TrueCloudLab/rclone
16
0
Fork 3
Code Issues 6 Pull requests 1 Projects Releases 1 Packages Wiki Activity Actions

serve ftp: add options to enable TLS - fixes #3640

Browse source
This commit is contained in:
Deepak Sah 2020-11-23 21:37:51 +05:30 committed by GitHub
parent 211b08f771
commit 5b9115d87a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
cmd/serve/ftp/ftp.go
View file

@ -38,6 +38,8 @@ type Options struct {
PassivePorts string // Passive ports range PassivePorts string // Passive ports range
BasicUser string // single username for basic auth if not using Htpasswd BasicUser string // single username for basic auth if not using Htpasswd
BasicPass string // password for BasicUser BasicPass string // password for BasicUser
TLSCert string // TLS PEM key (concatenation of certificate and CA certificate)
TLSKey string // TLS PEM Private key
} }
// DefaultOpt is the default values used for Options // DefaultOpt is the default values used for Options
@ -60,6 +62,8 @@ func AddFlags(flagSet *pflag.FlagSet) {
flags.StringVarP(flagSet, &Opt.PassivePorts, "passive-port", "", Opt.PassivePorts, "Passive port range to use.") flags.StringVarP(flagSet, &Opt.PassivePorts, "passive-port", "", Opt.PassivePorts, "Passive port range to use.")
flags.StringVarP(flagSet, &Opt.BasicUser, "user", "", Opt.BasicUser, "User name for authentication.") flags.StringVarP(flagSet, &Opt.BasicUser, "user", "", Opt.BasicUser, "User name for authentication.")
flags.StringVarP(flagSet, &Opt.BasicPass, "pass", "", Opt.BasicPass, "Password for authentication. (empty value allow every password)") flags.StringVarP(flagSet, &Opt.BasicPass, "pass", "", Opt.BasicPass, "Password for authentication. (empty value allow every password)")
flags.StringVarP(flagSet, &Opt.TLSCert, "cert", "", Opt.TLSCert, "TLS PEM key (concatenation of certificate and CA certificate)")
flags.StringVarP(flagSet, &Opt.TLSKey, "key", "", Opt.TLSKey, "TLS PEM Private key")
} }
func init() { func init() {
@ -113,12 +117,13 @@ You can set a single username and password with the --user and --pass flags.
// server contains everything to run the server // server contains everything to run the server
type server struct { type server struct {
f fs.Fs f fs.Fs
srv *ftp.Server srv *ftp.Server
ctx context.Context // for global config ctx context.Context // for global config
opt Options opt Options
vfs *vfs.VFS vfs *vfs.VFS
proxy *proxy.Proxy proxy *proxy.Proxy
useTLS bool
} }
// Make a new FTP to serve the remote // Make a new FTP to serve the remote
@ -142,6 +147,7 @@ func newServer(ctx context.Context, f fs.Fs, opt *Options) (*server, error) {
} else { } else {
s.vfs = vfs.New(f, &vfsflags.Opt) s.vfs = vfs.New(f, &vfsflags.Opt)
} }
s.useTLS = s.opt.TLSKey != ""
ftpopt := &ftp.ServerOpts{ ftpopt := &ftp.ServerOpts{
Name: "Rclone FTP Server", Name: "Rclone FTP Server",
@ -153,6 +159,9 @@ func newServer(ctx context.Context, f fs.Fs, opt *Options) (*server, error) {
PassivePorts: opt.PassivePorts, PassivePorts: opt.PassivePorts,
Auth: s, // implemented by CheckPasswd method Auth: s, // implemented by CheckPasswd method
Logger: &Logger{}, Logger: &Logger{},
TLS: s.useTLS,
CertFile: s.opt.TLSCert,
KeyFile: s.opt.TLSKey,
//TODO implement a maximum of https://godoc.org/goftp.io/server#ServerOpts //TODO implement a maximum of https://godoc.org/goftp.io/server#ServerOpts
} }
s.srv = ftp.NewServer(ftpopt) s.srv = ftp.NewServer(ftpopt)