sftpgo

Author	SHA1	Message	Date
Nicola Murino	ca3e15578e	Use new methods in the io and os packages instead of ioutil ones ioutil is deprecated in Go 1.16 and SFTPGo is an application, not a library, we have no reason to keep compatibility with old Go versions. Go 1.16 fix some cifs related issues too.	2021-02-25 21:53:04 +01:00
Nicola Murino	be9230e85b	micro optimizations spotted using the go-critic linter	2021-02-16 19:11:36 +01:00
Nicola Murino	51f110bc7b	sftpd: add statvfs@openssh.com support	2021-02-11 19:45:52 +01:00
Nicola Murino	1cde50f050	sftpd: improve logging if filesystem creation fails	2021-02-03 09:45:04 +01:00
Nicola Murino	46ab8f8d78	post-login hook: add the full user JSON serialized Fixes #284	2021-01-26 18:05:44 +01:00
Nicola Murino	aff75953e3	ssh requests: send a reply only if the client requested it	2021-01-21 09:28:41 +01:00
Nicola Murino	41a1af863e	OpenAPI: minor changes	2021-01-18 13:24:38 +01:00
Nicola Murino	daac90c4e1	fix a potential race condition for pre-login and ext auth hooks doing something like this: err = provider.updateUser(u) ... return provider.userExists(username) could be racy if another update happen before provider.userExists(username) also pass a pointer to updateUser so if the user is modified inside "validateUser" we can just return the modified user without do a new query	2021-01-05 09:50:22 +01:00
Nicola Murino	037d89a320	add support for a basic built-in defender It can help to prevent DoS and brute force password guessing	2021-01-02 14:05:09 +01:00
Nicola Murino	1dce1eff48	improve FTP support - allow to disable active mode - allow to disable SITE commands - add optional support for calculating hash value of files - add optional support for the non standard COMB command	2020-12-24 18:48:06 +01:00
Nicola Murino	187a5b1908	sftpd: properly handle listener accept errors continue on temporary errors and exit from the serve loop for the other ones	2020-12-23 19:53:07 +01:00
Nicola Murino	c69d63c1f8	add support for multiple bindings Fixes #253	2020-12-23 16:12:30 +01:00
Nicola Murino	f34462e3c3	add support for limiting max concurrent client connections	2020-12-15 19:29:30 +01:00
Nicola Murino	a6985075b9	add sftpfs storage backend Fixes #224	2020-12-12 10:31:09 +01:00
Nicola Murino	50982229e1	REST API: add a method to get the status of the services added a status page to the built-in web admin	2020-12-08 11:18:34 +01:00
Nicola Murino	a6355e298e	add support for limit files using shell like patterns Fixes #209	2020-11-15 22:04:48 +01:00
Nicola Murino	dc845fa2f4	webdav: fix permission errors if the client try to read multiple times	2020-11-14 19:19:41 +01:00
Nicola Murino	950a5ad9ea	add a recoverer where appropriate I have never seen this, but a malformed packet can easily crash pkg/sftp	2020-10-31 11:02:04 +01:00
Nicola Murino	6a8039e76a	sftpd: log fingerprints for used host keys	2020-10-21 14:27:58 +02:00
Nicola Murino	b51d795e04	sftpd: auto generate an ed25519 host key too	2020-10-19 14:30:40 +02:00
Nicola Murino	f9827f958b	sftpd auto host keys: try to auto-create parent dir if missing	2020-10-05 14:16:57 +02:00
Nicola Murino	242dde4480	sftpd: ensure to always close idle connections after the last commit this wasn't the case anymore Completly fixes #169	2020-09-18 18:15:28 +02:00
Nicola Murino	2df0dd1f70	sshd: map each channel with a new connection Fixes #169	2020-09-18 10:52:53 +02:00
Nicola Murino	a59163e56c	multi-step auth: don't advertise password method if it is disabled also rename the settings to password_authentication so it is more like OpenSSH, add some test cases and improve documentation	2020-09-01 19:34:40 +02:00
Giorgio Pellero	8391b19abb	Add password_disabled bool to sftpd config, disables password auth callback (#165 )	2020-09-01 19:26:33 +02:00
Nicola Murino	f3228713bc	Allow individual protocols to be enabled per user Fixes #154	2020-08-17 12:49:20 +02:00
Nicola Murino	aa0ed5dbd0	add post-login hook a login scope is supported too so you can get notifications for failed logins, successful logins or both	2020-08-12 16:15:12 +02:00
