beenull/sftpgo-mirror

mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-26 01:20:29 +00:00

Author	SHA1	Message	Date
Nicola Murino	aff75953e3	ssh requests: send a reply only if the client requested it	2021-01-21 09:28:41 +01:00
Nicola Murino	41a1af863e	OpenAPI: minor changes	2021-01-18 13:24:38 +01:00
Nicola Murino	daac90c4e1	fix a potential race condition for pre-login and ext auth hooks doing something like this: err = provider.updateUser(u) ... return provider.userExists(username) could be racy if another update happen before provider.userExists(username) also pass a pointer to updateUser so if the user is modified inside "validateUser" we can just return the modified user without do a new query	2021-01-05 09:50:22 +01:00
Nicola Murino	037d89a320	add support for a basic built-in defender It can help to prevent DoS and brute force password guessing	2021-01-02 14:05:09 +01:00
Nicola Murino	1dce1eff48	improve FTP support - allow to disable active mode - allow to disable SITE commands - add optional support for calculating hash value of files - add optional support for the non standard COMB command	2020-12-24 18:48:06 +01:00
Nicola Murino	187a5b1908	sftpd: properly handle listener accept errors continue on temporary errors and exit from the serve loop for the other ones	2020-12-23 19:53:07 +01:00
Nicola Murino	c69d63c1f8	add support for multiple bindings Fixes #253	2020-12-23 16:12:30 +01:00
Nicola Murino	f34462e3c3	add support for limiting max concurrent client connections	2020-12-15 19:29:30 +01:00
Nicola Murino	a6985075b9	add sftpfs storage backend Fixes #224	2020-12-12 10:31:09 +01:00
Nicola Murino	50982229e1	REST API: add a method to get the status of the services added a status page to the built-in web admin	2020-12-08 11:18:34 +01:00
Nicola Murino	a6355e298e	add support for limit files using shell like patterns Fixes #209	2020-11-15 22:04:48 +01:00
Nicola Murino	dc845fa2f4	webdav: fix permission errors if the client try to read multiple times	2020-11-14 19:19:41 +01:00
Nicola Murino	950a5ad9ea	add a recoverer where appropriate I have never seen this, but a malformed packet can easily crash pkg/sftp	2020-10-31 11:02:04 +01:00
Nicola Murino	6a8039e76a	sftpd: log fingerprints for used host keys	2020-10-21 14:27:58 +02:00
Nicola Murino	b51d795e04	sftpd: auto generate an ed25519 host key too	2020-10-19 14:30:40 +02:00
Nicola Murino	f9827f958b	sftpd auto host keys: try to auto-create parent dir if missing	2020-10-05 14:16:57 +02:00
Nicola Murino	242dde4480	sftpd: ensure to always close idle connections after the last commit this wasn't the case anymore Completly fixes #169	2020-09-18 18:15:28 +02:00
Nicola Murino	2df0dd1f70	sshd: map each channel with a new connection Fixes #169	2020-09-18 10:52:53 +02:00
Nicola Murino	a59163e56c	multi-step auth: don't advertise password method if it is disabled also rename the settings to password_authentication so it is more like OpenSSH, add some test cases and improve documentation	2020-09-01 19:34:40 +02:00
Giorgio Pellero	8391b19abb	Add password_disabled bool to sftpd config, disables password auth callback (#165 )	2020-09-01 19:26:33 +02:00
Nicola Murino	f3228713bc	Allow individual protocols to be enabled per user Fixes #154	2020-08-17 12:49:20 +02:00
Nicola Murino	aa0ed5dbd0	add post-login hook a login scope is supported too so you can get notifications for failed logins, successful logins or both	2020-08-12 16:15:12 +02:00
Nicola Murino	a9e21c282a	add WebDAV support Fixes #147	2020-08-11 23:56:10 +02:00
Antoine Deschênes	9a15a54885	sftpd: set failed connection loglevel to debug (#152 )	2020-08-06 21:20:31 +02:00
Nicola Murino	91dcc349de	Add client IP address to external auth, pre-login and keyboard interactive hooks	2020-08-04 18:03:28 +02:00
Nicola Murino	22338ed478	add post connect hook Fixes #144	2020-07-30 22:33:49 +02:00
Nicola Murino	93ce96d011	add support for the venerable FTP protocol Fixes #46	2020-07-29 21:56:56 +02:00
