mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-25 17:10:28 +00:00
888 lines
34 KiB
Go
888 lines
34 KiB
Go
package config_test
|
|
|
|
import (
|
|
"encoding/json"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/spf13/viper"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/drakkan/sftpgo/common"
|
|
"github.com/drakkan/sftpgo/config"
|
|
"github.com/drakkan/sftpgo/dataprovider"
|
|
"github.com/drakkan/sftpgo/ftpd"
|
|
"github.com/drakkan/sftpgo/httpclient"
|
|
"github.com/drakkan/sftpgo/httpd"
|
|
"github.com/drakkan/sftpgo/sftpd"
|
|
"github.com/drakkan/sftpgo/utils"
|
|
"github.com/drakkan/sftpgo/webdavd"
|
|
)
|
|
|
|
const (
|
|
tempConfigName = "temp"
|
|
)
|
|
|
|
func reset() {
|
|
viper.Reset()
|
|
config.Init()
|
|
}
|
|
|
|
func TestLoadConfigTest(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
assert.NotEqual(t, httpd.Conf{}, config.GetHTTPConfig())
|
|
assert.NotEqual(t, dataprovider.Config{}, config.GetProviderConf())
|
|
assert.NotEqual(t, sftpd.Configuration{}, config.GetSFTPDConfig())
|
|
assert.NotEqual(t, httpclient.Config{}, config.GetHTTPConfig())
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, []byte("{invalid json}"), os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, []byte("{\"sftpd\": {\"bind_port\": \"a\"}}"), os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.Error(t, err)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestLoadConfigFileNotFound(t *testing.T) {
|
|
reset()
|
|
|
|
viper.SetConfigName("configfile")
|
|
err := config.LoadConfig(os.TempDir(), "")
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestEmptyBanner(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
sftpdConf := config.GetSFTPDConfig()
|
|
sftpdConf.Banner = " "
|
|
c := make(map[string]sftpd.Configuration)
|
|
c["sftpd"] = sftpdConf
|
|
jsonConf, _ := json.Marshal(c)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
sftpdConf = config.GetSFTPDConfig()
|
|
assert.NotEmpty(t, strings.TrimSpace(sftpdConf.Banner))
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
|
|
ftpdConf := config.GetFTPDConfig()
|
|
ftpdConf.Banner = " "
|
|
c1 := make(map[string]ftpd.Configuration)
|
|
c1["ftpd"] = ftpdConf
|
|
jsonConf, _ = json.Marshal(c1)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
ftpdConf = config.GetFTPDConfig()
|
|
assert.NotEmpty(t, strings.TrimSpace(ftpdConf.Banner))
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestEnabledSSHCommands(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
|
|
reset()
|
|
|
|
sftpdConf := config.GetSFTPDConfig()
|
|
sftpdConf.EnabledSSHCommands = []string{"scp"}
|
|
c := make(map[string]sftpd.Configuration)
|
|
c["sftpd"] = sftpdConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
sftpdConf = config.GetSFTPDConfig()
|
|
if assert.Len(t, sftpdConf.EnabledSSHCommands, 1) {
|
|
assert.Equal(t, "scp", sftpdConf.EnabledSSHCommands[0])
|
|
}
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestInvalidUploadMode(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
commonConf := config.GetCommonConfig()
|
|
commonConf.UploadMode = 10
|
|
c := make(map[string]common.Configuration)
|
|
c["common"] = commonConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, 0, config.GetCommonConfig().UploadMode)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestInvalidExternalAuthScope(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
providerConf := config.GetProviderConf()
|
|
providerConf.ExternalAuthScope = 100
|
|
c := make(map[string]dataprovider.Config)
|
|
c["data_provider"] = providerConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, 0, config.GetProviderConf().ExternalAuthScope)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestInvalidCredentialsPath(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
providerConf := config.GetProviderConf()
|
|
providerConf.CredentialsPath = ""
|
|
c := make(map[string]dataprovider.Config)
|
|
c["data_provider"] = providerConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, "credentials", config.GetProviderConf().CredentialsPath)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestInvalidProxyProtocol(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
commonConf := config.GetCommonConfig()
|
|
commonConf.ProxyProtocol = 10
|
|
c := make(map[string]common.Configuration)
|
|
c["common"] = commonConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, 0, config.GetCommonConfig().ProxyProtocol)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestInvalidUsersBaseDir(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
providerConf := config.GetProviderConf()
|
|
providerConf.UsersBaseDir = "."
