dataprovider

package

Go to main page

Versions in this module

v1

v1.2.2

Nov 18, 2020 GO-2022-0964 +4 more

GO-2022-0964: SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo

GO-2022-1015: SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo

GO-2024-2940: SFTPGo has insufficient access control for password reset in github.com/drakkan/sftpgo

GO-2024-3283: SFTPGo allows administrators to restrict command execution from the EventManager in github.com/drakkan/sftpgo

GO-2024-3300: sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo

Changes in this version

+ type PatternsFilter struct

+ AllowedPatterns []string

+ DeniedPatterns []string

+ Path string

type UserFilters

+ FilePatterns []PatternsFilter

v1.2.1

Nov 14, 2020 GO-2022-0964 +4 more

GO-2022-0964: SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo

GO-2022-1015: SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo

GO-2024-2940: SFTPGo has insufficient access control for password reset in github.com/drakkan/sftpgo

GO-2024-3283: SFTPGo allows administrators to restrict command execution from the EventManager in github.com/drakkan/sftpgo

GO-2024-3300: sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo

v1.2.0

Nov 8, 2020 GO-2022-0964 +4 more

GO-2022-0964: SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo

GO-2022-1015: SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo

GO-2024-2940: SFTPGo has insufficient access control for password reset in github.com/drakkan/sftpgo

GO-2024-3283: SFTPGo allows administrators to restrict command execution from the EventManager in github.com/drakkan/sftpgo

GO-2024-3300: sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo

Changes in this version

type CachedUser

+ LockSystem webdav.LockSystem

type Config

+ PreferDatabaseCredentials bool

type Filesystem

+ AzBlobConfig vfs.AzBlobFsConfig

type FilesystemProvider

+ const AzureBlobFilesystemProvider

v1.1.1

Oct 17, 2020 GO-2022-0964 +4 more

GO-2022-0964: SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo

GO-2022-1015: SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo

GO-2024-2940: SFTPGo has insufficient access control for password reset in github.com/drakkan/sftpgo

GO-2024-3283: SFTPGo allows administrators to restrict command execution from the EventManager in github.com/drakkan/sftpgo

GO-2024-3300: sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo

v1.1.0

Oct 10, 2020 GO-2022-0964 +4 more

GO-2022-0964: SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo

GO-2022-1015: SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo

GO-2024-2940: SFTPGo has insufficient access control for password reset in github.com/drakkan/sftpgo

GO-2024-3283: SFTPGo allows administrators to restrict command execution from the EventManager in github.com/drakkan/sftpgo

GO-2024-3300: sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo

Changes in this version

+ const LoginMethodNoAuthTryed

+ const LoginMethodPassword

+ var ErrInvalidCredentials = errors.New("Invalid credentials")

+ var ErrNoAuthTryed = errors.New("no auth tryed")

+ var ErrNoInitRequired = errors.New("The data provider is already up to date")

+ var ValidProtocols = []string

+ func CacheWebDAVUser(cachedUser CachedUser, maxSize int)

+ func ExecutePostLoginHook(username, loginMethod, ip, protocol string, err error)

+ func GetCachedWebDAVUser(username string) (interface{}, bool)

+ func RemoveCachedWebDAVUser(username string)

+ type Argon2Options struct

+ Iterations uint32

+ Memory uint32

+ Parallelism uint8

+ type CachedUser struct

+ Expiration time.Time

+ Password string

+ User User

+ func (c CachedUser) IsExpired() bool

type Config

+ CheckPasswordHook string

+ CheckPasswordScope int

+ PasswordHashing PasswordHashing

+ PostLoginHook string

+ PostLoginScope int

+ UpdateMode int

+ type FilesystemProvider int

+ const GCSFilesystemProvider

+ const LocalFilesystemProvider

+ const S3FilesystemProvider

+ type PasswordHashing struct

+ Argon2Options Argon2Options

+ type UserActions struct

+ ExecuteOn []string

+ Hook string

type UserFilters

+ DeniedProtocols []string

+ MaxUploadFileSize int64

v1.0.0

Jul 6, 2020 GO-2022-0964 +4 more

GO-2022-0964: SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo

GO-2022-1015: SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo

GO-2024-2940: SFTPGo has insufficient access control for password reset in github.com/drakkan/sftpgo

