Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,597 Commits 9 Branches 53 Tags
40d0945450da6948dd93647079df2d35f313cdab
Commit Graph

57 Commits

Author SHA1 Message Date
Nicola Murino
f05fe78737 ssh: refactor host key algorithm restriction 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-10-07 16:07:19 +02:00
Nicola Murino
64c7588a44 sftpd: improve permissions checking test cases 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-10-04 19:41:50 +02:00
Nicola Murino
5ef0a2ed4b External/plugin auth: check for password change after empty response 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-08-26 12:04:41 +02:00
Nicola Murino
f03fdd1155 add object metadata to notification events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-08-12 18:51:47 +02:00
Nicola Murino
132d18d5d1 sftpd: fix keyboard interactive test cases 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-08-04 21:32:14 +02:00
Nicola Murino
75e6ef6132 sftpd: remove diffie-hellman-group18-sha512 KEX 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-08-04 21:10:39 +02:00
Nicola Murino
af0d7b48ad sftpd: refactor multi-step authentication 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-08-04 20:56:23 +02:00
Nicola Murino
0413c0471c add a specific permission to manage folders 
creating/updating folders embedded in users is no longer supported.

Fixes #1349

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-07-23 18:48:49 +02:00
Nicola Murino
324d695d93 try to fix a randomly failing test case 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-06-08 19:41:58 +02:00
Nicola Murino
74e5999c63 added support for verifying sha256/sha512 passwords hash 
this simplifies the migration of users from some proprietary products

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-06-03 16:58:45 +02:00
Nicola Murino
adad8e658b osfs: add optional buffering 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-16 18:08:14 +02:00
Nicola Murino
4eded56d5f add support for log events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-05-12 18:34:59 +02:00
Nicola Murino
d0a171558d fix test cases for system commands 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-15 16:09:53 +02:00
Nicola Murino
1ade850557 add a log to better debug a randomically failing test case 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-15 15:08:42 +02:00
Nicola Murino
3cb53b2c33 fix cross folder copy 
also update css/js deps and other minor changes

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-13 18:23:42 +02:00
Nicola Murino
4294659785 try harder to convert transfer errors in well-known error types 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-08 14:55:04 +02:00
Nicola Murino
f03f1b0156 improve test cases coverage 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-08 10:01:48 +02:00
Nicola Murino
184b99d500 user: add a field to indicate whether the password is set 
A structure similar to the one used for secrets would be better,
but we don't want to break backwards compatibility.

Also document that omitting the password field in the request body
will preserve the current password when updating a user using the
REST API. Added a test case for this.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-04-06 18:22:09 +02:00
Nicola Murino
354fc9b3d6 OIDC: allow to extract custom fields from sub-structs 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-23 18:15:07 +01:00
Nicola Murino
e29f6857db EventManager: add IDP login trigger and check account action 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-22 19:02:54 +01:00
Nicola Murino
2710207779 update jquery, go deps, actions/setup-go to v4 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-15 18:44:08 +01:00
Nicola Murino
84396343da fix some codeql warnings 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-03-10 17:30:06 +01:00
Nicola Murino
dba088daed printf: replace %#v with the more explicit %q 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-27 19:19:57 +01:00
Nicola Murino
a3fff56da5 WebAdmin: add configs section 
Setting configurations is an experimental feature and is not currently
supported in the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-19 19:03:45 +01:00
Nicola Murino
157d1db0b1 fs events: add elapsed field to notifications 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-12 18:56:53 +01:00
Nicola Murino
1b1745b7f7 move IP/Network lists to the data provider 
this is a backward incompatible change, all previous file based IP/network
lists will not work anymore

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-02-09 09:33:33 +01:00
Nicola Murino
27c4ffd663 sftpd: fix duplicate defender error introduced in the previous commit 
improve the defender test cases by verifying the expected score

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-25 21:57:27 +01:00
Nicola Murino
c0fe08b597 defender: allow to set a different score for "no auth tried" events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-25 18:49:03 +01:00
Nicola Murino
7b5bebc588 EventManager: add "on-demand" trigger 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-21 15:41:24 +01:00
Nicola Murino
93e5cb36df copy: use server side copy if available 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-07 16:28:46 +01:00
Nicola Murino
8cad436421 conditional support for recursive renaming for cloud providers 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-06 12:33:50 +01:00
Nicola Murino
0190d0b849 update Copyright year 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-03 10:18:30 +01:00
Nicola Murino
7fa0959af4 eventmanager: add support for global star path matching 
This introduce a backward incompatible change for filesystem path matching
in the Event Manager, now patterns like "*.txt" will no longer match any
file with the "txt" suffix, you need to change them to "/**/*.txt".

Also change pre-delete behaviour, now if an error is returned the client
will get a permission denied error. This is the same as the other pre-*
action. Previously it was not possible to deny deletion of a file.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2023-01-02 15:59:00 +01:00
Nicola Murino
ea4c4dd57f eventmanager: add copy action 
refactor sftpgo-copy and sftpgo-remove commands

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-12-27 18:51:53 +01:00
Nicola Murino
0841c7d7bd REST API: remove merging of fields on updates 
we use PUT verb not PATCH. We keep merging only to allow to preserve
hidden/encrypted fields.

This is a backward incompatible change, but is necessary to avoid unexpected
issues.
You have to pass complete objects on updates.

Fixes #1088

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-12-23 09:36:20 +01:00
Nicola Murino
ad5d657a1a add support for password policies 
you can now set a password expiration and the password change requirement

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-12-11 17:15:34 +01:00
Nicola Murino
1f9cf194fe add role to events 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-12-03 11:45:27 +01:00
Nicola Murino
e87118d2a8 allow WebClient login with multi-step auth enabled 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-11-29 18:43:48 +01:00
Nicola Murino
2017cb60e9 Per-directory permissions: add wildcards support 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-11-18 18:12:04 +01:00
Nicola Murino
a22282f275 add support for DHGEX 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-11-17 18:15:53 +01:00
Nicola Murino
5a222807b7 add roles 
Fixes #837

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-11-16 19:04:50 +01:00
Nicola Murino
e3e85867b1 sftpfs: reuse connections 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-11-01 12:22:54 +01:00
Nicola Murino
db0e58ae7e Add support for graceful shutdown 
Fixes #1014

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-10-22 11:56:41 +02:00
Nicola Murino
7e0b62b703 update swagger-ui, codemirror, video-js 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-10-16 18:29:42 +02:00
Nicola Murino
4b4edef0ad disable self connections by default 
now that the event manager can create files, self connections may create
even more issues than before

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-10-12 18:12:12 +02:00
Nicola Murino
8a43486730 postgres driver: add multi hosts support 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-10-02 12:43:26 +02:00
Nicola Murino
0e8c41bbd1 sftpd: fix relative symlinks handling 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-09-30 19:23:54 +02:00
Nicola Murino
1e21aa9453 add support for checking sha256crypt passwords 
they will be converted to the configured password hashing algorithm after
the first user login

Fixes #1000

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-09-28 19:15:02 +02:00
Nicola Murino
e54237ff70 allow a client if its IP is both allowed and denied 
this allows you to define a group deny policy that can be overridden
on a per-user basis.

This is a backward incompatible change

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-09-15 19:51:17 +02:00
Nicola Murino
95e9106902 use the new atomic types introduced in Go 1.19 
we depend on Go 1.19 anyway

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-08-30 15:47:41 +02:00