|
|
c := make(map[string]dataprovider.Config)
|
|
c["data_provider"] = providerConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
assert.Empty(t, config.GetProviderConf().UsersBaseDir)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestSetGetConfig(t *testing.T) {
|
|
reset()
|
|
|
|
sftpdConf := config.GetSFTPDConfig()
|
|
sftpdConf.MaxAuthTries = 10
|
|
config.SetSFTPDConfig(sftpdConf)
|
|
assert.Equal(t, sftpdConf.MaxAuthTries, config.GetSFTPDConfig().MaxAuthTries)
|
|
dataProviderConf := config.GetProviderConf()
|
|
dataProviderConf.Host = "test host"
|
|
config.SetProviderConf(dataProviderConf)
|
|
assert.Equal(t, dataProviderConf.Host, config.GetProviderConf().Host)
|
|
httpdConf := config.GetHTTPDConfig()
|
|
httpdConf.Bindings = append(httpdConf.Bindings, httpd.Binding{Address: "0.0.0.0"})
|
|
config.SetHTTPDConfig(httpdConf)
|
|
assert.Equal(t, httpdConf.Bindings[0].Address, config.GetHTTPDConfig().Bindings[0].Address)
|
|
commonConf := config.GetCommonConfig()
|
|
commonConf.IdleTimeout = 10
|
|
config.SetCommonConfig(commonConf)
|
|
assert.Equal(t, commonConf.IdleTimeout, config.GetCommonConfig().IdleTimeout)
|
|
ftpdConf := config.GetFTPDConfig()
|
|
ftpdConf.CertificateFile = "cert"
|
|
ftpdConf.CertificateKeyFile = "key"
|
|
config.SetFTPDConfig(ftpdConf)
|
|
assert.Equal(t, ftpdConf.CertificateFile, config.GetFTPDConfig().CertificateFile)
|
|
assert.Equal(t, ftpdConf.CertificateKeyFile, config.GetFTPDConfig().CertificateKeyFile)
|
|
webDavConf := config.GetWebDAVDConfig()
|
|
webDavConf.CertificateFile = "dav_cert"
|
|
webDavConf.CertificateKeyFile = "dav_key"
|
|
config.SetWebDAVDConfig(webDavConf)
|
|
assert.Equal(t, webDavConf.CertificateFile, config.GetWebDAVDConfig().CertificateFile)
|
|
assert.Equal(t, webDavConf.CertificateKeyFile, config.GetWebDAVDConfig().CertificateKeyFile)
|
|
kmsConf := config.GetKMSConfig()
|
|
kmsConf.Secrets.MasterKeyPath = "apath"
|
|
kmsConf.Secrets.URL = "aurl"
|
|
config.SetKMSConfig(kmsConf)
|
|
assert.Equal(t, kmsConf.Secrets.MasterKeyPath, config.GetKMSConfig().Secrets.MasterKeyPath)
|
|
assert.Equal(t, kmsConf.Secrets.URL, config.GetKMSConfig().Secrets.URL)
|
|
telemetryConf := config.GetTelemetryConfig()
|
|
telemetryConf.BindPort = 10001
|
|
telemetryConf.BindAddress = "0.0.0.0"
|
|
config.SetTelemetryConfig(telemetryConf)
|
|
assert.Equal(t, telemetryConf.BindPort, config.GetTelemetryConfig().BindPort)
|
|
assert.Equal(t, telemetryConf.BindAddress, config.GetTelemetryConfig().BindAddress)
|
|
}
|
|
|
|
func TestServiceToStart(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
assert.True(t, config.HasServicesToStart())
|
|
sftpdConf := config.GetSFTPDConfig()
|
|
sftpdConf.Bindings[0].Port = 0
|
|
config.SetSFTPDConfig(sftpdConf)
|
|
assert.False(t, config.HasServicesToStart())
|
|
ftpdConf := config.GetFTPDConfig()
|
|
ftpdConf.Bindings[0].Port = 2121
|
|
config.SetFTPDConfig(ftpdConf)
|
|
assert.True(t, config.HasServicesToStart())
|
|
ftpdConf.Bindings[0].Port = 0
|
|
config.SetFTPDConfig(ftpdConf)
|
|
webdavdConf := config.GetWebDAVDConfig()
|
|
webdavdConf.Bindings[0].Port = 9000
|
|
config.SetWebDAVDConfig(webdavdConf)
|
|
assert.True(t, config.HasServicesToStart())
|
|
webdavdConf.Bindings[0].Port = 0
|
|
config.SetWebDAVDConfig(webdavdConf)
|
|
assert.False(t, config.HasServicesToStart())
|
|
sftpdConf.Bindings[0].Port = 2022
|
|
config.SetSFTPDConfig(sftpdConf)
|
|
assert.True(t, config.HasServicesToStart())
|
|
}
|
|
|
|
func TestSFTPDBindingsCompatibility(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
sftpdConf := config.GetSFTPDConfig()
|
|
require.Len(t, sftpdConf.Bindings, 1)
|
|
sftpdConf.Bindings = nil
|
|
sftpdConf.BindPort = 9022 //nolint:staticcheck
|
|
sftpdConf.BindAddress = "127.0.0.1" //nolint:staticcheck
|
|
c := make(map[string]sftpd.Configuration)
|
|
c["sftpd"] = sftpdConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
sftpdConf = config.GetSFTPDConfig()
|
|
// the default binding should be replaced with the deprecated configuration
|
|
require.Len(t, sftpdConf.Bindings, 1)
|
|
require.Equal(t, 9022, sftpdConf.Bindings[0].Port)
|
|
require.Equal(t, "127.0.0.1", sftpdConf.Bindings[0].Address)
|
|
require.True(t, sftpdConf.Bindings[0].ApplyProxyConfig)
|
|
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
sftpdConf = config.GetSFTPDConfig()
|
|
require.Len(t, sftpdConf.Bindings, 1)
|
|
require.Equal(t, 9022, sftpdConf.Bindings[0].Port)
