Nicola Murino
b4c06c46e1
EventManager: always close the connection filesystem
...
Code scanning - action / CodeQL-Build (push) Waiting to run
CI / Test and deploy (push) Waiting to run
CI / Test build flags (push) Waiting to run
CI / Test with PgSQL/MySQL/Cockroach (push) Waiting to run
CI / Build Linux packages (push) Waiting to run
CI / golangci-lint (push) Waiting to run
Docker / Build (push) Waiting to run
closing the user filesystem is not enough here
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-20 21:18:01 +01:00
Nicola Murino
ee6049bdc3
test cases: fix some random failures
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-20 18:29:43 +01:00
Nicola Murino
6bc2f8d16e
upgrade nfpm to 2.41.1
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-20 18:29:19 +01:00
Nicola Murino
f89d72f685
OIDC cookie: use a cryptographically secure random string
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-20 18:28:43 +01:00
Nicola Murino
d0d8a1999f
sftpd: remove allocator
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-20 18:28:15 +01:00
Nicola Murino
59833fba0d
back to development
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
Docker / Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-15 20:50:54 +01:00
Nicola Murino
a79cb30cdc
CI: update codecov action to v5
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-15 17:28:55 +01:00
Nicola Murino
e1cd69d5ff
update deps
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-15 17:26:12 +01:00
Nicola Murino
85333087fa
fix license in Windows installer
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-15 17:06:49 +01:00
Nicola Murino
5ddac4b3b4
fix links to docs, add NOTICE
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-15 15:19:26 +01:00
Nicola Murino
c37b7f0493
provider rule events: allows to filter by user groups
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-15 14:01:08 +01:00
Nicola Murino
5896c1b7a5
update deps
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-13 20:22:31 +01:00
Nicola Murino
0f073a40fd
logger: add cipher suite
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-13 18:33:07 +01:00
Nicola Murino
618723c457
httpd: always use an opaque signing key
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-12 19:27:34 +01:00
Nicola Murino
4cb6acefb2
oidc/oauth2: use an opaque state
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-11 19:43:57 +01:00
Nicola Murino
f22ec2275f
fix new lint warnings
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 20:58:22 +01:00
Nicola Murino
7bffed712a
events: add copy action
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 15:00:11 +01:00
Nicola Murino
f30d6ad82a
update css and js deps
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 12:34:10 +01:00
Nicola Murino
b524da11e9
EventManager: disable commands by default
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 12:08:17 +01:00
Nicola Murino
3dd412f6e3
WebAdmin and REST API: remove too granular permissions
...
Our permissions system for admin users is too granular and some
permissions overlap. For example, you can define an administrator
with the "manage_system" permission and not with the "manage_admins"
or "manage_user" permission, but the "manage_system" permission
allows you to restore a backup and then create users and
administrators. The following permissions will be removed:
"manage_admins", "manage_apikeys", "manage_system", "retention_checks",
"manage_event_rules", "manage_roles", "manage_ip_lists". Now you
need to add the "*" permission to replace the removed granular
permissions because the removed permissions allow actions that
should only be allowed to super administrators.
There is no point in having separate, overlapping permissions.
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 10:46:28 +01:00
Nicola Murino
ef98ee7d11
don't allow admins to change their own permissions
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-09 20:24:35 +01:00
Nicola Murino
30fb1d6240
update deps
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-09 18:56:43 +01:00
Nicola Murino
7aac64531f
WebAdmin: check CSRF header when deleting blocked hosts
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-09 18:44:31 +01:00
Nicola Murino
03724d5eb1
remove fallback if rand.Reader fails
...
Failing to read from rand.Reader essentially can't happen, and if it
does is not possible to fallback securely, so just panic
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-09 18:44:25 +01:00
Nicola Murino
4eb4ff66ce
CI: switch to Go 1.23
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-07 20:14:16 +01:00
dependabot[bot]
0bff3e1a67
Bump golang from 1.22-bookworm to 1.23-bookworm ( #1729 )
...
Bumps golang from 1.22-bookworm to 1.23-bookworm.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-07 20:09:29 +01:00
Nicola Murino
82b437c502
plugins: fix passing additional environment variables
...
Docker / Build (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-05 18:06:58 +01:00
Nicola Murino
88b1850b58
EventManager: allow to define the allowed system commands
...
CI / Test and deploy (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-01 11:37:33 +01:00
Nicola Murino
60558de728
proxy protocol: add more logs
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-31 18:04:55 +01:00
Nicola Murino
beff4432dc
plugin: remove invalid chars from error message
...
CI / Test and deploy (push) Has been cancelled
Docker / Build (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-29 18:11:53 +01:00
Nicola Murino
9ae0bc4ec4
WebAdmin active connections: fix active transfer display
...
Code scanning - action / CodeQL-Build (push) Waiting to run
CI / Test and deploy (push) Waiting to run
CI / Test build flags (push) Waiting to run
CI / Test with PgSQL/MySQL/Cockroach (push) Waiting to run
CI / Build Linux packages (push) Waiting to run
CI / golangci-lint (push) Waiting to run
Docker / Build (push) Waiting to run
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-28 20:10:59 +01:00
Nicola Murino
21bd8c5660
node: use a plain string as key
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-28 18:34:36 +01:00
Nicola Murino
97bb004c12
update deps
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-26 21:50:21 +02:00
Nicola Murino
e4e31ec4fb
TestMaxSessionsSameConnection: make more reproducible
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-26 21:50:15 +02:00
Nicola Murino
259986ed1d
update nfpm to 2.41.0
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-26 21:26:36 +02:00
Nicola Murino
0c75d234b9
OpenAPI: document password_strength
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-26 21:19:28 +02:00
Nicola Murino
ae1487d733
fix connection limits
...
an SFTP client can start multiple transfers on a single connection
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-26 21:18:19 +02:00
Nicola Murino
c69fbe6bf9
tls: allow to configure all supported TLS versions and ciphers
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-23 19:50:37 +02:00
Nicola Murino
8d697bcc94
WebClient: enforce 2fa and password requirements also with OIDC
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
password and 2fa can be used with other protocols
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-21 20:40:44 +02:00
Nicola Murino
7e7005f5b3
README: add a section for i18n
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-19 10:45:02 +02:00
Nicola Murino
12a210e1f6
update deps
...
Code scanning - action / CodeQL-Build (push) Waiting to run
CI / Test and deploy (push) Waiting to run
CI / Test build flags (push) Waiting to run
CI / Test with PgSQL/MySQL/Cockroach (push) Waiting to run
CI / Build Linux packages (push) Waiting to run
CI / golangci-lint (push) Waiting to run
Docker / Build (push) Waiting to run
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-18 19:26:53 +02:00
Nicola Murino
169d8f6223
update README
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-18 19:26:19 +02:00
Nicola Murino
cd3147c654
add License NOTICE
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-18 19:26:11 +02:00
Nicola Murino
7feeec6941
update OpenAPI schema
...
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
Docker / Build (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-16 20:51:51 +02:00
Nicola Murino
12d888f49d
update deps
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-16 19:19:24 +02:00
Nicola Murino
ca41b59fc4
DirLister: returns appropriate protocol errors
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-16 19:04:09 +02:00
Nicola Murino
77b2f8dfb3
CI FreeBSD: use Go 1.23
...
Code scanning - action / CodeQL-Build (push) Waiting to run
CI / Test and deploy (push) Waiting to run
CI / Test build flags (push) Waiting to run
CI / Test with PgSQL/MySQL/Cockroach (push) Waiting to run
CI / Build Linux packages (push) Waiting to run
CI / golangci-lint (push) Waiting to run
Docker / Build (push) Waiting to run
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-15 19:10:23 +02:00
Nicola Murino
d8691d1e1a
update translations
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-13 17:00:17 +02:00
Nicola Murino
5cb1b9c1e9
Web: add CheckRedirect to pages using baselogin.html
...
Code scanning - action / CodeQL-Build (push) Has been cancelled
CI / Test and deploy (push) Has been cancelled
CI / Test build flags (push) Has been cancelled
CI / Test with PgSQL/MySQL/Cockroach (push) Has been cancelled
CI / Build Linux packages (push) Has been cancelled
CI / golangci-lint (push) Has been cancelled
Docker / Build (push) Has been cancelled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-12 12:54:21 +02:00
Nicola Murino
b23e67ae6a
EventManager: add escaped virtual path
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-10-12 11:25:07 +02:00