Nicola Murino
daac90c4e1
fix a potential race condition for pre-login and ext auth
...
hooks
doing something like this:
err = provider.updateUser(u)
...
return provider.userExists(username)
could be racy if another update happen before
provider.userExists(username)
also pass a pointer to updateUser so if the user is modified inside
"validateUser" we can just return the modified user without do a new
query
2021-01-05 09:50:22 +01:00
Nicola Murino
684f4ba1a6
mutal TLS: add support for revocation lists
2021-01-03 17:03:04 +01:00
Nicola Murino
6d84c5b9e3
capture http servers error logs
...
otherwise they will be printed to stdout
2021-01-03 10:38:28 +01:00
Nicola Murino
4b522a2455
webdav: refactor server initialization
2021-01-03 09:51:54 +01:00
Nicola Murino
d6b3acdb62
add REST API for the defender
2021-01-02 19:33:24 +01:00
Nicola Murino
037d89a320
add support for a basic built-in defender
...
It can help to prevent DoS and brute force password guessing
2021-01-02 14:05:09 +01:00
Nicola Murino
30eb3c4a99
update OpenAPI schema
2020-12-29 19:33:04 +01:00
Nicola Murino
0966d44c0f
httpd: add support for listening over a Unix-domain socket
...
Fixes #266
2020-12-29 19:02:56 +01:00
Nicola Murino
80c06d6b59
clone: disable decrypt error test for memory provider
...
This test cannot work using memory provider, we cannot change the provider
for a kms secrete without reloading it from JSON and the memory provider
will never reload users
2020-12-26 15:57:01 +01:00
Nicola Murino
e536a638c9
web UI: improve user cloning
2020-12-26 15:11:38 +01:00
Jochen Munz
bc397002d4
Feature: Clone existing user via web admin ( #259 )
...
UI based cloning of an existing user. The "add user" screen is prepopulated with existing user data.
Resolves drakkan/sftpgo#225
2020-12-26 14:58:59 +01:00
Nicola Murino
1dce1eff48
improve FTP support
...
- allow to disable active mode
- allow to disable SITE commands
- add optional support for calculating hash value of files
- add optional support for the non standard COMB command
2020-12-24 18:48:06 +01:00
Nicola Murino
c69d63c1f8
add support for multiple bindings
...
Fixes #253
2020-12-23 16:12:30 +01:00
Nicola Murino
743b350fdd
httpd: add support for route undefined HEAD requests to GET handlers
...
HEAD responses will not include a body but the Content-Length will be
set as the equivalent GET request
Fixes #255
2020-12-20 10:22:16 +01:00
Nicola Murino
bcf0fa073e
telemetry server: add optional https and authentication
2020-12-18 16:04:42 +01:00
Nicola Murino
140380716d
remove unused constant
2020-12-18 10:05:08 +01:00
Nicola Murino
143df87fee
add some docs for telemetry server
...
move pprof to the telemetry server only
2020-12-18 09:47:22 +01:00
Nicola Murino
a6985075b9
add sftpfs storage backend
...
Fixes #224
2020-12-12 10:31:09 +01:00
Nicola Murino
50982229e1
REST API: add a method to get the status of the services
...
added a status page to the built-in web admin
2020-12-08 11:18:34 +01:00
Nicola Murino
4a88ea5c03
add Data At Rest Encryption support
2020-12-05 13:48:13 +01:00
Nicola Murino
a67276ccc2
add build tags to disable kms providers
2020-12-02 09:44:18 +01:00
Nicola Murino
87b51a6fd5
kms: remember if a secret was saved without a master key
...
So we will be able to decrypt secret stored without a master key if a
such key is provided later
2020-12-01 22:18:16 +01:00
Nicola Murino
634b723b5d
add KMS support
...
Fixes #226
2020-11-30 21:46:34 +01:00
Nicola Murino
4bb9d07dde
user: add a free text field
...
Fixes #230
2020-11-25 22:26:34 +01:00
Nicola Murino
dccc583b5d
add a dedicated struct to store encrypted credentials
...
also gcs credentials are now encrypted, both on disk and inside the
provider.
