Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 22:30:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

portable: avoid to log user provided password

Browse Source 
disable DNS Multicast as default

Fixes #135 and #136
This commit is contained in:
Nicola Murino
2020-06-24 13:37:38 +02:00
parent ac9c475849
commit 19fc58dd1f
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/portable.go
View File

@@ -161,7 +161,7 @@ func init() {
"Allowed file extensions case insensitive. The format is /dir::ext1,ext2. For example: \"/somedir::.jpg,.png\"") "Allowed file extensions case insensitive. The format is /dir::ext1,ext2. For example: \"/somedir::.jpg,.png\"")
portableCmd.Flags().StringArrayVar(&portableDeniedExtensions, "denied-extensions", []string{}, portableCmd.Flags().StringArrayVar(&portableDeniedExtensions, "denied-extensions", []string{},
"Denied file extensions case insensitive. The format is /dir::ext1,ext2. For example: \"/somedir::.jpg,.png\"") "Denied file extensions case insensitive. The format is /dir::ext1,ext2. For example: \"/somedir::.jpg,.png\"")
portableCmd.Flags().BoolVarP(&portableAdvertiseService, "advertise-service", "S", true, portableCmd.Flags().BoolVarP(&portableAdvertiseService, "advertise-service", "S", false,
"Advertise SFTP service using multicast DNS") "Advertise SFTP service using multicast DNS")
portableCmd.Flags().BoolVarP(&portableAdvertiseCredentials, "advertise-credentials", "C", false, portableCmd.Flags().BoolVarP(&portableAdvertiseCredentials, "advertise-credentials", "C", false,
"If the SFTP service is advertised via multicast DNS, this flag allows to put username/password inside the advertised TXT record") "If the SFTP service is advertised via multicast DNS, this flag allows to put username/password inside the advertised TXT record")

4
service/service_portable.go
View File

@@ -32,12 +32,14 @@ func (s *Service) StartPortableMode(sftpdPort int, enabledSSHCommands []string,
if len(s.PortableUser.Username) == 0 { if len(s.PortableUser.Username) == 0 {
s.PortableUser.Username = "user" s.PortableUser.Username = "user"
} }
printablePassword := "[redacted]"
if len(s.PortableUser.PublicKeys) == 0 && len(s.PortableUser.Password) == 0 { if len(s.PortableUser.PublicKeys) == 0 && len(s.PortableUser.Password) == 0 {
var b strings.Builder var b strings.Builder
for i := 0; i < 8; i++ { for i := 0; i < 8; i++ {
b.WriteRune(chars[rand.Intn(len(chars))]) b.WriteRune(chars[rand.Intn(len(chars))])
} }
s.PortableUser.Password = b.String() s.PortableUser.Password = b.String()
printablePassword = s.PortableUser.Password
} }
dataProviderConf := config.GetProviderConf() dataProviderConf := config.GetProviderConf()
dataProviderConf.Driver = dataprovider.MemoryDataProviderName dataProviderConf.Driver = dataprovider.MemoryDataProviderName
@@ -108,7 +110,7 @@ func (s *Service) StartPortableMode(sftpdPort int, enabledSSHCommands []string,
logger.InfoToConsole("Portable mode ready, SFTP port: %v, user: %#v, password: %#v, public keys: %v, directory: %#v, "+ logger.InfoToConsole("Portable mode ready, SFTP port: %v, user: %#v, password: %#v, public keys: %v, directory: %#v, "+
"permissions: %+v, enabled ssh commands: %v file extensions filters: %+v", sftpdConf.BindPort, s.PortableUser.Username, "permissions: %+v, enabled ssh commands: %v file extensions filters: %+v", sftpdConf.BindPort, s.PortableUser.Username,
s.PortableUser.Password, s.PortableUser.PublicKeys, s.getPortableDirToServe(), s.PortableUser.Permissions, printablePassword, s.PortableUser.PublicKeys, s.getPortableDirToServe(), s.PortableUser.Permissions,
sftpdConf.EnabledSSHCommands, s.PortableUser.Filters.FileExtensions) sftpdConf.EnabledSSHCommands, s.PortableUser.Filters.FileExtensions)
return nil return nil
} }