sftpgo

Author	SHA1	Message	Date
Nicola Murino	54c0c1b80d	Windows: manually check if we can bind on the configured port/ports Windows allows the coexistence of three types of sockets on the same transport-layer service port, for example, 127.0.0.1:8080, [::1]:8080 and [::ffff:0.0.0.0]:8080 Go don't properly handles this, so we use a ugly hack Fixes #350	2021-03-21 22:21:04 +01:00
Nicola Murino	d6dc3a507e	extend virtual folders support to all storage backends Fixes #241	2021-03-21 19:15:47 +01:00
Nicola Murino	ca3e15578e	Use new methods in the io and os packages instead of ioutil ones ioutil is deprecated in Go 1.16 and SFTPGo is an application, not a library, we have no reason to keep compatibility with old Go versions. Go 1.16 fix some cifs related issues too.	2021-02-25 21:53:04 +01:00
Nicola Murino	be9230e85b	micro optimizations spotted using the go-critic linter	2021-02-16 19:11:36 +01:00
Nicola Murino	51f110bc7b	sftpd: add statvfs@openssh.com support	2021-02-11 19:45:52 +01:00
Nicola Murino	1cde50f050	sftpd: improve logging if filesystem creation fails	2021-02-03 09:45:04 +01:00
Nicola Murino	46ab8f8d78	post-login hook: add the full user JSON serialized Fixes #284	2021-01-26 18:05:44 +01:00
Nicola Murino	aff75953e3	ssh requests: send a reply only if the client requested it	2021-01-21 09:28:41 +01:00
Nicola Murino	41a1af863e	OpenAPI: minor changes	2021-01-18 13:24:38 +01:00
Nicola Murino	daac90c4e1	fix a potential race condition for pre-login and ext auth hooks doing something like this: err = provider.updateUser(u) ... return provider.userExists(username) could be racy if another update happen before provider.userExists(username) also pass a pointer to updateUser so if the user is modified inside "validateUser" we can just return the modified user without do a new query	2021-01-05 09:50:22 +01:00
Nicola Murino	037d89a320	add support for a basic built-in defender It can help to prevent DoS and brute force password guessing	2021-01-02 14:05:09 +01:00
Nicola Murino	1dce1eff48	improve FTP support - allow to disable active mode - allow to disable SITE commands - add optional support for calculating hash value of files - add optional support for the non standard COMB command	2020-12-24 18:48:06 +01:00
Nicola Murino	187a5b1908	sftpd: properly handle listener accept errors continue on temporary errors and exit from the serve loop for the other ones	2020-12-23 19:53:07 +01:00
Nicola Murino	c69d63c1f8	add support for multiple bindings Fixes #253	2020-12-23 16:12:30 +01:00
Nicola Murino	f34462e3c3	add support for limiting max concurrent client connections	2020-12-15 19:29:30 +01:00
Nicola Murino	a6985075b9	add sftpfs storage backend Fixes #224	2020-12-12 10:31:09 +01:00
Nicola Murino	50982229e1	REST API: add a method to get the status of the services added a status page to the built-in web admin	2020-12-08 11:18:34 +01:00
Nicola Murino	a6355e298e	add support for limit files using shell like patterns Fixes #209	2020-11-15 22:04:48 +01:00
Nicola Murino	dc845fa2f4	webdav: fix permission errors if the client try to read multiple times	2020-11-14 19:19:41 +01:00
Nicola Murino	950a5ad9ea	add a recoverer where appropriate I have never seen this, but a malformed packet can easily crash pkg/sftp	2020-10-31 11:02:04 +01:00
Nicola Murino	6a8039e76a	sftpd: log fingerprints for used host keys	2020-10-21 14:27:58 +02:00
Nicola Murino	b51d795e04	sftpd: auto generate an ed25519 host key too	2020-10-19 14:30:40 +02:00
Nicola Murino	f9827f958b	sftpd auto host keys: try to auto-create parent dir if missing	2020-10-05 14:16:57 +02:00
Nicola Murino	242dde4480	sftpd: ensure to always close idle connections after the last commit this wasn't the case anymore Completly fixes #169	2020-09-18 18:15:28 +02:00
Nicola Murino	2df0dd1f70	sshd: map each channel with a new connection Fixes #169	2020-09-18 10:52:53 +02:00
Nicola Murino	a59163e56c	multi-step auth: don't advertise password method if it is disabled also rename the settings to password_authentication so it is more like OpenSSH, add some test cases and improve documentation	2020-09-01 19:34:40 +02:00