GO-2024-3283: SFTPGo allows administrators to restrict command execution from the EventManager in github.com/drakkan/sftpgo

GO-2024-3300: sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo

Changes in this version

+ const BoltDataProviderName

+ const MemoryDataProviderName

+ const MySQLDataProviderName

+ const OrderASC

+ const OrderDESC

+ const PGSQLDataProviderName

+ const PermAny

+ const PermChmod

+ const PermChown

+ const PermChtimes

+ const PermCreateDirs

+ const PermCreateSymlinks

+ const PermDelete

+ const PermDownload

+ const PermListItems

+ const PermOverwrite

+ const PermRename

+ const PermUpload

+ const SQLiteDataProviderName

+ const SSHLoginMethodKeyAndKeyboardInt

+ const SSHLoginMethodKeyAndPassword

+ const SSHLoginMethodKeyboardInteractive

+ const SSHLoginMethodPassword

+ const SSHLoginMethodPublicKey

+ var SSHMultiStepsLoginMethods = []string

+ var SupportedProviders = []string

+ var ValidPerms = []string

+ var ValidSSHLoginMethods = []string

+ func AddFolder(p Provider, folder vfs.BaseVirtualFolder) error

+ func AddUser(p Provider, user User) error

+ func Close(p Provider) error

+ func DeleteFolder(p Provider, folder vfs.BaseVirtualFolder) error

+ func DeleteUser(p Provider, user User) error

+ func GetFolderByPath(p Provider, mappedPath string) (vfs.BaseVirtualFolder, error)

+ func GetFolders(p Provider, limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error)

+ func GetProviderStatus(p Provider) error

+ func GetQuotaTracking() int

+ func GetUsedQuota(p Provider, username string) (int, int64, error)

+ func GetUsedVirtualFolderQuota(p Provider, mappedPath string) (int, int64, error)

+ func Initialize(cnf Config, basePath string) error

+ func InitializeDatabase(cnf Config, basePath string) error

+ func ReloadConfig() error

+ func UpdateLastLogin(p Provider, user User) error

+ func UpdateUser(p Provider, user User) error

+ func UpdateUserQuota(p Provider, user User, filesAdd int, sizeAdd int64, reset bool) error

+ func UpdateVirtualFolderQuota(p Provider, vfolder vfs.BaseVirtualFolder, filesAdd int, sizeAdd int64, ...) error

+ type Actions struct

+ Command string

+ ExecuteOn []string

+ HTTPNotificationURL string

+ Hook string

+ type BackupData struct

+ Folders []vfs.BaseVirtualFolder

+ Users []User

+ func DumpData(p Provider) (BackupData, error)

