Nicola Murino
8306b6bde6
refactor virtual folders
...
The same virtual folder can now be shared among users and different
folder quota limits for each user are supported.
Fixes #120
2020-06-07 23:30:18 +02:00
Nicola Murino
dc011af90d
sftpd actions: add support for pre-delete action
...
Fixes #121
2020-05-24 23:31:14 +02:00
Nicola Murino
c27e3ef436
actions: add a generic hook to define external commands and HTTP URL
...
We can only define a single hook now and it can be an HTTP notification
or an external command, not both
2020-05-24 15:29:39 +02:00
Nicola Murino
760cc9ba5a
partial auth: fix public key query response
...
more details here:
https://github.com/golang/crypto/pull/130#issuecomment-633191423
2020-05-24 12:13:14 +02:00
Nicola Murino
5665e9c0e7
improve some docs
2020-05-23 12:47:44 +02:00
Nicola Murino
ad53429cf1
add support for build tag to allow to disable some features
...
The following build tags are available:
- "nogcs", disable Google Cloud Storage backend
- "nos3", disable S3 Compabible Object Storage backends
- "nobolt", disable Bolt data provider
- "nomysql", disable MySQL data provider
- "nopgsql", disable PostgreSQL data provider
- "nosqlite", disable SQLite data provider
- "noportable", disable portable mode
2020-05-23 11:58:05 +02:00
Nicola Murino
15298b0409
sftpd: remove unused expectedSize field from Transfer struct
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-20 20:17:59 +02:00
Nicola Murino
cfa710037c
cloud backends: fix SFTP error message for some write failures
...
Fixes #119
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-19 19:17:43 +02:00
Nicola Murino
a08dd85efd
sftpd: deprecate keys and add a new host_keys config param
...
host_key defines the private host keys as plain list of strings.
Remove the other deprecated config params from the default config too.
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-16 23:26:44 +02:00
Nicola Murino
469d36d979
certificate auth: fix source address checking inside crypto/ssh
...
So we can avoid to check source address ourself
81aafe6d26
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-16 15:15:32 +02:00
Nicola Murino
7ae8b2cdeb
move REST API CLI in examples directory
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-16 14:02:46 +02:00
Nicola Murino
cf148db75d
add test case for expired SSH certificate
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-15 23:23:49 +02:00
Nicola Murino
738c7ab43e
sftpd: add support for SSH user certificate authentication
...
This add support for PROTOCOL.certkeys vendor extension:
https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?rev=1.8
Fixes #117
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-15 20:08:53 +02:00
Nicola Murino
82fb7f8cf0
update proxyproto to v0.1.3
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-14 20:10:33 +02:00
Nicola Murino
e0f2ab9c01
test cases: minor improvements
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-10 12:37:29 +02:00
Nicola Murino
e0183217b6
test cases: simplify TestLoginInvalidFs
...
we can simulate an invalid filesystem config using a GCS user without a
credentials file
2020-05-07 19:47:46 +02:00
Nicola Murino
f066b7fb9c
use upstream pipeat
...
my patches are now merged
2020-05-07 00:05:40 +02:00
Nicola Murino
0c6e2b566b
fix test cases on Windows
2020-05-06 23:16:08 +02:00
Nicola Murino
f02e24437a
add more linters
...
test cases migration to testify is now complete.
Linters are enabled for test cases too
2020-05-06 19:36:34 +02:00
Nicola Murino
e9534be1e6
travis: exclude go 1.13 for arch arm64
2020-05-03 22:46:39 +02:00
Nicola Murino
7056997e49
travis: add arm64
2020-05-03 15:46:42 +02:00
Nicola Murino
155af19aaa
tests: update httpd test to use testify
2020-05-03 15:24:26 +02:00
Nicola Murino
f369fdf6f2
httpclient: add a configuration parameter to skip TLS certificate validation
...
In this mode, TLS is susceptible to man-in-the-middle attacks.
This should be used only for testing.
