* Version 1.1:
- The non-preemptive mode should work flawlessly.
- Syslog facilities can now be changed.
- Self-sent packets are now filtered out.
- Portability has been improved.
Add ssl (default off) and tcpwrappers (default on) options.
Changes:
- Improve logging (log deletes, renames, chmods, etc. as requested by users).
- Add no_log_lock to work around Solaris / Veritas locking hangs.
- Add EPRT, EPSV, PASV and TVFS to FEAT response.
- Implement use of MDTM to set timestamps.
- Recognize FEAT prior to login.
- Add OpenSSL (AUTH TLS / SSL) support for encrypted control and data
connections! Hurrah.
- Increase max size of .message files to 4000 characters, thanks to Eric
Pancer for the report.
- Add easy builddefs.h ability to disable PAM builds even when PAM is installed.
- Report vsftpd version in STAT output.
- Add REFS file.
- Change parent<->child socket comms from DGRAM to STREAM for increased
reliability. The main benefit is should the parent be killed (or crash out)
then the child won't block on a read() that will never return.
- Make str_reserve reserve space for the trailing zero as well, so we don't
cause a reallocation if we exactly fill the buffer.
- Optimize the sending of strings over the parent<->child comms links.
- Improve the build system so tcp_wrappers, PAM and OpenSSL can be forcibly
compiled out.
- Fix vsftpd.conf.5 typos, thanks to Dmitry V. Levin
- If trans_chunk_size is between 1 and 4096, use 4096 rather than ignoring
totally. Thanks to Brad
- Lose Makefile.sun and README.solaris special cases.
- Add SSL / TLS info to SECURITY texts.
- Add README.ssl
- Add documentation for new SSL options to vsftpd.conf.5.
- Add support for CWD ~ (and in general support ~ at start of any filename).
Also support stuff like ~chris/pics, if tilde_user_enable=YES is set. Note that
all of this is for very very broken clients :-(
- Fix compile warnings.
- Update INSTALL with (recent) OS X as a working platform.
At this point: v2.0.0 released!
===============================
- Add -lcrypto for the SSL build; needed for some systems! Thanks to Nelson
Chang
- Oops; fix session bale out if an empty length password is given.
- Fix build on Fedora Core 2 (-lcap cannot seem to find /lib/libcap.so).
- Fix vsftpd.conf.5 man page error in "ssl_sslv3", thanks to Etienne Chevillard
- Clarify licensing: I allow linking of my GPL software with the OpenSSL
libraries. Thanks to Jonas Bofjall
- Add COPYRIGHT.
- Fix build on OpenBSD, FreeBSD, probably NetBSD too (they aren't SuSv2
compliant; timezone should be a variable not a function).
- Fix build where PAM build is enabled but PAM headers are missing.
- Fix build on RHEL3 (remove errant include from twoprocess.c).
At this point: v2.0.1 released!
===============================
- Fix FAQ typo, thanks to Jose Santiago Oyervides Gonzalez
- Emit data transfer status messages (success / failure) after flushing and
waiting for the full data transfer to reach the client. This should help work
around buggy FTP clients such as FlashFXP, which is known to truncate files
incorrectly.
(v2.0.2pre1)
- Make str_empty actually allocate an empty string.
- Change the ASCII receive code to ONLY rip out \r if it is just before a \n;
someone finally complained about this.
(v2.0.2pre2)
- Enable AIX Large File Support #define from Tomas gren
- Add a couple of FAQ entries.
- Fix time delta code areas to cope with negative deltas, which will occur
if the clock is adjusted backwards. Thanks to Andrew Anderson
for a great report.
- Fix "errno" checks to be robust in multiple places; previously, calls to
failing library calls could be made inbetween the original library call and
the "errno" reads. Thanks to Andrew Anderson for a great
report.
- Make bandwidth limiter work with SSL data connections.
(v2.0.2pre3)
- Note that the SSL / bandwidth limiter bug fixed a much more serious bug:
SSL data connection dropouts after data_connection_timeout seconds.