+ type BoltProvider struct

+ type Config struct

+ Actions Actions

+ ConnectionString string

+ CredentialsPath string

+ Driver string

+ ExternalAuthHook string

+ ExternalAuthProgram string

+ ExternalAuthScope int

+ Host string

+ ManageUsers int

+ Name string

+ Password string

+ PoolSize int

+ Port int

+ PreLoginHook string

+ PreLoginProgram string

+ SQLTablesPrefix string

+ SSLMode int

+ TrackQuota int

+ Username string

+ UsersBaseDir string

+ type ExtensionsFilter struct

+ AllowedExtensions []string

+ DeniedExtensions []string

+ Path string

+ type Filesystem struct

+ GCSConfig vfs.GCSFsConfig

+ Provider int

+ S3Config vfs.S3FsConfig

+ type MemoryProvider struct

+ type MethodDisabledError struct

+ func (e *MethodDisabledError) Error() string

+ type MySQLProvider struct

+ type PGSQLProvider struct

+ type Provider interface

+ func GetProvider() Provider

+ type RecordNotFoundError struct

+ func (e *RecordNotFoundError) Error() string

+ type SQLiteProvider struct

+ type User struct

+ DownloadBandwidth int64

+ ExpirationDate int64

+ Filters UserFilters

+ FsConfig Filesystem

+ GID int

+ HomeDir string

+ ID int64

+ LastLogin int64

+ LastQuotaUpdate int64

+ MaxSessions int

+ Password string

+ Permissions map[string][]string

+ PublicKeys []string

+ QuotaFiles int

+ QuotaSize int64

+ Status int

+ UID int

+ UploadBandwidth int64

+ UsedQuotaFiles int

+ UsedQuotaSize int64

+ Username string

+ VirtualFolders []vfs.VirtualFolder

+ func CheckKeyboardInteractiveAuth(p Provider, username, authHook string, client ssh.KeyboardInteractiveChallenge) (User, error)

+ func CheckUserAndPass(p Provider, username string, password string) (User, error)

+ func CheckUserAndPubKey(p Provider, username string, pubKey []byte) (User, string, error)

+ func GetUserByID(p Provider, ID int64) (User, error)

+ func GetUsers(p Provider, limit, offset int, order string, username string) ([]User, error)

+ func HideUserSensitiveData(user *User) User

+ func UserExists(p Provider, username string) (User, error)

+ func (u *User) AddVirtualDirs(list []os.FileInfo, sftpPath string) []os.FileInfo

+ func (u *User) GetAllowedLoginMethods() []string

+ func (u *User) GetBandwidthAsString() string

+ func (u *User) GetExpirationDateAsString() string

+ func (u *User) GetFilesystem(connectionID string) (vfs.Fs, error)

+ func (u *User) GetFiltersAsJSON() ([]byte, error)

+ func (u *User) GetFsConfigAsJSON() ([]byte, error)

+ func (u *User) GetGID() int

+ func (u *User) GetHomeDir() string

+ func (u *User) GetInfoString() string

+ func (u *User) GetNextAuthMethods(partialSuccessMethods []string) []string

+ func (u *User) GetPermissionsAsJSON() ([]byte, error)

+ func (u *User) GetPermissionsAsString() string

+ func (u *User) GetPermissionsForPath(p string) []string

+ func (u *User) GetPublicKeysAsJSON() ([]byte, error)

+ func (u *User) GetQuotaSummary() string

+ func (u *User) GetUID() int

+ func (u *User) GetVirtualFolderForPath(sftpPath string) (vfs.VirtualFolder, error)

+ func (u *User) HasNoQuotaRestrictions(checkFiles bool) bool

+ func (u *User) HasOverlappedMappedPaths() bool

+ func (u *User) HasPerm(permission, path string) bool

+ func (u *User) HasPermissionsInside(sftpPath string) bool

+ func (u *User) HasPerms(permissions []string, path string) bool

+ func (u *User) HasQuotaRestrictions() bool

+ func (u *User) HasVirtualFoldersInside(sftpPath string) bool

+ func (u *User) IsFileAllowed(sftpPath string) bool

+ func (u *User) IsLoginFromAddrAllowed(remoteAddr string) bool

+ func (u *User) IsLoginMethodAllowed(loginMethod string, partialSuccessMethods []string) bool

+ func (u *User) IsMappedPath(fsPath string) bool

+ func (u *User) IsPartialAuth(loginMethod string) bool

+ func (u *User) IsVirtualFolder(sftpPath string) bool

+ func (u User) GetAllowedIPAsString() string

+ func (u User) GetDeniedIPAsString() string

+ type UserFilters struct

+ AllowedIP []string

+ DeniedIP []string

+ DeniedLoginMethods []string

+ FileExtensions []ExtensionsFilter

+ type ValidationError struct

+ func (e *ValidationError) Error() string

Other modules containing this package

github.com/drakkan/sftpgo/v2

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL