disable self connections by default

now that the event manager can create files, self connections may create
even more issues than before

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>

internal/vfs/sftpfs.go

@@ -843,8 +843,12 @@ func (fs *SFTPFs) createConnection() error {
 		HostKeyCallback: func(_ string, _ net.Addr, key ssh.PublicKey) error {
 			fp := ssh.FingerprintSHA256(key)
 			if util.Contains(sftpFingerprints, fp) {
+				if allowSelfConnections == 0 {
+					fsLog(fs, logger.LevelError, "SFTP self connections not allowed")
+					return ErrSFTPLoop
+				}
 				if util.Contains(fs.config.forbiddenSelfUsernames, fs.config.Username) {
-					fsLog(fs, logger.LevelError, "SFTP loop or nested local SFTP folders detected, mount path %#v, username %#v, forbidden usernames: %+v",
+					fsLog(fs, logger.LevelError, "SFTP loop or nested local SFTP folders detected, mount path %q, username %q, forbidden usernames: %+v",
 						fs.mountPath, fs.config.Username, fs.config.forbiddenSelfUsernames)
 					return ErrSFTPLoop
 				}

internal/vfs/vfs.go

@@ -45,11 +45,17 @@ var (
 	// ErrStorageSizeUnavailable is returned if the storage backend does not support getting the size
 	ErrStorageSizeUnavailable = errors.New("unable to get available size for this storage backend")
 	// ErrVfsUnsupported defines the error for an unsupported VFS operation
-	ErrVfsUnsupported = errors.New("not supported")
-	tempPath          string
-	sftpFingerprints  []string
+	ErrVfsUnsupported    = errors.New("not supported")
+	tempPath             string
+	sftpFingerprints     []string
+	allowSelfConnections int
 )
 
+// SetAllowSelfConnections sets the desired behaviour for self connections
+func SetAllowSelfConnections(value int) {
+	allowSelfConnections = value
+}
+
 // SetTempPath sets the path for temporary files
 func SetTempPath(fsPath string) {
 	tempPath = fsPath