Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
924 Commits 9 Branches 53 Tags
0de0d3308c1a343ba8e598f5469286c36fc7cb10
Commit Graph

195 Commits

Author SHA1 Message Date
Nicola Murino
0de0d3308c improve error messages for generic failures 2021-08-08 19:30:21 +02:00
Nicola Murino
f778e47d22 sftpd: minor improvements and docs for the prefix middleware 2021-07-29 20:12:23 +02:00
Nicola Murino
bd5191dfc5 add experimental plugin system 2021-07-11 15:26:51 +02:00
Nicola Murino
076b2f0ee0 modules: add v2 support 2021-06-26 07:31:41 +02:00
Nicola Murino
9d3d7db29c azblob: store SAS URL as kms.Secret 2021-06-11 22:27:36 +02:00
Nicola Murino
25a44030f9 actions: add pre-download and pre-upload 
Downloads and uploads can be denied based on hook response
 2021-05-26 07:48:37 +02:00
Nicola Murino
02bb09ec01 remove deprecated file extensions filters 
these filters were deprecated a long time ago, everyone should use
patterns filters now
 2021-05-22 12:28:05 +02:00
Nicola Murino
0cb5c49cf3 map path resolution errors to Permission errors 
this way the affected paths will be ignored in WebDAV

Fixes #432
 2021-05-21 13:04:22 +02:00
Nicola Murino
f2b93c0402 add a setup screen to create the first admin user 
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.

You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
 2021-05-14 19:21:15 +02:00
Nicola Murino
b67cd0d3df ensure no client is connected before running max connections test cases 2021-05-11 08:04:57 +02:00
Nicola Murino
c8f7fc9bc9 httpd/webdav: add a list of hosts allowed to send proxy headers 
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.

This is a backward incompatible change, before the proxy headers were
always used
 2021-05-11 06:54:06 +02:00
Nicola Murino
8f6cdacd00 allow to limit the number of per-host connections 2021-05-08 19:45:21 +02:00
Nicola Murino
f4369cdbef fix max connections check 
Also make sure to close the ssh client connection in test cases
 2021-04-20 18:12:16 +02:00
Nicola Murino
6ef85d6026 add, optional, in memory password caching 
Verifying argon2 passwords has a high memory and computational cost,
by enabling, in memory, password caching you reduce this cost
 2021-04-20 09:39:36 +02:00
Nicola Murino
112e3b2fc2 add rate limiting support 2021-04-18 12:31:06 +02:00
Nicola Murino
0823928f98 allow to disable login filesystem checks 
SFTPGo requires that the user's home directory, virtual folder root,
and intermediate paths to virtual folders exist to work properly.
If you already know that the required directories exist, disabling
these checks will speed up login.
 2021-04-05 17:57:30 +02:00
Nicola Murino
fdf3f23df5 allow to disable some hooks on a per-user basis 
This way you can, for example, mix external and internal users
 2021-04-04 22:32:25 +02:00
Nicola Murino
ea26d7786c sftpfs: add buffering support 
this way we improve performance over high latency networks
 2021-04-03 16:00:55 +02:00
Nicola Murino
2f56375121 improve SFTP loop detection 2021-04-01 18:53:48 +02:00
Nicola Murino
5f49af1780 external auth: allow to inspect and preserve an existing user 2021-03-26 15:19:01 +01:00
Nicola Murino
d6dc3a507e extend virtual folders support to all storage backends 
Fixes #241
 2021-03-21 19:15:47 +01:00
Nicola Murino
0286da2356 try to auto create virtual folders if missing 2021-03-10 22:30:56 +01:00
Nicola Murino
055506e518 sftpfs: add an option to disable concurrent reads 2021-03-06 15:41:40 +01:00
Nicola Murino
a6e36e7cad FTP: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
 2021-02-28 12:10:40 +01:00
Nicola Murino
ca3e15578e Use new methods in the io and os packages instead of ioutil ones 
ioutil is deprecated in Go 1.16 and SFTPGo is an application, not
a library, we have no reason to keep compatibility with old Go
versions.

Go 1.16 fix some cifs related issues too.
 2021-02-25 21:53:04 +01:00
Nicola Murino
3e1b07324d GCS: remove compat code 2021-02-22 22:06:23 +01:00
Nicola Murino
be9230e85b micro optimizations spotted using the go-critic linter 2021-02-16 19:11:36 +01:00
Nicola Murino
46176a54b4 minor doc fixes 2021-02-14 22:08:08 +01:00
Nicola Murino
a21ccad174 web hooks: add mutual TLS support 2021-02-13 14:41:37 +01:00
Nicola Murino
51f110bc7b sftpd: add statvfs@openssh.com support 2021-02-11 19:45:52 +01:00
Nicola Murino
1cde50f050 sftpd: improve logging if filesystem creation fails 2021-02-03 09:45:04 +01:00
Nicola Murino
78bf808322 virtual folders: change dataprovider structure 
This way we no longer depend on the local file system path and so we can
add support for cloud backends in future updates
 2021-02-01 19:04:15 +01:00
Nicola Murino
2b9ba1d520 web admin: try to uniform UI 2021-01-23 09:28:45 +01:00
Nicola Murino
57976b4085 httpd: add mTLS and multiple bindings support 2021-01-19 18:59:41 +01:00
Nicola Murino
41a1af863e OpenAPI: minor changes 2021-01-18 13:24:38 +01:00
Nicola Murino
778ec9b88f REST API v2 
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
 2021-01-17 22:29:08 +01:00
Nicola Murino
037d89a320 add support for a basic built-in defender 
It can help to prevent DoS and brute force password guessing
 2021-01-02 14:05:09 +01:00
Nicola Murino
187a5b1908 sftpd: properly handle listener accept errors 
continue on temporary errors and exit from the serve loop for the
other ones
 2020-12-23 19:53:07 +01:00
Nicola Murino
c69d63c1f8 add support for multiple bindings 
Fixes #253
 2020-12-23 16:12:30 +01:00
Nicola Murino
143df87fee add some docs for telemetry server 
move pprof to the telemetry server only
 2020-12-18 09:47:22 +01:00
Nicola Murino
f34462e3c3 add support for limiting max concurrent client connections 2020-12-15 19:29:30 +01:00
Nicola Murino
ed43ddd79d enable hash commands for any supported backend 2020-12-13 15:11:55 +01:00
Nicola Murino
a6985075b9 add sftpfs storage backend 
Fixes #224
 2020-12-12 10:31:09 +01:00
Nicola Murino
50982229e1 REST API: add a method to get the status of the services 
added a status page to the built-in web admin
 2020-12-08 11:18:34 +01:00
Nicola Murino
4a88ea5c03 add Data At Rest Encryption support 2020-12-05 13:48:13 +01:00
Nicola Murino
634b723b5d add KMS support 
Fixes #226
 2020-11-30 21:46:34 +01:00
Nicola Murino
dccc583b5d add a dedicated struct to store encrypted credentials 
also gcs credentials are now encrypted, both on disk and inside the
provider.

Data provider is automatically migrated and load data will accept
old format too but you should upgrade to the new format to avoid future
issues
 2020-11-22 21:53:04 +01:00
Nicola Murino
ca0ff0d630 add a File interface so we can avoid to use os.File directly 2020-11-17 19:36:39 +01:00
Nicola Murino
a6355e298e add support for limit files using shell like patterns 
Fixes #209
 2020-11-15 22:04:48 +01:00
Nicola Murino
6ad4cc317c cloud backends: stat and other performance improvements 2020-11-02 19:16:12 +01:00