0ct0pu5/sftpgo-mirror

Author	SHA1	Message	Date
Nicola Murino	37f8fb3a0e	add a link to the upgrading docs in the error message Some checks failed Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test and deploy Windows (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details Fixes #1854 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-31 10:04:43 +01:00
Nicola Murino	deea9ff038	do not return if client IP is not allowed in login API response Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-28 18:47:04 +01:00
Nicola Murino	91340bbe2f	config: reset invalid rename mode Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-26 09:36:58 +01:00
Nicola Murino	e689d52dca	plugin: simplify notifiers queue handling Some checks failed Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test and deploy Windows (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-25 22:53:26 +01:00
Nicola Murino	dee3f3f87a	EventManager: add placeholder for filename without extension Some checks failed Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test and deploy Windows (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details Fixes #1828 Fixes #1833 Co-authored-by: Per Osbeck <per.osbeck@consid.se> Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-23 19:08:48 +01:00
Nicola Murino	1a7f346b51	acme: use retryable client Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-21 18:28:15 +01:00
Nicola Murino	843b8c38d3	SSH: add a test case for DSA keys Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-19 19:55:25 +01:00
Nicola Murino	70fc00d7eb	Allow to choose enabled languages Fixes #1835 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-19 19:50:19 +01:00
Nicola Murino	9f873d1059	prefer strings.EqualFold to strings.strings.ToLower where possible Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-19 19:44:01 +01:00
Nicola Murino	b0061f570e	WebClient: refactor preserving share password Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-18 19:54:39 +01:00
Nicola Murino	bfe6c58133	don't allow DSA keys Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-18 19:01:15 +01:00
Nicola Murino	8c5f92aeb1	dataprovider events: fix string formatting for program hook Fixes #1845 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-18 18:37:44 +01:00
Nicola Murino	ec90b61bb4	allow to configure JWT tokens and cookies duration Fixes #1839 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-18 18:33:37 +01:00
Nicola Murino	d3db80dc32	set stat: remove unecessary check Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-15 09:59:06 +01:00
Nicola Murino	c56be285a5	replace fnv with sha256 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-14 14:42:43 +01:00
Nicola Murino	599ee5a58f	EventManager: check file size for more events Also add some defensive code Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-14 13:19:02 +01:00
Nicola Murino	7703f57122	rename: minor optimization Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-08 09:58:28 +01:00
Nicola Murino	e21c989038	logs: add a specific log structure for successful logins Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-07 10:29:33 +01:00
Nicola Murino	f8bdb84e8d	s3: metadata is not currently supported remove useless code, we'll add it again once we support metadata Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-12-01 17:32:15 +01:00
Nicola Murino	e161015c67	upload: avoid a stat call if not strictly required Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-30 20:43:19 +01:00
Nicola Murino	6a7c8df1ef	use GenerateOpaqueString also for node secrets this method will use rand.Text() with Go 1.24 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-27 19:05:19 +01:00
Nicola Murino	d3e76898cd	WebAdmin: refactor template permissions Some checks failed Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test and deploy Windows (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-26 20:39:36 +01:00
Nicola Murino	10b2e5671b	silence lint warning Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-21 07:52:53 +01:00
Nicola Murino	ebc085da77	EventManager: always close the connection filesystem closing the user filesystem is not enough here Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-21 07:52:49 +01:00
Nicola Murino	4a414f0fa4	test cases: fix some random failures Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-21 07:52:45 +01:00
Nicola Murino	f30a9a2095	OIDC cookie: use a cryptographically secure random string Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-21 07:52:36 +01:00
Nicola Murino	ed5ff9c5cc	sftpd: remove allocator Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-21 07:52:24 +01:00
Nicola Murino	c37b7f0493	provider rule events: allows to filter by user groups Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-15 14:01:08 +01:00
Nicola Murino	0f073a40fd	logger: add cipher suite Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-13 18:33:07 +01:00
Nicola Murino	618723c457	httpd: always use an opaque signing key Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-12 19:27:34 +01:00
Nicola Murino	4cb6acefb2	oidc/oauth2: use an opaque state Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-11 19:43:57 +01:00
Nicola Murino	f22ec2275f	fix new lint warnings Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-10 20:58:22 +01:00
Nicola Murino	b524da11e9	EventManager: disable commands by default Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-10 12:08:17 +01:00
Nicola Murino	3dd412f6e3	WebAdmin and REST API: remove too granular permissions Our permissions system for admin users is too granular and some permissions overlap. For example, you can define an administrator with the "manage_system" permission and not with the "manage_admins" or "manage_user" permission, but the "manage_system" permission allows you to restore a backup and then create users and administrators. The following permissions will be removed: "manage_admins", "manage_apikeys", "manage_system", "retention_checks", "manage_event_rules", "manage_roles", "manage_ip_lists". Now you need to add the "*" permission to replace the removed granular permissions because the removed permissions allow actions that should only be allowed to super administrators. There is no point in having separate, overlapping permissions. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-10 10:46:28 +01:00
Nicola Murino	ef98ee7d11	don't allow admins to change their own permissions Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-09 20:24:35 +01:00
Nicola Murino	7aac64531f	WebAdmin: check CSRF header when deleting blocked hosts Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-09 18:44:31 +01:00
Nicola Murino	03724d5eb1	remove fallback if rand.Reader fails Failing to read from rand.Reader essentially can't happen, and if it does is not possible to fallback securely, so just panic Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-09 18:44:25 +01:00
Nicola Murino	82b437c502	plugins: fix passing additional environment variables Some checks failed Docker / Build (push) Has been cancelled Details Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-05 18:06:58 +01:00
Nicola Murino	88b1850b58	EventManager: allow to define the allowed system commands Some checks failed CI / Test and deploy (push) Has been cancelled Details Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-11-01 11:37:33 +01:00
Nicola Murino	60558de728	proxy protocol: add more logs Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-31 18:04:55 +01:00
Nicola Murino	beff4432dc	plugin: remove invalid chars from error message Some checks failed CI / Test and deploy (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-29 18:11:53 +01:00
Nicola Murino	21bd8c5660	node: use a plain string as key Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-28 18:34:36 +01:00
Nicola Murino	e4e31ec4fb	TestMaxSessionsSameConnection: make more reproducible Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-26 21:50:15 +02:00
Nicola Murino	ae1487d733	fix connection limits an SFTP client can start multiple transfers on a single connection Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-26 21:18:19 +02:00
Nicola Murino	c69fbe6bf9	tls: allow to configure all supported TLS versions and ciphers Some checks failed Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-23 19:50:37 +02:00
Nicola Murino	8d697bcc94	WebClient: enforce 2fa and password requirements also with OIDC Some checks failed Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details password and 2fa can be used with other protocols Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-21 20:40:44 +02:00
Nicola Murino	ca41b59fc4	DirLister: returns appropriate protocol errors Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-16 19:04:09 +02:00
Nicola Murino	d8691d1e1a	update translations Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-13 17:00:17 +02:00
Nicola Murino	5cb1b9c1e9	Web: add CheckRedirect to pages using baselogin.html Some checks failed Code scanning - action / CodeQL-Build (push) Has been cancelled Details CI / Test and deploy (push) Has been cancelled Details CI / Test build flags (push) Has been cancelled Details CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled Details CI / Build Linux packages (push) Has been cancelled Details CI / golangci-lint (push) Has been cancelled Details Docker / Build (push) Has been cancelled Details Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-12 12:54:21 +02:00
Nicola Murino	b23e67ae6a	EventManager: add escaped virtual path Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2024-10-12 11:25:07 +02:00

1 2 3 4 5 ...

553 commits