mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-25 09:00:27 +00:00
fix a possible nil pointer dereference
it can happen by upgrading from very old versions
This commit is contained in:
parent
0ad6f031e8
commit
29836edf2b
6 changed files with 68 additions and 20 deletions
|
@ -730,6 +730,26 @@ func TestParseAllowedIPAndRanges(t *testing.T) {
|
||||||
assert.False(t, allow[1](net.ParseIP("172.16.1.1")))
|
assert.False(t, allow[1](net.ParseIP("172.16.1.1")))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestHideConfidentialData(t *testing.T) {
|
||||||
|
for _, provider := range []vfs.FilesystemProvider{vfs.S3FilesystemProvider, vfs.GCSFilesystemProvider,
|
||||||
|
vfs.AzureBlobFilesystemProvider, vfs.CryptedFilesystemProvider, vfs.SFTPFilesystemProvider} {
|
||||||
|
u := dataprovider.User{
|
||||||
|
FsConfig: vfs.Filesystem{
|
||||||
|
Provider: provider,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
u.PrepareForRendering()
|
||||||
|
f := vfs.BaseVirtualFolder{
|
||||||
|
FsConfig: vfs.Filesystem{
|
||||||
|
Provider: provider,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
f.PrepareForRendering()
|
||||||
|
}
|
||||||
|
a := dataprovider.Admin{}
|
||||||
|
a.HideConfidentialData()
|
||||||
|
}
|
||||||
|
|
||||||
func BenchmarkBcryptHashing(b *testing.B) {
|
func BenchmarkBcryptHashing(b *testing.B) {
|
||||||
bcryptPassword := "bcryptpassword"
|
bcryptPassword := "bcryptpassword"
|
||||||
for i := 0; i < b.N; i++ {
|
for i := 0; i < b.N; i++ {
|
||||||
|
|
|
@ -344,19 +344,33 @@ func (u *User) hideConfidentialData() {
|
||||||
u.Password = ""
|
u.Password = ""
|
||||||
switch u.FsConfig.Provider {
|
switch u.FsConfig.Provider {
|
||||||
case vfs.S3FilesystemProvider:
|
case vfs.S3FilesystemProvider:
|
||||||
|
if u.FsConfig.S3Config.AccessSecret != nil {
|
||||||
u.FsConfig.S3Config.AccessSecret.Hide()
|
u.FsConfig.S3Config.AccessSecret.Hide()
|
||||||
|
}
|
||||||
case vfs.GCSFilesystemProvider:
|
case vfs.GCSFilesystemProvider:
|
||||||
|
if u.FsConfig.GCSConfig.Credentials != nil {
|
||||||
u.FsConfig.GCSConfig.Credentials.Hide()
|
u.FsConfig.GCSConfig.Credentials.Hide()
|
||||||
|
}
|
||||||
case vfs.AzureBlobFilesystemProvider:
|
case vfs.AzureBlobFilesystemProvider:
|
||||||
|
if u.FsConfig.AzBlobConfig.AccountKey != nil {
|
||||||
u.FsConfig.AzBlobConfig.AccountKey.Hide()
|
u.FsConfig.AzBlobConfig.AccountKey.Hide()
|
||||||
|
}
|
||||||
|
if u.FsConfig.AzBlobConfig.SASURL != nil {
|
||||||
u.FsConfig.AzBlobConfig.SASURL.Hide()
|
u.FsConfig.AzBlobConfig.SASURL.Hide()
|
||||||
|
}
|
||||||
case vfs.CryptedFilesystemProvider:
|
case vfs.CryptedFilesystemProvider:
|
||||||
|
if u.FsConfig.CryptConfig.Passphrase != nil {
|
||||||
u.FsConfig.CryptConfig.Passphrase.Hide()
|
u.FsConfig.CryptConfig.Passphrase.Hide()
|
||||||
|
}
|
||||||
case vfs.SFTPFilesystemProvider:
|
case vfs.SFTPFilesystemProvider:
|
||||||
|
if u.FsConfig.SFTPConfig.Password != nil {
|
||||||
u.FsConfig.SFTPConfig.Password.Hide()
|
u.FsConfig.SFTPConfig.Password.Hide()
|
||||||
|
}
|
||||||
|
if u.FsConfig.SFTPConfig.PrivateKey != nil {
|
||||||
u.FsConfig.SFTPConfig.PrivateKey.Hide()
|
u.FsConfig.SFTPConfig.PrivateKey.Hide()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// GetSubDirPermissions returns permissions for sub directories
|
// GetSubDirPermissions returns permissions for sub directories
|
||||||
func (u *User) GetSubDirPermissions() []DirectoryPermissions {
|
func (u *User) GetSubDirPermissions() []DirectoryPermissions {
|
||||||
|
|
|
@ -4,10 +4,10 @@ SFTPGo provides an official Docker image, it is available on both [Docker Hub](h
|
||||||
|
|
||||||
## Supported tags and respective Dockerfile links
|
## Supported tags and respective Dockerfile links
|
||||||
|
|
||||||
- [v2.1.1, v2.1, v2, latest](https://github.com/drakkan/sftpgo/blob/v2.1.1/Dockerfile)
|
- [v2.1.2, v2.1, v2, latest](https://github.com/drakkan/sftpgo/blob/v2.1.2/Dockerfile)
|
||||||
- [v2.1.1-alpine, v2.1-alpine, v2-alpine, alpine](https://github.com/drakkan/sftpgo/blob/v2.1.1/Dockerfile.alpine)
|
- [v2.1.2-alpine, v2.1-alpine, v2-alpine, alpine](https://github.com/drakkan/sftpgo/blob/v2.1.2/Dockerfile.alpine)
|
||||||
- [v2.1.1-slim, v2.1-slim, v2-slim, slim](https://github.com/drakkan/sftpgo/blob/v2.1.1/Dockerfile)
|
- [v2.1.2-slim, v2.1-slim, v2-slim, slim](https://github.com/drakkan/sftpgo/blob/v2.1.2/Dockerfile)
|
||||||
- [v2.1.1-alpine-slim, v2.1-alpine-slim, v2-alpine-slim, alpine-slim](https://github.com/drakkan/sftpgo/blob/v2.1.1/Dockerfile.alpine)
|
- [v2.1.2-alpine-slim, v2.1-alpine-slim, v2-alpine-slim, alpine-slim](https://github.com/drakkan/sftpgo/blob/v2.1.2/Dockerfile.alpine)
|
||||||
- [edge](../Dockerfile)
|
- [edge](../Dockerfile)
|
||||||
- [edge-alpine](../Dockerfile.alpine)
|
- [edge-alpine](../Dockerfile.alpine)
|
||||||
- [edge-slim](../Dockerfile)
|
- [edge-slim](../Dockerfile)
|
||||||
|
|
|
@ -17,7 +17,7 @@ info:
|
||||||
Several storage backends are supported and they are configurable per user, so you can serve a local directory for a user and an S3 bucket (or part of it) for another one.
|
Several storage backends are supported and they are configurable per user, so you can serve a local directory for a user and an S3 bucket (or part of it) for another one.
|
||||||
SFTPGo also supports virtual folders, a virtual folder can use any of the supported storage backends. So you can have, for example, an S3 user that exposes a GCS bucket (or part of it) on a specified path and an encrypted local filesystem on another one.
|
SFTPGo also supports virtual folders, a virtual folder can use any of the supported storage backends. So you can have, for example, an S3 user that exposes a GCS bucket (or part of it) on a specified path and an encrypted local filesystem on another one.
|
||||||
Virtual folders can be private or shared among multiple users, for shared virtual folders you can define different quota limits for each user.
|
Virtual folders can be private or shared among multiple users, for shared virtual folders you can define different quota limits for each user.
|
||||||
version: 2.1.1
|
version: 2.1.2
|
||||||
contact:
|
contact:
|
||||||
name: API support
|
name: API support
|
||||||
url: 'https://github.com/drakkan/sftpgo'
|
url: 'https://github.com/drakkan/sftpgo'
|
||||||
|
|
|
@ -2,7 +2,7 @@ package version
|
||||||
|
|
||||||
import "strings"
|
import "strings"
|
||||||
|
|
||||||
const version = "2.1.1"
|
const version = "2.1.2"
|
||||||
|
|
||||||
var (
|
var (
|
||||||
commit = ""
|
commit = ""
|
||||||
|
|
|
@ -103,19 +103,33 @@ func (v *BaseVirtualFolder) IsLocalOrLocalCrypted() bool {
|
||||||
func (v *BaseVirtualFolder) hideConfidentialData() {
|
func (v *BaseVirtualFolder) hideConfidentialData() {
|
||||||
switch v.FsConfig.Provider {
|
switch v.FsConfig.Provider {
|
||||||
case S3FilesystemProvider:
|
case S3FilesystemProvider:
|
||||||
|
if v.FsConfig.S3Config.AccessSecret != nil {
|
||||||
v.FsConfig.S3Config.AccessSecret.Hide()
|
v.FsConfig.S3Config.AccessSecret.Hide()
|
||||||
|
}
|
||||||
case GCSFilesystemProvider:
|
case GCSFilesystemProvider:
|
||||||
|
if v.FsConfig.GCSConfig.Credentials != nil {
|
||||||
v.FsConfig.GCSConfig.Credentials.Hide()
|
v.FsConfig.GCSConfig.Credentials.Hide()
|
||||||
|
}
|
||||||
case AzureBlobFilesystemProvider:
|
case AzureBlobFilesystemProvider:
|
||||||
|
if v.FsConfig.AzBlobConfig.AccountKey != nil {
|
||||||
v.FsConfig.AzBlobConfig.AccountKey.Hide()
|
v.FsConfig.AzBlobConfig.AccountKey.Hide()
|
||||||
|
}
|
||||||
|
if v.FsConfig.AzBlobConfig.SASURL != nil {
|
||||||
v.FsConfig.AzBlobConfig.SASURL.Hide()
|
v.FsConfig.AzBlobConfig.SASURL.Hide()
|
||||||
|
}
|
||||||
case CryptedFilesystemProvider:
|
case CryptedFilesystemProvider:
|
||||||
|
if v.FsConfig.CryptConfig.Passphrase != nil {
|
||||||
v.FsConfig.CryptConfig.Passphrase.Hide()
|
v.FsConfig.CryptConfig.Passphrase.Hide()
|
||||||
|
}
|
||||||
case SFTPFilesystemProvider:
|
case SFTPFilesystemProvider:
|
||||||
|
if v.FsConfig.SFTPConfig.Password != nil {
|
||||||
v.FsConfig.SFTPConfig.Password.Hide()
|
v.FsConfig.SFTPConfig.Password.Hide()
|
||||||
|
}
|
||||||
|
if v.FsConfig.SFTPConfig.PrivateKey != nil {
|
||||||
v.FsConfig.SFTPConfig.PrivateKey.Hide()
|
v.FsConfig.SFTPConfig.PrivateKey.Hide()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// PrepareForRendering prepares a folder for rendering.
|
// PrepareForRendering prepares a folder for rendering.
|
||||||
// It hides confidential data and set to nil the empty secrets
|
// It hides confidential data and set to nil the empty secrets
|
||||||
|
|
Loading…
Reference in a new issue