sftpgo

mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00

Author	SHA1	Message	Date
Nicola Murino	4ea4202b99	httpd/webdav: use a custom listener with read and write deadlines	2021-05-07 20:41:20 +02:00
Nicola Murino	23d9ebfc91	add a basic front-end web interface for end-users Fixes #339 #321 #398	2021-05-06 21:35:43 +02:00
Nicola Murino	1275328fdf	Authentication errors: try to avoid user enumeration Fixes #395	2021-04-26 19:48:21 +02:00
Nicola Murino	46998252e5	use bcrypt as default password hashing algo argon2id has a high memory cost and, if not properly tuned, it can lead to resource starvation. Advanced users can still configure and use argon2id. Passwords stored as argon2id will continue to work	2021-04-25 09:38:33 +02:00
Nicola Murino	92638ce93d	add support for hashing password using bcrypt argon2id remains the default	2021-04-20 13:55:09 +02:00
Nicola Murino	6ef85d6026	add, optional, in memory password caching Verifying argon2 passwords has a high memory and computational cost, by enabling, in memory, password caching you reduce this cost	2021-04-20 09:39:36 +02:00
Nicola Murino	bc88503f25	sql providers: reuse the same context where appropriate	2021-04-19 18:58:53 +02:00
Nicola Murino	2ffefbeb33	add sql_tables_prefix also to indexes and constraints This allows you to reuse the same database for multiple SFTPGo instances Fixes #372	2021-04-12 20:00:49 +02:00
Nicola Murino	c844fc7477	add support for delayed quota update If there are a lot of close uploads, accumulating quota updates can save you many queries to the data provider	2021-04-11 08:38:43 +02:00
Nicola Murino	74e0223eb9	remove sha256-simd usage sha256-simd is now deprecated https://github.com/minio/sha256-simd/issues/58 This could slow down sha256 computation on some CPU	2021-04-05 18:23:40 +02:00
Nicola Murino	0823928f98	allow to disable login filesystem checks SFTPGo requires that the user's home directory, virtual folder root, and intermediate paths to virtual folders exist to work properly. If you already know that the required directories exist, disabling these checks will speed up login.	2021-04-05 17:57:30 +02:00
Nicola Murino	fdf3f23df5	allow to disable some hooks on a per-user basis This way you can, for example, mix external and internal users	2021-04-04 22:32:25 +02:00
Nicola Murino	ea26d7786c	sftpfs: add buffering support this way we improve performance over high latency networks	2021-04-03 16:00:55 +02:00
Nicola Murino	2f56375121	improve SFTP loop detection	2021-04-01 18:53:48 +02:00
Nicola Murino	3bfd7e4d17	sftpfs: try to detect if an SFTP user point to itself this will cause an infinite loop on login. The check should be improved	2021-03-29 21:53:44 +02:00
Nicola Murino	183bedd6ed	webui: add responsive extension	2021-03-28 11:02:11 +02:00
Nicola Murino	2a89a8f664	webui: minor improvements	2021-03-27 22:23:01 +01:00
Nicola Murino	5cd27ce529	document Cockroach driver name	2021-03-27 19:41:00 +01:00
Nicola Murino	9ad750da54	WebDAV: try to preserve the lock fs as much as possible	2021-03-27 19:10:27 +01:00
Nicola Murino	5f49af1780	external auth: allow to inspect and preserve an existing user	2021-03-26 15:19:01 +01:00
Nicola Murino	0e50310a66	add a test case for UID/GID limits	2021-03-25 17:30:39 +01:00
Mike Unitskyi	5939ac4801	Increase uid:gid limits (#362 ) Fixes #361	2021-03-25 17:11:42 +01:00
Nicola Murino	db274f1093	crdb: fix transactions handling	2021-03-25 09:07:56 +01:00
Nicola Murino	70e035315e	data provider: add CockroachDB support	2021-03-23 19:14:15 +01:00
Nicola Murino	5e375f56dd	kms: add a lock, secrets could be modified concurrently for cached users also reduce the size of the JSON payload omitting empty secrets	2021-03-22 19:03:25 +01:00
Nicola Murino	f7c7e2951d	initialize argon params before creating the data provider Fixes #349	2021-03-21 19:58:57 +01:00
Nicola Murino	d6dc3a507e	extend virtual folders support to all storage backends Fixes #241	2021-03-21 19:15:47 +01:00
Nicola Murino	055506e518	sftpfs: add an option to disable concurrent reads	2021-03-06 15:41:40 +01:00
