Commit graph

1541 commits

Author SHA1 Message Date
Felix Eckhofer
71f691b208 Fix potential ldap injection
Signed-off-by: Felix Eckhofer <felix@eckhofer.com>
2023-02-26 07:10:58 +01:00
Nicola Murino
e0cbb966f0
eventmanager: skip password expiration check for expired users
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-25 16:33:39 +01:00
Nicola Murino
df9d47900a
eventmanager: add user/folders as comma separated string in errors
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-25 15:26:38 +01:00
Nicola Murino
b8496c4d6e
eventmanager: add user expiration check
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-25 13:06:09 +01:00
Nicola Murino
b0cfaf189c
portable mode: allow to read the password from a file
Fixes #1206

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-25 10:24:23 +01:00
Nicola Murino
195cb9f081
enable keyboard interactive authentication by default
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-24 20:22:32 +01:00
Nicola Murino
9a10740218
allow ACME HTTP-01 challenge with https redirect from port 80
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-24 20:08:14 +01:00
Nicola Murino
7bcd79a70a
telemetry: improve test cases
remove an unnecessary nil check in tlsutils added as workaround
to make telemetry test cases work

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-24 11:05:46 +01:00
Nicola Murino
beb8822df4
examples: update deps
to silence dependabot alerts

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-23 19:25:30 +01:00
Nicola Murino
8805d85377
configs: add ACME section
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-23 19:25:20 +01:00
Nicola Murino
fcf9a8c673
scheduler: disable verbose logs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-21 18:18:24 +01:00
Nicola Murino
2c1319985d
sql providers: remove unnecessary []byte to string conversion
always check affected rows for updates

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-20 18:14:02 +01:00
Nicola Murino
a3fff56da5
WebAdmin: add configs section
Setting configurations is an experimental feature and is not currently
supported in the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-19 19:03:45 +01:00
Nicola Murino
14961a573f
examples: update deps
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-18 13:46:06 +01:00
Nicola Murino
78cd5d8eba
groups: add expiration date override
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-13 19:32:36 +01:00
Nicola Murino
2df2803a37
ipfilter plugin: add protocol
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-13 13:45:45 +01:00
Nicola Murino
7738faa040
events: add elapsed to UI and exports
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-13 12:58:21 +01:00
Nicola Murino
157d1db0b1
fs events: add elapsed field to notifications
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-12 18:56:53 +01:00
Nicola Murino
7e85356325
WebClient shares: replace basic auth with a login form
basic auth will continue to work for REST API

Fixes #1166

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-12 08:29:53 +01:00
Nicola Murino
a3d0cf5ddf
fix lint errors
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-10 19:59:03 +01:00
Nicola Murino
04ab8e72f6
WebUI: make error messages user dismissible
Fixes #1171

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-10 18:07:23 +01:00
Nicola Murino
e0c3a13ac5
azblob: update to the latest SDK
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-09 13:04:12 +01:00
Nicola Murino
1b1745b7f7
move IP/Network lists to the data provider
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-09 09:33:33 +01:00
Nicola Murino
2412a0a369
add Dendi to the sponsors section, thank you!!!
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-02-02 18:12:21 +01:00
Nicola Murino
1e14d006b1
defender: set score_no_auth to 0 as default
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-29 18:00:27 +01:00
Nicola Murino
27c4ffd663
sftpd: fix duplicate defender error introduced in the previous commit
improve the defender test cases by verifying the expected score

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-25 21:57:27 +01:00
Nicola Murino
c0fe08b597
defender: allow to set a different score for "no auth tried" events
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-25 18:49:03 +01:00
Nicola Murino
5550a5d2c0
update users: also disconnect users from remote nodes when requested
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-24 18:53:34 +01:00
Nicola Murino
2066ad7c83
WebDAV: allow to define custom MIME type mappings
Fixes #1154

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-23 18:43:25 +01:00
Nicola Murino
61199172d0
add support for monitoring and reloading externally provided TLS certs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-22 18:31:14 +01:00
Nicola Murino
3ce4d04b27
EventManager: support placeholders within URL paths
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-22 08:46:58 +01:00
Nicola Murino
707729ee61
acme: allow to separate multiple domains with spaces
This change is required to be able to set multiple domains for the same
certificate using env vars.
The change is backward compatible for general use cases but may be
backward incompatible in some edge cases, for example:

- "sftpgo.com,www.sftpgo.com" will work as before
- "sftpgo.com, www.sftpgo.com" will not work anymore

Check the logs to see if you are affected and rename the certificate and key
to fix

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-21 18:00:23 +01:00
Nicola Murino
7b5bebc588
EventManager: add "on-demand" trigger
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-21 15:41:24 +01:00
Nicola Murino
53f17b5715
allow to disable event rules
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-19 18:33:04 +01:00
Nicola Murino
496c8bc785
allow to start if only httpd service is enabled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-17 18:22:04 +01:00
Nicola Murino
396d67bb2c
web: add spellcheck hint to some more fields
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-16 19:45:12 +01:00
Daniel Hammer
bbebd9b163 "Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker.
@see https://www.otto-js.com/news/article/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords

Signed-off-by: Daniel Hammer <daniel.hammer+oss@gmail.com>
2023-01-16 19:23:43 +01:00
Nicola Murino
c8d94f0a27
add a health check command
Useful in restricted environments where commands like curl and such
are not available.

Fixes #1129

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-16 18:54:42 +01:00
Nicola Murino
8be8343fee
README: fix link to Fs interface
Fixes #1142

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-15 15:28:55 +01:00
Nicola Murino
f3995901e3
OpenAPI: fix group settings documentation
the OpenAPI docs should really be improved, but nobody seems interested
enough to sponsor this work

Fixes #1141

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-15 15:28:52 +01:00
Nicola Murino
f2618e7de6
switch from go-simple-mail to go-mail
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-15 15:28:31 +01:00
Nicola Murino
6afbd77fd5
update css and js deps
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-07 18:11:46 +01:00
Nicola Murino
93e5cb36df
copy: use server side copy if available
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-07 16:28:46 +01:00
Nicola Murino
09dea57850
back to development
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-07 13:07:41 +01:00
Nicola Murino
8cad436421
conditional support for recursive renaming for cloud providers
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-06 12:33:50 +01:00
Nicola Murino
f0dedbfabf
eventmanager: auto-create destination folder for renames
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-03 18:13:01 +01:00
Nicola Murino
51f0ded222
update test certificates
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-03 11:48:08 +01:00
Jon Bendtsen
6b555cf0d8 metrics only available in telemetry server
I do not know which version removed /metrics from the HTTP server, but it does not seem to be available in 2.4.2, so I updated the metrics documentation to reflect this. Replaced with links to telemetry configuration.

Signed-off-by: Jon Bendtsen <github@jonb.dk>
2023-01-03 10:27:15 +01:00
Nicola Murino
0190d0b849
update Copyright year
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-03 10:18:30 +01:00
Nicola Murino
9977c64459
docs eventmanager: update index
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2023-01-02 19:22:26 +01:00