Commit graph

726 commits

Author SHA1 Message Date
Nicola Murino
1cde50f050
sftpd: improve logging if filesystem creation fails 2021-02-03 09:45:04 +01:00
Nicola Murino
e9dd4ecdf0
web admin: add CSRF 2021-02-03 08:55:28 +01:00
Nicola Murino
f863530653
JWT: only accepts tokens from the expected header or cookie 2021-02-02 13:11:47 +01:00
Nicola Murino
4f609cfa30
JWT: add token audience
a token released for API audience cannot be used for web pages and
vice-versa
2021-02-02 09:14:10 +01:00
Nicola Murino
78bf808322
virtual folders: change dataprovider structure
This way we no longer depend on the local file system path and so we can
add support for cloud backends in future updates
2021-02-01 19:04:15 +01:00
Nicola Murino
afe1da92c5
web UI cookie: set the Secure flags if we are over TLS 2021-01-28 13:29:16 +01:00
Nicola Murino
9985224966
examples: add a script for bulk user update
you can use this sample script a a basis if you need to update
some common parameters for multiple users while preserving the others
2021-01-27 19:18:37 +01:00
Nicola Murino
02679d6df3
web ui: save the state of the tables
the state will be saved for 1 hour
2021-01-27 08:41:21 +01:00
Nicola Murino
c2bbd468c4
REST API: add logout and store invalidated token 2021-01-26 22:35:36 +01:00
Nicola Murino
46ab8f8d78
post-login hook: add the full user JSON serialized
Fixes #284
2021-01-26 18:05:44 +01:00
Nicola Murino
54321c5240
web ui: allow to create multiple users from a template 2021-01-25 21:31:33 +01:00
Nicola Murino
5fcbf2528f
html templates: minor improvements 2021-01-24 17:43:54 +01:00
Nicola Murino
ea096db8e4
sftpfs: set the correct file mode 2021-01-23 10:32:15 +01:00
Nicola Murino
0caeb68680
sftpfs: fix stat info 2021-01-23 09:42:49 +01:00
Nicola Murino
2b9ba1d520
web admin: try to uniform UI 2021-01-23 09:28:45 +01:00
Nicola Murino
80f5ccd357
web admin: add backup/restore 2021-01-22 19:42:18 +01:00
Nicola Murino
820169c5c6
windows service: simplify code
update testify to 1.7.0 too
2021-01-21 19:07:13 +01:00
Nicola Murino
aff75953e3
ssh requests: send a reply only if the client requested it 2021-01-21 09:28:41 +01:00
Nicola Murino
c0e09374a8
scp: fix wildcard uploads
Fixes #285
2021-01-20 22:37:59 +01:00
Nicola Murino
57976b4085
httpd: add mTLS and multiple bindings support 2021-01-19 18:59:41 +01:00
Nicola Murino
899f1a1844
improve windows service
ensure to exit the service process in any case
2021-01-18 21:46:26 +01:00
Nicola Murino
41a1af863e
OpenAPI: minor changes 2021-01-18 13:24:38 +01:00
Nicola Murino
778ec9b88f
REST API v2
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
2021-01-17 22:29:08 +01:00
Giorgio Pellero
d42fcc3786
s3: don't paginate to find zero-byte-keyed dirs (#277)
Fixes #275
2021-01-14 12:01:25 +01:00
Nicola Murino
5d4f758c47
GCS: don't paginate to find compat "dirs" 2021-01-12 19:22:12 +01:00
Nicola Murino
a8a17a223a
scp: minor improvements
document that we don't support wildcard expansion.

I should refactor scp code ...
2021-01-05 22:32:30 +01:00
Nicola Murino
aa40b04576
update deps 2021-01-05 12:40:49 +01:00
Nicola Murino
daac90c4e1
fix a potential race condition for pre-login and ext auth
hooks

doing something like this:

err = provider.updateUser(u)
...
return provider.userExists(username)

could be racy if another update happen before

provider.userExists(username)

also pass a pointer to updateUser so if the user is modified inside
"validateUser" we can just return the modified user without do a new
query
2021-01-05 09:50:22 +01:00
Nicola Murino
72b2c83392
defender: allow hot-reloading for safe and block lists 2021-01-04 17:52:14 +01:00
Nicola Murino
c3410a3d91
config: don't log a warning if the config file is not found
we also support configuration via env vars
2021-01-03 17:57:07 +01:00
Nicola Murino
173c1820e1
Go 1.15 is now required
VerifyConnection is not available in 1.14
2021-01-03 17:25:24 +01:00
Nicola Murino
684f4ba1a6
mutal TLS: add support for revocation lists 2021-01-03 17:03:04 +01:00
Nicola Murino
6d84c5b9e3
capture http servers error logs
otherwise they will be printed to stdout
2021-01-03 10:38:28 +01:00
Nicola Murino
4b522a2455
webdav: refactor server initialization 2021-01-03 09:51:54 +01:00
Nicola Murino
1e1c46ae1b
defender: minor docs improvements 2021-01-02 20:02:05 +01:00
Nicola Murino
d6b3acdb62
add REST API for the defender 2021-01-02 19:33:24 +01:00
Nicola Murino
037d89a320
add support for a basic built-in defender
It can help to prevent DoS and brute force password guessing
2021-01-02 14:05:09 +01:00
Nicola Murino
30eb3c4a99
update OpenAPI schema 2020-12-29 19:33:04 +01:00
Nicola Murino
0966d44c0f
httpd: add support for listening over a Unix-domain socket
Fixes #266
2020-12-29 19:02:56 +01:00
Nicola Murino
40e759c983
FTP: add support for client certificate authentication 2020-12-29 09:20:09 +01:00
Nicola Murino
141ca6777c
webdav: add support for client certificate authentication
Fixes #263
2020-12-28 19:48:23 +01:00
Nicola Murino
3c16a19269
FTP: update ftpserverlib
fixes another sneaky bug
2020-12-28 09:22:52 +01:00
Nicola Murino
b3c6d79f51
FTP: add support for ASCII transfer mode
the default remain binary, a client have to explicitly request an
ASCII transfer
2020-12-27 09:48:56 +01:00
Nicola Murino
0c56b6d504
nfpm: update to 2.1.0 2020-12-26 19:14:12 +01:00
Nicola Murino
3d2da88da9
web ui: update js and css deps 2020-12-26 18:47:09 +01:00
Nicola Murino
80c06d6b59
clone: disable decrypt error test for memory provider
This test cannot work using memory provider, we cannot change the provider
for a kms secrete without reloading it from JSON and the memory provider
will never reload users
2020-12-26 15:57:01 +01:00
Nicola Murino
e536a638c9
web UI: improve user cloning 2020-12-26 15:11:38 +01:00
Jochen Munz
bc397002d4
Feature: Clone existing user via web admin (#259)
UI based cloning of an existing user. The "add user" screen is prepopulated with existing user data.

Resolves drakkan/sftpgo#225
2020-12-26 14:58:59 +01:00
Nicola Murino
2a95d031ea
FTP: add support for AVBL command 2020-12-25 11:14:08 +01:00
Nicola Murino
1dce1eff48
improve FTP support
- allow to disable active mode
- allow to disable SITE commands
- add optional support for calculating hash value of files
- add optional support for the non standard COMB command
2020-12-24 18:48:06 +01:00