Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

ftpd: add support for TLS session reuse

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2023-08-20 16:00:36 +02:00
parent de35eb77cb
commit 62b87083bb
10 changed files with 247 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/ftpd/ftpd.go
View File

@@ -66,6 +66,8 @@ type Binding struct {
// Set to 1 to require TLS for both data and control connection.
// Set to 2 to enable implicit TLS
TLSMode int `json:"tls_mode" mapstructure:"tls_mode"`
// 0 disabled, 1 required
TLSSessionReuse int `json:"tls_session_reuse" mapstructure:"tls_session_reuse"`
// Certificate and matching private key for this specific binding, if empty the global
// ones will be used, if any
CertificateFile string `json:"certificate_file" mapstructure:"certificate_file"`
@@ -133,6 +135,14 @@ func (b *Binding) IsValid() bool {
return b.Port > 0
}
func (b *Binding) isTLSModeValid() bool {
return b.TLSMode >= 0 && b.TLSMode <= 2
}
func (b *Binding) isTLSSessionReuseValid() bool {
return b.TLSSessionReuse >= 0 && b.TLSSessionReuse <= 1
}
func (b *Binding) checkSecuritySettings() error {
if b.PassiveConnectionsSecurity < 0 || b.PassiveConnectionsSecurity > 1 {
return fmt.Errorf("invalid passive_connections_security: %v", b.PassiveConnectionsSecurity)