fix a potential race condition for pre-login and ext auth

hooks doing something like this: err = provider.updateUser(u) ... return provider.userExists(username) could be racy if another update happen before provider.userExists(username) also pass a pointer to updateUser so if the user is modified inside "validateUser" we can just return the modified user without do a new query
2025-12-06 22:30:56 +03:00 · 2021-01-05 09:50:22 +01:00
parent 72b2c83392
commit daac90c4e1
26 changed files with 167 additions and 163 deletions
--- a/sftpd/ssh_cmd.go
+++ b/sftpd/ssh_cmd.go
@@ -537,7 +537,7 @@ func (c *sshCommand) getCopyPaths() (string, string, error) {
 	if strings.HasSuffix(sshDestPath, "/") {
 		sshDestPath = path.Join(sshDestPath, path.Base(sshSourcePath))
 	}
-	if len(sshSourcePath) == 0 || len(sshDestPath) == 0 || len(c.args) != 2 {
+	if sshSourcePath == "" || sshDestPath == "" || len(c.args) != 2 {
 		err := errors.New("usage sftpgo-copy <source dir path> <destination dir path>")
 		return "", "", err
 	}
@@ -606,7 +606,7 @@ func (c *sshCommand) checkCopyPermissions(fsSourcePath, fsDestPath, sshSourcePat

 func (c *sshCommand) getRemovePath() (string, error) {
 	sshDestPath := c.getDestPath()
-	if len(sshDestPath) == 0 || len(c.args) != 1 {
+	if sshDestPath == "" || len(c.args) != 1 {
 		err := errors.New("usage sftpgo-remove <destination path>")
 		return "", err
 	}