- Typo fixes.
At this point: v2.0.2 released! (need to get the SSL dropout fix out)
=====================================================================
- Document what regex expressions are supported in the man page.
- New settings rsa_private_key_file and dsa_private_key_file to allow
separate files for the certificates and private keys.
- Initial, simple fix for timed out processes not exiting when SSL is in use.
Better fix (which reports timeout to client properly) to follow.
- Add which setsockopt option failed to die("setsockopt") calls.
- Fix when running on recent OpenBSDs - OpenBSD change broke vsftpd. Lower
linger timeout from INT_MAX to 32767 (SHORT_MAX). Reported by
Ewoud van der Vliet and Ed Vazquez (v2.0.3pre1)
- Fix error with IPv4 connections to IPv6 listeners and PORT type data
connections when connect_from_port_20 is set. RedHat bugzilla 134541. Reported
by Joe Orton, Radek Vokal and Andreas Kupfer
- Remove vsf_sysutil_sockaddr_same_family (unused).
- Support protocol 1 (IPv4) in EPRT.
- Add ssl.c to AUDIT.
- Allow config file to use "ssl_ciphers=" to use default OpenSSL cipher list.
- Allow "EPSV 1" to mean IPv4 EPSV.
- Report dummy IP but correct port with IPv6 / PASV.
- Handle SSL_WANT_READ and SSL_WANT_WRITE retries in SSL_read and SSL_write;
fixes SSL upload failures when data timeouts are in use with some clients.
Specifically, I used the test case FileZilla 2.2.12a on Windows XP. Reported
by Lee Lawrence (using CuteFTP and BackupEdge) and
Christian DELAIR (using lftp, FileZilla and
SmartFTP). Thanks to these two people for valuable help.
(v2.0.3pre2)
- Implicitly disable connect_from_port_20 and chown_uploads when a non-root
user is using run_as_launching_user.
- Add force_anon_logins_ssl and force_anon_data_ssl for a fully SSL secure
anonymous-only solution (useful when you don't have root access and a range
of acceptable anonymous passwords as credentials).
- Use SSL BIO callbacks to fix data connection timeout checks; the checks
weren't all occurring promply.
At this point: v2.0.3 released! (need to get about three imporant fixes out)
============================================================================
- Add explicit "This FTP server does not allow anonymous logins" message.
- Add paranoid checks to sysutil.c for large values / lengths.
- Fix incorrect comment about ASCII and SIZE in the vsftpd.conf example.
- Load per-IP config files earlier; allows more settings to be tuned on a
per-IP level. Suggested by Reber Tobias
- Fix MDTM on non-existant files. Reported by Ken A
- {} regex fix so that {*} correctly matches everything. Reported by
Tom Van de Wiele
- Add "mdtm_write" option to disable MDTM being able to set file timestamps.
- Fix HPUX build, thanks to Kevin Vajk
- Add optional file locking support via lock_upload_files (default on).
- Apply LDFLAGS patch from Mads Martin Joergensen
- Add pasv_addr_resolve option to allow pasv_address to get DNS resolved once
at startup.
- Apply patch to fix timezone issues (caused by chroot() interacting badly with
newer glibc versions). Thanks to Dmitry V. Levin and
Mads Martin Joergensen
At this point: v2.0.4 released!
===============================
version 3.3.0
New features:
* YTalk now recognizes GNU talk (gtalk)
* Much improved VT100 support
Changes:
* YTalk is now released under the GNU GPL
* The X11 interface has been removed since no one was using it
and it had grown way too outdated
* Unidentified talk clients are now called "BSD talk",
since talk(1) originally appeared in 4.2BSD.