Nicola Murino	a9e21c282a	add WebDAV support Fixes #147	2020-08-11 23:56:10 +02:00
Antoine Deschênes	9a15a54885	sftpd: set failed connection loglevel to debug (#152 )	2020-08-06 21:20:31 +02:00
Nicola Murino	91dcc349de	Add client IP address to external auth, pre-login and keyboard interactive hooks	2020-08-04 18:03:28 +02:00
Nicola Murino	22338ed478	add post connect hook Fixes #144	2020-07-30 22:33:49 +02:00
Nicola Murino	93ce96d011	add support for the venerable FTP protocol Fixes #46	2020-07-29 21:56:56 +02:00
Nicola Murino	4e41a5583d	refactoring: add common package The common package defines the interfaces that a protocol must implement and contain code that can be shared among supported protocols. This way should be easier to support new protocols	2020-07-24 23:39:38 +02:00
Nicola Murino	0ea2ca3141	simplify data provider usage remove the obsolete SQL scripts too. They are not required since v0.9.6	2020-07-08 19:59:31 +02:00
Nicola Murino	8e22dd1b13	virtual folders: allow overlapped mapped paths if quota is disabled See #95	2020-06-10 09:11:32 +02:00
Nicola Murino	cd380973df	allows host keys auto generation inside a user configured directory Fixes #124	2020-06-08 18:45:04 +02:00
Nicola Murino	a08dd85efd	sftpd: deprecate keys and add a new host_keys config param host_key defines the private host keys as plain list of strings. Remove the other deprecated config params from the default config too. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-16 23:26:44 +02:00
Nicola Murino	469d36d979	certificate auth: fix source address checking inside crypto/ssh So we can avoid to check source address ourself `81aafe6d26` Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-16 15:15:32 +02:00
Nicola Murino	738c7ab43e	sftpd: add support for SSH user certificate authentication This add support for PROTOCOL.certkeys vendor extension: https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?rev=1.8 Fixes #117 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2020-05-15 20:08:53 +02:00
Nicola Murino	f02e24437a	add more linters test cases migration to testify is now complete. Linters are enabled for test cases too	2020-05-06 19:36:34 +02:00
Nicola Murino	d70959c34c	fix some lint issues	2020-04-30 14:23:55 +02:00
Nicola Murino	5a5912ea66	switch to my pkg/sftp branch and enable the request-server allocator This way we have performance comparable to OpenSSH if the cipher isn't the bottleneck	2020-04-10 23:35:57 +02:00
Nicola Murino	b1c7317cf6	add support for partial authentication Multi-step authentication is activated disabling all single-step auth methods for a given user	2020-04-09 23:32:42 +02:00
Nicola Murino	9046acbe68	add HTTP hooks external auth, pre-login user modification and keyboard interactive authentication is now supported via HTTP requests too	2020-04-01 23:25:23 +02:00
Nicola Murino	f284008fb5	enable scp in default configuration remove the deprecated enable_scp setting	2020-03-26 23:38:24 +01:00
Nicola Murino	9b119765fc	docs: minor improvements	2020-03-04 23:51:16 +01:00
Nicola Murino	016abda6d7	improve docs	2020-03-03 23:25:23 +01:00
Nicola Murino	833b702b90	proxy protocol: add list of allowed IP addresses and IP ranges "proxy_allowed" setting allows to specify the allowed IP address and IP ranges that can send the proxy header. This setting combined with "proxy_protocol" allows to ignore the header or to reject connections that send the proxy header from a non listed IP	2020-03-01 23:12:28 +01:00
Nicola Murino	7163fde724	proxy protocol: added an option to make the proxy header required now we can configure SFTPGo to accept or reject requests without the proxy header when the proxy protocol is enabled	2020-02-29 00:02:06 +01:00
Nicola Murino	830e3d1f64	Support for HAProxy PROXY protocol you can proxy and/or load balance the SFTP/SCP service without losing the information about the client's address.	2020-02-27 09:21:30 +01:00

1 2

96 commits