Giorgio Pellero	8391b19abb	Add password_disabled bool to sftpd config, disables password auth callback (#165 )	2020-09-01 19:26:33 +02:00
Nicola Murino	f3228713bc	Allow individual protocols to be enabled per user Fixes #154	2020-08-17 12:49:20 +02:00
Nicola Murino	aa0ed5dbd0	add post-login hook a login scope is supported too so you can get notifications for failed logins, successful logins or both	2020-08-12 16:15:12 +02:00
Nicola Murino	a9e21c282a	add WebDAV support Fixes #147	2020-08-11 23:56:10 +02:00
Antoine Deschênes	9a15a54885	sftpd: set failed connection loglevel to debug (#152 )	2020-08-06 21:20:31 +02:00
Nicola Murino	91dcc349de	Add client IP address to external auth, pre-login and keyboard interactive hooks	2020-08-04 18:03:28 +02:00
Nicola Murino	22338ed478	add post connect hook Fixes #144	2020-07-30 22:33:49 +02:00
Nicola Murino	93ce96d011	add support for the venerable FTP protocol Fixes #46	2020-07-29 21:56:56 +02:00
Nicola Murino	4e41a5583d	refactoring: add common package The common package defines the interfaces that a protocol must implement and contain code that can be shared among supported protocols. This way should be easier to support new protocols	2020-07-24 23:39:38 +02:00
Nicola Murino	0ea2ca3141	simplify data provider usage remove the obsolete SQL scripts too. They are not required since v0.9.6	2020-07-08 19:59:31 +02:00
Nicola Murino	8e22dd1b13	virtual folders: allow overlapped mapped paths if quota is disabled See #95	2020-06-10 09:11:32 +02:00
Nicola Murino	cd380973df	allows host keys auto generation inside a user configured directory Fixes #124	2020-06-08 18:45:04 +02:00
Nicola Murino	a08dd85efd	sftpd: deprecate keys and add a new host_keys config param host_key defines the private host keys as plain list of strings. Remove the other deprecated config params from the default config too. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-16 23:26:44 +02:00
Nicola Murino	469d36d979	certificate auth: fix source address checking inside crypto/ssh So we can avoid to check source address ourself `81aafe6d26` Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-16 15:15:32 +02:00
Nicola Murino	738c7ab43e	sftpd: add support for SSH user certificate authentication This add support for PROTOCOL.certkeys vendor extension: https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?rev=1.8 Fixes #117 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-15 20:08:53 +02:00
Nicola Murino	f02e24437a	add more linters test cases migration to testify is now complete. Linters are enabled for test cases too	2020-05-06 19:36:34 +02:00
Nicola Murino	d70959c34c	fix some lint issues	2020-04-30 14:23:55 +02:00
Nicola Murino	5a5912ea66	switch to my pkg/sftp branch and enable the request-server allocator This way we have performance comparable to OpenSSH if the cipher isn't the bottleneck	2020-04-10 23:35:57 +02:00
Nicola Murino	b1c7317cf6	add support for partial authentication Multi-step authentication is activated disabling all single-step auth methods for a given user	2020-04-09 23:32:42 +02:00
Nicola Murino	9046acbe68	add HTTP hooks external auth, pre-login user modification and keyboard interactive authentication is now supported via HTTP requests too	2020-04-01 23:25:23 +02:00
Nicola Murino	f284008fb5	enable scp in default configuration remove the deprecated enable_scp setting	2020-03-26 23:38:24 +01:00
Nicola Murino	9b119765fc	docs: minor improvements	2020-03-04 23:51:16 +01:00
Nicola Murino	016abda6d7	improve docs	2020-03-03 23:25:23 +01:00
Nicola Murino	833b702b90	proxy protocol: add list of allowed IP addresses and IP ranges "proxy_allowed" setting allows to specify the allowed IP address and IP ranges that can send the proxy header. This setting combined with "proxy_protocol" allows to ignore the header or to reject connections that send the proxy header from a non listed IP	2020-03-01 23:12:28 +01:00

1 2

98 commits