FTP: always generate a defender event if the client does not authenticate

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-21 15:10:23 +00:00 · 2022-08-30 17:50:12 +02:00 · 2022-08-30 17:50:12 +02:00 · d2acc6f5c1
commit d2acc6f5c1
parent 531ed852f5
4 changed files with 14 additions and 10 deletions
--- a/command/command.go
+++ b/command/command.go
@ -12,6 +12,7 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <https://www.gnu.org/licenses/>.

+// Package command provides command configuration for SFTPGo hooks
 package command

 import (
--- a/common/common.go
+++ b/common/common.go
@ -862,6 +862,15 @@ func (conns *ActiveConnections) Remove(connectionID string) {
 			metric.UpdateActiveConnectionsSize(lastIdx)
 			logger.Debug(conn.GetProtocol(), conn.GetID(), "connection removed, local address %#v, remote address %#v close fs error: %v, num open connections: %v",
 				conn.GetLocalAddress(), conn.GetRemoteAddress(), err, lastIdx)
+			if conn.GetProtocol() == ProtocolFTP && conn.GetUsername() == "" {
+				ip := util.GetIPFromRemoteAddress(conn.GetRemoteAddress())
+				logger.ConnectionFailedLog("", ip, dataprovider.LoginMethodNoAuthTryed, conn.GetProtocol(),
+					dataprovider.ErrNoAuthTryed.Error())
+				metric.AddNoAuthTryed()
+				AddDefenderEvent(ip, HostEventNoLoginTried)
+				dataprovider.ExecutePostLoginHook(&dataprovider.User{}, dataprovider.LoginMethodNoAuthTryed, ip,
+					conn.GetProtocol(), dataprovider.ErrNoAuthTryed)
+			}
 			Config.checkPostDisconnectHook(conn.GetRemoteAddress(), conn.GetProtocol(), conn.GetUsername(),
 				conn.GetID(), conn.GetConnectionTime())
 			return
@ -950,19 +959,11 @@ func (conns *ActiveConnections) checkIdles() {
 		isUnauthenticatedFTPUser := (c.GetProtocol() == ProtocolFTP && c.GetUsername() == "")

 		if idleTime > Config.idleTimeoutAsDuration || (isUnauthenticatedFTPUser && idleTime > Config.idleLoginTimeout) {
-			defer func(conn ActiveConnection, isFTPNoAuth bool) {
+			defer func(conn ActiveConnection) {
 				err := conn.Disconnect()
 				logger.Debug(conn.GetProtocol(), conn.GetID(), "close idle connection, idle time: %v, username: %#v close err: %v",
 					time.Since(conn.GetLastActivity()), conn.GetUsername(), err)
-				if isFTPNoAuth {
-					ip := util.GetIPFromRemoteAddress(c.GetRemoteAddress())
-					logger.ConnectionFailedLog("", ip, dataprovider.LoginMethodNoAuthTryed, c.GetProtocol(), "client idle")
-					metric.AddNoAuthTryed()
-					AddDefenderEvent(ip, HostEventNoLoginTried)
-					dataprovider.ExecutePostLoginHook(&dataprovider.User{}, dataprovider.LoginMethodNoAuthTryed, ip, c.GetProtocol(),
-						dataprovider.ErrNoAuthTryed)
-				}
-			}(c, isUnauthenticatedFTPUser)
+			}(c)
 		}
 	}

--- a/httpclient/httpclient.go
+++ b/httpclient/httpclient.go
@ -12,6 +12,7 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <https://www.gnu.org/licenses/>.

+// Package httpclient provides HTTP client configuration for SFTPGo hooks
 package httpclient

 import (
--- a/version/version.go
+++ b/version/version.go
@ -12,6 +12,7 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <https://www.gnu.org/licenses/>.

+// Package version defines SFTPGo version details
 package version

 import "strings"