Nicola Murino	df41f0c556	add a setting to skip natural keys validation Enabling the "skip_natural_keys_validation" data provider setting, the natural keys for REST API/Web Admin as usernames, admin names, folder names are not restricted to unreserved URI chars Fixes #334 #308	2021-03-04 09:48:53 +01:00
Nicola Murino	534b253c20	WebDAV: improve TLS certificate authentication For each user you can now configure: - TLS certificate auth - TLS certificate auth and password - Password auth For TLS certificate auth, the certificate common name is used as username	2021-03-01 19:28:11 +01:00
Nicola Murino	a6e36e7cad	FTP: improve TLS certificate authentication For each user you can now configure: - TLS certificate auth - TLS certificate auth and password - Password auth For TLS auth, the certificate common name must match the name provided using the "USER" FTP command	2021-02-28 12:10:40 +01:00
Nicola Murino	ca3e15578e	Use new methods in the io and os packages instead of ioutil ones ioutil is deprecated in Go 1.16 and SFTPGo is an application, not a library, we have no reason to keep compatibility with old Go versions. Go 1.16 fix some cifs related issues too.	2021-02-25 21:53:04 +01:00
Nicola Murino	2146b83343	data providers: add filesystem to folder ... ... and some descriptive fields. The filesystem support for virtual folders will be implemented in future commits	2021-02-24 19:40:29 +01:00
Nicola Murino	8cc2dfe5c2	update pkg/sftp we don't need my branch anymore now that all the required features for the sftpfs are available upstream too	2021-02-22 16:27:45 +01:00
Nicola Murino	49830516be	squash database migrations and remove compat code	2021-02-22 08:37:50 +01:00
Nicola Murino	be9230e85b	micro optimizations spotted using the go-critic linter	2021-02-16 19:11:36 +01:00
Nicola Murino	b1ce6eb85b	web admin: allow to set an empty password for SFTPGo users	2021-02-15 19:38:53 +01:00
Nicola Murino	46176a54b4	minor doc fixes	2021-02-14 22:08:08 +01:00
Nicola Murino	1ac66d27b6	Use IEC units for byte counting everywhere	2021-02-12 22:16:35 +01:00
Nicola Murino	6a6e8fffbc	web hooks: improve resilience by adding a configurable retry the retryable http client is used for hooks that notify events	2021-02-12 21:42:49 +01:00
Nicola Murino	51f110bc7b	sftpd: add statvfs@openssh.com support	2021-02-11 19:45:52 +01:00
Nicola Murino	db80781716	validation: improve error message for invalid chars	2021-02-08 21:32:59 +01:00
Nicola Murino	17e2b234a0	dataprovider: fix migration with old mysql versions Fixes #298	2021-02-06 14:33:51 +01:00
Nicola Murino	267d9f1831	web ui: allow to create folders from a template	2021-02-04 19:09:43 +01:00
Nicola Murino	78bf808322	virtual folders: change dataprovider structure This way we no longer depend on the local file system path and so we can add support for cloud backends in future updates	2021-02-01 19:04:15 +01:00
Nicola Murino	46ab8f8d78	post-login hook: add the full user JSON serialized Fixes #284	2021-01-26 18:05:44 +01:00
Nicola Murino	54321c5240	web ui: allow to create multiple users from a template	2021-01-25 21:31:33 +01:00
Nicola Murino	778ec9b88f	REST API v2 - add JWT authentication - admins are now stored inside the data provider - admin access can be restricted based on the source IP: both proxy header and connection IP are checked - deprecate REST API CLI: it is not relevant anymore Some other changes to the REST API can still happen before releasing SFTPGo 2.0.0 Fixes #197	2021-01-17 22:29:08 +01:00
Nicola Murino	daac90c4e1	fix a potential race condition for pre-login and ext auth hooks doing something like this: err = provider.updateUser(u) ... return provider.userExists(username) could be racy if another update happen before provider.userExists(username) also pass a pointer to updateUser so if the user is modified inside "validateUser" we can just return the modified user without do a new query	2021-01-05 09:50:22 +01:00
Nicola Murino	72b2c83392	defender: allow hot-reloading for safe and block lists	2021-01-04 17:52:14 +01:00

1 2 3 4 5

212 Commits