mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2025-08-19 01:42:20 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity
3328 commits 4 branches 344 tags 56 MiB
Commit graph

319 commits

Author SHA1 Message Date
ed dbf1cbc8af idp: hide login/logout UI + improve html_head handling 2024-03-13 18:22:24 +00:00
ed fd552842d4 fix other possible division-by-zeros; 
u2c: also fix exe detection
 2024-02-17 23:19:11 +00:00
ed acbb8267e1 tftp: add directory listing 2024-02-10 23:50:17 +00:00
ed d636316a19 add tftp server 2024-02-10 18:37:21 +00:00
ed 0f386c4b08 also sanitize histpaths in client error messages; 
previously it only did volume abspaths
 2024-01-25 21:40:41 +00:00
ed 6dbfcddcda don't print indexing progress to stdout if -q 2024-01-20 17:26:52 +00:00
ed aa3a971961 windows: safeguard against parallel deletes 
st_ino is valid for NTFS on python3, good enough
 2024-01-17 23:32:37 +00:00
ed b9d0c8536b avoid sendfile bugs on 32bit machines: 
https://github.com/python/cpython/issues/114077
 2024-01-17 20:56:44 +00:00
ed 3313503ea5 retry deleting busy files on windows: 
some clients (clonezilla-webdav) rapidly create and delete files;
this fails if copyparty is still hashing the file (usually the case)

and the same thing can probably happen due to antivirus etc

add global-option --rm-retry (volflag rm_retry) specifying
for how long (and how quickly) to keep retrying the deletion

default: retry for 5sec on windows, 0sec (disabled) on everything else
because this is only a problem on windows
 2024-01-17 20:27:53 +00:00
ed d0eb014c38 improve applefilters + add missing newline in curl 404 
* webdav: extend applesan regex with more stuff to exclude
* on macos, set applesan as default `--no-idx` to avoid indexing them
   (they didn't show up in search since they're dotfiles, but still)
 2024-01-12 00:13:35 +01:00
ed 024303592a improved logging when a client dies mid-POST; 
igloo irc has an absolute time limit of 2 minutes before it just
disconnects mid-upload and that kinda looked like it had a buggy
multipart generator instead of just being funny

anticipating similar events in the future, also log the
client-selected boundary value to eyeball its yoloness
 2024-01-10 23:59:43 +00:00
ed 86419b8f47 suboptimizations and some future safeguards 2024-01-10 23:20:42 +01:00
ed f1358dbaba use scandir for volume smoketests during up2k init; 
gives much faster startup on filesystems that are extremely slow
(TLNote: android sdcardfs)
 2024-01-09 21:47:02 +01:00
ed 9bc09ce949 accept file POSTs without specifying the act field; 
primarily to support uploading from Igloo IRC but also generally useful
(not actually tested with Igloo IRC yet because it's a paid feature
so just gonna wait for spiky to wake up and tell me it didn't work)
 2024-01-08 19:09:53 +00:00
ed dc8e621d7c increase OOM kill-score for FFmpeg and mtp's; 
discourage Linux from killing innocent processes
when FFmpeg decides to allocate 1 TiB of RAM
 2024-01-07 17:52:10 +00:00
ed 0c50ea1757 list dotfiles only for specific volumes or users (#66): 
* permission `.` grants dotfile visibility if user has `r` too
* `-ed` will grant dotfiles to all `r` accounts (same as before)
* volflag `dots` likewise

also drops compatibility for pre-0.12.0 `-v` syntax
(`-v .::red` will no longer translate to `-v .::r,ed`)
 2023-12-16 15:38:48 +00:00
ed cba2e10d29 cleanup 2023-12-14 10:47:52 +00:00
ed 8c52b88767 make linters happier 2023-11-30 17:33:07 +00:00
ed c9fd26255b support environment variables mostly everywhere, 
useful for docker/systemd stuff

also makes logfiles flush to disk per line by default;
can be disabled for a small performance gain with --no-logflush
 2023-11-30 10:22:52 +00:00
ed b7723ac245 rely on filekeys for album-art over bluetooth; 
will probably fail when some devices (sup iphone) stream to car stereos
but at least passwords won't end up somewhere unexpected this way
(plus, the js no longer uses the jank url to request waveforms)
 2023-11-29 23:20:59 +00:00
ed b66843efe2 reduce cpu priority of ffmpeg, hooks, parsers 2023-11-21 22:21:33 +00:00
ed 713fffcb8e also mkdir missing intermediates, 
unless requester is a webdav client (those expect a 409)
 2023-11-03 23:23:49 +00:00
ed 8020b11ea0 improve/simplify validation/errorhandling: 
* some malicious requests are now answered with HTTP 422,
   so that they count against --ban-422
* do not include request headers when replying to invalid requests,
   in case there is a reverse-proxy inserting something interesting
 2023-11-03 23:07:16 +00:00
ed 1f75314463 placeholder expansion in readme and logues; closes #56 
also fixes the "scan" volflag which broke in v1.9.14
 2023-10-24 16:37:32 +00:00
ed fc658e5b9e utcfromtimestamp was deprecated and nobody told me, 
not even the deprecationwarning that got silently generated burning
20~30% of all CPU-time without actually displaying it anywhere, nice