|
|
require.Equal(t, "127.0.0.1", sftpdConf.Bindings[0].Address)
|
|
require.True(t, sftpdConf.Bindings[0].ApplyProxyConfig)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestFTPDBindingsCompatibility(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
ftpdConf := config.GetFTPDConfig()
|
|
require.Len(t, ftpdConf.Bindings, 1)
|
|
ftpdConf.Bindings = nil
|
|
ftpdConf.BindPort = 9022 //nolint:staticcheck
|
|
ftpdConf.BindAddress = "127.1.0.1" //nolint:staticcheck
|
|
ftpdConf.ForcePassiveIP = "127.1.1.1" //nolint:staticcheck
|
|
ftpdConf.TLSMode = 2 //nolint:staticcheck
|
|
c := make(map[string]ftpd.Configuration)
|
|
c["ftpd"] = ftpdConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
ftpdConf = config.GetFTPDConfig()
|
|
// the default binding should be replaced with the deprecated configuration
|
|
require.Len(t, ftpdConf.Bindings, 1)
|
|
require.Equal(t, 9022, ftpdConf.Bindings[0].Port)
|
|
require.Equal(t, "127.1.0.1", ftpdConf.Bindings[0].Address)
|
|
require.True(t, ftpdConf.Bindings[0].ApplyProxyConfig)
|
|
require.Equal(t, 2, ftpdConf.Bindings[0].TLSMode)
|
|
require.Equal(t, "127.1.1.1", ftpdConf.Bindings[0].ForcePassiveIP)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestWebDAVDBindingsCompatibility(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
webdavConf := config.GetWebDAVDConfig()
|
|
require.Len(t, webdavConf.Bindings, 1)
|
|
webdavConf.Bindings = nil
|
|
webdavConf.BindPort = 9080 //nolint:staticcheck
|
|
webdavConf.BindAddress = "127.0.0.1" //nolint:staticcheck
|
|
c := make(map[string]webdavd.Configuration)
|
|
c["webdavd"] = webdavConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
webdavConf = config.GetWebDAVDConfig()
|
|
// the default binding should be replaced with the deprecated configuration
|
|
require.Len(t, webdavConf.Bindings, 1)
|
|
require.Equal(t, 9080, webdavConf.Bindings[0].Port)
|
|
require.Equal(t, "127.0.0.1", webdavConf.Bindings[0].Address)
|
|
require.False(t, webdavConf.Bindings[0].EnableHTTPS)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestHTTPDBindingsCompatibility(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
httpdConf := config.GetHTTPDConfig()
|
|
require.Len(t, httpdConf.Bindings, 1)
|
|
httpdConf.Bindings = nil
|
|
httpdConf.BindPort = 9080 //nolint:staticcheck
|
|
httpdConf.BindAddress = "127.1.1.1" //nolint:staticcheck
|
|
c := make(map[string]httpd.Conf)
|
|
c["httpd"] = httpdConf
|
|
jsonConf, err := json.Marshal(c)
|
|
assert.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
assert.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
assert.NoError(t, err)
|
|
httpdConf = config.GetHTTPDConfig()
|
|
// the default binding should be replaced with the deprecated configuration
|
|
require.Len(t, httpdConf.Bindings, 1)
|
|
require.Equal(t, 9080, httpdConf.Bindings[0].Port)
|
|
require.Equal(t, "127.1.1.1", httpdConf.Bindings[0].Address)
|
|
require.False(t, httpdConf.Bindings[0].EnableHTTPS)
|
|
require.True(t, httpdConf.Bindings[0].EnableWebAdmin)
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
func TestRateLimitersFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__AVERAGE", "100")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__PERIOD", "2000")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__BURST", "10")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__TYPE", "2")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__PROTOCOLS", "SSH, FTP")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__GENERATE_DEFENDER_EVENTS", "1")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__ENTRIES_SOFT_LIMIT", "50")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__0__ENTRIES_HARD_LIMIT", "100")
|
|
os.Setenv("SFTPGO_COMMON__RATE_LIMITERS__8__AVERAGE", "50")
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__AVERAGE")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__PERIOD")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__BURST")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__TYPE")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__PROTOCOLS")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__GENERATE_DEFENDER_EVENTS")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__ENTRIES_SOFT_LIMIT")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__0__ENTRIES_HARD_LIMIT")
|
|
os.Unsetenv("SFTPGO_COMMON__RATE_LIMITERS__8__AVERAGE")
|
|
})
|
|
|
|
configDir := ".."
