Changes since 1.0.30:
- An old-standing bug has been fixed: when a file was renamed and overwrote an existing file, the quota wasn't properly updated.
- SITE UTIME now supports the 2-arguments syntax in addition to the 5-arguments syntax.
- Support for the MFMT command has been implemented.
- A default directory can now be specified when using the LDAP backend.
- Support SHA1 password hashing in MySQL and PostgreSQL backends
- Support for braces expansion in directory listings has been disabled - Cf. CVE-2011-0418
- The list of allowed ciphers for SSL/TLS connections can now be specified (--tlsciphersuite / -J).
- Shell-like escaping is now partially handled when emulating the "ls" command in order to improve compatibility with legacy clients.
- Linking issues with MySQL support on Fedora have been solved.
* Version 1.0.30:
- pure-quotacheck can now work with a large number of files.
- OPTS UTF-8 is now an alias to OPTS UTF8.
- Fix a STARTTLS flaw similar to Postfix's CVE-2011-0411.
Changelog:
Version 1.0.29:
* Fixed corruption when downloading files larger than 4 Gb on a 32-bits arch.
* Fixed error on exit on Linux.
* Downloading should be slightly faster.
Version 1.0.28:
* When —autorename is enabled, an upload script will now get the final file name instead of the original one.
* The ALLO command now checks for the actual disk space in addition to the virtual quota.
* ABOR on OSX has been fixed.
* Fixed the virtual quota computation after an atomic upload has been resumed.
* Fixed AUTH_ENCRYPTED.
* A workaround against spurious disconnections with ncftp has been implemented.
Based on PR#42711 by Fredrik Pettai.
Pkgsrc changes:
Honor VARBASE.
* Version 1.0.27:
- IPv6 connections are accepted again (regression from version 1.0.26)
- SSLv3 renegociation has been disabled
- .pureftpd-upload-* files can be deleted by users with no quota.
- The server can be forced to shut down on iPhone.
* Version 1.0.26:
- Fix incompatibilities with Cyberduck and dramatically speed up directory
listings and transfers when TLS is enabled with some other clients like LFTP.
- Allow authentication of non-chrooted users again. It was a regression
from version 1.0.25. Spotted by Juergen Daubert.
* Version 1.0.25:
- The FTP server can now be built as a library for iPhone and iPod Touch.
- Display symbolic links in the MSLD command as symbolic links, unless the
broken clients mode is enabled, just like STAT/LIST/NLST.
- Enhanced compatibility with gcc 2.x and with custom installation paths.
- Fix packaging issues, especially when the server isn't installed in the
default paths
- Downloads now require less CPU and less memory.
- Fix an infinite loop that could lead to a client process burning a CPU
core if the client didn't disconnect properly. Reported by Thomas Min and
Margus Kaidja.
- Handle fake download resumes the traditional way for the sake of being
compatible with weird clients that insist on doing that.
- The group name is now always displayed instead of the gid when it matches the
primary user group.
* Version 1.0.24:
- When using LDAP in BIND mode, empty passwords are refused. Reported by
Henning Brauer.
* Version 1.0.23:
- The LDAP schema has been fixed.
- LDAP authentication through binding is now possible in addition to
passwords. This allows for the FTP server to run with an unprivileged LDAP
account.
- In LDAP objects, the "enabled" value is accepted again as a FTPStatus
property.
- Privilege separation is now enabled by default.
- The server should now properly compile on Solaris with privsep.
- Charset conversions are properly made on directory names.
- Transfers now handle every kind of disconnection.
- More informative log messages for errors and activity reporting.
- Virtual quotas are way more reliable and uploads are interrupted as soon as
quotas are exceeded.
- Atomic uploads are only used when necessary and only if --notruncate is
enabled.
- Dangling .pureftpd-upload files should be a thing of past.
- Enhanced conformance with RFCs and better compatibility with FTP clients.
- Improved SSL performance, compatibility and commands support.
- By default, up to 10000 files per directory can be listed instead of 2000.
- ALLO can now tell clients whether an upload would blow quotas before the
upload actually starts.
- PAM is now enabled by default on OSX.