* Moved to GNU automake
* Re-indented sources with hard tabs
* Added a couple of tests (run with 'make check')
Bug fixes:
* YTalk now tolerates stacking invite/import requests
* Fixed a build problem on systems without snprintf()
* Once again use $HOME when looking for personal ytalkrc
version 3.2.0
New features:
* Added far-right "stomping", fixes procps top(1) among other things
* Separated handling of CR and LF, makes a lot of programs work better
* Added support for 'G' escape sequence used by Gentoo's init scripts
* Added "escape-yesno" patch from FreeBSD that optionally requires
that you press <escape> before answering yes/no questions
* Added a "YTALK_VERSION" environment variable to subshells
Changes:
* --with-x is now --enable-x
Bug fixes:
* Fixed an endless loop in curses titlebar code
* We now use snprintf() instead of sprintf() if available
* Restored limit on auto-invite hostnames from 16 to 64 characters
version 3.1.6
Changes:
* Don't even build pty allocation code if system has openpty()
* Made all debugging code strictly optional, add --enable-debug
to ./configure if you want it
Bug fixes:
* Fixed a crash when resizing YTalk in an XTerm
* Fixed a remote-crash format string bug in auto-invite daemon
* Fixed build problems on SunOS
* Fixed --with-x on X.org (broken since 3.1.2)
version 3.1.5
New features:
* We now use openpty() if available to securely allocate ptys
* Added the prompt-quit patch from Debian again (oops, lost in 3.1.3)
Bug fixes:
* Fixed a problem with the configure script on Slackware
* Added a missing part of VT100 scrolling support
* Fixed a small memory leak in terminal tab handling
* Small documentation fixes and updates
version 3.1.4
New features:
* Added "rering all" to main menu (requested by Matthew Vernon in '99)
* Added --with-curses=DIR option to configure script
Bug fixes:
* Fixed detection of `socklen_t' type on OpenBSD
* Fixed a minor problem with the no-beep mode
* Fixed a minor signed/unsigned issue
* Cleaned up the configure script a bit
version 3.1.3
New features:
* Added support for job control on BSD systems
* Added terminal tab handling
* Added terminal keypad modes
* Added "ignorebreak" mode (^C is ignored unless a shell is running)
* Added "beeps" to the ytalkrc flags (applies to all beeps)
* Added internal memory management and tracking
Changes:
* Maintainer change to Andreas Kling
* Dropped getlogin() in favor of getpwuid()
* Removed "debug" logging code
Bug fixes:
* Fixed the shell on Tru64 UNIX
* restored compatibility with old talk daemons (broken in 3.1.2)
* restored command line parsing (broken on many systems in 3.1.2)
* Removed debug code that broke terminal raw mode in 3.1.2
version 3.1.2
New features:
* Debug logger added
* Now optionally prompts user before quitting (when using -q),
patch from Colin Watson
* Added parsing of long options
* Fixed maximum username length to 11 instead of 8
Changes:
* Maintainer change to Jessica Peterson
* X support isn't compiled as default anymore
* -x command line switch now enables X11 mode instead of disabling it.
* Scrolling is enabled by default
* Upgraded to autoconf 2.59
Bug fixes:
* Fixed a possible buffer overflow regarding a oversized $HOME
when loading the configuration file
* Reset handling of SIGCHLD for shells - patch from P. Maragakis
following hints by Jason Gunthorpe
client-server applications. They conform to the UNIX Client-Server
Program Interface, UCSPI.
sslserver listens for connections, and runs a program for each
connection it accepts. The program environment includes variables
that hold the local and remote host names, IP addresses, and port
numbers. sslserver offers a concurrency limit on acceptance of new
connections, and selective handling of connections based on client
identity.
sslclient requests a connection to a TCP socket, and runs a program.
The program environment includes the same variables as for sslserver.
The "tls" option applies Scott Gifford's patch to implement UCSPI-TLS
in sslserver.
Assume that x86_64 has the same drivers as i386, addresses PR 32332.
No PKGREVISION bump since it didn't compile on amd64 before.