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
limiters := config.GetCommonConfig().RateLimitersConfig
|
|
require.Len(t, limiters, 2)
|
|
require.Equal(t, int64(100), limiters[0].Average)
|
|
require.Equal(t, int64(2000), limiters[0].Period)
|
|
require.Equal(t, 10, limiters[0].Burst)
|
|
require.Equal(t, 2, limiters[0].Type)
|
|
protocols := limiters[0].Protocols
|
|
require.Len(t, protocols, 2)
|
|
require.True(t, utils.IsStringInSlice(common.ProtocolFTP, protocols))
|
|
require.True(t, utils.IsStringInSlice(common.ProtocolSSH, protocols))
|
|
require.True(t, limiters[0].GenerateDefenderEvents)
|
|
require.Equal(t, 50, limiters[0].EntriesSoftLimit)
|
|
require.Equal(t, 100, limiters[0].EntriesHardLimit)
|
|
require.Equal(t, int64(50), limiters[1].Average)
|
|
// we check the default values here
|
|
require.Equal(t, int64(1000), limiters[1].Period)
|
|
require.Equal(t, 1, limiters[1].Burst)
|
|
require.Equal(t, 2, limiters[1].Type)
|
|
protocols = limiters[1].Protocols
|
|
require.Len(t, protocols, 4)
|
|
require.True(t, utils.IsStringInSlice(common.ProtocolFTP, protocols))
|
|
require.True(t, utils.IsStringInSlice(common.ProtocolSSH, protocols))
|
|
require.True(t, utils.IsStringInSlice(common.ProtocolWebDAV, protocols))
|
|
require.True(t, utils.IsStringInSlice(common.ProtocolHTTP, protocols))
|
|
require.False(t, limiters[1].GenerateDefenderEvents)
|
|
require.Equal(t, 100, limiters[1].EntriesSoftLimit)
|
|
require.Equal(t, 150, limiters[1].EntriesHardLimit)
|
|
}
|
|
|
|
func TestSFTPDBindingsFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
os.Setenv("SFTPGO_SFTPD__BINDINGS__0__ADDRESS", "127.0.0.1")
|
|
os.Setenv("SFTPGO_SFTPD__BINDINGS__0__PORT", "2200")
|
|
os.Setenv("SFTPGO_SFTPD__BINDINGS__0__APPLY_PROXY_CONFIG", "false")
|
|
os.Setenv("SFTPGO_SFTPD__BINDINGS__3__ADDRESS", "127.0.1.1")
|
|
os.Setenv("SFTPGO_SFTPD__BINDINGS__3__PORT", "2203")
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_SFTPD__BINDINGS__0__ADDRESS")
|
|
os.Unsetenv("SFTPGO_SFTPD__BINDINGS__0__PORT")
|
|
os.Unsetenv("SFTPGO_SFTPD__BINDINGS__0__APPLY_PROXY_CONFIG")
|
|
os.Unsetenv("SFTPGO_SFTPD__BINDINGS__3__ADDRESS")
|
|
os.Unsetenv("SFTPGO_SFTPD__BINDINGS__3__PORT")
|
|
})
|
|
|
|
configDir := ".."