- Switch euid to the _pure-ftpd account (unless it's nonexistent) in the
privsep process.
- --without-banner is not necessary any more. Having a cookie file
(--fortunefile=...) automatically disables the default banner, thus allowing
full customization of the welcome banner.
- ./configure --localstatedir is now honored in order to change the
run-time directory.
- Support for building a FTPS (implicit SSL/TLS) server, using
--with-implicittls
* Version 1.0.22:
- the LDAP authentication backend now supports TLS encryption.
- TLS encryption is supported on data channels.
- downloads require way less CPU time on platforms with slow mmap() calls.
- MySQL 5+ stored procedures can now be used in the authentication process.
- time zones issues should be fixed for good.
- on-demand directories can now be created with any set of permissions.
- password scrambling of MySQL 5+ is now supported.
- a catalan translation has been contributed.
- spurious disconnections due to some clients keepalive tricks have
been fixed.
- custom authentication handlers are now informed about the encryption
status of the session.
- standard-conformance and compatibility with several clients have improved.
- large files are now supported by default.
- enhanced support for Solaris.
- a bunch of bug fixes, optimizations and compatibility with newer
libraries and operating system versions.
- "ftp" and "anonymous" user names can have passwords if the -E switch (no
anonymous logins) is specified.
- in compatibility mode, non-dangling symbolic links are now displayed as
if they were regular files/directories.
- --with-everything now includes privsep.
support, from unex@linija.org via PR pkg/32901.
Changes:
* When SHA1HANDSOFF is defined, we shouldn't cast a pointer to a large union to
a char buffer, because of alignment required by some architectures.
* WITH_THROTTLING should actually be THROTTLING in src/log_extauth.c . It fixes
throttling with extauth. Reported and fixed by Marcus Merighi <mcmer@tor.at>
through Brad our beloved OpenBSD maintainer.
* Rendezvous has been renamed Bonjour.
* A double-close in the CHMOD command has been fixed.
* The old PAM sample has been removed.
* -F option added to pure-pw.
* MAX_USER_LENGTH has been bumped to 127 due to popular demand.
* pam/* can now be used if security/* doesn't exist. Fixes PAM detection on
MacOS X.
* Call tzset() in chrooted apps in order to get correct time zones in syslog
messages.
* simplify() simplifies paths ending by /. and /..
* MySQL's hash_password() needs 3 arguments since mySQL 4.1.
* Experimental support for RFC2640 (UTF-8 filename encoding) has been added,
derived from code by Jui-Nan Lin ===> added as "utf8" pkgsrc option.
* The LDAP schema has been changed: FTPStatus should be a boolean.
* New switch: -p (--pidfile=) for pure-authd and pure-uploadscript, by Old
Sparky.
* By popular request, even non-chrooted users are now denied access if their
home directory is not mounted.
* If die() is called during a TLS-enabled session, encrypt the death message.
Contributed by Cynix.
* Don't wrongly abort transfer during file upload. Fix by Patrick Gosling.
* WITH_LARGE_FILES is now defined by default.
* sendfile64() support on Linux.
* privsep and main processes were swapped out so that pure-ftpwho displays the
right pid.
* OPTS MLST has been implemented.
* SITE UTIME has been implemented.
* TCP_CORK is on by default again. A new configure switch, --without-cork, can
disable it.
* Correctly format %c and %% in fakesprintf().
* The connection socket is now created with the Nagle algorithm disabled. It
was the trick to dramatically improve performance when transfering a lot of
small files.
* Updated getopt_long() and realpath() substitutes.
* Allow logging to named pipes (thanks to Steve Marple).
* Use CLIENT_MULTI_STATEMENTS while connecting to a MySQL server.
* Documentation updates.
* MySQL errors are now logged.
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
so that we'd not force dependance on specific MySQL version, and instead pick
the currently installed mysql*-client (or install the default if there
is no mysql-client package installed yet)
this makes package buildable with arbitrary MySQL version, such as 3.23.x,
4.0.x or 4.1.x
pkgsrc changes:
o move to bsd.options.mk framework
o add ldap options
package changes:
o On MacOS X Panther and Tiger, clients were sometimes rejected when they
has no reverse DNS entry and DNS resolution was enabled. This has been
fixed. Thanks to Yann Thomas Gerard <inside@parasiterecords.com> .
o The command-line parser was broken on FreeBSD and Solaris in version
1.0.19. This has also been fixed.
under ${PREFIX} instead of being an absolute path.
So fix the references using RCD_SCRIPTS_EXAMPLEDIR to be
${PREFIX}/${RCD_SCRIPTS_EXAMPLEDIR}.
This should have no changes to use before.
Please note that the MESSAGE files in most cases are wrong in the
first place. We have automated mechanisms and could have an automated
message for explaining rc.d script usage. (This is something to do!)
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
patch provided by Sergio Jimenez in PR pkg/26381
* Version 1.0.19:
- A workaround for pure-ftpwho not working on OpenBSD has been added.
- Real disk space is no more shown.
- A possible denial of service when too many users were connected should be
fixed. Reported by Agri <agri@desnol.ru>, thanks!
which installs to ${RCD_SCRIPTS_EXAMPLEDIR}. But the MESSAGE
referred to wrong hard-coded location if the RCD_SCRIPTS_EXAMPLEDIR
was not the default. So use RCD_SCRIPTS_EXAMPLEDIR instead.
PKGREVISION not bumped because if someone had changed
RCD_SCRIPTS_EXAMPLEDIR before recent change of autoregistration
of rc.d script in PLIST, then it could not have been packaged
in first place.
Note that this commit does not imply that the MESSAGE is correct.
In some cases, the MESSAGE is clearly wrong such as suggesting
running the rc.d script from the example directory (which will work
although).
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
* Version 1.0.18:
- A new, nice-looking PDF version of the documentation is now available from
http://www.pureftpd.org/readme.pdf . Contributed by Torgny Wernersson.
- The beast now compiles and links against MySQL 4.1.x, but passwords must
not be hashed with MySQL-specific hashing function.
- Buglets were fixed in the documentation.
- Two new translations were added : hungarian and catalan. Contributed by
Bánhalmi Csaba and Contributed by Oriol Magrané.
- The server now uses distinct IPv4 and IPv6 to listen to both protocols on
all operating systems. A new switch, -6, forces the server to only listen to
IPv6.
- W3C and CLF alternative log formats are now more standard conformant.
- Pure-FTPd can now produce WU-FTPd (xferlog) compatible log files.
- Support for Rendezvous was added on MacOS X.
- Support for Apple / GNUStep plist data output was added to pure-ftpwho.
- UTF-8 characters are now supported in file names. A new switch,
--without-unicode, can be used to filter out non-latin characters.
Changes:
* Version 1.0.17a:
+ An old standing issue has been fixed : ungracefully aborted transfers
caused the session to exit without removing ftpwho entry and atomic
files. This fix also speeds up ftpwho and peruserlimit.
* Version 1.0.17:
+ The SSL certificate file can now be changed through a new configuration
switch, --with-certfile. It doesn't depend on sysconfdir any more and it
defaults to the original location : /etc/ssl/private/pure-ftpd.pem.
+ Shadowed NIS accounts and MacOS X Panther system accounts are now
processed by the pure-pwconvert tool.
+ The server doesn't reject users any more on Linux when capabilities are
used.
+ The documentation has been improved (man pages, README, FAQ, typos).
+ Optimizations have been made.
+ SO_REUSEPORT is now used on FreeBSD to always bind the ftp-data port.
+ SSL-related error messages are now more explicit.
+ The SITE TIME command has been implemented.
+ The sample PAM configuration file has been rewritten.
+ A logfile parser has been added to the contribs.
+ MacOS X Panther specific instructions have been added.
+ Upload is now atomic. A file is uploaded with a temporary name and it
gets its final name only once the upload has been completed. If a file
already exists with the same name, the content can be preserved until the
new content has been fully transfered (using the new --notruncate run-time
switch).
Web servers will no more serve partially transfered files during uploads.
The new handling of uploads also limits the races in virtual quota
handling.
* Version 1.0.16c:
+ The PAM backend and the CGI mode were accidentally broken in version
1.0.16b. This version fixes both issues.
+ The Norwegian translation has been updated.