While here:
remove superfluous patches patch-af, patch-ag to config.sub files
(get replaced by CONFIG_SUB_OVERRIDE anyway)
split up multi-patch patch-aa into four patches patch-a[hijk]
2006/01/05: version 2.7.2 = tag release-2-7-2
4764: Patch for MLDonkey-compiled Ocaml-3.09.1 to fix GTK1 oldgui compile
4763: Compile patch for GTK1 oldgui with Ocaml 3.09.1
Ocaml 3.09.1 has a bug which prevents compiling GTK1 oldgui.
A patch can be found here: http://caml.inria.fr/mantis/view.php?id=3948
2006/01/04
4761: Insert glibc version in archives build by release targets
4760: Allow use of Ocaml 3.09.1
MLDonkey can now be compiled with Ocaml 3.08.3/4, 3.09.0/1
Default for MLDonkey-compiled Ocaml is now 3.09.1
4759: Configure: Improve gcc check
4757: Compile patches for MorphOS (Christian Rosentreter)
4748: HTML: Allow rename of files with '#', '&' and '%',
remove invalid chars from filenames depending on OS (thx to pango)
4756: HTML: Print build- and runinfo on main page,
fix reload bug when changing html_mods/html_themes (Knocker)
2006/01/03
4751: Ease use of messages_filter option (pango)
4753: Allow upper case MD4 for ed2k-links in mldonkey_submit (fcrozat)
4754: New parameter --auth for mldonkey_command (plf team)
2006/01/02
4749: GUI: send shared sub_files to gui (zet)
2006/01/01
4712: Change terminal color for command line from blue to cyan (romildo)
4742: Log: remove verbosity "tor" & "file", improve verbosity "verb"
4743: EDK: Print "File is already shared" when trying to start downloading
an already shared file
4744: Split client_timeout into ED2K-client_timeout and BT-client_timeout,
increase BT-client_timeout to 90 (tradie)
4745: Update config.guess and config.sub to version 2005-12-23
2005/12/28
4725: Check if ulimit is sufficient for MLDonkey,
auto-adjust max_opened_connections
* moved ED2K-max_indirect_connections to downloads.ini
* max_indirect_connections is now a %-value of max_opened_connections
* minimum ulimit for open files is now 150 (most systems have 1024),
MLDonkey will refuse to start if ulimit is lower
* minimum max_opened_connections is now 75
* reduced max_concurrent_downloads from 60 to 50
* minimum ulimit -n 150 is used like this:
- 75 max_opened_connections
- 50 downloading files
- 5 upload slots
- 20 fd as reserve for ini files
4704: Fix some C compile warnings (schlumpf)
4739: Fix some cross-compiling obstacles, remove Ocaml 3.08.2 compatability
* Cross-compiling is only possible with a correct Ocaml toolchain
* MLDonkey can not build this Ocaml toolchain
* This patch only fixes some autoconf checks
4735: MinGW: pause before core exit because of existing Pid file
4736: New commands: sysinfo, runinfo and diskinfo
* removed temp_directory and core_directory from shares command output
* new commands sysinfo, runinfo and diskinfo
* buildinfo now prints only buildinfo
* runinfo prints run-time information
* new command diskinfo prints filesystem data about temp_directory,
core_directory and all shared dirs
* sysinfo prints buildinfo, runinfo and diskinfo alltogether
4712: Change terminal color for downloading files from blue to cyan (romildo)
2005/12/24
4732: Log: More infos for verbosity = " verb"
2005/12/21
4728: fix date format (zet)
4730: BT: parse path.utf-8 (zet)
2005/12/19
4726: New option space_overhead to adjust garbage collection (bogeyman)
4724: Windows: 10 seconds pause when core start fails
to make error messages readable
2005/12/18
4723: New build target: make ocamldoc (pango)
4721: Log: Improve output for verbosity "verb", remove verbosity "hid"
2005/12/17
4719: Fix linking of dp500 (pango)
