Documentation ¶
Overview ¶
Package serv implements the SSH File Transfer Protocol as described in https://tools.ietf.org/html/draft-ietf-secsh-filexfer-02. It uses pkg/sftp library: https://github.com/pkg/sftp
Index ¶
- func AddQuotaScan(username string) bool
- func CheckIdleConnections()
- func CloseActiveConnection(connectionID string) bool
- func HandleDirectTCPIP(conn *ssh.ServerConn, newChan ssh.NewChannel)
- func PtyRun(c *exec.Cmd, tty *os.File) (err error)
- func PtyRun1(c *exec.Cmd, tty *os.File) (io.ReadCloser, error)
- func RemoveQuotaScan(username string) error
- func SetDataProvider(provider dataprovider.Provider)
- func SetWinsize(fd uintptr, w, h uint32)
- type Actions
- type ActiveQuotaScan
- type Configuration
- type Connection
- func (c Connection) ActiveTime()
- func (c Connection) Filecmd(request *sftp.Request) error
- func (c Connection) Filelist(request *sftp.Request) (sftp.ListerAt, error)
- func (c Connection) Fileread(request *sftp.Request) (io.ReaderAt, error)
- func (c Connection) Filewrite(request *sftp.Request) (io.WriterAt, error)
- type ConnectionStatus
- type ExtConf
- type ForwardedTCPHandler
- type Key
- type Transfer
- type Winsize
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AddQuotaScan ¶
AddQuotaScan add an user to the ones with active quota scans. Returns false if the user has a quota scan already running
func CheckIdleConnections ¶
func CheckIdleConnections()
CheckIdleConnections disconnects clients idle for too long, based on IdleTimeout setting
func CloseActiveConnection ¶
CloseActiveConnection closes an active SFTP connection. It returns true on success
func HandleDirectTCPIP ¶
func HandleDirectTCPIP(conn *ssh.ServerConn, newChan ssh.NewChannel)
func PtyRun ¶
Start assigns a pseudo-terminal tty os.File to c.Stdin, c.Stdout, and c.Stderr, calls c.Start, and returns the File of the tty's corresponding pty.
func RemoveQuotaScan ¶
RemoveQuotaScan removes an user from the ones with active quota scans
func SetDataProvider ¶
func SetDataProvider(provider dataprovider.Provider)
SetDataProvider sets the data provider to use to authenticate users and to get/update their disk quota
func SetWinsize ¶
SetWinsize sets the size of the given pty.
Types ¶
type Actions ¶
type Actions struct { // Valid values are download, upload, delete, rename. Empty slice to disable ExecuteOn []string `json:"execute_on" mapstructure:"execute_on"` // Absolute path to the command to execute, empty to disable Command string `json:"command" mapstructure:"command"` // The URL to notify using an HTTP GET, empty to disable HTTPNotificationURL string `json:"http_notification_url" mapstructure:"http_notification_url"` }
Actions to execute on SFTP create, download, delete and rename. An external command can be executed and/or an HTTP notification can be fired
type ActiveQuotaScan ¶
type ActiveQuotaScan struct { // Username to which the quota scan refers Username string `json:"username"` // quota scan start time as unix timestamp in milliseconds StartTime int64 `json:"start_time"` }
ActiveQuotaScan defines an active quota scan
func GetQuotaScans ¶
func GetQuotaScans() []ActiveQuotaScan
GetQuotaScans returns the active quota scans
type Configuration ¶
type Configuration struct { // Identification string used by the server Banner string `json:"banner" mapstructure:"banner"` // The port used for serving SFTP requests BindPort int `json:"bind_port" mapstructure:"bind_port"` // The address to listen on. A blank value means listen on all available network interfaces. BindAddress string `json:"bind_address" mapstructure:"bind_address"` // Maximum idle timeout as minutes. If a client is idle for a time that exceeds this setting it will be disconnected IdleTimeout int `json:"idle_timeout" mapstructure:"idle_timeout"` // Maximum number of authentication attempts permitted per connection. // If set to a negative number, the number of attempts are unlimited. // If set to zero, the number of attempts are limited to 6. MaxAuthTries int `json:"max_auth_tries" mapstructure:"max_auth_tries"` // Umask for new files Umask string `json:"umask" mapstructure:"umask"` // UploadMode 0 means standard, the files are uploaded directly to the requested path. // 1 means atomic: the files are uploaded to a temporary path and renamed to the requested path // when the client ends the upload. Atomic mode avoid problems such as a web server that // serves partial files when the files are being uploaded. UploadMode int `json:"upload_mode" mapstructure:"upload_mode"` // Actions