Nicola Murino	4e41a5583d	refactoring: add common package The common package defines the interfaces that a protocol must implement and contain code that can be shared among supported protocols. This way should be easier to support new protocols	2020-07-24 23:39:38 +02:00
Nicola Murino	0ea2ca3141	simplify data provider usage remove the obsolete SQL scripts too. They are not required since v0.9.6	2020-07-08 19:59:31 +02:00
Nicola Murino	8e22dd1b13	virtual folders: allow overlapped mapped paths if quota is disabled See #95	2020-06-10 09:11:32 +02:00
Nicola Murino	cd380973df	allows host keys auto generation inside a user configured directory Fixes #124	2020-06-08 18:45:04 +02:00
Nicola Murino	a08dd85efd	sftpd: deprecate keys and add a new host_keys config param host_key defines the private host keys as plain list of strings. Remove the other deprecated config params from the default config too. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-16 23:26:44 +02:00
Nicola Murino	469d36d979	certificate auth: fix source address checking inside crypto/ssh So we can avoid to check source address ourself `81aafe6d26` Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-16 15:15:32 +02:00
Nicola Murino	738c7ab43e	sftpd: add support for SSH user certificate authentication This add support for PROTOCOL.certkeys vendor extension: https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?rev=1.8 Fixes #117 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-15 20:08:53 +02:00
Nicola Murino	f02e24437a	add more linters test cases migration to testify is now complete. Linters are enabled for test cases too	2020-05-06 19:36:34 +02:00
Nicola Murino	d70959c34c	fix some lint issues	2020-04-30 14:23:55 +02:00
Nicola Murino	5a5912ea66	switch to my pkg/sftp branch and enable the request-server allocator This way we have performance comparable to OpenSSH if the cipher isn't the bottleneck	2020-04-10 23:35:57 +02:00
Nicola Murino	b1c7317cf6	add support for partial authentication Multi-step authentication is activated disabling all single-step auth methods for a given user	2020-04-09 23:32:42 +02:00
Nicola Murino	9046acbe68	add HTTP hooks external auth, pre-login user modification and keyboard interactive authentication is now supported via HTTP requests too	2020-04-01 23:25:23 +02:00
Nicola Murino	f284008fb5	enable scp in default configuration remove the deprecated enable_scp setting	2020-03-26 23:38:24 +01:00
Nicola Murino	9b119765fc	docs: minor improvements	2020-03-04 23:51:16 +01:00
Nicola Murino	016abda6d7	improve docs	2020-03-03 23:25:23 +01:00
Nicola Murino	833b702b90	proxy protocol: add list of allowed IP addresses and IP ranges "proxy_allowed" setting allows to specify the allowed IP address and IP ranges that can send the proxy header. This setting combined with "proxy_protocol" allows to ignore the header or to reject connections that send the proxy header from a non listed IP	2020-03-01 23:12:28 +01:00
Nicola Murino	7163fde724	proxy protocol: added an option to make the proxy header required now we can configure SFTPGo to accept or reject requests without the proxy header when the proxy protocol is enabled	2020-02-29 00:02:06 +01:00
Nicola Murino	830e3d1f64	Support for HAProxy PROXY protocol you can proxy and/or load balance the SFTP/SCP service without losing the information about the client's address.	2020-02-27 09:21:30 +01:00
Nicola Murino	bc11cdd8d5	add support for per user authentication methods You can, for example, deny one or more authentication methods to one or more users.	2020-02-19 22:39:30 +01:00
Nicola Murino	c8cc81cf4a	sftpd: autogenerate ecdsa key With default configuration we now generate RSA and ECDSA server keys.	2020-02-16 18:17:39 +01:00
Nicola Murino	9ff303b8c0	add support for keyboard interactive authentication Fixes #64	2020-01-21 10:54:05 +01:00
Nicola Murino	d75f56b914	vfs: store root dir so we don't need to pass it over and over	2020-01-19 13:58:55 +01:00
Nicola Murino	a4834f4a83	add basic S3-Compatible Object Storage support we have now an interface for filesystem backeds, this make easy to add new filesystem backends	2020-01-19 07:41:05 +01:00

1 2

91 commits