Data provider is automatically migrated and load data will accept
old format too but you should upgrade to the new format to avoid future
issues
2020-11-22 21:53:04 +01:00
Nicola Murino
e3eca424f1
web admin: allow both allowed and denied extensions/patterns for a dir
...
this fix a regression introduced in the previous commit
2020-11-16 19:21:50 +01:00
Nicola Murino
a6355e298e
add support for limit files using shell like patterns
...
Fixes #209
2020-11-15 22:04:48 +01:00
Nicola Murino
6ad4cc317c
cloud backends: stat and other performance improvements
2020-11-02 19:16:12 +01:00
Nicola Murino
57bec976ae
document heathz endpoint
2020-11-01 10:39:10 +01:00
Nicola Murino
fcfdd633f6
Azure Blob: update SDK and add access tier support
2020-10-30 22:17:17 +01:00
Nicola Murino
5bc1c2de2d
add a link to the heml chart
...
Fixes #210
2020-10-29 21:50:21 +01:00
Mark Sagi-Kazar
ec00613202
feat(httpd): add new healthz endpoint
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-10-29 21:37:30 +01:00
Mark Sagi-Kazar
02ec3a5f48
refactor(httpd): move every route under a new group
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-10-29 21:37:30 +01:00
Nicola Murino
14bcc6f2fc
s3, azblob: check upper limit for part size
2020-10-25 12:10:11 +01:00
Nicola Murino
5ff8f75917
add Azure Blob support
2020-10-25 08:18:48 +01:00
Sean Hildebrand
db7e81e9d0
add prefer_database_credentials configuration parameter
...
When true, users' Google Cloud Storage credentials will be written to
the data provider instead of disk.
Pre-existing credentials on disk will be used as a fallback
Fixes #201
2020-10-22 10:42:40 +02:00
Nicola Murino
bb5207ad77
Add support for loading users/folders on startup
...
Fixes #161
2020-10-20 18:42:37 +02:00
Mark Sagi-Kazar
5e2db77ef9
refactor: add an enum for filesystem providers
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-10-05 21:40:21 +02:00
Nicola Murino
2df0dd1f70
sshd: map each channel with a new connection
...
Fixes #169
2020-09-18 10:52:53 +02:00
Nicola Murino
3c1300721c
add some basic how-to style documents
2020-09-13 19:43:56 +02:00
Nicola Murino
61003c8079
sftpd: add lstat support
2020-09-11 09:30:25 +02:00
Nicola Murino
01850c7399
REST API: remove status from ApiResponse
...
it duplicates the header HTTP status
2020-09-08 09:45:21 +02:00
Nicola Murino
b9c381e26f
sftpd: update pkg/sftp
...
The patch to open a file in read/write mode is now merged
2020-09-06 11:40:31 +02:00
Nicola Murino
542554fb2c
replace the library to verify UNIX's crypt(3) passwords
2020-09-04 21:08:09 +02:00
Nicola Murino
3925c7ff95
REST API/Web admin: add a parameter to disconnect a user after an update
...
This way you can force the user to login again and so to use the updated
configuration.
A deleted user will be automatically disconnected.
Fixes #163
Improved some docs too.
2020-09-01 16:10:26 +02:00
Nicola Murino
8b0a1817b3
add check password hook
...
its main use case is to allow to easily support things like password+OTP for
protocols without keyboard interactive support such as FTP and WebDAV
2020-08-19 19:36:12 +02:00
Nicola Murino
bbc8c091e6
portable mode: add WebDAV support
2020-08-17 14:08:08 +02:00
Nicola Murino
f3228713bc
Allow individual protocols to be enabled per user
...
Fixes #154
2020-08-17 12:49:20 +02:00
Nicola Murino
fa5333784b
add a maximum allowed size for a single upload
2020-08-16 20:17:02 +02:00
Nicola Murino
196a56726e
FTP improvements
...
- add a setting to require TLS
- add symlink support
require TLS 1.2 for all TLS connections
2020-08-15 13:02:25 +02:00