beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 15:40:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
642 commits 8 branches 49 tags 49 MiB
Commit graph

125 commits

Author SHA1 Message Date
Nicola Murino
bdf18fa862 password hashing: exposes argon2 options 
So the hashing complexity can be changed depending on available
memory/CPU resources and business requirements
 2020-09-04 17:09:31 +02:00
Nicola Murino
a59163e56c multi-step auth: don't advertise password method if it is disabled 
also rename the settings to password_authentication so it is more like
OpenSSH, add some test cases and improve documentation
 2020-09-01 19:34:40 +02:00
Giorgio Pellero
8391b19abb
Add password_disabled bool to sftpd config, disables password auth callback (#165) 2020-09-01 19:26:33 +02:00
Nicola Murino
3925c7ff95 REST API/Web admin: add a parameter to disconnect a user after an update 
This way you can force the user to login again and so to use the updated
configuration.

A deleted user will be automatically disconnected.

Fixes #163

Improved some docs too.
 2020-09-01 16:10:26 +02:00
Nicola Murino
dbed110d02 WebDAV: add caching for authenticated users 
In this way we get a big performance boost
 2020-08-31 19:25:17 +02:00
Nicola Murino
56b00addc4 docker: try to improve the docs 
See #159
 2020-08-24 15:46:31 +02:00
Nicola Murino
5208e4a4ca sftpd: improve truncate 
quota usage and max allowed write size are now properly updated after a
truncate
 2020-08-22 10:12:00 +02:00
Nicola Murino
f41ce6619f sftpd: add SSH_FXP_FSETSTAT support 
This change will fix file editing from sshfs, we need this patch

https://github.com/pkg/sftp/pull/373

for pkg/sftp to support this feature
 2020-08-20 13:54:36 +02:00
Nicola Murino
8b0a1817b3 add check password hook 
its main use case is to allow to easily support things like password+OTP for
protocols without keyboard interactive support such as FTP and WebDAV
 2020-08-19 19:36:12 +02:00
Nicola Murino
04c9a5c008 add some examples hooks for one time password logins 
The examples use Twillo Authy since I use it for my GitHub account.

You can easily use other multi factor authentication software in a
similar way.
 2020-08-18 21:21:01 +02:00
Nicola Murino
bbc8c091e6 portable mode: add WebDAV support 2020-08-17 14:08:08 +02:00
Nicola Murino
f3228713bc Allow individual protocols to be enabled per user 
Fixes #154
 2020-08-17 12:49:20 +02:00
Nicola Murino
fa5333784b add a maximum allowed size for a single upload 2020-08-16 20:17:02 +02:00
Nicola Murino
0dbf0cc81f WebDAV: add CORS support 2020-08-15 15:55:20 +02:00
Nicola Murino
196a56726e FTP improvements 
- add a setting to require TLS
- add symlink support

require TLS 1.2 for all TLS connections
 2020-08-15 13:02:25 +02:00
Nicola Murino
fe857dcb1b CI: use go 1.15 by default now that it is released 2020-08-12 16:42:38 +02:00
Nicola Murino
aa0ed5dbd0 add post-login hook 
a login scope is supported too so you can get notifications for failed logins,
successful logins or both
 2020-08-12 16:15:12 +02:00
Nicola Murino
a9e21c282a add WebDAV support 
Fixes #147
 2020-08-11 23:56:10 +02:00
Nicola Murino
91dcc349de Add client IP address to external auth, pre-login and keyboard interactive hooks 2020-08-04 18:03:28 +02:00
Nicola Murino
22338ed478 add post connect hook 
Fixes #144
 2020-07-30 22:33:49 +02:00
Nicola Murino
93ce96d011 add support for the venerable FTP protocol 
Fixes #46
 2020-07-29 21:56:56 +02:00
Nicola Murino
4e41a5583d refactoring: add common package 
The common package defines the interfaces that a protocol must implement
and contain code that can be shared among supported protocols.

