data connection stealing and bounce attack mitigation

[drakkan]

This patch improve security for passive connections and fixes bounce attacks for active ones.

IPMatchRelaxed and IPMatchTrusted are useful for passive connections if using haproxy. We can get rid of these settings if we expose a callback for the passive connection listener, so we can provide a custom listener that decodes the proxy header and get the real client IP as we do for the control connection. ProFTPD does not recommend to enable the proxy header for data connections and I followed the same recommendation for SFTPGo until now, no problem to change if you prefer this way.

See the FAQ here

[codecov]

Codecov Report

Merging #251 (425f32d) into main (53cb37b) will increase coverage by 0.90%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main     #251      +/-   ##
==========================================
+ Coverage   84.70%   85.61%   +0.90%     
==========================================
  Files          10       10              
  Lines        1471     1522      +51     
==========================================
+ Hits         1246     1303      +57     
+ Misses        151      146       -5     
+ Partials       74       73       -1     

Impacted Files	Coverage Δ
client_handler.go	86.03% <100.00%> (+3.28%)	⬆️
transfer_active.go	87.20% <100.00%> (+0.95%)	⬆️
transfer_pasv.go	72.30% <100.00%> (+3.07%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 53cb37b...425f32d. Read the comment docs.

[fclairamb]

Sorry for the delay @drakkan and thank you for this improvement (which required a lot of testing effort 😅 👍), it's indeed a good way to mitigate FTP security issues.