Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: ftp server support #207

Merged
merged 2 commits into from
Dec 10, 2024
Merged

feat: ftp server support #207

merged 2 commits into from
Dec 10, 2024

Conversation

KirCute
Copy link
Contributor

@KirCute KirCute commented Dec 9, 2024

frontend part of AlistGo/alist#7634

Add two permissions.
Add a page to configure FTP server.
1

@KirCute
Copy link
Contributor Author

KirCute commented Dec 9, 2024

  • Public IP/Host:PASV命令发送给客户端的IP地址,如果写域名会解析成IP
  • Passive transfer port mapping:由一系列以换行或英文逗号分隔的“映射组”构成,每个映射组有以下四种有效格式
    1. <端口号>
    2. <响应端口号>:<监听端口号>
    3. <端口号开始>-<端口号结束>
    4. <响应端口号开始>-<响应端口号结束>:<监听端口号开始>-<监听端口号结束>
    • 对于不区分“响应端口号”和“监听端口号”的情况,PASV和EPSV命令会从中随机选取一个端口号用作被动传输。
    • 对于区分“响应端口号”和“监听端口号”的情况,PASV和EPSV命令会随机选取一对端口号,将响应端口号从控制流返回给FTP客户端,然后监听监听端口号等待客户端的连接。
    • 如是设计是为了应对复杂的端口映射情况。
    • 这一项如果留空,被动传输端口号会在1024-65535中随机选取,且不进行任何映射。
  • HTTP proxy user agent:某些存储驱动在访问时需要用到User-Agent请求头,这里伪造了一个假的
  • Enable mandatory TLS:要求连接必须使用TLS,这里指的是显式TLS,只加密数据流,不加密控制流,这种协议叫ftpes。注意如果下面两个Path to有效,且不开启这个选项,表示无论是否使用TLS均接受。
  • Enable implicit TLS:要求连接必须使用隐式TLS,数据流和控制流都加密,开启时上面那个选项失效,这种协议才叫ftps
  • Path to TLS private key file:TLS私钥文件路径,留空表示不启用TLS,如果留空或所填的内容无效的同时开启了“Enable mandatory TLS”或“Enable implicit TLS”,会导致FTP服务直接不启动
  • Path to TLS certificate file:TLS证书文件

以上修改都需要重启AList才能生效。

@xhofe xhofe merged commit 632abec into AlistGo:main Dec 10, 2024
3 checks passed
@KirCute KirCute deleted the feat/ftp-server branch December 10, 2024 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants