invalid username or password', 401));
+});
+
+ftpServer.listen().then(() => { 
+    console.log('Ftp server is starting...')
+});
 ```
 
 ## API
@@ -73,13 +70,49 @@ _Note:_ The hostname must be the external IP address to accept external connecti
 __Default:__ `"ftp://127.0.0.1:21"`
 
 #### `pasv_url`
-The hostname to provide a client when attempting a passive connection (`PASV`). This defaults to the provided `url` hostname.
+`FTP-srv` provides an IP address to the client when a `PASV` command is received in the handshake for a passive connection. Reference [PASV verb](https://cr.yp.to/ftp/retr.html#pasv). This can be one of two options:
+- A function which takes one parameter containing the remote IP address of the FTP client. This can be useful when the user wants to return a different IP address depending if the user is connecting from Internet or from an LAN address.
+Example:
+ ```js
+const { networkInterfaces } = require('os');
+const { Netmask } = require('netmask');
 
-_Note:_ If set to `0.0.0.0`, this will automatically resolve to the external IP of the box.  
-__Default:__ `"127.0.0.1"`
+const nets = networkInterfaces();
+function getNetworks() {
+    let networks = {};
+    for (const name of Object.keys(nets)) {
+        for (const net of nets[name]) {
+            if (net.family === 'IPv4' && !net.internal) {
+                networks[net.address + "/24"] = net.address
+            }
+        }
+    }
+    return networks;
+}
+
+const resolverFunction = (address) => {
+    // const networks = {
+    //     '$GATEWAY_IP/32': `${public_ip}`, 
+    //     '10.0.0.0/8'    : `${lan_ip}`
+    // } 
+    const networks = getNetworks();
+    for (const network in networks) {
+        if (new Netmask(network).contains(address)) {
+            return networks[network];
+        }
+    }
+    return "127.0.0.1";
+}
+
+new FtpSrv({pasv_url: resolverFunction});
+```
+
+- A static IP address (ie. an external WAN **IP address** that the FTP server is bound to). In this case, only connections from localhost are handled differently returning `127.0.0.1` to the client. 
+
+If not provided, clients can only connect using an `Active` connection.
 
 #### `pasv_min`
-Tne starting port to accept passive connections.  
+The starting port to accept passive connections.  
 __Default:__ `1024`
 
 #### `pasv_max`
@@ -141,19 +174,29 @@ $ ftp-srv ftp://0.0.0.0:9876 --root ~/Documents
 ```
 
 #### `url`
-
 Set the listening URL.
 
 Defaults to `ftp://127.0.0.1:21`
 
-#### `--root` / `-r`
+#### `--pasv_url`
+The hostname to provide a client when attempting a passive connection (`PASV`).  
+If not provided, clients can only connect using an `Active` connection.
 
+#### `--pasv_min`
+The starting port to accept passive connections.  
+__Default:__ `1024`
+
+#### `--pasv_max`
+The ending port to accept passive connections.  
+The range is then queried for an available port to use when required.  
+__Default:__ `65535`
+
+#### `--root` / `-r`
 Set the default root directory for users.
 
 Defaults to the current directory.
 
 #### `--credentials` / `-c`
-
 Set the path to a json credentials file.
 
 Format:
@@ -170,13 +213,14 @@ Format:
 ```
 
 #### `--username`
-
 Set the username for the only user. Do not provide an argument to allow anonymous login.
 
 #### `--password`
-
 Set the password for the given `username`.
 
+#### `--read-only`
+Disable write actions such as upload, delete, etc.
+
 ## Events
 
 The `FtpSrv` class extends the [node net.Server](https://nodejs.org/api/net.html#net_class_net_server). Some custom events can be resolved or rejected, such as `login`.
@@ -321,34 +365,14 @@ __Used in:__ `RNFR`, `RNTO`
 Modifies a file or directory's permissions  
 __Used in:__ `SITE CHMOD`
 
-#### [`getUniqueName()`](src/fs.js#L131)
-Returns a unique file name to write to  
+#### [`getUniqueName(fileName)`](src/fs.js#L131)
+Returns a unique file name to write to. Client requested filename available if you want to base your function on it. 
 __Used in:__ `STOU`
 
 ## Contributing
 
 See [CONTRIBUTING.md](CONTRIBUTING.md).
 
-## Contributors
-
-- [OzairP](https://github.com/OzairP)
-- [TimLuq](https://github.com/TimLuq)
-- [crabl](https://github.com/crabl)
-- [hirviid](https://github.com/hirviid)
-- [DiegoRBaquero](https://github.com/DiegoRBaquero)
-- [edin-m](https://github.com/edin-m)
-- [voxsoftware](https://github.com/voxsoftware)
-- [jorinvo](https://github.com/jorinvo)
-- [Johnnyrook777](https://github.com/Johnnyrook777)
-- [qchar](https://github.com/qchar)
-- [mikejestes](https://github.com/mikejestes)
-- [pkeuter](https://github.com/pkeuter)
-- [qiansc](https://github.com/qiansc)
-- [broofa](https://github.com/broofa)
-- [lafin](https://github.com/lafin)
-- [alancnet](https://github.com/alancnet)
-- [zgwit](https://github.com/zgwit)
-
 ## License
 
 This software is licensed under the MIT Licence. See [LICENSE](LICENSE).

