beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 07:30:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
291 commits 8 branches 49 tags 49 MiB
Commit graph

291 commits

This branch
This branch
All branches
Author SHA1 Message Date
Nicola Murino
5dafbb54de macOS: add basic instructions to run SFTPGo as service 2020-03-05 23:26:47 +01:00
Nicola Murino
ec8ab28a22 portable mode: add support for file extensions filters 2020-03-05 15:37:10 +01:00
Nicola Murino
aaa6d0c71f docs: fix some typos 2020-03-05 09:32:29 +01:00
Nicola Murino
ea74aca165 doc: some other minor improvements 2020-03-05 00:01:40 +01:00
Nicola Murino
9b119765fc docs: minor improvements 2020-03-04 23:51:16 +01:00
Jo Vandeginste
df02496145 Refactor docs 2020-03-04 23:10:58 +01:00
Nicola Murino
31d285813e windows: try to escape trailing double quote in user input 
we try to remove the trailing double quote for user input such as this one

sftpgo.exe serve -c "C:\ProgramData\SFTPGO\"

the value for the -c flag is parsed as:

C:\ProgramData\SFTPGO"

this is what the user specified, but the user want this value:

C:\ProgramData\SFTPGO

so we try to remove the trailing double quote.

Please note that we cannot do anything for something like this:

-c "C:\ProgramData\SFTPGO\" -l "sftpgo.log"

in this case the -l flag will be ignored and the value for the c flag is:

C:\ProgramData\SFTPGO" -l sftpgo.log

and so probably it is invalid. This is definitely a bad user input
 2020-03-04 09:27:14 +01:00
Germs2004
f9fc5792fd fixed minor typos and edits 2020-03-04 08:01:02 +01:00
Germs2004
6ad9c5ae64 minor typo 2020-03-04 08:00:34 +01:00
Nicola Murino
016abda6d7 improve docs 2020-03-03 23:25:23 +01:00
Nicola Murino
2eea6c95b9 windows setup: use ProgramData folder to store application data 
this is a backward incompatible change, but it is the way to do the
things on Windows.
 2020-03-03 22:31:13 +01:00
Nicola Murino
7f1946de34 improve validations for user provided file and directory paths 2020-03-03 09:09:58 +01:00
Nicola Murino
d0a81cabab log file: if the path is not absolute make it relative to config dir 
Also refuse to join invalid file name such as "."

Fixes #85
 2020-03-03 00:34:06 +01:00
Nicola Murino
df67f4ef34 clean config dir 
Fixes #80
 2020-03-02 22:56:14 +01:00
Nicola Murino
ed11e1128a docs: clarify the initprovider command is required for SQLite too 2020-03-02 10:34:31 +01:00
Nicola Murino
ed1c7cac17 update deps 
we now use git master for pkg/sftp: it includes the performance patches
from my copy branch.
 2020-03-02 10:13:49 +01:00
Nicola Murino
7c115aa9c8 windows service: only restart twice 
reset the service failure count to zero after 3600 seconds.

Fixes #83
 2020-03-02 09:58:36 +01:00
Nicola Murino
3ffddcba92 web: log an error if loading a required template fails 
We used template.Must that panics if an error happen but the error is
visible only if sftpgo is started in an interactive way

Fixes #82
 2020-03-02 09:34:13 +01:00
Nicola Murino
833b702b90 proxy protocol: add list of allowed IP addresses and IP ranges 
"proxy_allowed" setting allows to specify the allowed IP address and IP
ranges that can send the proxy header. This setting combined with
"proxy_protocol" allows to ignore the header or to reject connections
that send the proxy header from a non listed IP
 2020-03-01 23:12:28 +01:00
Nicola Murino
b885d453a2 filters: we can now set allowed and denied files extensions 2020-03-01 22:10:29 +01:00
Nicola Murino
7163fde724 proxy protocol: added an option to make the proxy header required 
now we can configure SFTPGo to accept or reject requests without the proxy
header when the proxy protocol is enabled
 2020-02-29 00:02:06 +01:00
Nicola Murino
830e3d1f64 Support for HAProxy PROXY protocol 
you can proxy and/or load balance the SFTP/SCP service without losing
the information about the client's address.
 2020-02-27 09:21:30 +01:00
Mengsk
637463a068 Rename before_login_program to pre_login_program 
and some documentation update
 2020-02-25 16:34:54 +01:00
Nicola Murino
e69536f540 fixed some typos and improved a log 2020-02-25 12:46:52 +01:00
Mengsk
c516780289 Documentation update 1 2020-02-25 12:41:28 +01:00
Nicola Murino
eb1b869b73 virtual folders fixes 
scp now properly handles virtual folders.

rsync is disabled for users with virtual folders: we execute a system
command and it is not aware about virtual folders.

git is not allowed if the repo path is inside a virtual folder
 2020-02-24 18:54:35 +01:00
Nicola Murino
703ccc8d91 add support for dynamic users modifications 
A custom program can be executed before the users login to modify the
configurations for the user trying to login.
You can, for example, allow login based on time range.

Fixes #77
 2020-02-23 18:50:59 +01:00
Nicola Murino
45b9366dd0 add support for virtual folders 
directories outside the user home directory can be exposed as virtual folders
 2020-02-23 11:30:26 +01:00
Nicola Murino
382c6fda89 updated dependencies 
fix CVE-2020-9283
 2020-02-21 00:23:00 +01:00
Nicola Murino
0f80de86b2 simplify some code 
now gocyclo is happy again
 2020-02-20 15:53:26 +01:00
Nicola Murino
bc11cdd8d5 add support for per user authentication methods 
You can, for example, deny one or more authentication methods to one or
more users.
 2020-02-19 22:39:30 +01:00
Nicola Murino
62b20cd884 scp: check for write errors 
exits as soon as there is a write error instead of get the same error when
the transfer is closed
 2020-02-19 11:26:40 +01:00
Nicola Murino
ae8ed75ae5 gcs: add support for automatic credentials 
We can now also support implicit credentials using the Application
Default Credentials strategy
 2020-02-19 09:41:15 +01:00
Nicola Murino
c8cc81cf4a sftpd: autogenerate ecdsa key 
With default configuration we now generate RSA and ECDSA server keys.
 2020-02-16 18:17:39 +01:00
Nicola Murino
79c8b6cbc2 keyboard interactive auth: allows to automatically check the user password 
This simplify the common pattern where the user password and a one time
token is requested: now the external program can delegate password check
to SFTPGo and verify the token itself
 2020-02-16 11:43:52 +01:00
Nicola Murino
58253968fc s3: improve credentials validation 
access secret can now be empty, so check if not empty before encrypting
the secret
 2020-02-16 10:14:44 +01:00
Enes Çakır
dbd75209df s3: add auth options to README 2020-02-16 09:06:25 +01:00
Enes Çakır
da01848855 s3: enable shared config state 2020-02-16 09:06:25 +01:00
Nicola Murino
0b7be1175d parse ssh commands with shlex 
instead of use our bugged home made method.

Fixes #72
 2020-02-14 16:17:32 +01:00
Enes Çakır
3479a7e438 docker: remove serve command from entrypoint in alpine 2020-02-14 15:13:39 +01:00
Enes Çakır
4f5c67e7df portable: set data-provider name to empty 2020-02-14 15:13:10 +01:00
Nicola Murino
b99495ebbb sftpd download: remove check for download size 
some clients, for example rclone can request only part of a file, we have
no way to detect this so we haven't return an error if the downloaded size
does not match the file size
 2020-02-14 11:09:16 +01:00
Nicola Murino
0061978db8 docker: better clarify when ca-certificates package is needed 2020-02-14 08:29:31 +01:00
Mazinger
e011f793ec
CA certificate for Debian Docker image (#71) 
* ca-certificate package included to ensure ssl connections

* comment instruction
 2020-02-14 06:34:16 +01:00
Nicola Murino
5b47292366 sftpd: improve error logs 
Now logs for cloud filesystems are more readable.

Also use standard output as default for debian Dockerfile
 2020-02-13 08:26:45 +01:00
Nicola Murino
8eff2df39c subdir perms: allow empty perms 
empty perms will allow nothing on the specified subdir.

Non empty permissions for the "/" dir are still required.

Fixes #70
 2020-02-10 19:28:35 +01:00
Nicola Murino
7bfe0ddf80 ssh commands: fix parsing commands with space 
For now we support "\" escaping style
 2020-02-08 23:33:06 +01:00
Nicola Murino
d6fa853a37 add support for integrated database schema migrations 
added the "initprovider" command to initialize the database structure.
If we change the database schema the required changes will be checked
at startup and automatically applyed.
 2020-02-08 14:44:25 +01:00
Nicola Murino
553cceab42 dataprovider actions: add more users fiels as env vars 2020-02-05 22:17:03 +01:00
Nicola Murino
5bfaae9202 httpd: allow to reload the https certificate without restarting the service 
HTTPS certificate can be reloaded on demand sending a SIGHUP signal on
Unix based systems and a "paramchange" request to the running service on
Windows
 2020-02-04 23:21:33 +01:00