1.3.2 Release Notes ------------------------ This file contains a description of the major changes to ProFTPD for the 1.3.2 release cycle, from the 1.3.2rc1 release to the 1.3.2-stable release. More information on these changes can be found in the NEWS and ChangeLog files. 1.3.2rc3 --------- + Fixed character set/encoding support on FreeBSD. + Fixed mod_sql authentication regression (Bug#2922) + Start of a regression testsuite. Currently have basic unit tests for most FTP commands, and a few of the configuration directives. See the Testing howto for more information. + Fixed variable substitution in user/group names in SQL queries. + Lowered the default TimeoutLinger value from 180 secs to 30 secs, for better interoperability. Many FTP clients have a timeout of 60 secs, waiting for a response from the server, before the client closes the control connection. ProFTPD's lingering closes should thus not be longer than 60 secs, to avoid hitting those clients' timeout limit. + Fixed several issues related to aborting of downloads. + New documentation: doc/howto/Testing.html doc/howto/Translations.html 1.3.2rc2 --------- + Added Chinese translation. + Fixed handling of SSL/TLS session shutdowns on data connections. This issue was causing problems for users of recent FileZilla versions which insisted on proper SSL/TLS session shutdowns. + Fixed file descriptor leak when using syslog logging. + Fixed syslog logging on Mac OSX platforms. + Attempted to address the following message in system log files: warning: `proftpd' uses 32-bit capabilities (legacy support in use) by having mod_cap use the libcap version numbers provided by newer Linux kernels. See doc/modules/mod_cap.html for more details. + Added new `prxs' tool, for compiling and installing third-party modules without needing the proftpd source code. See doc/howto/DSO.html for more information. + Added sendfile support for Mac OSX 10.5. 1.3.2rc1 --------- + Added pkgconfig file As part of the process of installing proftpd from source, a proftpd.pc file, suitable for use by the common `pkg-config' tool, is provided. This proftpd.pc file is installed into the /lib/pkgconfig/ directory. See http://pkgconfig.freedesktop.org/ for more details. + IPv6 support is enabled by default. To disable at build time, use: ./configure --disable-ipv6 ... And to disable IPv6 support at runtime, use: UseIPv6 off in your proftpd.conf + Changed command-line behavior: The -vv command-line option currently shows only the static modules, e.g.: - ProFTPD Version: 1.3.0 (stable) - Scoreboard Version: 01040002 - Built: mar gen 2 10:57:47 CET 2007 - Module: mod_core.c - Module: mod_xfer.c - Module: mod_auth_unix.c - Module: mod_auth_file.c ... Now, the -vv command-line option will show all modules, static *and* shared: ProFTPD Version: 1.3.0 (stable) Scoreboard Version: 01040002 Built: Thu Jun 14 14:13:37 UTC 2007 Loaded modules: mod_ifsession.c mod_tls/2.1.1 mod_cap/1.0 ... Note that the output format has changed slightly (no leading " - "). The -l command-line option can be used to list just the static modules. Also note that order of the module listed via -vv shows the order in which the core proftpd engine calls each module, i.e. the modules are listed in module order. + New configuration directives: AuthPAMOptions Some PAM modules need the PAM_TTY item to be set; the mod_auth_pam module now sets the PAM_TTY item, unless the following configuration is used: AuthPAMOptions NoTTY This configuration should not be necessary, and is only supported as a safeguard. MaxTransferPerHost This directive configures a limit on the maximum number of simultaneous data transfers (uploads/downloads) for a given host. MaxTransfersPerUser This directive configures a limit on the maximum number of simultaneous data transfers (uploads/downloads) for a given user name, regardless of the number of clients using that user name. TLSVerifyOrder This directive is part of the support for the Online Certificate Status Protocol (OCSP) in the mod_tls module. See doc/contrib/mod_tls.html#TLSVerifyOrder for details. TransferPriority This directive can be used to change the process priority while the session process is handling a data transfer. Using this directive, data transfers can be given lower/higher priorities than other processes on the system, depending on the site needs. UseEncoding The mod_lang module can how support encodings other than just UTF8 for the control connection FTP commands and responses. See doc/modules/mod_lang.html#UseEncoding for additional information. + New contrib scripts: Added contrib/ftpmail, a Perl script which reads a TransferLog FIFO and sends automatic email notifications whenever uploads occur. See doc/contrib/ftpmail.html for more details. + Enhanced configuration directives: BanOnEvent ClientConnectRate Clients can now be banned if they connect too frequently; see doc/contrib/mod_ban.html#BanOnEvent LogFormat %f The %f LogFormat variable is now properly substituted for the RNFR, RNTO, SITE CHGRP, and SITE CHMOD commands. TimeoutIdle, TimeoutNoTransfer, TimeoutStalled These directives can now be used within sections to specify different timeouts for anonymous sessions. TLSOptions EnableDiags The EnableDiags option configures mod_tls to be *much* more verbose, and to print diagnostics about the SSL/TLS protocol to the TLSLog. See doc/contrib/mod_tls.html#TLSOptions TLSRequired !data, ctrl+!data, auth+!data The various combinations for requiring SSL/TLS protection on control and data connections have increased. More details can be found here: doc/contrib/mod_tls.html#TLSRequired + Deprecated configuration directives AnonymousGroup This directive is NOT recommended, and relies on a "special dynamic configuration" which is very confusing to users. It will be removed in the 1.3.3 ProFTPD release cycle. UseUTF8 This directive has been replaced by the UseEncoding directive. + New translations The FTP response messages used by proftpd have been translated into Italian. To use translations, compile proftpd using: ./configure --enable-nls ... This builds the mod_lang module, in addition to installing the translated message catalogs for proftpd's use. See doc/modules/mod_lang.html for more information. + New modules: mod_dynmasq Useful for sites using dynamic DNS and other similar services. This module automatically refreshes the IP address of the daemon, so that the correct address is communicated to clients i.e. via the MasqueradeAddress directive. See the module documentation at: doc/contrib/mod_dynmasq.html mod_facts Implements the MLSD and MLST commands, as per RFC3659. Also provides the MFF and MFMT commands from: http://www.ietf.org/internet-drafts/draft-somers-ftp-mfxx-03.txt Module documentation is available for mod_facts at: doc/modules/mod_facts.html This module is compiled in by default. mod_ident The RFC1413 "identification protocol" lookup was separated out of the main proftpd code and into this mod_ident module. With this change, you can now choose to build proftpd without this support using: ./configure --disable-ident .. You can also choose to build mod_ident as a shared module, loadable as needed: ./configure --enable-dso --with-shared=mod_ident ... Module documentation is available for mod_ident at: doc/modules/mod_ident.html This module is compiled in by default. mod_sql_odbc This module is a mod_sql backend module which supports ODBC drivers. See doc/contrib/mod_sql_odbc.html for more information. mod_sql_sqlite This module is a mod_sql backend module which uses SQLite as its backend database. See doc/contrib/mod_sql_sqlite.html for details. mod_unique_id Generates a unique ID for every FTP session. This ID can be written to log files and stored in databases, for tracking all of the activity associated with a particular FTP session. See: doc/contrib/mod_unique_id.html + New documentation: doc/howto/ConfigurationTricks.html + Updated documentation: doc/howto/TLS.html Added instructions on how to use OpenSSL in FIPS mode; see doc/howto/TLS.html#TLSFIPS Last Updated: $Date: 2008/11/20 23:09:07 $