4715: OV: Improve searching, longer ov timeout, some more bugfixes (bogeyman)
4718: Fix bug which prevented proper write to files introduced in patch #4694
4717: EDK: Removed unused variable file_md4s_to_register (bogeyman)
2005/12/16
4703: BT: Deactivate dead trackers,
re-enable them if no active trackers are found (pango)
4708: HTML upstats: Enable preview for shared files
4652: dllink: reject EDK files > 4GB, print access errors for .torrent files
2005/12/15
Removed orphaned files:
src/networks/donkey/donkeyFiles.mli
src/networks/donkey/donkeyInteractive.mli
src/networks/donkey/donkeyMain.mli
4710: Re-add some protocol information as comments removed by patch 4694
4709: Fix zip file extract broken due to patch 4694 (Ocaml 3.09)
4707: Fix recover_temp broken by patch 4674 (force_download)
2005/12/14
4706: EDK: Remove donkeyChunks, use commonSwarming for op_file_check
4702: Correct timezone in e-mail, nicer uptime, timezone and uptime in runinfo
4694: Fix lots of compile warnings in Ocaml 3.09
4705: Update config.guess and config.sub to version 2005-11-11
Mozilla MLdonkey Protocol Handler updated to version 1.7
2005/12/13
Removed orphaned files:
src/networks/fasttrack/fasttrack.ml
src/networks/gnutella/gnutella1.ml
src/networks/gnutella/gnutella.ml
src/networks/gnutella/gnutellaScheduler.ml
src/networks/gnutella/gnutellaZlib.ml
src/networks/gnutella2/g2Scheduler.mlt
src/networks/gnutella2/gnutella2.ml
4700: Log: New verbosity option "gui" to debug GUI protocol
4696: Fix some C compiler warnings
2005/12/10
4687: Compile fix for Ocaml 3.09.0 (gildor), MLDonkey can now be compiled
with Ocaml 3.08.[2,3,4] and Ocaml 3.09.x (4687_min2.patch)
4693: Compile patch in sha1.c for FreeBSD (lioux)
4689: Catch exception in file_completed_cmd to let commit complete
4691: file_completed_cmd: $DURATION in seconds (debonair)
07/03/2005: Version 2.3.5
- Fix crash with replay live mode (-S)
- Fix longstanding tcpprep auto/router mode bug
06/05/2005: Version 2.3.4
- Support libpcap <= 0.5 for OpenBSD
- libpcap 0.5 doesn't have pcap_open_dead, so disable -w, -W and -D in
that case
- Fix configure errors regarding libpcapnav
- Fix compile problem in libpcap.c with OpenBSD
- Fix compile problem where libpcap and libnet are in /usr and
libpcapnav is somehwere else
- Don't ship .svn directories
- Close stdin so we can reopen it if necessary
Remove BROKEN_IN, since it builds fine for me on 3.99.15/i386.
rather than PKG_FAIL_REASON, so that they provide useful error
messages in build logs, and so that they continue to work on platforms
where they aren't broken.
* ignore \r in config files
* (hopefuly) fixed 64bit bugs (Nicolas Boichat and Zach Brown)
* added support for "Split-Net" Routing
* introduced vpnc-script and removed vpnc-connect
* always search for configfiles in /etc/vpnc/ expect if the
filename contains at least one "/"
* only read /etc/vpnc/default.conf and /etc/vpnc.conf if no other
configfiles are provided
* various other fixes contributed by Anton Altaparmakov, Randy
Chou, "krabat", Andre Vanha and Nikolay Sturm
Bug Fixes
Three security vulnerabilities have been fixed since the previous
release (fixed in pkgsrc via patches):
- The IRC dissector could go into an infinite loop.
- iDefense found a buffer overflow in the OSPF dissector.
and
- The GTP dissector could go into an infinite loop.
New and Updated Features
The following features are new (or have been significantly updated)
since the last release:
- The Windows installer now ships with GTK+ 2.6 instead of GTK+ 2.4.
This should fix several long-standing bugs.
