Nicola Murino
e0f2ab9c01
test cases: minor improvements
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2020-05-10 12:37:29 +02:00
Nicola Murino
e0183217b6
test cases: simplify TestLoginInvalidFs
...
we can simulate an invalid filesystem config using a GCS user without a
credentials file
2020-05-07 19:47:46 +02:00
Nicola Murino
f066b7fb9c
use upstream pipeat
...
my patches are now merged
2020-05-07 00:05:40 +02:00
Nicola Murino
0c6e2b566b
fix test cases on Windows
2020-05-06 23:16:08 +02:00
Nicola Murino
f02e24437a
add more linters
...
test cases migration to testify is now complete.
Linters are enabled for test cases too
2020-05-06 19:36:34 +02:00
Nicola Murino
e9534be1e6
travis: exclude go 1.13 for arch arm64
2020-05-03 22:46:39 +02:00
Nicola Murino
7056997e49
travis: add arm64
2020-05-03 15:46:42 +02:00
Nicola Murino
155af19aaa
tests: update httpd test to use testify
2020-05-03 15:24:26 +02:00
Nicola Murino
f369fdf6f2
httpclient: add a configuration parameter to skip TLS certificate validation
...
In this mode, TLS is susceptible to man-in-the-middle attacks.
This should be used only for testing.
2020-05-03 11:37:50 +02:00
Nicola Murino
510a95bd6d
code quality check: set go version to 1.14
2020-05-02 15:55:27 +02:00
Nicola Murino
da90dbe645
tests: update config to use testify
...
we should port the other test cases to testify too
2020-05-02 15:47:23 +02:00
Nicola Murino
b006c5f914
NewOsFs: return an interface and not a pointer
2020-05-02 15:01:56 +02:00
Nicola Murino
3f75d46a16
sftpd: add support for excluding virtual folders from user quota limit
...
Fixes #110
2020-05-01 15:27:53 +02:00
Nicola Murino
14c2a244b7
code quality check: use setup-go@v2 and go 1.14
2020-04-30 17:57:06 +02:00
Nicola Murino
94ff9d7346
initprovider: fail if a configuration file cannot be found
2020-04-30 16:48:42 +02:00
Enes Çakır
14196167b0
add github action workflow for code quality
2020-04-30 15:06:15 +02:00
Nicola Murino
d70959c34c
fix some lint issues
2020-04-30 14:23:55 +02:00
Sam Millar
67c6f27064
Tiny documentation typo fix
2020-04-29 16:13:33 +02:00
Enes Çakır
6bfbb27856
fix log level changing problem
2020-04-28 23:03:18 +02:00
Enes Çakır
baac3749b3
add verbose flag for portable mode
2020-04-28 17:03:14 +02:00
Nicola Murino
d377181b25
add a new configuration section for HTTP clients
...
HTTP clients are used for executing hooks such as the ones used for custom
actions, external authentication and pre-login user modifications.
This allows, for example, to use self-signed certificate without defeating the
purpose of using TLS
2020-04-26 23:29:09 +02:00
Nicola Murino
ebd6a11f3a
external auth: add example HTTP server to use as authentication hook
...
The server authenticate against an LDAP server.
2020-04-26 14:48:32 +02:00
Nicola Murino
0a47412e8c
scp, ssh commands: hide the real fs path on errors
...
The underlying filesystem errors for permissions and non-existing files
can contain the real storage path.
Map these errors to more generic ones to avoid to leak this info
Fixes #109
2020-04-22 12:26:18 +02:00
Nicola Murino
4f668bf558
simplify some httpd related code
...
and update chi, cobra and viper
2020-04-21 19:24:38 +02:00
Mengsk
9248c5a987
Update performance.md
2020-04-13 21:20:53 +02:00
Nicola Murino
b0ed190591
add an example auth program that allow to authenticate against LDAP
...
External authentication is the way to go to authenticate against LDAP,
at least for now.
Closes #99
2020-04-11 22:30:41 +02:00
Nicola Murino
37357b2d63
add support for checking pbkdf2 passwords with base64 encoded salt
...
This way we can import the default passwords format used in 389ds.
See TestPasswordsHashPbkdf2Sha256_389DS test case to learn how to convert
389ds passwords
2020-04-11 12:25:21 +02:00
Nicola Murino
9b06e0a3b7
sql providers: change password field from varchar 255 to text
...
some passwords can be longer than 255 characters
2020-04-11 11:17:40 +02:00
Nicola Murino
5a5912ea66
switch to my pkg/sftp branch and enable the request-server allocator
...
This way we have performance comparable to OpenSSH if the cipher
isn't the bottleneck
2020-04-10 23:35:57 +02:00
Nicola Murino
b1c7317cf6
add support for partial authentication
...
Multi-step authentication is activated disabling all single-step
auth methods for a given user
2020-04-09 23:32:42 +02:00
Nicola Murino
a0fe4cf5e4
docker: TAG build arg can be used to build a specific commit too
2020-04-09 11:30:51 +02:00
Henrik Lundahl
7fe3c965e3
Add a version build arg to the Alpine Dockerfile.
2020-04-09 11:26:09 +02:00
Henrik Lundahl
fd9b3c2767
Add a version build arg to the debian Dockerfile.
2020-04-09 11:15:21 +02:00
Nicola Murino
fb9e188e36
systemd service: add ExecReload
2020-04-05 11:36:29 +02:00
Nicola Murino
c93d8cecfc
update deps
...
chi 4.1.0 requires some minor code changes
2020-04-03 22:30:30 +02:00
Nicola Murino
94b46e57f1
sftpd actions: execute defined command on error too
...
add a new field inside the notification to indicate if an error is
detected
2020-04-03 19:25:38 +02:00
Nicola Murino
9046acbe68
add HTTP hooks
...
external auth, pre-login user modification and keyboard interactive
authentication is now supported via HTTP requests too
2020-04-01 23:25:23 +02:00
Nicola Murino
075bbe2aef
added test case that checks quota for files inside virtual folders
2020-03-29 11:10:03 +02:00
Nicola Murino
b52d078986
pbkdf2: fix password comparison
...
the key len for the derived function must be equal to the len of the
expected key
2020-03-28 16:09:06 +01:00
Nicola Murino
0a9c4914aa
pre-login program: allow to create a new user too
...
clarify the difference between dynamic user creation/update and external
authentication
2020-03-27 23:26:22 +01:00
Nicola Murino
f284008fb5
enable scp in default configuration
...
remove the deprecated enable_scp setting
2020-03-26 23:38:24 +01:00
Nicola Murino
4759254e10
file actions: add bucket and endpoint to notifications
...
The HTTP notifications are now invoked as POST and the notification is
a JSON inside the POST body.
This is a backward incompatible change but this way the actions can be
extended more easily, sorry for the trouble
Fixes #101
2020-03-25 18:36:33 +01:00
Nicola Murino
e22d377203
docs: clarify "ca-certificates" requirement
...
Fixes #98
2020-03-22 20:17:36 +01:00
Nicola Murino
0787e3e595
bolt provider: fix error handling for get users with username filter
2020-03-22 15:37:08 +01:00
Nicola Murino
c1194d558c
docs: minor improvements
2020-03-22 14:03:06 +01:00
Nicola Murino
952b10a9f6
update boltdb to v1.3.4
...
update other deps too
2020-03-21 10:12:30 +01:00
Nicola Murino
f55851bdc8
update nathanaelle password to v2
...
Fixes #97
2020-03-20 17:25:38 +01:00
Nicola Murino
76bb361393
docs: add built-in profiler
2020-03-15 23:33:12 +01:00
Nicola Murino
81c8e8d898
add profiler support
...
profiling is now available via the HTTP base URL /debug/pprof/
examples, use this URL to start and download a 30 seconds CPU profile:
/debug/pprof/profile?seconds=30
use this URL to profile used memory:
/debug/pprof/heap?gc=1
use this URL to profile allocated memory:
/debug/pprof/allocs?gc=1
Full docs here:
https://golang.org/pkg/net/http/pprof/
2020-03-15 15:16:35 +01:00
Nicola Murino
f4e872c782
portable mode: add flags for s3 upload part size and concurrency
2020-03-15 11:40:06 +01:00