This way should be easier to support new protocols
 2020-07-24 23:39:38 +02:00
Nicola Murino
3702bc8413 several doc fixes 2020-07-11 13:03:15 +02:00
Nicola Murino
1e10381143 improve help strings formatting 
Fixes #139
 2020-07-09 18:58:22 +02:00
Nicola Murino
96cbce52f9 cmd: add shell completion and man pages generators 2020-07-08 23:21:33 +02:00
Nicola Murino
790c11c453 back to development 2020-07-07 19:40:22 +02:00
Nicola Murino
cf541d62ea recursive permissions check before renaming/copying directories 2020-06-26 23:38:29 +02:00
Nicola Murino
0056984d4b Allow to rotate logs on demand 
Log file can be rotated sending a SIGUSR1 signal on Unix based systems and
using "sftpgo service rotatelogs" on Windows

Fixes #133
 2020-06-22 19:11:53 +02:00
Nicola Murino
23a80b01b6 add build tag to disable metrics 2020-06-19 17:08:51 +02:00
Nicola Murino
b30614e9d8 httpd: make the built-in web interface optional 
The built-in web admin will be disabled if both "templates_path" and
"static_files_path" are empty

Fixes #131
 2020-06-18 23:53:38 +02:00
Nicola Murino
e86089a9f3 quota: improve size check 
get the remaining allowed size when an upload starts and check it against the
uploaded bytes

Fixes #128
 2020-06-18 22:38:03 +02:00
Nicola Murino
c491133aff docs: fix markdown lint warnings 2020-06-15 23:46:11 +02:00
Nicola Murino
37418a7630 SSH system commands: allow git and rsync inside virtual folders 2020-06-15 23:32:12 +02:00
Nicola Murino
73a9c002e0 permissions: improve rename 
Allow to enable rename permission in a more controlled way granting "delete"
permission on source directory and "upload" permission on target directory
 2020-06-13 23:49:28 +02:00
Nicola Murino
3d48fa7382 ssh commands: add sftpgo-copy and sftpgo-remove 
Fixes #122
 2020-06-13 22:48:51 +02:00
Nicola Murino
8e22dd1b13 virtual folders: allow overlapped mapped paths if quota is disabled 
See #95
 2020-06-10 09:11:32 +02:00
Nicola Murino
cd380973df allows host keys auto generation inside a user configured directory 
Fixes #124
 2020-06-08 18:45:04 +02:00
Nicola Murino
c231b663a3 add docs for virtual folders 
fix test cases on macOS
 2020-06-08 00:15:14 +02:00
Nicola Murino
8306b6bde6 refactor virtual folders 
The same virtual folder can now be shared among users and different
folder quota limits for each user are supported.

Fixes #120
 2020-06-07 23:30:18 +02:00
Nicola Murino
dc011af90d sftpd actions: add support for pre-delete action 
Fixes #121
 2020-05-24 23:31:14 +02:00
Nicola Murino
c27e3ef436 actions: add a generic hook to define external commands and HTTP URL 
We can only define a single hook now and it can be an HTTP notification
or an external command, not both
 2020-05-24 15:29:39 +02:00
Nicola Murino
5665e9c0e7 improve some docs 2020-05-23 12:47:44 +02:00
Nicola Murino
ad53429cf1 add support for build tag to allow to disable some features 
The following build tags are available:

- "nogcs", disable Google Cloud Storage backend
- "nos3", disable S3 Compabible Object Storage backends
- "nobolt", disable Bolt data provider
- "nomysql", disable MySQL data provider
- "nopgsql", disable PostgreSQL data provider
- "nosqlite", disable SQLite data provider
- "noportable", disable portable mode
 2020-05-23 11:58:05 +02:00
Nicola Murino
a08dd85efd sftpd: deprecate keys and add a new host_keys config param 
host_key defines the private host keys as plain list of strings.

Remove the other deprecated config params from the default config too.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-16 23:26:44 +02:00
Nicola Murino
7ae8b2cdeb move REST API CLI in examples directory 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-16 14:02:46 +02:00
Nicola Murino
738c7ab43e sftpd: add support for SSH user certificate authentication 
This add support for PROTOCOL.certkeys vendor extension:

https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?rev=1.8

Fixes #117

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-15 20:08:53 +02:00
Nicola Murino
f369fdf6f2 httpclient: add a configuration parameter to skip TLS certificate validation 
In this mode, TLS is susceptible to man-in-the-middle attacks.
This should be used only for testing.
 2020-05-03 11:37:50 +02:00
Nicola Murino
b006c5f914 NewOsFs: return an interface and not a pointer 2020-05-02 15:01:56 +02:00
Nicola Murino
3f75d46a16 sftpd: add support for excluding virtual folders from user quota limit 
Fixes #110
 2020-05-01 15:27:53 +02:00
Sam Millar
67c6f27064 Tiny documentation typo fix 2020-04-29 16:13:33 +02:00
Enes Çakır
baac3749b3 add verbose flag for portable mode 2020-04-28 17:03:14 +02:00
Nicola Murino
d377181b25 add a new configuration section for HTTP clients 
HTTP clients are used for executing hooks such as the ones used for custom
actions, external authentication and pre-login user modifications.

This allows, for example, to use self-signed certificate without defeating the
purpose of using TLS
 2020-04-26 23:29:09 +02:00
Nicola Murino
ebd6a11f3a external auth: add example HTTP server to use as authentication hook 
The server authenticate against an LDAP server.
 2020-04-26 14:48:32 +02:00
Mengsk
9248c5a987 Update performance.md 2020-04-13 21:20:53 +02:00
Nicola Murino
b0ed190591 add an example auth program that allow to authenticate against LDAP 
External authentication is the way to go to authenticate against LDAP,
at least for now.

Closes #99
 2020-04-11 22:30:41 +02:00
Nicola Murino
37357b2d63 add support for checking pbkdf2 passwords with base64 encoded salt 
This way we can import the default passwords format used in 389ds.

See TestPasswordsHashPbkdf2Sha256_389DS test case to learn how to convert
389ds passwords
 2020-04-11 12:25:21 +02:00
Nicola Murino
b1c7317cf6 add support for partial authentication 
Multi-step authentication is activated disabling all single-step
auth methods for a given user
 2020-04-09 23:32:42 +02:00
Nicola Murino
94b46e57f1 sftpd actions: execute defined command on error too 
add a new field inside the notification to indicate if an error is
detected
 2020-04-03 19:25:38 +02:00
Nicola Murino
9046acbe68 add HTTP hooks 
external auth, pre-login user modification and keyboard interactive
authentication is now supported via HTTP requests too
 2020-04-01 23:25:23 +02:00
Nicola Murino
0a9c4914aa pre-login program: allow to create a new user too 
clarify the difference between dynamic user creation/update and external
authentication
 2020-03-27 23:26:22 +01:00
Nicola Murino
f284008fb5 enable scp in default configuration 
remove the deprecated enable_scp setting
 2020-03-26 23:38:24 +01:00
Nicola Murino
4759254e10 file actions: add bucket and endpoint to notifications 
The HTTP notifications are now invoked as POST and the notification is
a JSON inside the POST body.

This is a backward incompatible change but this way the actions can be
extended more easily, sorry for the trouble

Fixes #101
 2020-03-25 18:36:33 +01:00
Nicola Murino
e22d377203 docs: clarify "ca-certificates" requirement 
Fixes #98
 2020-03-22 20:17:36 +01:00
Nicola Murino
c1194d558c docs: minor improvements 2020-03-22 14:03:06 +01:00
Nicola Murino
76bb361393 docs: add built-in profiler 2020-03-15 23:33:12 +01:00
Nicola Murino
f4e872c782 portable mode: add flags for s3 upload part size and concurrency 2020-03-15 11:40:06 +01:00
Nicola Murino
1770da545d s3: upload concurrency is now configurable 
Please note that if the upload bandwidth between the SFTP client and
SFTPGo is greater than the upload bandwidth between SFTPGo and S3 then
the SFTP client have to wait for the upload of the last parts to S3
after it ends the file upload to SFTPGo, and it may time out.
Keep this in mind if you customize parts size and upload concurrency
 2020-03-13 19:13:58 +01:00
Nicola Murino
de3e69f846 s3: add documentation and test cases for upload part size 2020-03-13 17:28:55 +01:00
Nicola Murino
4fe51f7cce set version to 0.9.6 2020-03-07 13:36:46 +01:00
HiFiPhile
7221bf9b25 Add performance summary 
Pull request #92
 2020-03-06 22:48:55 +01:00
Nicola Murino
61f20f5449 Linux: add basic instructions to run SFTPGo as service 2020-03-06 09:24:55 +01:00
Nicola Murino
5dafbb54de macOS: add basic instructions to run SFTPGo as service 2020-03-05 23:26:47 +01:00
Nicola Murino
ec8ab28a22 portable mode: add support for file extensions filters 2020-03-05 15:37:10 +01:00
Nicola Murino
9b119765fc docs: minor improvements 2020-03-04 23:51:16 +01:00
Jo Vandeginste
df02496145 Refactor docs 2020-03-04 23:10:58 +01:00