Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 14:20:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,272 Commits 9 Branches 53 Tags
22c875c0a1e8fd4cd3c47a5a8f709a9497a1e454
Commit Graph

37 Commits

Author SHA1 Message Date
Nicola Murino
35525e22e9 remove rsync support 
rsync was executed as an external command, which means we have no insight
into or control over what it actually does.
From a security perspective, this is far from ideal.

To be clear, there's nothing inherently wrong with rsync itself. However,
if we were to support it properly within SFTPGo, we would need to implement
the low-level protocol internally rather than relying on launching an external
process. This would ensure it works seamlessly with any storage backend,
just as SFTP does, for example.
We recommend using one of the many alternatives that rely on the SFTP
protocol, such as rclone

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2025-09-28 18:15:15 +02:00
Nicola Murino
e892748ef4 system commands: recursively verify required permissions 
If any permission is missing at any level, return a "Permission Denied"
error

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2025-09-28 09:36:19 +02:00
Nicola Murino
2255c5f000 upgrade golangci-lint to v2 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2025-03-29 11:36:19 +01:00
Nicola Murino
88b1850b58 EventManager: allow to define the allowed system commands 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-11-01 11:37:33 +01:00
Nicola Murino
ae1487d733 fix connection limits 
an SFTP client can start multiple transfers on a single connection

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-10-26 21:18:19 +02:00
Nicola Murino
ec4bf3d76a update deps and replace deprecated methods 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-08-11 08:59:21 +02:00
Nicola Murino
68e62d3d9b httpd: allow to use proxy protocol 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-08-10 21:02:38 +02:00
Nicola Murino
d94f80c8da replace utils.Contains with slices.Contains 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-07-24 18:27:13 +02:00
Nicola Murino
68cc1a8e2c fix proxy protocol policy 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-28 19:40:37 +02:00
Nicola Murino
50a3c0d911 defender: allow to impose a delay between login attempts 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-18 10:35:54 +02:00
Nicola Murino
d3f42e39db move server version setting to common section 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-05-01 19:42:09 +02:00
Nicola Murino
cc9a0d4dc2 add time-based access restrictions 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-03-17 11:30:03 +01:00
Nicola Murino
799fdd7098 allow IPs in defender safe list to exceed max per-host connections 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-27 18:22:21 +01:00
Nicola Murino
e61fb42cbc remove metadata plugin 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-02-17 12:30:47 +01:00
Nicola Murino
8648351fc7 WIP new WebAdmin: connections page 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-01-20 15:35:05 +01:00
Nicola Murino
784b7585c1 remove end year from Copyright notice in files 
so we don't have to update all the files every year

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2024-01-01 11:31:45 +01:00
Nicola Murino
9bcdc90ca8 add basic test cases for ALPN protocols 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-10-28 13:07:23 +02:00
Nicola Murino
e54fd46a9e SQL providers: make sure we don't exceed the allowed placeholders 
Fixes #1415

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-09-12 19:15:40 +02:00
Nicola Murino
3f94f6d0e7 proxy protocol: fix require policy in some edge cases 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-20 16:08:57 +02:00
Nicola Murino
adad8e658b osfs: add optional buffering 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-16 18:08:14 +02:00
Nicola Murino
e29f6857db EventManager: add IDP login trigger and check account action 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-22 19:02:54 +01:00
Nicola Murino
2710207779 update jquery, go deps, actions/setup-go to v4 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-15 18:44:08 +01:00
Nicola Murino
a3fff56da5 WebAdmin: add configs section 
Setting configurations is an experimental feature and is not currently
supported in the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-19 19:03:45 +01:00
Nicola Murino
1b1745b7f7 move IP/Network lists to the data provider 
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-09 09:33:33 +01:00
Nicola Murino
c0fe08b597 defender: allow to set a different score for "no auth tried" events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-25 18:49:03 +01:00
Nicola Murino
0190d0b849 update Copyright year 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-03 10:18:30 +01:00
Nicola Murino
1f9cf194fe add role to events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-12-03 11:45:27 +01:00
Nicola Murino
5a222807b7 add roles 
Fixes #837

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-11-16 19:04:50 +01:00
Nicola Murino
db0e58ae7e Add support for graceful shutdown 
Fixes #1014

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-10-22 11:56:41 +02:00
Nicola Murino
87045284cc make connections lookups constant time 
Performance improves if there are many active connections.
For a few connections there is a small (unnoticeable) performance
degradation

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-10-20 18:17:13 +02:00
Nicola Murino
04dc97072b eventmanager: add metadata check 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-09-26 19:00:34 +02:00
Nicola Murino
95e9106902 use the new atomic types introduced in Go 1.19 
we depend on Go 1.19 anyway

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-08-30 15:47:41 +02:00
Nicola Murino
3e8254e398 fs actions: add first upload/download 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-08-21 19:01:08 +02:00
Nicola Murino
ced4206c5f allow cross folder renaming if the underlying resource is the same 
this was only allowed for the local filesystem before this change

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-08-15 21:39:04 +02:00
Nicola Murino
455bb550ee azblob: fix SAS URL with embedded container name 
Fixes #944

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-08-01 21:32:40 +02:00
Nicola Murino
9d2b5dc07d refactor: move eventmanager to common package 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-08-01 18:48:54 +02:00
Nicola Murino
c8158e14e0 move SFTPGo package to the internal folder 
SFTPGo is a daemon and command line tool, not a library.

The public API are provided by the SDK

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-07-24 16:18:54 +02:00