beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 23:50:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
671 commits 8 branches 49 tags 49 MiB
Commit graph

90 commits

Author SHA1 Message Date
Nicola Murino
c0e09374a8
scp: fix wildcard uploads 
Fixes #285
 2021-01-20 22:37:59 +01:00
Nicola Murino
187a5b1908
sftpd: properly handle listener accept errors 
continue on temporary errors and exit from the serve loop for the
other ones
 2020-12-23 19:53:07 +01:00
Nicola Murino
ed43ddd79d
enable hash commands for any supported backend 2020-12-13 15:11:55 +01:00
Nicola Murino
4a88ea5c03
add Data At Rest Encryption support 2020-12-05 13:48:13 +01:00
Nicola Murino
5720d40fee
add setstat_mode 2 
in this mode chmod/chtimes/chown can be silently ignored only for cloud
based file systems

Fixes #223
 2020-11-12 10:39:46 +01:00
Nicola Murino
4c5a0d663e
sftpd: return the error Operation Unsupported for unexpected reads 
a cloud based file cannot be opened for read and write at the same
time. Return a proper error if a client try to do this.

It can happen only for SFTP
 2020-11-09 21:01:56 +01:00
Nicola Murino
950a5ad9ea
add a recoverer where appropriate 
I have never seen this, but a malformed packet can easily crash pkg/sftp
 2020-10-31 11:02:04 +01:00
Nicola Murino
ac3bae00fc
add support for SFTP subsystem mode 
Fixes #204
 2020-10-29 19:23:33 +01:00
Nicola Murino
b51d795e04
sftpd: auto generate an ed25519 host key too 2020-10-19 14:30:40 +02:00
Mark Sagi-Kazar
5e2db77ef9 refactor: add an enum for filesystem providers 
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2020-10-05 21:40:21 +02:00
Nicola Murino
2df0dd1f70 sshd: map each channel with a new connection 
Fixes #169
 2020-09-18 10:52:53 +02:00
Nicola Murino
dbed110d02 WebDAV: add caching for authenticated users 
In this way we get a big performance boost
 2020-08-31 19:25:17 +02:00
Nicola Murino
4748e6f54d
sftpd: handle read and write from the same handle (#158) 
Fixes #155
 2020-08-31 06:45:22 +02:00
Nicola Murino
02e35ee002 sftpd: add Readlink support 2020-08-22 14:52:17 +02:00
Nicola Murino
5208e4a4ca sftpd: improve truncate 
quota usage and max allowed write size are now properly updated after a
truncate
 2020-08-22 10:12:00 +02:00
Nicola Murino
aa0ed5dbd0 add post-login hook 
a login scope is supported too so you can get notifications for failed logins,
successful logins or both
 2020-08-12 16:15:12 +02:00
Nicola Murino
a9e21c282a add WebDAV support 
Fixes #147
 2020-08-11 23:56:10 +02:00
Nicola Murino
93ce96d011 add support for the venerable FTP protocol 
Fixes #46
 2020-07-29 21:56:56 +02:00
Nicola Murino
4e41a5583d refactoring: add common package 
The common package defines the interfaces that a protocol must implement
and contain code that can be shared among supported protocols.

This way should be easier to support new protocols
 2020-07-24 23:39:38 +02:00
Nicola Murino
da0f470f1c document FreeBSD support 
improve some tests cleanup
 2020-07-10 19:20:37 +02:00
Nicola Murino
dd593b1035 ssh commands: send a generic error for unexpected failures 
and log the real error, it could leak a filesystem path
 2020-06-29 18:53:33 +02:00
Nicola Murino
cf541d62ea recursive permissions check before renaming/copying directories 2020-06-26 23:38:29 +02:00
Nicola Murino
e86089a9f3 quota: improve size check 
get the remaining allowed size when an upload starts and check it against the
uploaded bytes

Fixes #128
 2020-06-18 22:38:03 +02:00
Nicola Murino
3ceba7a147 sftpgo-copy: add quota limits check 2020-06-16 22:49:18 +02:00
Nicola Murino
37418a7630 SSH system commands: allow git and rsync inside virtual folders 2020-06-15 23:32:12 +02:00
Nicola Murino
73a9c002e0 permissions: improve rename 
Allow to enable rename permission in a more controlled way granting "delete"
permission on source directory and "upload" permission on target directory
 2020-06-13 23:49:28 +02:00
Nicola Murino
3d48fa7382 ssh commands: add sftpgo-copy and sftpgo-remove 
Fixes #122
 2020-06-13 22:48:51 +02:00
Nicola Murino
7807fa7cc2 use os.ModePerm for files and directory creation 2020-06-08 19:40:17 +02:00
Nicola Murino
cd380973df allows host keys auto generation inside a user configured directory 
Fixes #124
 2020-06-08 18:45:04 +02:00
Nicola Murino
8306b6bde6 refactor virtual folders 
The same virtual folder can now be shared among users and different
folder quota limits for each user are supported.

Fixes #120
 2020-06-07 23:30:18 +02:00
Nicola Murino
dc011af90d sftpd actions: add support for pre-delete action 
Fixes #121
 2020-05-24 23:31:14 +02:00
Nicola Murino
c27e3ef436 actions: add a generic hook to define external commands and HTTP URL 
We can only define a single hook now and it can be an HTTP notification
or an external command, not both
 2020-05-24 15:29:39 +02:00
Nicola Murino
15298b0409 sftpd: remove unused expectedSize field from Transfer struct 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-20 20:17:59 +02:00
Nicola Murino
cfa710037c cloud backends: fix SFTP error message for some write failures 
Fixes #119

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-19 19:17:43 +02:00
Nicola Murino
a08dd85efd sftpd: deprecate keys and add a new host_keys config param 
host_key defines the private host keys as plain list of strings.

Remove the other deprecated config params from the default config too.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-16 23:26:44 +02:00
Nicola Murino
469d36d979 certificate auth: fix source address checking inside crypto/ssh 
So we can avoid to check source address ourself

81aafe6d26

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-16 15:15:32 +02:00
Nicola Murino
738c7ab43e sftpd: add support for SSH user certificate authentication 
This add support for PROTOCOL.certkeys vendor extension:

https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?rev=1.8

Fixes #117

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-15 20:08:53 +02:00
Nicola Murino
f02e24437a add more linters 
test cases migration to testify is now complete.
Linters are enabled for test cases too
 2020-05-06 19:36:34 +02:00
Nicola Murino
3f75d46a16 sftpd: add support for excluding virtual folders from user quota limit 
Fixes #110
 2020-05-01 15:27:53 +02:00
Nicola Murino
d70959c34c fix some lint issues 2020-04-30 14:23:55 +02:00
Nicola Murino
0a47412e8c scp, ssh commands: hide the real fs path on errors 
The underlying filesystem errors for permissions and non-existing files
can contain the real storage path.
Map these errors to more generic ones to avoid to leak this info

Fixes #109
 2020-04-22 12:26:18 +02:00
Nicola Murino
b1c7317cf6 add support for partial authentication 
Multi-step authentication is activated disabling all single-step
auth methods for a given user
 2020-04-09 23:32:42 +02:00
Nicola Murino
94b46e57f1 sftpd actions: execute defined command on error too 
add a new field inside the notification to indicate if an error is
detected
 2020-04-03 19:25:38 +02:00
Nicola Murino
4759254e10 file actions: add bucket and endpoint to notifications 
The HTTP notifications are now invoked as POST and the notification is
a JSON inside the POST body.

This is a backward incompatible change but this way the actions can be
extended more easily, sorry for the trouble

Fixes #101
 2020-03-25 18:36:33 +01:00
Nicola Murino
ed1c7cac17 update deps 
we now use git master for pkg/sftp: it includes the performance patches
from my copy branch.
 2020-03-02 10:13:49 +01:00
Nicola Murino
833b702b90 proxy protocol: add list of allowed IP addresses and IP ranges 
"proxy_allowed" setting allows to specify the allowed IP address and IP
ranges that can send the proxy header. This setting combined with
"proxy_protocol" allows to ignore the header or to reject connections
that send the proxy header from a non listed IP
 2020-03-01 23:12:28 +01:00
Nicola Murino
b885d453a2 filters: we can now set allowed and denied files extensions 2020-03-01 22:10:29 +01:00
Nicola Murino
7163fde724 proxy protocol: added an option to make the proxy header required 
now we can configure SFTPGo to accept or reject requests without the proxy
header when the proxy protocol is enabled
 2020-02-29 00:02:06 +01:00
Nicola Murino
eb1b869b73 virtual folders fixes 
scp now properly handles virtual folders.

rsync is disabled for users with virtual folders: we execute a system
command and it is not aware about virtual folders.

git is not allowed if the repo path is inside a virtual folder
 2020-02-24 18:54:35 +01:00
Nicola Murino
45b9366dd0 add support for virtual folders 
directories outside the user home directory can be exposed as virtual folders
 2020-02-23 11:30:26 +01:00