* Version 1.0.16b:
+ The server now properly compiles with SSL/TLS on RedHat 9 systems.
+ pure-ftpwho now outputs nice-looking XHTML 1.1 conformant code, an XSS
issue has been fixed and the local host name is now properly displayed in
verbose mode.
+ The path to SSL certificates now follows the --sysconfdir prefix.
+ Minor optimizations have been made.
+ IPv4 and IPv6 addresses will now listen for connections even
without the -4 switch on NetBSD and FreeBSD.
Based on PR pkg/22680 by Jon Olsson.
Changes:
- add new build-time options: PURE_FTPD_USE_TLS, PURE_FTPD_USE_VIRTUAL_CHROOT
- make the MySQL support actually work
- install more documentation
1.0.16a:
========
- Fix typo (sizeof_resolved instead of sizeof resolved) in src/bsd-realpath.c
Not a vulnerability because it happens in the good way, but it sometimes
used to break uploadscript.
1.0.16:
=======
- An obsolete comment in pure-ftpd.conf was fixed : RPMs don't parse
/etc/sysconf/pure-ftpd any more.
- Recognize the '##' prefix as a shadowed password - make authentication work
on Solaris with shadow/NIS.
- Add back some random sleep() between authentication failures in addition to
the exponential sleep. Zzzzz... sleeping is good in summer...
- Upgrade to automake 1.7.5.
- The list of options in the pure-ftpd(8) man page was reordered -
Thanks to our beloved Claudiu Costin.
- SSL/TLS support was added (bits in src/{ftpd.c,ftp_parser.c,tls.c,tls.h,
configure.ac}, new doc: README.TLS, new globals: tls_ctx, tls_cnx). New
related commands were introduced : AUTH, PBSZ and PROT.
- Uploaded files are now removed when realpath() fails and bsd_realpath() was
modified to fall back to getcwd()/chdir() if we can't get a descriptor on
the current directory because it is not readable. It fixes pure-uploadscript
on some platforms like MacOS X.
- HAVE_BROKEN_REALPATH is gone. USE_BUILTIN_REALPATH is born.
- A typo in the Python configuration file wrapper was fixed : -t was used in
place of -y.
- MacOS X Panther has a lousy getnameinfo() implementation that doesn't fill
the buffer when no DNS entry is found for a host and a numerical result
wasn't explicitely asked. As a result, Pure-FTPd didn't even start on Panther
(saying "bad IP address") . We now check for EAI_NONAME if available and we
retry with NI_NUMERICHOST if this is what getnameinfo() returns. Thanks to
Yann Bizeul for his valuable help on this issue.
- Implement a working strdup() replacement in puredb for systems lacking it.
- Some MAXPATHLEN / MAXPATHLEN + 1 cleanups. Basically when paths are
generated by our own functions, we use MAXPATHLEN for the complete
zero-terminated string. When a buffer is passed to a libc function, we reserve
a MAXPATHLEN + 1 buffer and give a MAXPATHLEN size, just to avoid bad
surprises if an off-by-one ever occurs in a getcwd() like function.
- Don't use make_scrambled_password() in the MySQL backend because the API
changed since MySQL 4.1.
- Removed fixed-size constant arrays in src/crypto.c because of MacOS X linker
bugs (grrr...) .
Updated to version 1.0.15.
Addresses PR pkg/21941 by Jon Olsson.
Changes:
- buildlink2-ify
- added PostgreSQL support (PURE_FTPD_USE_PGSQL)
- fixed MySQL support (missing bsd.prefs.mk include)
1.0.15:
=======
- A turkish translation has been added. Thanks to Mehmet Cokcevik
<dns@netline.com.tr> .
- Various functional and portability fixes have been made to the
handling of upload scripts, to the pure-pw command and to the
automatic creation of home directories.
- Accounts in a puredb database can now be quickly listed ("pure-pw
list").
- The anonymous FTP directory can now be overriden on the Windows
port (using a WIN32_ANON_DIR environment variable).
- The default banner has been stripped down to look more
professionnal (ie. boring).
- Transfer speed on BSD systems has been improved.
- The license of the whole package has changed from GPL to a simplified
BSD license.