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
bindings := config.GetSFTPDConfig().Bindings
|
|
require.Len(t, bindings, 2)
|
|
require.Equal(t, 2200, bindings[0].Port)
|
|
require.Equal(t, "127.0.0.1", bindings[0].Address)
|
|
require.False(t, bindings[0].ApplyProxyConfig)
|
|
require.Equal(t, 2203, bindings[1].Port)
|
|
require.Equal(t, "127.0.1.1", bindings[1].Address)
|
|
require.True(t, bindings[1].ApplyProxyConfig) // default value
|
|
}
|
|
|
|
func TestFTPDBindingsFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__0__ADDRESS", "127.0.0.1")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__0__PORT", "2200")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__0__APPLY_PROXY_CONFIG", "f")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__0__TLS_MODE", "2")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__0__FORCE_PASSIVE_IP", "127.0.1.2")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__0__TLS_CIPHER_SUITES", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__9__ADDRESS", "127.0.1.1")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__9__PORT", "2203")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__9__TLS_MODE", "1")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__9__FORCE_PASSIVE_IP", "127.0.1.1")
|
|
os.Setenv("SFTPGO_FTPD__BINDINGS__9__CLIENT_AUTH_TYPE", "2")
|
|
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__ADDRESS")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__PORT")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__APPLY_PROXY_CONFIG")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__TLS_MODE")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__FORCE_PASSIVE_IP")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__TLS_CIPHER_SUITES")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__ADDRESS")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__PORT")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__TLS_MODE")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__FORCE_PASSIVE_IP")
|
|
os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__CLIENT_AUTH_TYPE")
|
|
})
|
|
|
|
configDir := ".."
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
bindings := config.GetFTPDConfig().Bindings
|
|
require.Len(t, bindings, 2)
|
|
require.Equal(t, 2200, bindings[0].Port)
|
|
require.Equal(t, "127.0.0.1", bindings[0].Address)
|
|
require.False(t, bindings[0].ApplyProxyConfig)
|
|
require.Equal(t, 2, bindings[0].TLSMode)
|
|
require.Equal(t, "127.0.1.2", bindings[0].ForcePassiveIP)
|
|
require.Equal(t, 0, bindings[0].ClientAuthType)
|
|
require.Len(t, bindings[0].TLSCipherSuites, 2)
|
|
require.Equal(t, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", bindings[0].TLSCipherSuites[0])
|
|
require.Equal(t, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", bindings[0].TLSCipherSuites[1])
|
|
require.Equal(t, 2203, bindings[1].Port)
|
|
require.Equal(t, "127.0.1.1", bindings[1].Address)
|
|
require.True(t, bindings[1].ApplyProxyConfig) // default value
|
|
require.Equal(t, 1, bindings[1].TLSMode)
|
|
require.Equal(t, "127.0.1.1", bindings[1].ForcePassiveIP)
|
|
require.Equal(t, 2, bindings[1].ClientAuthType)
|
|
require.Nil(t, bindings[1].TLSCipherSuites)
|
|
}
|
|
|
|
func TestWebDAVBindingsFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__ADDRESS", "127.0.0.1")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__PORT", "8000")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__ENABLE_HTTPS", "0")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__TLS_CIPHER_SUITES", "TLS_RSA_WITH_AES_128_CBC_SHA ")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__PROXY_ALLOWED", "192.168.10.1")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__ADDRESS", "127.0.1.1")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__PORT", "9000")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__ENABLE_HTTPS", "1")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__CLIENT_AUTH_TYPE", "1")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__PREFIX", "/dav2")
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__ADDRESS")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__PORT")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__ENABLE_HTTPS")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__TLS_CIPHER_SUITES")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__PROXY_ALLOWED")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__ADDRESS")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__PORT")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__ENABLE_HTTPS")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__CLIENT_AUTH_TYPE")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__PREFIX")
|
|
})
|
|
|
|
configDir := ".."
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
bindings := config.GetWebDAVDConfig().Bindings
|
|
require.Len(t, bindings, 3)
|
|
require.Equal(t, 0, bindings[0].Port)
|
|
require.Empty(t, bindings[0].Address)
|
|
require.False(t, bindings[0].EnableHTTPS)
|
|
require.Len(t, bindings[0].TLSCipherSuites, 0)
|
|
require.Empty(t, bindings[0].Prefix)
|
|
require.Equal(t, 8000, bindings[1].Port)
|
|
require.Equal(t, "127.0.0.1", bindings[1].Address)
|
|
require.False(t, bindings[1].EnableHTTPS)
|
|
require.Equal(t, 0, bindings[1].ClientAuthType)
|
|
require.Len(t, bindings[1].TLSCipherSuites, 1)
|
|
require.Equal(t, "TLS_RSA_WITH_AES_128_CBC_SHA", bindings[1].TLSCipherSuites[0])
|
|
require.Equal(t, "192.168.10.1", bindings[1].ProxyAllowed[0])
|
|
require.Empty(t, bindings[1].Prefix)
|
|
require.Equal(t, 9000, bindings[2].Port)
|
|
require.Equal(t, "127.0.1.1", bindings[2].Address)
|
|
require.True(t, bindings[2].EnableHTTPS)
|
|
require.Equal(t, 1, bindings[2].ClientAuthType)
|
|
require.Nil(t, bindings[2].TLSCipherSuites)
|
|
require.Equal(t, "/dav2", bindings[2].Prefix)
|
|
}
|
|
|
|
func TestHTTPDBindingsFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
sockPath := filepath.Clean(os.TempDir())
|
|
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__0__ADDRESS", sockPath)
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__0__PORT", "0")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__0__TLS_CIPHER_SUITES", " TLS_AES_128_GCM_SHA256")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__1__ADDRESS", "127.0.0.1")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__1__PORT", "8000")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__1__ENABLE_HTTPS", "0")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__ADDRESS", "127.0.1.1")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__PORT", "9000")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_WEB_ADMIN", "0")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_WEB_CLIENT", "0")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_HTTPS", "1")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__CLIENT_AUTH_TYPE", "1")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__TLS_CIPHER_SUITES", " TLS_AES_256_GCM_SHA384 , TLS_CHACHA20_POLY1305_SHA256")
|
|
os.Setenv("SFTPGO_HTTPD__BINDINGS__2__PROXY_ALLOWED", " 192.168.9.1 , 172.16.25.0/24")
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__0__ADDRESS")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__0__PORT")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__0__TLS_CIPHER_SUITES")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__1__ADDRESS")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__1__PORT")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__1__ENABLE_HTTPS")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__ADDRESS")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__PORT")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_HTTPS")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_WEB_ADMIN")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_WEB_CLIENT")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__CLIENT_AUTH_TYPE")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__TLS_CIPHER_SUITES")
|
|
os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__PROXY_ALLOWED")
|
|
})
|
|
|
|
configDir := ".."
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
bindings := config.GetHTTPDConfig().Bindings
|
|
require.Len(t, bindings, 3)
|
|
require.Equal(t, 0, bindings[0].Port)
|
|
require.Equal(t, sockPath, bindings[0].Address)
|
|
require.False(t, bindings[0].EnableHTTPS)
|
|
require.True(t, bindings[0].EnableWebAdmin)
|
|
require.True(t, bindings[0].EnableWebClient)
|
|
require.Len(t, bindings[0].TLSCipherSuites, 1)