SECURITY.md

@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 4.x   | :white_check_mark: |
+| 3.x   | :white_check_mark: |
+| < 3.0   | :x:                |
+
+__Critical vulnerabilities will be ported as far back as possible.__
+
+## Reporting a Vulnerability
+
+Report a security vulnerability directly to the maintainers by sending an email to security@autovance.com 
+or by reporting a vulnerability to the [NPM and Github security teams](https://docs.npmjs.com/reporting-a-vulnerability-in-an-npm-package).

bin/index.js

@@ -37,19 +37,22 @@ function setupYargs() {
       boolean: true,
       default: false
     })
-    .option('pasv_url', {
+    .option('pasv-url', {
       describe: 'URL to provide for passive connections',
-      type: 'string'
+      type: 'string',
+      alias: 'pasv_url'
     })
-    .option('pasv_min', {
+    .option('pasv-min', {
       describe: 'Starting point to use when creating passive connections',
       type: 'number',
-      default: 1024
+      default: 1024,
+      alias: 'pasv_min'
     })
-    .option('pasv_max', {
+    .option('pasv-max', {
       describe: 'Ending port to use when creating passive connections',
       type: 'number',
-      default: 65535
+      default: 65535,
+      alias: 'pasv_max'
     })
     .parse();
 }

ftp-srv.d.ts

@@ -38,7 +38,7 @@ export class FileSystem {
 
     chmod(path: string, mode: string): Promise<any>;
 
-    getUniqueName(): string;
+    getUniqueName(fileName: string): string;
 }
 
 export class FtpConnection extends EventEmitter {
@@ -112,6 +112,13 @@ export class FtpServer extends EventEmitter {
             whitelist?: Array<string>
         }) => void,
 		reject: (err?: Error) => void
+  ) => void): this;
+
+	on(event: "disconnect", listener: (
+		data: {
+      connection: FtpConnection,
+      id: string
+		}
 	) => void): this;
 
 	on(event: "client-error", listener: (

package.json

@@ -22,16 +22,19 @@
   "types": "./ftp-srv.d.ts",
   "repository": {
     "type": "git",
-    "url": "https://github.com/trs/ftp-srv"
+    "url": "https://github.com/autovance/ftp-srv"
   },
   "scripts": {
     "pre-release": "npm run verify",
-    "semantic-release": "semantic-release",
-    "test": "mocha test/**/*.spec.js test/*.spec.js --ui bdd",
+    "test": "mocha test/*/*/*.spec.js test/*/*.spec.js test/*.spec.js",
     "verify": "eslint src/**/*.js test/**/*.js bin/**/*.js"
   },
   "release": {
-    "verifyConditions": "condition-circle"
+    "verifyConditions": "condition-circle",
+    "branch": "main",
+    "branches": [
+      "main"
+    ]
   },
   "husky": {
     "hooks": {
@@ -41,8 +44,7 @@
   },
   "lint-staged": {
     "*.js": [
-      "eslint --fix",
-      "git add"
+      "eslint --fix"
     ]
   },
   "commitlint": {
@@ -66,26 +68,26 @@
     "bluebird": "^3.5.1",
     "bunyan": "^1.8.12",
     "ip": "^1.1.5",
-    "lodash": "^4.17.10",
+    "lodash": "^4.17.15",
     "moment": "^2.22.1",
     "uuid": "^3.2.1",
-    "yargs": "^11.0.0"
+    "yargs": "^15.4.1"
   },
   "devDependencies": {
-    "@commitlint/cli": "^7.5.2",
-    "@commitlint/config-conventional": "^7.5.0",
+    "@commitlint/cli": "^10.0.0",
+    "@commitlint/config-conventional": "^16.2.1",
     "@icetee/ftp": "^1.0.2",
     "chai": "^4.2.0",
     "condition-circle": "^2.0.2",
     "eslint": "^5.14.1",
     "husky": "^1.3.1",
-    "lint-staged": "^8.1.4",
-    "mocha": "^5.2.0",
+    "lint-staged": "^12.3.7",
+    "mocha": "^9.2.2",
     "rimraf": "^2.6.1",
-    "semantic-release": "^15.13.16",
+    "semantic-release": "^19.0.2",
     "sinon": "^2.3.5"
   },
   "engines": {
-    "node": ">=6.x"
+    "node": ">=12"
   }
 }

src/commands/index.js

@@ -45,25 +45,25 @@ class FtpCommands {
     log.trace({command: logCommand}, 'Handle command');
 
     if (!REGISTRY.hasOwnProperty(command.directive)) {
-      return this.connection.reply(402, 'Command not allowed');
+      return this.connection.reply(502, `Command not allowed: ${command.directive}`);
     }
 
     if (_.includes(this.blacklist, command.directive)) {
-      return this.connection.reply(502, 'Command blacklisted');
+      return this.connection.reply(502, `Command blacklisted: ${command.directive}`);
     }
 
     if (this.whitelist.length > 0 && !_.includes(this.whitelist, command.directive)) {
-      return this.connection.reply(502, 'Command not whitelisted');
+      return this.connection.reply(502, `Command not whitelisted: ${command.directive}`);
     }
 
     const commandRegister = REGISTRY[command.directive];
     const commandFlags = _.get(commandRegister, 'flags', {});
     if (!commandFlags.no_auth && !this.connection.authenticated) {
-      return this.connection.reply(530, 'Command requires authentication');
+      return this.connection.reply(530, `Command requires authentication: ${command.directive}`);
     }
 
     if (!commandRegister.handler) {
-      return this.connection.reply(502, 'Handler not set on command');
+      return this.connection.reply(502, `Handler not set on command: ${command.directive}`);
     }
 
     const handler = commandRegister.handler.bind(this.connection);

src/commands/registration/eprt.js

@@ -8,14 +8,18 @@ const FAMILY = {
 
 module.exports = {
   directive: 'EPRT',
-  handler: function ({command} = {}) {
+  handler: function ({log, command} = {}) {
     const [, protocol, ip, port] = _.chain(command).get('arg', '').split('|').value();
     const family = FAMILY[protocol];
     if (!family) return this.reply(504, 'Unknown network protocol');
 
     this.connector = new ActiveConnector(this);
     return this.connector.setupConnection(ip, port, family)
-    .then(() => this.reply(200));
+    .then(() => this.reply(200))
+    .catch((err) => {
+      log.error(err);
+      return this.reply(err.code || 425, err.message);
+    });
   },
   syntax: '{{cmd}} |<protocol>|<address>|<port>|',
   description: 'Specifies an address and port to which the server should connect'

src/commands/registration/epsv.js

@@ -2,13 +2,17 @@ const PassiveConnector = require('../../connector/passive');
 
 module.exports = {
   directive: 'EPSV',
-  handler: function () {
+  handler: function ({log}) {
     this.connector = new PassiveConnector(this);
     return this.connector.setupServer()
     .then((server) => {
       const {port} = server.address();
 
       return this.reply(229, `EPSV OK (|||${port}|)`);
+    })
+    .catch((err) => {
+      log.error(err);
+      return this.reply(err.code || 425, err.message);
     });
   },
   syntax: '{{cmd}} [<protocol>]',

src/commands/registration/list.js

@@ -36,6 +36,7 @@ module.exports = {
     .tap(() => this.reply(150))
     .then((fileList) => {
       if (fileList.length) return this.reply({}, ...fileList);
+      return this.reply({socket: this.connector.socket, useEmptyMessage: true});
     })
     .tap(() => this.reply(226))
     .catch(Promise.TimeoutError, (err) => {

src/commands/registration/mkd.js

@@ -7,7 +7,7 @@ module.exports = {
     if (!this.fs) return this.reply(550, 'File system not instantiated');
     if (!this.fs.mkdir) return this.reply(402, 'Not supported by file system');
 
-    return Promise.try(() => this.fs.mkdir(command.arg))
+    return Promise.try(() => this.fs.mkdir(command.arg, { recursive: true }))
     .then((dir) => {
       const path = dir ? `"${escapePath(dir)}"` : undefined;
       return this.reply(257, path);

src/commands/registration/opts.js

@@ -13,7 +13,7 @@ module.exports = {
     const [_option, ...args] = command.arg.split(' ');
     const option = _.toUpper(_option);
 
-    if (!OPTIONS.hasOwnProperty(option)) return this.reply(500);
+    if (!OPTIONS.hasOwnProperty(option)) return this.reply(501, 'Unknown option command');
     return OPTIONS[option].call(this, args);
   },
   syntax: '{{cmd}}',
@@ -33,7 +33,6 @@ function utf8([setting] = []) {
   if (!encoding) return this.reply(501, 'Unknown setting for option');
 
   this.encoding = encoding;
-  if (this.transferType !== 'binary') this.transferType = this.encoding;
 
   return this.reply(200, `UTF8 encoding ${_.toLower(setting)}`);
 }

src/commands/registration/pasv.js

@@ -1,4 +1,6 @@
+const Promise = require('bluebird');
 const PassiveConnector = require('../../connector/passive');
+const {isLocalIP} = require('../../helpers/is-local');
 
 module.exports = {
   directive: 'PASV',
@@ -10,8 +12,17 @@ module.exports = {
     this.connector = new PassiveConnector(this);
     return this.connector.setupServer()
     .then((server) => {
-      const address = this.server.options.pasv_url;
       const {port} = server.address();
+      let pasvAddress = this.server.options.pasv_url;
+      if (typeof pasvAddress === "function") {
+        return Promise.try(() => pasvAddress(this.ip))
+          .then((address) => ({address, port}));
+      }
+      // Allow connecting from local
+      if (isLocalIP(this.ip)) pasvAddress = this.ip;
+      return {address: pasvAddress, port};
+    })
+    .then(({address, port}) => {
       const host = address.replace(/\./g, ',');
       const portByte1 = port / 256 | 0;
       const portByte2 = port % 256;
@@ -20,7 +31,7 @@ module.exports = {
     })
     .catch((err) => {
       log.error(err);
-      return this.reply(425);
+      return this.reply(err.code || 425, err.message);
     });
   },
   syntax: '{{cmd}}',

src/commands/registration/pbsz.js

@@ -1,7 +1,7 @@
 module.exports = {
   directive: 'PBSZ',
   handler: function ({command} = {}) {
-    if (!this.secure) return this.reply(202, 'Not suppored');
+    if (!this.secure) return this.reply(202, 'Not supported');
     this.bufferSize = parseInt(command.arg, 10);
     return this.reply(200, this.bufferSize === 0 ? 'OK' : 'Buffer too large: PBSZ=0');
   },

src/commands/registration/port.js

@@ -9,7 +9,7 @@ module.exports = {
     const rawConnection = _.get(command, 'arg', '').split(',');
     if (rawConnection.length !== 6) return this.reply(425);
 
-    const ip = rawConnection.slice(0, 4).join('.');
+    const ip = rawConnection.slice(0, 4).map((b) => parseInt(b)).join('.');
     const portBytes = rawConnection.slice(4).map((p) => parseInt(p));
     const port = portBytes[0] * 256 + portBytes[1];
 
@@ -17,7 +17,7 @@ module.exports = {
     .then(() => this.reply(200))
     .catch((err) => {
       log.error(err);
-      return this.reply(425);
+      return this.reply(err.code || 425, err.message);
     });
   },
   syntax: '{{cmd}} <x>,<x>,<x>,<x>,<y>,<y>',

src/commands/registration/prot.js

@@ -3,7 +3,7 @@ const _ = require('lodash');
 module.exports = {
   directive: 'PROT',
   handler: function ({command} = {}) {
-    if (!this.secure) return this.reply(202, 'Not suppored');
+    if (!this.secure) return this.reply(202, 'Not supported');
     if (!this.bufferSize && typeof this.bufferSize !== 'number') return this.reply(503);
 
     switch (_.toUpper(command.arg)) {

src/commands/registration/retr.js

@@ -28,7 +28,7 @@ module.exports = {
         stream.on('data', (data) => {
           if (stream) stream.pause();
           if (this.connector.socket) {
-            this.connector.socket.write(data, this.transferType, () => stream && stream.resume());
+            this.connector.socket.write(data, () => stream && stream.resume());
           }
         });
         stream.once('end', () => resolve());

src/commands/registration/stor.js

@@ -37,12 +37,7 @@ module.exports = {
       });
 
       const socketPromise = new Promise((resolve, reject) => {
-        this.connector.socket.on('data', (data) => {
-          if (this.connector.socket) this.connector.socket.pause();
-          if (stream && stream.writable) {
-            stream.write(data, this.transferType, () => this.connector.socket && this.connector.socket.resume());
-          }
-        });
+        this.connector.socket.pipe(stream, {end: false});
         this.connector.socket.once('end', () => {
           if (stream.listenerCount('close')) stream.emit('close');
           else stream.end();
@@ -53,7 +48,7 @@ module.exports = {
 
       this.restByteCount = 0;
 