python 3.12.0 is now only 5% slower than 3.11.6

also fixes some other, less-performance-fatal deprecations
 2023-10-20 23:41:58 +00:00
ed 4b5a0787ab option to show upload timestamps in directory listing; 
enable with -mte +.ip_at
or volflag mte=+.ip_at

worst-case performance impact: 18%
 2023-10-17 17:51:27 +00:00
ed 0dc3c23b42 add alternative filekey generator; closes #52 2023-10-06 13:41:22 +00:00
ed 91cafc2511 faster startup on windows by asking for ffmpeg.exe explicitly 
rather than just "ffmpeg" which makes windows try to open each of
ffmpeg.BAT,CMD,COM,EXE,JS,JSE,MSC,VBE,VBS,WSF,WSH one by one
(ffmpeg.js? hello??)
 2023-09-13 23:32:19 +00:00
ed 23ca00bba8 support jython and graalpy 2023-09-13 23:24:56 +00:00
ed 6420c4bd03 up to 2.6x faster download-as-zip 
when there's lots of files, and especially small ones
and also reduces cpu load by at least 15%
 2023-09-05 22:57:03 +00:00
ed 50e01d6904 add more autoban triggers: 
* --ban-url: URLs which 404 and also match --sus-urls (bot-scan)
* --ban-403: trying to access volumes that dont exist or require auth
* --ban-422: invalid POST messages, fuzzing and such
* --nonsus-urls: regex of 404s which  shouldn't trigger --ban-404

in may situations it makes sense to handle this logic inside copyparty,
since stuff like cloudflare and running copyparty on another physical
box than the nginx frontend is on becomes fairly clunky
 2023-08-26 13:52:24 +00:00
ed 474d5a155b android's got hella strict filename rules 2023-08-15 06:46:57 +02:00
ed 007d948cb9 fix GHSA-f54q-j679-p9hh: reflected-XSS in cookie-setters; 
it was possible to set cookie values which contained newlines,
thus terminating the http header and bleeding into the body.

We now disallow control-characters in queries,
but still allow them in paths, as copyparty supports
filenames containing newlines and other mojibake.

The changes in `set_k304` are not necessary in fixing the vulnerability,
but makes the behavior more correct.
 2023-07-23 10:55:08 +00:00
ed b54b7213a7 more thumbnailer configs available as volflags: 
--th-convt = convt
--th-no-crop = nocrop
--th-size = thsize
 2023-07-11 22:15:37 +00:00
ed 5d8cb34885 404/403 can be handled with plugins 2023-07-07 21:33:40 +00:00
ed 8b0cf2c982 volflags to limit volume size / num files; closes #40 2023-06-19 00:42:45 +00:00
ed 60a1ff0fc0 macos: mute select() noise on wake from suspend 2023-05-19 16:37:52 +02:00
ed b1359f039f linter cleanup 2023-05-07 14:38:30 +00:00
ed 4ee81af8f6 support ';' in passwords 2023-05-06 18:54:55 +00:00
ed 83178d0836 preserve empty folders (closes #23): 
* when deleting files, do not cascade upwards through empty folders
* when moving folders, also move any empty folders inside

the only remaining action which autoremoves empty folders is
files getting deleted as they expire volume lifetimes

also prevents accidentally moving parent folders into subfolders
(even though that actually worked surprisingly well)
 2023-04-29 11:30:43 +00:00
ed d3ccd3f174 v1.6.15 2023-04-26 23:00:55 +00:00
ed cb6de0387d a bit faster 2023-04-26 19:56:27 +00:00
ed 03193de6d0 socket read/write timeout 2023-04-24 20:04:22 +00:00
ed c98fff1647 fix chunkpost-handshake race (affects --no-dedup only); 
a handshake arriving in the middle of the final chunk could cause
dupes to become empty -- worst case leading to loss of data
 2023-03-05 19:45:50 +00:00
ed 1e3b7eee3b dont rmdir volume top on cleanup 2023-02-26 18:28:37 +00:00
ed 05e0c2ec9e add xiu (batching hook; runs on idle after uploads) + 
bunch of tweaks/fixes for hooks
 2023-02-26 18:23:32 +00:00
ed 8adfcf5950 win10-based copyparty64.exe 2023-02-14 21:50:14 +00:00
ed 641929191e fix reading smb shares on windows 2023-02-12 13:59:34 +00:00
ed 8f61e1568c transcode chiptunes to opus; 
* new audio/MPT formats: apac bonk dfpwm ilbc it itgz itr itz mo3 mod mptm mt2 okt s3gz s3m s3r s3z xm xmgz xmr xmz xpk
* new image/PIL formats: blp dcx emf eps fits flc fli fpx im j2k j2p psd spi wmf
 2023-02-11 11:17:37 +00:00
ed a4b56c74c7 support long filepaths on win7 + misc windows fixes 2023-02-10 18:37:37 +00:00
ed 1e20eafbe0 volflag to randomize all upload filenames 2023-02-01 21:58:01 +00:00
ed 8b62aa7cc7 unlink files before replacing them 
to avoid hardlink-related surprises
 2023-01-31 17:17:18 +00:00
ed 37a690a4c3 fix cookie + rproxy oversights 2023-01-29 18:34:48 +00:00
ed a083dc36ba dont get confused by dangling symlinks at target 2023-01-27 20:27:00 +00:00
ed 4310580cd4 separate http/https logins (breaks ie4 / win3.11 login) 2023-01-24 21:23:57 +00:00
ed f8e3e87a52 add event hooks 2023-01-22 23:35:31 +00:00
ed f4f362b7a4 add --freebind 2023-01-18 21:55:36 +00:00
ed 577d23f460 zeroconf: detect network change and reannounce 2023-01-18 21:27:27 +00:00
ed 17c91e7014 override bogus mimetypes 2023-01-14 15:10:32 +00:00
ed 8b81e58205 mdns fixes 2022-12-30 07:47:53 +00:00
ed b070d44de7 libvips logging + raise codec errors 2022-12-15 22:22:04 +00:00
ed bc7af1d1c8 u2cli: add basic folder sync 2022-12-11 17:41:10 +00:00
ed 7704b9c8a2 sqlite durability profiles 2022-12-10 10:01:33 +00:00
ed 06fa78f54a windows: set .hist folder hidden 2022-12-07 22:56:30 +00:00
ed fbed322d3b option to skip database syncs entirely 2022-12-07 21:35:04 +00:00
ed 9b0f519e4e switch to wal for ~2x faster uploads 2022-12-07 20:52:17 +00:00
ed 9a28afcb48 custom mediaplayer-toggle cursor 2022-12-05 19:46:48 +00:00
ed 99efc290df fix mdns on windows 2022-12-03 13:31:00 +00:00
ed 7c76d08958 drop one of the slowloris detectors 2022-12-02 17:53:23 +00:00
ed 0cef062084 misc cleanup 2022-12-01 21:44:31 +00:00
ed d3fe19c5aa misc fixes 2022-11-28 20:25:32 +00:00
ed f0e78a6826 add landing page with mounting instructions 2022-11-26 19:47:27 +00:00
ed 5cd9d11329 add ssdp responder 2022-11-22 21:40:12 +00:00
ed 5a3e504ec4 uninvent a square wheel 2022-11-22 19:12:41 +00:00
ed d326ba9723 ftp: ban password-bruteforcing IPs 2022-11-20 11:06:07 +00:00
ed 8709d4dba0 macos smb: avoid hang on shutdown 2022-11-17 21:17:54 +00:00
ed 0cedaf4fa9 isort 2022-11-15 22:41:35 +00:00
ed cd2513ec16 logging fixes 2022-11-15 21:28:27 +00:00
ed b3eb117e87 add mdns zeroconf announcer 2022-11-13 20:05:16 +00:00
ed e442cb677a improve ftp/smb logging 2022-11-06 13:30:16 +00:00
ed 357e7333cc cleanup 2022-11-04 20:27:16 +00:00
ed 89d1f52235 cursory slowloris / buggy-webdav-client detector 2022-11-01 22:18:20 +00:00
ed 3312c6f5bd autoclose connection-flooding clients 2022-10-31 22:42:47 +00:00
ed edad3246e0 make pylance happier 2022-10-29 20:40:25 +00:00
ed 4b2b4ed52d smb: fix file rename 2022-10-24 16:08:02 +02:00
ed f14369e038 webdav: mkdir semantics 2022-10-24 14:09:09 +02:00
ed 835f8a20e6 default-enable webdav 2022-10-23 23:37:32 +02:00
ed f3a501db30 add SMB/CIFS server 2022-10-23 23:08:00 +02:00
ed 4bcd30da6b cleaner daemon instancing 2022-10-23 12:05:44 +02:00
ed 32e826efbc catch and discard macos metadata files 2022-10-22 01:15:54 +02:00
ed 20eeacaac3 add webdav write support + fix http 200/201 2022-10-21 18:47:48 +02:00
ed c003dfab03 unbold ansi grays 2022-10-19 15:30:17 +02:00
ed 20c6b82bec replace magic numbers with errno.* 2022-10-19 15:21:48 +02:00
ed 8510804e57 initial webdav support 2022-10-18 19:36:52 +02:00
ed 12219c1bea more fun with symlinks 2022-10-08 21:08:51 +02:00
ed 4f811eb9e9 hmac cache limit + android ux: 
onscroll doesnt trigger so files dont load in
 2022-10-08 17:46:04 +02:00
ed ae28dfd020 tweaks 2022-10-08 02:05:15 +02:00
ed abb3224cc5 option to save a copy of corrupted uploads 2022-09-26 22:01:49 +02:00
ed 1c66d06702 cleanup versionchecks 2022-09-25 21:31:47 +02:00
ed 53bb1c719b fix huge-filename trunc on ubuntu-20.04 zfs 2022-09-25 14:00:11 +02:00