- If you're loading a saved capture file and press "Cancel", Ethereal
will now display the packets read up to that point. In previous
versions, Ethereal would abort the attempt completely and clear the
packet list. This means that if you're loding a huge capture file,
you can stop loading in the middle and still be able to analyze part
of the file.
- The maximum number of files allowed in a ring buffer has been increased
from 1024 to 10,000.
- OID to name resolution has been improved.
- TCP graphs now handle upper and lower bounds better.
New Protocol Support
3Com Netjack200, CDT, CIGI, DAP, DISP, DOP, DSP, FTBP, MS NLB, NBAP, NCP
SSS, NCS, NHRP, P_Mul, RNSAP, SMB2, STANAG 5066, TIPC, UDP-Lite, X.501
Updated Protocol Support
ACSE, AIM, ALCAP, AMR, ANSI MAP, BER, BitTorrent, BOOTP, CAMEL, CMP,
CMS, COPS, CRMF, DCCP, DCERPC (DCERPC, DSSETUP, INITSHUTDOWN, NT,
WINREG), DEC DNA RT, DNP, DTP, eDonkey, ENIP, ESS, Etheric, FC-DNS,
FC-FZS, FMIPv6, GRE, GSM A, GSM MAP, GTP, H.225, H.235, H.245, H.248,
H.263, H.450, IAPP, IEEE 802.11, INAP, IP, IPv6, IRC, ISIS LSP, ISUP,
IUUP, Juniper, LLDP, M3UA, MIP, MIPv6, Modbus/TCP, MTP3, NCP, NDPS, NDS,
NEMO, NMAS, NTLMSSP, OSPF, PER, PN-DCP, PPP CHAP, PPPoE, PVFS2, Q.931,
RADIUS, RANAP, RDT, RLOGIN, RMT, ROS, RTCP, RTP, RTSE, S4406, SCCP,
SCTP, SES, SIP, SMB, SNDCP, SRVLOC, STUN, T.38, UMA, WINS Replication,
X.411, X.420, X.509
New and Updated Capture File Support
DOS Sniffer, Endace ERF, HP-UX nettl, IBM iSeries traces, Tektronix K12
Bugfixes:
o Address a bug in the oplock code which may cause clients to stall
when multiple users are accessing a share concurrently
o Missing groups in a user's token when logging in via kerberos
o Incompatibilities with newer MS Windows hotfixes and
embedded OS platforms
o Portability and crash bugs.
o Performance issues in winbindd.
Additions:
o Complete NTLMv2 support by consolidating authentication
mechanism used at the CIFS and RPC layers.
o The capability to manage Unix services using the Win32
Service Control API.
o The capability to view external Unix log files via the
Microsoft Event Viewer.
o New libmsrpc share library for application developers.
o Rewrite of CIFS oplock implementation.
o Performance Counter external daemon.
o Winbindd auto-detection query methods when communicating with
a domain controller.
o The ability to enumerate long share names in libsmbclient
applications.
The patches are a modified version of some enhancements to tcpflow from Debian
Adds the following options:
-e When outputting to the console each flow will be output in alternating
colours.
-C Console print without the packet source and destination details being
printed. Print the contents of packets to stdout as they are received,
without storing any captured data to files (implies -s).
- update to mDNSResponder core 58-8-1
- compile out heap debugging when NDEBUG macro is set during compilation
- errors encountered when parsing conf file are logged
- fix various unsafe sprintf calls (contributed by
David Young dyoung@pobox.com)
- compiles cleanly using cygwin
- support for compiling under OpenBSD
- error in docs regarding swapped parameters to sw_discovery_publish_reply
AICCU (Automatic IPv6 Connectivity Client Utility) makes it easy for users to
get IPv6 connectivity via SixXs. After having requested an account, tunnel and
optionally a subnet, AICCU can be used to automatically configure the tunnel.
AICCU supports TIC (Tunnel Information & Control protocol), which it uses for
retrieving the tunnel configuration information, AYIYA, which allows tunnels to
be created even behind firewalls and NATs.