2020-05-03 11:37:50 +02:00
Nicola Murino
510a95bd6d
code quality check: set go version to 1.14
2020-05-02 15:55:27 +02:00
Nicola Murino
da90dbe645
tests: update config to use testify
...
we should port the other test cases to testify too
2020-05-02 15:47:23 +02:00
Nicola Murino
b006c5f914
NewOsFs: return an interface and not a pointer
2020-05-02 15:01:56 +02:00
Nicola Murino
3f75d46a16
sftpd: add support for excluding virtual folders from user quota limit
...
Fixes #110
2020-05-01 15:27:53 +02:00
Nicola Murino
14c2a244b7
code quality check: use setup-go@v2 and go 1.14
2020-04-30 17:57:06 +02:00
Nicola Murino
94ff9d7346
initprovider: fail if a configuration file cannot be found
2020-04-30 16:48:42 +02:00
Enes Çakır
14196167b0
add github action workflow for code quality
2020-04-30 15:06:15 +02:00
Nicola Murino
d70959c34c
fix some lint issues
2020-04-30 14:23:55 +02:00
Sam Millar
67c6f27064
Tiny documentation typo fix
2020-04-29 16:13:33 +02:00
Enes Çakır
6bfbb27856
fix log level changing problem
2020-04-28 23:03:18 +02:00
Enes Çakır
baac3749b3
add verbose flag for portable mode
2020-04-28 17:03:14 +02:00
Nicola Murino
d377181b25
add a new configuration section for HTTP clients
...
HTTP clients are used for executing hooks such as the ones used for custom
actions, external authentication and pre-login user modifications.
This allows, for example, to use self-signed certificate without defeating the
purpose of using TLS
2020-04-26 23:29:09 +02:00
Nicola Murino
ebd6a11f3a
external auth: add example HTTP server to use as authentication hook
...
The server authenticate against an LDAP server.
2020-04-26 14:48:32 +02:00
Nicola Murino
0a47412e8c
scp, ssh commands: hide the real fs path on errors
...
The underlying filesystem errors for permissions and non-existing files
can contain the real storage path.
Map these errors to more generic ones to avoid to leak this info
Fixes #109
2020-04-22 12:26:18 +02:00
Nicola Murino
4f668bf558
simplify some httpd related code
...
and update chi, cobra and viper
2020-04-21 19:24:38 +02:00
Mengsk
9248c5a987
Update performance.md
2020-04-13 21:20:53 +02:00
Nicola Murino
b0ed190591
add an example auth program that allow to authenticate against LDAP
...
External authentication is the way to go to authenticate against LDAP,
at least for now.
Closes #99
2020-04-11 22:30:41 +02:00
Nicola Murino
37357b2d63
add support for checking pbkdf2 passwords with base64 encoded salt
...
This way we can import the default passwords format used in 389ds.
See TestPasswordsHashPbkdf2Sha256_389DS test case to learn how to convert
389ds passwords
2020-04-11 12:25:21 +02:00
Nicola Murino
9b06e0a3b7
sql providers: change password field from varchar 255 to text
...
some passwords can be longer than 255 characters
2020-04-11 11:17:40 +02:00
Nicola Murino
5a5912ea66
switch to my pkg/sftp branch and enable the request-server allocator
...
This way we have performance comparable to OpenSSH if the cipher
isn't the bottleneck
2020-04-10 23:35:57 +02:00
Nicola Murino
b1c7317cf6
add support for partial authentication
...
Multi-step authentication is activated disabling all single-step
auth methods for a given user
2020-04-09 23:32:42 +02:00
Nicola Murino
a0fe4cf5e4
docker: TAG build arg can be used to build a specific commit too
2020-04-09 11:30:51 +02:00
Henrik Lundahl
7fe3c965e3
Add a version build arg to the Alpine Dockerfile.
2020-04-09 11:26:09 +02:00
Henrik Lundahl
fd9b3c2767
Add a version build arg to the debian Dockerfile.
2020-04-09 11:15:21 +02:00
Nicola Murino
fb9e188e36
systemd service: add ExecReload
2020-04-05 11:36:29 +02:00
Nicola Murino
c93d8cecfc
update deps
...
chi 4.1.0 requires some minor code changes
2020-04-03 22:30:30 +02:00
Nicola Murino
94b46e57f1
sftpd actions: execute defined command on error too
...
add a new field inside the notification to indicate if an error is
detected
2020-04-03 19:25:38 +02:00