|
|
require.Equal(t, "TLS_AES_128_GCM_SHA256", bindings[0].TLSCipherSuites[0])
|
|
require.Equal(t, 8000, bindings[1].Port)
|
|
require.Equal(t, "127.0.0.1", bindings[1].Address)
|
|
require.False(t, bindings[1].EnableHTTPS)
|
|
require.True(t, bindings[1].EnableWebAdmin)
|
|
require.True(t, bindings[1].EnableWebClient)
|
|
require.Nil(t, bindings[1].TLSCipherSuites)
|
|
|
|
require.Equal(t, 9000, bindings[2].Port)
|
|
require.Equal(t, "127.0.1.1", bindings[2].Address)
|
|
require.True(t, bindings[2].EnableHTTPS)
|
|
require.False(t, bindings[2].EnableWebAdmin)
|
|
require.False(t, bindings[2].EnableWebClient)
|
|
require.Equal(t, 1, bindings[2].ClientAuthType)
|
|
require.Len(t, bindings[2].TLSCipherSuites, 2)
|
|
require.Equal(t, "TLS_AES_256_GCM_SHA384", bindings[2].TLSCipherSuites[0])
|
|
require.Equal(t, "TLS_CHACHA20_POLY1305_SHA256", bindings[2].TLSCipherSuites[1])
|
|
require.Len(t, bindings[2].ProxyAllowed, 2)
|
|
require.Equal(t, "192.168.9.1", bindings[2].ProxyAllowed[0])
|
|
require.Equal(t, "172.16.25.0/24", bindings[2].ProxyAllowed[1])
|
|
}
|
|
|
|
func TestHTTPClientCertificatesFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
httpConf := config.GetHTTPConfig()
|
|
httpConf.Certificates = append(httpConf.Certificates, httpclient.TLSKeyPair{
|
|
Cert: "cert",
|
|
Key: "key",
|
|
})
|
|
c := make(map[string]httpclient.Config)
|
|
c["http"] = httpConf
|
|
jsonConf, err := json.Marshal(c)
|
|
require.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
require.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
require.NoError(t, err)
|
|
require.Len(t, config.GetHTTPConfig().Certificates, 1)
|
|
require.Equal(t, "cert", config.GetHTTPConfig().Certificates[0].Cert)
|
|
require.Equal(t, "key", config.GetHTTPConfig().Certificates[0].Key)
|
|
|
|
os.Setenv("SFTPGO_HTTP__CERTIFICATES__0__CERT", "cert0")
|
|
os.Setenv("SFTPGO_HTTP__CERTIFICATES__0__KEY", "key0")
|
|
os.Setenv("SFTPGO_HTTP__CERTIFICATES__8__CERT", "cert8")
|
|
os.Setenv("SFTPGO_HTTP__CERTIFICATES__9__CERT", "cert9")
|
|
os.Setenv("SFTPGO_HTTP__CERTIFICATES__9__KEY", "key9")
|
|
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_HTTP__CERTIFICATES__0__CERT")
|
|
os.Unsetenv("SFTPGO_HTTP__CERTIFICATES__0__KEY")
|
|
os.Unsetenv("SFTPGO_HTTP__CERTIFICATES__8__CERT")
|
|
os.Unsetenv("SFTPGO_HTTP__CERTIFICATES__9__CERT")
|
|
os.Unsetenv("SFTPGO_HTTP__CERTIFICATES__9__KEY")
|
|
})
|
|
|
|
err = config.LoadConfig(configDir, confName)
|
|
require.NoError(t, err)
|
|
require.Len(t, config.GetHTTPConfig().Certificates, 2)
|
|
require.Equal(t, "cert0", config.GetHTTPConfig().Certificates[0].Cert)
|
|
require.Equal(t, "key0", config.GetHTTPConfig().Certificates[0].Key)
|
|
require.Equal(t, "cert9", config.GetHTTPConfig().Certificates[1].Cert)
|
|
require.Equal(t, "key9", config.GetHTTPConfig().Certificates[1].Key)
|
|
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
|
|
config.Init()
|
|
|
|
err = config.LoadConfig(configDir, "")
|
|
require.NoError(t, err)
|
|
require.Len(t, config.GetHTTPConfig().Certificates, 2)
|
|
require.Equal(t, "cert0", config.GetHTTPConfig().Certificates[0].Cert)
|
|
require.Equal(t, "key0", config.GetHTTPConfig().Certificates[0].Key)
|
|
require.Equal(t, "cert9", config.GetHTTPConfig().Certificates[1].Cert)
|
|
require.Equal(t, "key9", config.GetHTTPConfig().Certificates[1].Key)
|
|
}
|
|
|
|
func TestHTTPClientHeadersFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
configDir := ".."
|
|
confName := tempConfigName + ".json"
|
|
configFilePath := filepath.Join(configDir, confName)
|
|
err := config.LoadConfig(configDir, "")
|
|
assert.NoError(t, err)
|
|
httpConf := config.GetHTTPConfig()
|
|
httpConf.Headers = append(httpConf.Headers, httpclient.Header{
|
|
Key: "key",
|
|
Value: "value",
|
|
URL: "url",
|
|
})
|
|
c := make(map[string]httpclient.Config)
|
|
c["http"] = httpConf
|
|
jsonConf, err := json.Marshal(c)
|
|
require.NoError(t, err)
|
|
err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
|
|
require.NoError(t, err)
|
|
err = config.LoadConfig(configDir, confName)
|
|
require.NoError(t, err)
|
|
require.Len(t, config.GetHTTPConfig().Headers, 1)
|
|
require.Equal(t, "key", config.GetHTTPConfig().Headers[0].Key)
|
|