to execute on SFTP create, download, delete and rename Actions Actions `json:"actions" mapstructure:"actions"` // Keys are a list of host keys Keys []Key `json:"keys" mapstructure:"keys"` // IsSCPEnabled determines if experimental SCP support is enabled. // We have our own SCP implementation since we can't rely on scp system // command to properly handle permissions, quota and user's home dir restrictions. // The SCP protocol is quite simple but there is no official docs about it, // so we need more testing and feedbacks before enabling it by default. // We may not handle some borderline cases or have sneaky bugs. // Please do accurate tests yourself before enabling SCP and let us known // if something does not work as expected for your use cases IsSCPEnabled bool `json:"enable_scp" mapstructure:"enable_scp"` // If Default open full functions ? (shell / LocalPortForward / RemotePortForward) FullFunc bool `json:"full_func" mapstructure:"full_func"` Ext *ExtConf `json:"ext_conf" mapstructure:"ext_conf"` }
Configuration for the SFTP server
func (*Configuration) AcceptInboundConnection ¶
func (c *Configuration) AcceptInboundConnection(conn net.Conn, config *ssh.ServerConfig)
AcceptInboundConnection handles an inbound connection to the server instance and determines if the request should be served or not.
func (*Configuration) Initialize ¶
func (c *Configuration) Initialize(configDir string) error
Initialize the SFTP server and add a persistent listener to handle inbound SFTP connections.
type Connection ¶
type Connection struct { // Unique identifier for the connection ID string // logged in user's details User dataprovider.User // client's version string ClientVersion string // Remote address for this connection RemoteAddr net.Addr // start time for this connection StartTime time.Time // contains filtered or unexported fields }
Connection details for an authenticated user
func (Connection) ActiveTime ¶
func (c Connection) ActiveTime()
func (Connection) Filecmd ¶
func (c Connection) Filecmd(request *sftp.Request) error
Filecmd hander for basic SFTP system calls related to files, but not anything to do with reading or writing to those files.
func (Connection) Filelist ¶
Filelist is the handler for SFTP filesystem list calls. This will handle calls to list the contents of a directory as well as perform file/folder stat calls.
type ConnectionStatus ¶
type ConnectionStatus struct { // Logged in username Username string `json:"username"` // Unique identifier for the connection ConnectionID string `json:"connection_id"` // client's version string ClientVersion string `json:"client_version"` // Remote address for this connection RemoteAddress string `json:"remote_address"` // Connection time as unix timestamp in milliseconds ConnectionTime int64 `json:"connection_time"` // Last activity as unix timestamp in milliseconds LastActivity int64 `json:"last_activity"` // Protocol for this connection: SFTP or SCP Protocol string `json:"protocol"` // active uploads/downloads Transfers []connectionTransfer `json:"active_transfers"` }
ConnectionStatus status for an active connection
func GetConnectionsStats ¶
func GetConnectionsStats() []ConnectionStatus
GetConnectionsStats returns stats for active connections
type ExtConf ¶
type ExtConf struct { // use HDFS as backend store, format: {user}@{namenodes or conf_dir} HDFS string `json:"hdfs" mapstructure:"hdfs"` // hosts list: host-172-18-231-22,172.18.231.22 host-172-18-231-25,172.18.231.25 host-172-18-231-27,172.18.231.27 host-172-18-231-19,172.18.231.19 host-172-18-231-20,172.18.231.20 HDFSHosts string `json:"hdfs_hosts" mapstructure:"hdfs_hosts"` BasePubkey string `json:"_base_pubkey" mapstructure:"_base_pubkey"` BaseUser string `json:"_base_user" mapstructure:"_base_user"` // contains filtered or unexported fields }
type ForwardedTCPHandler ¶
type Key ¶
type Key struct { // The private key path relative to the configuration directory or absolute PrivateKey string `json:"private_key" mapstructure:"private_key"` }
Key contains information about host keys
type Transfer ¶
type Transfer struct {
// contains filtered or unexported fields
}
Transfer contains the transfer details for an upload or a download. It implements the io Reader and Writer interface to handle files downloads and uploads
func (*Transfer) Close ¶
Close it is called when the transfer is completed. It closes the underlying file, log the transfer info, update the user quota, for uploads, and execute any defined actions.