-      return this.reply(150).then(() => this.connector.socket.resume())
+      return this.reply(150).then(() => this.connector.socket && this.connector.socket.resume())
       .then(() => Promise.all([streamPromise, socketPromise]))
       .tap(() => this.emit('STOR', null, serverPath))
       .then(() => this.reply(226, clientPath))

src/commands/registration/stou.js

@@ -9,7 +9,7 @@ module.exports = {
 
     const fileName = args.command.arg;
     return Promise.try(() => this.fs.get(fileName))
-    .then(() => Promise.try(() => this.fs.getUniqueName()))
+    .then(() => Promise.try(() => this.fs.getUniqueName(fileName)))
     .catch(() => fileName)
     .then((name) => {
       args.command.arg = name;

src/connection.js

@@ -14,6 +14,7 @@ class FtpConnection extends EventEmitter {
     super();
     this.server = server;
     this.id = uuid.v4();
+    this.commandSocket = options.socket;
     this.log = options.log.child({id: this.id, ip: this.ip});
     this.commands = new Commands(this);
     this.transferType = 'binary';
@@ -24,7 +25,6 @@ class FtpConnection extends EventEmitter {
 
     this.connector = new BaseConnector(this);
 
-    this.commandSocket = options.socket;
     this.commandSocket.on('error', (err) => {
       this.log.error(err, 'Client error');
       this.server.emit('client-error', {connection: this, context: 'commandSocket', error: err});
@@ -32,7 +32,7 @@ class FtpConnection extends EventEmitter {
     this.commandSocket.on('data', this._handleData.bind(this));
     this.commandSocket.on('timeout', () => {
       this.log.trace('Client timeout');
-      this.close().catch((e) => this.log.trace(e, 'Client close error'));
+      this.close();
     });
     this.commandSocket.on('close', () => {
       if (this.connector) this.connector.end();
@@ -72,7 +72,7 @@ class FtpConnection extends EventEmitter {
   close(code = 421, message = 'Closing connection') {
     return Promise.resolve(code)
       .then((_code) => _code && this.reply(_code, message))
-      .then(() => this.commandSocket && this.commandSocket.end());
+      .finally(() => this.commandSocket && this.commandSocket.destroy());
   }
 
   login(username, password) {
@@ -104,15 +104,21 @@ class FtpConnection extends EventEmitter {
           else if (typeof letter === 'string') letter = {message: letter}; // allow passing in message as first param
 
           if (!letter.socket) letter.socket = options.socket ? options.socket : this.commandSocket;
-          if (!letter.message) letter.message = DEFAULT_MESSAGE[options.code] || 'No information';
-          if (!letter.encoding) letter.encoding = this.encoding;
+          if (!options.useEmptyMessage) {
+            if (!letter.message) letter.message = DEFAULT_MESSAGE[options.code] || 'No information';
+            if (!letter.encoding) letter.encoding = this.encoding;
+          }
           return Promise.resolve(letter.message) // allow passing in a promise as a message
           .then((message) => {
-            const seperator = !options.hasOwnProperty('eol') ?
-              letters.length - 1 === index ? ' ' : '-' :
-              options.eol ? ' ' : '-';
-            message = !letter.raw ? _.compact([letter.code || options.code, message]).join(seperator) : message;
-            letter.message = message;
+            if (!options.useEmptyMessage) {
+              const seperator = !options.hasOwnProperty('eol') ?
+                letters.length - 1 === index ? ' ' : '-' :
+                options.eol ? ' ' : '-';
+              message = !letter.raw ? _.compact([letter.code || options.code, message]).join(seperator) : message;
+              letter.message = message;
+            } else {
+              letter.message = '';
+            }
             return letter;
           });
         });
@@ -123,14 +129,17 @@ class FtpConnection extends EventEmitter {
       return new Promise((resolve, reject) => {
         if (letter.socket && letter.socket.writable) {
           this.log.trace({port: letter.socket.address().port, encoding: letter.encoding, message: letter.message}, 'Reply');
-          letter.socket.write(letter.message + '\r\n', letter.encoding, (err) => {
-            if (err) {
-              this.log.error(err);
-              return reject(err);
+          letter.socket.write(letter.message + '\r\n', letter.encoding, (error) => {
+            if (error) {
+              this.log.error('[Process Letter] Socket Write Error', { error: error.message });
+              return reject(error);
             }
             resolve();
           });
-        } else reject(new errors.SocketError('Socket not writable'));
+        } else {
+          this.log.trace({message: letter.message}, 'Could not write message');
+          reject(new errors.SocketError('Socket not writable'));
+        }
       });
     };
 
@@ -138,8 +147,8 @@ class FtpConnection extends EventEmitter {
     .then((satisfiedLetters) => Promise.mapSeries(satisfiedLetters, (letter, index) => {
       return processLetter(letter, index);
     }))
-    .catch((err) => {
-      this.log.error(err);
+    .catch((error) => {
+        this.log.error('Satisfy Parameters Error', { error: error.message });
     });
   }
 }

src/connector/active.js

@@ -1,7 +1,9 @@
 const {Socket} = require('net');
 const tls = require('tls');
+const ip = require('ip');
 const Promise = require('bluebird');
 const Connector = require('./base');
+const {SocketError} = require('../errors');
 
 class Active extends Connector {
   constructor(connection) {
@@ -27,8 +29,11 @@ class Active extends Connector {
 
     return closeExistingServer()
     .then(() => {
+      if (!ip.isEqual(this.connection.commandSocket.remoteAddress, host)) {
+        throw new SocketError('The given address is not yours', 500);
+      }
+
       this.dataSocket = new Socket();
-      this.dataSocket.setEncoding(this.connection.transferType);
       this.dataSocket.on('error', (err) => this.server && this.server.emit('client-error', {connection: this.connection, context: 'dataSocket', error: err}));
       this.dataSocket.connect({host, port, family}, () => {
         this.dataSocket.pause();

src/connector/base.js

@@ -29,7 +29,7 @@ class Connector {
   closeSocket() {
     if (this.dataSocket) {
       const socket = this.dataSocket;
-      this.dataSocket.end(() => socket.destroy());
+      this.dataSocket.end(() => socket && socket.destroy());
       this.dataSocket = null;
     }
   }

src/connector/passive.js

@@ -6,6 +6,8 @@ const Promise = require('bluebird');
 const Connector = require('./base');
 const errors = require('../errors');
 
+const CONNECT_TIMEOUT = 30 * 1000;
+
 class Passive extends Connector {
   constructor(connection) {
     super(connection);
@@ -30,6 +32,9 @@ class Passive extends Connector {
     this.closeServer();
     return this.server.getNextPasvPort()
     .then((port) => {
+      this.dataSocket = null;
+      let idleServerTimeout;
+
       const connectionHandler = (socket) => {
         if (!ip.isEqual(this.connection.commandSocket.remoteAddress, socket.remoteAddress)) {
           this.log.error({
@@ -41,19 +46,19 @@ class Passive extends Connector {
           return this.connection.reply(550, 'Remote addresses do not match')
           .finally(() => this.connection.close());
         }
+        clearTimeout(idleServerTimeout);
+
         this.log.trace({port, remoteAddress: socket.remoteAddress}, 'Passive connection fulfilled.');
 
         this.dataSocket = socket;
-        this.dataSocket.setEncoding(this.connection.transferType);
         this.dataSocket.on('error', (err) => this.server && this.server.emit('client-error', {connection: this.connection, context: 'dataSocket', error: err}));
+        this.dataSocket.once('close', () => this.closeServer());
 
         if (!this.connection.secure) {
           this.dataSocket.connected = true;
         }
       };
 
-      this.dataSocket = null;
-
       const serverOptions = Object.assign({}, this.connection.secure ? this.server.options.tls : {}, {pauseOnConnect: true});
       this.dataServer = (this.connection.secure ? tls : net).createServer(serverOptions, connectionHandler);
       this.dataServer.maxConnections = 1;
@@ -74,11 +79,17 @@ class Passive extends Connector {
         this.dataServer.listen(port, this.server.url.hostname, (err) => {
           if (err) reject(err);
           else {
+            idleServerTimeout = setTimeout(() => this.closeServer(), CONNECT_TIMEOUT);
+
             this.log.debug({port}, 'Passive connection listening');
             resolve(this.dataServer);
           }
         });
       });
+    })
+    .catch((error) => {
+      this.log.trace(error.message);
+      throw error;
     });
   }
 

src/fs.js

@@ -2,13 +2,17 @@ const _ = require('lodash');
 const nodePath = require('path');
 const uuid = require('uuid');
 const Promise = require('bluebird');
-const fs = Promise.promisifyAll(require('fs'));
+const {createReadStream, createWriteStream, constants} = require('fs');
+const fsAsync = require('./helpers/fs-async');
 const errors = require('./errors');
 
+const UNIX_SEP_REGEX = /\//g;
+const WIN_SEP_REGEX = /\\/g;
+
 class FileSystem {
   constructor(connection, {root, cwd} = {}) {
     this.connection = connection;
-    this.cwd = cwd ? nodePath.join(nodePath.sep, cwd) : nodePath.sep;
+    this.cwd = nodePath.normalize((cwd || '/').replace(WIN_SEP_REGEX, '/'));
     this._root = nodePath.resolve(root || process.cwd());
   }
 
@@ -17,19 +21,21 @@ class FileSystem {
   }
 
   _resolvePath(path = '.') {
-    const clientPath = (() => {
-      path = nodePath.normalize(path);
-      if (nodePath.isAbsolute(path)) {
-        return nodePath.join(path);
-      } else {
-        return nodePath.join(this.cwd, path);
-      }
-    })();
+    // Unix separators normalize nicer on both unix and win platforms
+    const resolvedPath = path.replace(WIN_SEP_REGEX, '/');
 
-    const fsPath = (() => {
-      const resolvedPath = nodePath.resolve(this.root, `.${nodePath.sep}${clientPath}`);
-      return nodePath.join(resolvedPath);
-    })();
+    // Join cwd with new path
+    const joinedPath = nodePath.isAbsolute(resolvedPath)
+      ? nodePath.normalize(resolvedPath)
+      : nodePath.join('/', this.cwd, resolvedPath);
+
+    // Create local filesystem path using the platform separator
+    const fsPath = nodePath.resolve(nodePath.join(this.root, joinedPath)
+      .replace(UNIX_SEP_REGEX, nodePath.sep)
+      .replace(WIN_SEP_REGEX, nodePath.sep));
+
+    // Create FTP client path using unix separator
+    const clientPath = joinedPath.replace(WIN_SEP_REGEX, '/');
 
     return {
       clientPath,
@@ -43,19 +49,19 @@ class FileSystem {
 
   get(fileName) {
     const {fsPath} = this._resolvePath(fileName);
-    return fs.statAsync(fsPath)
+    return fsAsync.stat(fsPath)
     .then((stat) => _.set(stat, 'name', fileName));
   }
 
   list(path = '.') {
     const {fsPath} = this._resolvePath(path);
-    return fs.readdirAsync(fsPath)
+    return fsAsync.readdir(fsPath)
     .then((fileNames) => {
       return Promise.map(fileNames, (fileName) => {
         const filePath = nodePath.join(fsPath, fileName);
-        return fs.accessAsync(filePath, fs.constants.F_OK)
+        return fsAsync.access(filePath, constants.F_OK)
         .then(() => {
-          return fs.statAsync(filePath)
+          return fsAsync.stat(filePath)
           .then((stat) => _.set(stat, 'name', fileName));
         })
         .catch(() => null);
@@ -66,7 +72,7 @@ class FileSystem {
 
   chdir(path = '.') {
     const {fsPath, clientPath} = this._resolvePath(path);
-    return fs.statAsync(fsPath)
+    return fsAsync.stat(fsPath)
     .tap((stat) => {
       if (!stat.isDirectory()) throw new errors.FileSystemError('Not a valid directory');
     })
@@ -78,8 +84,8 @@ class FileSystem {
 
   write(fileName, {append = false, start = undefined} = {}) {
     const {fsPath, clientPath} = this._resolvePath(fileName);
-    const stream = fs.createWriteStream(fsPath, {flags: !append ? 'w+' : 'a+', start});
-    stream.once('error', () => fs.unlinkAsync(fsPath));
+    const stream = createWriteStream(fsPath, {flags: !append ? 'w+' : 'a+', start});
+    stream.once('error', () => fsAsync.unlink(fsPath));
     stream.once('close', () => stream.end());
     return {
       stream,
@@ -89,12 +95,12 @@ class FileSystem {
 
   read(fileName, {start = undefined} = {}) {
     const {fsPath, clientPath} = this._resolvePath(fileName);
-    return fs.statAsync(fsPath)
+    return fsAsync.stat(fsPath)
     .tap((stat) => {
       if (stat.isDirectory()) throw new errors.FileSystemError('Cannot read a directory');
     })
     .then(() => {
-      const stream = fs.createReadStream(fsPath, {flags: 'r', start});
+      const stream = createReadStream(fsPath, {flags: 'r', start});
       return {
         stream,
         clientPath
@@ -104,28 +110,28 @@ class FileSystem {
 
   delete(path) {
     const {fsPath} = this._resolvePath(path);
-    return fs.statAsync(fsPath)
+    return fsAsync.stat(fsPath)
     .then((stat) => {
-      if (stat.isDirectory()) return fs.rmdirAsync(fsPath);
-      else return fs.unlinkAsync(fsPath);
+      if (stat.isDirectory()) return fsAsync.rmdir(fsPath);
+      else return fsAsync.unlink(fsPath);
     });
   }
 
   mkdir(path) {
     const {fsPath} = this._resolvePath(path);
-    return fs.mkdirAsync(fsPath)
+    return fsAsync.mkdir(fsPath, { recursive: true })
     .then(() => fsPath);
   }
 
   rename(from, to) {
     const {fsPath: fromPath} = this._resolvePath(from);
     const {fsPath: toPath} = this._resolvePath(to);
-    return fs.renameAsync(fromPath, toPath);
+    return fsAsync.rename(fromPath, toPath);
   }
 
   chmod(path, mode) {
     const {fsPath} = this._resolvePath(path);
-    return fs.chmodAsync(fsPath, mode);
+    return fsAsync.chmod(fsPath, mode);
   }
 
   getUniqueName() {

src/helpers/fs-async.js

@@ -0,0 +1,18 @@
+const fs = require('fs');
+const {promisify} = require('bluebird');
+
+const methods = [
+  'stat',
+  'readdir',
+  'access',
+  'unlink',
+  'rmdir',
+  'mkdir',
+  'rename',
+  'chmod'
+];
+
+module.exports = methods.reduce((obj, method) => {
+  obj[method] = promisify(fs[method]);
+  return obj;
+}, {});

src/helpers/is-local.js

@@ -0,0 +1,3 @@
+module.exports.isLocalIP = function(ip) {
+  return ip === '127.0.0.1' || ip == '::1';
+}

src/index.js

@@ -40,20 +40,21 @@ class FtpServer extends EventEmitter {
       _.get(this, 'options.pasv_min'),
       _.get(this, 'options.pasv_max'));
 
-	const timeout = Number(this.options.timeout);
-	this.options.timeout = isNaN(timeout) ? 0 : Number(timeout);
+    const timeout = Number(this.options.timeout);
+    this.options.timeout = isNaN(timeout) ? 0 : Number(timeout);
 
     const serverConnectionHandler = (socket) => {
-      socket.setTimeout(this.options.timeout);
+      this.options.timeout > 0 && socket.setTimeout(this.options.timeout);
       let connection = new Connection(this, {log: this.log, socket});
       this.connections[connection.id] = connection;
 
       socket.on('close', () => this.disconnectClient(connection.id));
+      socket.once('close', () => this.emit('disconnect', {connection, id: connection.id}));
 
       const greeting = this._greeting || [];
       const features = this._features || 'Ready';
       return connection.reply(220, ...greeting, features)
-      .finally(() => socket.resume());
+        .finally(() => socket.resume());
     };
     const serverOptions = Object.assign({}, this.isTLS ? this.options.tls : {}, {pauseOnConnect: true});
 
@@ -116,17 +117,22 @@ class FtpServer extends EventEmitter {
   }
 
   disconnectClient(id) {
-    return new Promise((resolve) => {
+    return new Promise((resolve, reject) => {
       const client = this.connections[id];
       if (!client) return resolve();
       delete this.connections[id];
+
+      setTimeout(() => {
+        reject('Timed out disconnecting client')
+      }, this.options.timeout || 1000)
+
       try {
         client.close(0);
       } catch (err) {
         this.log.error(err, 'Error closing connection', {id});
-      } finally {
-        resolve('Disconnected');
       }
+      
+      resolve('Disconnected');
     });
   }
 
@@ -136,16 +142,22 @@ class FtpServer extends EventEmitter {
   }
 
   close() {
-    this.log.info('Server closing...');
     this.server.maxConnections = 0;
-    return Promise.map(Object.keys(this.connections), (id) => Promise.try(this.disconnectClient.bind(this, id)))
+    this.log.info('Closing connections:', Object.keys(this.connections).length);
+
+    return Promise.all(Object.keys(this.connections).map((id) => this.disconnectClient(id)))
     .then(() => new Promise((resolve) => {
       this.server.close((err) => {
+        this.log.info('Server closing...');
         if (err) this.log.error(err, 'Error closing server');
         resolve('Closed');
       });
     }))
-    .then(() => this.removeAllListeners());
+    .then(() => {
+      this.log.debug('Removing event listeners...')
+      this.removeAllListeners();
+      return;
+    });
   }
 
 }

test/commands/index.spec.js

@@ -90,7 +90,7 @@ describe('FtpCommands', function () {
       return commands.handle('bad')
       .then(() => {
         expect(mockConnection.reply.callCount).to.equal(1);
-        expect(mockConnection.reply.args[0][0]).to.equal(402);
+        expect(mockConnection.reply.args[0][0]).to.equal(502);
       });
     });
 

test/commands/registration/eprt.spec.js

@@ -23,7 +23,7 @@ describe(CMD, function () {
   });
 
   it('// unsuccessful | no argument', () => {
-    return cmdFn()
+    return cmdFn({})
     .then(() => {
       expect(mockClient.reply.args[0][0]).to.equal(504);
     });

test/commands/registration/epsv.spec.js

@@ -25,7 +25,7 @@ describe(CMD, function () {
   });
 
   it('// successful IPv4', () => {
-    return cmdFn()
+    return cmdFn({})
     .then(() => {
       const [code, message] = mockClient.reply.args[0];
       expect(code).to.equal(229);

test/commands/registration/feat.spec.js

@@ -0,0 +1,29 @@
+const Promise = require('bluebird');
+const {expect} = require('chai');
+const sinon = require('sinon');
+
+const CMD = 'FEAT';
+describe(CMD, function () {
+  let sandbox;
+  const mockClient = {
+    reply: () => Promise.resolve()
+  };
+  const cmdFn = require(`../../../src/commands/registration/${CMD.toLowerCase()}`).handler.bind(mockClient);
+
+  beforeEach(() => {
+    sandbox = sinon.sandbox.create().usingPromise(Promise);
+
+    sandbox.spy(mockClient, 'reply');
+  });
+  afterEach(() => {
+    sandbox.restore();
+  });
+
+  it('// successful', () => {
+    return cmdFn({command: {directive: CMD}})
+    .then(() => {
+      expect(mockClient.reply.args[0][0]).to.equal(211);
+      expect(mockClient.reply.args[0][2].message).to.equal(' AUTH TLS');
+    });
+  });
+});

test/commands/registration/opts.spec.js

@@ -29,7 +29,7 @@ describe(CMD, function () {
   it('BAD // unsuccessful', () => {
     return cmdFn({command: {arg: 'BAD', directive: CMD}})
     .then(() => {
-      expect(mockClient.reply.args[0][0]).to.equal(500);
+      expect(mockClient.reply.args[0][0]).to.equal(501);
     });
   });
 

test/connector/active.spec.js

@@ -13,14 +13,16 @@ describe('Connector - Active //', function () {
   let getNextPort = getNextPortFactory(host, 1024);
   let PORT;
   let active;
-  let mockConnection = {};
+  let mockConnection = {
+    commandSocket: {
+      remoteAddress: '::ffff:127.0.0.1'
+    }
+  };
   let sandbox;
   let server;
 
-  before(() => {
-    active = new ActiveConnector(mockConnection);
-  });
   beforeEach((done) => {
+    active = new ActiveConnector(mockConnection);
     sandbox = sinon.sandbox.create().usingPromise(Promise);
 
     getNextPort()
@@ -31,9 +33,12 @@ describe('Connector - Active //', function () {
       .listen(PORT, () => done());
     });
   });
-  afterEach((done) => {
+
+  afterEach(() => {
     sandbox.restore();
-    server.close(done);
+    server.close();
+    active.end();
+
   });
 
   it('sets up a connection', function () {
@@ -43,13 +48,27 @@ describe('Connector - Active //', function () {
     });
   });
 
-  it('destroys existing connection, then sets up a connection', function () {
-    const destroyFnSpy = sandbox.spy(active.dataSocket, 'destroy');
+  it('rejects alternative host', function () {
+    return active.setupConnection('123.45.67.89', PORT)
+    .catch((err) => {
+      expect(err.code).to.equal(500);
+      expect(err.message).to.equal('The given address is not yours');
+    })
+    .finally(() => {
+      expect(active.dataSocket).not.to.exist;
+    });
+  });
 
+  it('destroys existing connection, then sets up a connection', function () {
     return active.setupConnection(host, PORT)
     .then(() => {
-      expect(destroyFnSpy.callCount).to.equal(1);
-      expect(active.dataSocket).to.exist;
+      const destroyFnSpy = sandbox.spy(active.dataSocket, 'destroy');
+
+      return active.setupConnection(host, PORT)
+      .then(() => {
+        expect(destroyFnSpy.callCount).to.equal(1);
+        expect(active.dataSocket).to.exist;
+      });
     });
   });
 

test/fs.spec.js

@@ -36,7 +36,7 @@ describe('FileSystem', function () {
 
   describe('#_resolvePath', function () {
     it('gets correct relative path', function () {
-      const result = fs._resolvePath();
+      const result = fs._resolvePath('.');
       expect(result).to.be.an('object');
       expect(result.clientPath).to.equal(
         nodePath.normalize('/file/1/2/3'));
@@ -53,6 +53,15 @@ describe('FileSystem', function () {
         nodePath.resolve('/tmp/ftp-srv/file/1/2'));
     });
 
+    it('gets correct relative path', function () {
+      const result = fs._resolvePath('other');
+      expect(result).to.be.an('object');
+      expect(result.clientPath).to.equal(
+        nodePath.normalize('/file/1/2/3/other'));
+      expect(result.fsPath).to.equal(
+        nodePath.resolve('/tmp/ftp-srv/file/1/2/3/other'));
+    });
+
     it('gets correct absolute path', function () {
       const result = fs._resolvePath('/other');
       expect(result).to.be.an('object');
@@ -62,7 +71,7 @@ describe('FileSystem', function () {
         nodePath.resolve('/tmp/ftp-srv/other'));
     });
 
-    it('cannot escape root', function () {
+    it('cannot escape root - unix', function () {
       const result = fs._resolvePath('../../../../../../../../../../..');
       expect(result).to.be.an('object');
       expect(result.clientPath).to.equal(
@@ -71,6 +80,24 @@ describe('FileSystem', function () {
         nodePath.resolve('/tmp/ftp-srv'));
     });
 
+    it('cannot escape root - win', function () {
+      const result = fs._resolvePath('.\\..\\..\\..\\..\\..\\..\\');
+      expect(result).to.be.an('object');
+      expect(result.clientPath).to.equal(
+        nodePath.normalize('/'));
+      expect(result.fsPath).to.equal(
+        nodePath.resolve('/tmp/ftp-srv'));
+    });
+
+    it('cannot escape root - backslash prefix', function () {
+      const result = fs._resolvePath('\\/../../../../../../');
+      expect(result).to.be.an('object');
+      expect(result.clientPath).to.equal(
+        nodePath.normalize('/'));
+      expect(result.fsPath).to.equal(
+        nodePath.resolve('/tmp/ftp-srv'));
+    });
+
     it('resolves to file', function () {
       const result = fs._resolvePath('/cool/file.txt');
       expect(result).to.be.an('object');

test/index.spec.js

@@ -24,10 +24,13 @@ describe('Integration', function () {
   before(() => {
     return startServer({url: 'ftp://127.0.0.1:8880'});
   });
+
   beforeEach(() => {
     sandbox = sinon.sandbox.create().usingPromise(Promise);
   });
+
   afterEach(() => sandbox.restore());
+
   after(() => server.close());
 
   before(() => {
@@ -101,7 +104,8 @@ describe('Integration', function () {
       if (stat.isDirectory()) directoryPurge(item);
       else fs.unlinkSync(item);
     });
-    fs.rmdirSync(dir);
+
+    fs.rmdirSync(dir, { recursive: true });
   }
 
   function runFileSystemTests(name) {
@@ -217,6 +221,24 @@ describe('Integration', function () {
       });
     });
 
+    it('STOR logo.png', (done) => {
+      const logo = `${__dirname}/../logo.png`;
+      const fsPath = `${clientDirectory}/${name}/logo.png`;
+
+      client.put(logo, 'logo.png', (err) => {
+        expect(err).to.not.exist;
+        setImmediate(() => {
+          expect(fs.existsSync(fsPath)).to.equal(true);
+
+          const logoContents = fs.readFileSync(logo);
+          const transferedContects = fs.readFileSync(fsPath);
+
+          expect(logoContents.equals(transferedContects));
+          done();
+        });
+      });
+    });
+
     it('APPE tést.txt', (done) => {
       const buffer = Buffer.from(', awesome!');
       const fsPath = `${clientDirectory}/${name}/tést.txt`;
@@ -241,13 +263,16 @@ describe('Integration', function () {
       client.get('tést.txt', (err, stream) => {
         expect(err).to.not.exist;
         let text = '';
+
         stream.on('data', (data) => {
           text += data.toString();
         });
-        stream.on('end', () => {
+
+        stream.on('finish', () => {
           expect(text).to.equal('test text file, awesome!');
           done();
         });
+
         stream.resume();
       });
     });
@@ -320,7 +345,25 @@ describe('Integration', function () {
       });
     });
 
+    it('MKD témp multiple levels deep', (done) => {
+      const path = `${clientDirectory}/${name}/témp`;
+      if (fs.existsSync(path)) {
+        fs.rmdirSync(path, {recursive: true});
+      }
+
+      client.mkdir('témp/first/second', (err) => {
+        expect(err).to.not.exist;
+        expect(fs.existsSync(path)).to.equal(true);
+
+        fs.rmdirSync(path, {recursive: true});
+        done();
+      });
+    });
+
     it('CWD témp', (done) => {
+      const path = `${clientDirectory}/${name}/témp`;
+      fs.mkdirSync(path)
+
       client.cwd('témp', (err, data) => {
         expect(err).to.not.exist;
         expect(data).to.to.be.a('string');
@@ -351,6 +394,39 @@ describe('Integration', function () {
     });
   }
 
+  describe('Server events', function () {
+    const disconnect = sinon.spy();
+    const login = sinon.spy();
+
+    before(() => {
+      server.on('login', login);
+      server.on('disconnect', disconnect);
+      return connectClient({
+        host: server.url.hostname,
+        port: server.url.port,
+        user: 'test',
+        password: 'test'
+      });
+    });
+
+    after(() => {
+      server.off('login', login);
+      server.off('disconnect', disconnect);
+    })
+
+    it('should fire a login event on connect', () => {
+      expect(login.calledOnce).to.be.true;
+    });
+
+    it('should fire a close event on disconnect', (done) => {
+      client.end();
+      setTimeout(() => {
+        expect(disconnect.calledOnce).to.be.true;
+        done();
+      }, 100)
+    });
+  });
+
   describe('#ASCII', function () {
     before(() => {
       return connectClient({

test/start.js

@@ -5,20 +5,20 @@ const FtpServer = require('../src');
 const server = new FtpServer({
   log: bunyan.createLogger({name: 'test', level: 'trace'}),
   url: 'ftp://127.0.0.1:8880',
-  pasv_url: '127.0.0.1',
+  pasv_url: '192.168.1.1',
   pasv_min: 8881,
   greeting: ['Welcome', 'to', 'the', 'jungle!'],
   tls: {
-    key: fs.readFileSync(`${process.cwd()}/test/cert/server.key`),
-    cert: fs.readFileSync(`${process.cwd()}/test/cert/server.crt`),
-    ca: fs.readFileSync(`${process.cwd()}/test/cert/server.csr`)
+    key: fs.readFileSync(`${__dirname}/cert/server.key`),
+    cert: fs.readFileSync(`${__dirname}/cert/server.crt`),
+    ca: fs.readFileSync(`${__dirname}/cert/server.csr`)
   },
   file_format: 'ep',
   anonymous: 'sillyrabbit'
 });
 server.on('login', ({username, password}, resolve, reject) => {
   if (username === 'test' && password === 'test' || username === 'anonymous') {
-    resolve({root: require('os').homedir()});
+    resolve({root: __dirname});
   } else reject('Bad username or password');
 });
 server.listen();