require.Equal(t, "value", config.GetHTTPConfig().Headers[0].Value)
|
|
require.Equal(t, "url", config.GetHTTPConfig().Headers[0].URL)
|
|
|
|
os.Setenv("SFTPGO_HTTP__HEADERS__0__KEY", "key0")
|
|
os.Setenv("SFTPGO_HTTP__HEADERS__0__VALUE", "value0")
|
|
os.Setenv("SFTPGO_HTTP__HEADERS__0__URL", "url0")
|
|
os.Setenv("SFTPGO_HTTP__HEADERS__8__KEY", "key8")
|
|
os.Setenv("SFTPGO_HTTP__HEADERS__9__KEY", "key9")
|
|
os.Setenv("SFTPGO_HTTP__HEADERS__9__VALUE", "value9")
|
|
os.Setenv("SFTPGO_HTTP__HEADERS__9__URL", "url9")
|
|
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_HTTP__HEADERS__0__KEY")
|
|
os.Unsetenv("SFTPGO_HTTP__HEADERS__0__VALUE")
|
|
os.Unsetenv("SFTPGO_HTTP__HEADERS__0__URL")
|
|
os.Unsetenv("SFTPGO_HTTP__HEADERS__8__KEY")
|
|
os.Unsetenv("SFTPGO_HTTP__HEADERS__9__KEY")
|
|
os.Unsetenv("SFTPGO_HTTP__HEADERS__9__VALUE")
|
|
os.Unsetenv("SFTPGO_HTTP__HEADERS__9__URL")
|
|
})
|
|
|
|
err = config.LoadConfig(configDir, confName)
|
|
require.NoError(t, err)
|
|
require.Len(t, config.GetHTTPConfig().Headers, 2)
|
|
require.Equal(t, "key0", config.GetHTTPConfig().Headers[0].Key)
|
|
require.Equal(t, "value0", config.GetHTTPConfig().Headers[0].Value)
|
|
require.Equal(t, "url0", config.GetHTTPConfig().Headers[0].URL)
|
|
require.Equal(t, "key9", config.GetHTTPConfig().Headers[1].Key)
|
|
require.Equal(t, "value9", config.GetHTTPConfig().Headers[1].Value)
|
|
require.Equal(t, "url9", config.GetHTTPConfig().Headers[1].URL)
|
|
|
|
err = os.Remove(configFilePath)
|
|
assert.NoError(t, err)
|
|
|
|
config.Init()
|
|
|
|
err = config.LoadConfig(configDir, "")
|
|
require.NoError(t, err)
|
|
require.Len(t, config.GetHTTPConfig().Headers, 2)
|
|
require.Equal(t, "key0", config.GetHTTPConfig().Headers[0].Key)
|
|
require.Equal(t, "value0", config.GetHTTPConfig().Headers[0].Value)
|
|
require.Equal(t, "url0", config.GetHTTPConfig().Headers[0].URL)
|
|
require.Equal(t, "key9", config.GetHTTPConfig().Headers[1].Key)
|
|
require.Equal(t, "value9", config.GetHTTPConfig().Headers[1].Value)
|
|
require.Equal(t, "url9", config.GetHTTPConfig().Headers[1].URL)
|
|
}
|
|
|
|
func TestConfigFromEnv(t *testing.T) {
|
|
reset()
|
|
|
|
os.Setenv("SFTPGO_SFTPD__BINDINGS__0__ADDRESS", "127.0.0.1")
|
|
os.Setenv("SFTPGO_WEBDAVD__BINDINGS__0__PORT", "12000")
|
|
os.Setenv("SFTPGO_DATA_PROVIDER__PASSWORD_HASHING__ARGON2_OPTIONS__ITERATIONS", "41")
|
|
os.Setenv("SFTPGO_DATA_PROVIDER__POOL_SIZE", "10")
|
|
os.Setenv("SFTPGO_DATA_PROVIDER__ACTIONS__EXECUTE_ON", "add")
|
|
os.Setenv("SFTPGO_KMS__SECRETS__URL", "local")
|
|
os.Setenv("SFTPGO_KMS__SECRETS__MASTER_KEY_PATH", "path")
|
|
os.Setenv("SFTPGO_TELEMETRY__TLS_CIPHER_SUITES", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA")
|
|
t.Cleanup(func() {
|
|
os.Unsetenv("SFTPGO_SFTPD__BINDINGS__0__ADDRESS")
|
|
os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__0__PORT")
|
|
os.Unsetenv("SFTPGO_DATA_PROVIDER__PASSWORD_HASHING__ARGON2_OPTIONS__ITERATIONS")
|
|
os.Unsetenv("SFTPGO_DATA_PROVIDER__POOL_SIZE")
|
|
os.Unsetenv("SFTPGO_DATA_PROVIDER__ACTIONS__EXECUTE_ON")
|
|
os.Unsetenv("SFTPGO_KMS__SECRETS__URL")
|
|
os.Unsetenv("SFTPGO_KMS__SECRETS__MASTER_KEY_PATH")
|
|
os.Unsetenv("SFTPGO_TELEMETRY__TLS_CIPHER_SUITES")
|
|
})
|
|
err := config.LoadConfig(".", "invalid config")
|
|
assert.NoError(t, err)
|
|
sftpdConfig := config.GetSFTPDConfig()
|
|
assert.Equal(t, "127.0.0.1", sftpdConfig.Bindings[0].Address)
|
|
assert.Equal(t, 12000, config.GetWebDAVDConfig().Bindings[0].Port)
|
|
dataProviderConf := config.GetProviderConf()
|
|
assert.Equal(t, uint32(41), dataProviderConf.PasswordHashing.Argon2Options.Iterations)
|
|
assert.Equal(t, 10, dataProviderConf.PoolSize)
|
|
assert.Len(t, dataProviderConf.Actions.ExecuteOn, 1)
|
|
assert.Contains(t, dataProviderConf.Actions.ExecuteOn, "add")
|
|
kmsConfig := config.GetKMSConfig()
|
|
assert.Equal(t, "local", kmsConfig.Secrets.URL)
|
|
assert.Equal(t, "path", kmsConfig.Secrets.MasterKeyPath)
|
|
telemetryConfig := config.GetTelemetryConfig()
|
|
assert.Len(t, telemetryConfig.TLSCipherSuites, 2)
|
|
assert.Equal(t, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", telemetryConfig.TLSCipherSuites[0])
|
|
assert.Equal(t, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", telemetryConfig.TLSCipherSuites[1])
|
|
}
|