View Single Post
Old 11-03-2007, 02:40 AM  
Too much time...
Join Date: May 2005
Posts: 1,194
Default Changelog

v6.3.0 Release Notes:

*** File Modifications

1) File system\ioFTPD.exe changed. Version

2) File system\ioFTPD.pdb added.   Debugging info. v6.3.0.0

3) File system\tcl84t.dll changed. Upgraded tcl to version 8.4.15.

4) File system\tcl84t.pdb added.   Debugging info. v8.4.15

5) File system\php4ts.dll changed. Upgraded php to version 4.4.7.

6) File system\dbghelp.dll added.  Support for minidumps.  v6.8.4.0.
   Redistributable from the MS Debugging Tools for Windows package.

7) File system\symsrv.dll added.   Support for remote symbol lookups. v6.8.4.0
   Redistributable from the MS Debugging Tools for Windows package.

8) File system\makecert.exe added. Generates self-signed SSL certificates.
   v5.131.3790.0.  It appears that unlike CertMgr.exe which requires you to
   download the entire platform SDK (300+ MB for the older XP release or
   1GB+ for Vista) you can distribute just makecert.exe via the old original
   XP redist license or via the VS2005 license.  See "site removecert"
   below for ways to run a GUI to manipulate installed certs.

9) File system\ioFTPD.ini changed. Lots of changes detailed below, and I
   re-ordered the sections just a little to put the "must-change" stuff right
   at the top.

10) File system\ServiceInstaller.exe changed.

11) Directory source\include\* changed.

12) File ioKnock\ioKnock.exe added. Version

13) File ioFTPD-Start.exe changed. Version

14) File README changed.

*** Functionality changes

15) Zero byte files are no longer created if no data connection was
    established.  This should prevent most of those pesky 0 byte files.

16) Existing zero byte files that are the object of a STOR command (upload)
    will no longer apply the Overwrite rule but instead use the Resume rule.
    This will allow less permissive settings in the .ini file for average
    users.  The OnUpload event instead of OnResume will still be called though.
    Formally requesting a resume from 0 and then a STOR will continue to use
    the resume rule and the OnResume event.  I haven't seen any FTP clients
    do this though.

17) Resuming a file you do not have permission to write to in the VFS (i.e.
    somebody else's file) now returns an immediate file permission error.
    Previously it would signal all is OK, wait for the data connection to be
    established then close the connection with a transfer complete response
     without actually doing anything.

18) Resuming a file or overwriting a zero byte file now updates the owner
    of the file to the resuming user.

19) A successful non-anonymous login now resets the auto-ban connection
    count for the associated IP.  This should hopefully reduce the chance
    a user with 8-10 connections which all get dropped at the same time
    from getting auto-banned when reconnecting.

20) Only 1 "Rejected auto-banned IP..." message per minute per host will be
    added to the error logfile.  Previously each rejection was logged.

21) Only 1 "Rejected unmatched client..." message per minute per host will
    be added to the error logfile.  Previous each rejection was logged.

22) Only 1 "Rejected client from..." message per minute per host will
    be added to the error logfile.  Previous each rejection was logged.

    NOTE: These 3 error messages use separate timers.  This is particularly
    important when a user with an unmatched host mask tries to login several
    times and gets himself auto-banned.  That message would be suppressed if
    they shared one timer...

23) Changed the "site change" commands to enable the modification of any user
    account if done from a Master user.  Previously Master accounts that were
    granted specific group admin rights would be unable to modify accounts
    outside of the indicated groups.

24) Fixed the MDTM command.  Previously it wouldn't report or modify the

25) Changed the way the Bind= option in ioFTPD.ini is handled.  This is the
    local IP address to actually create the socket and listen for connections
    on.  Previously if you did not define this it would use the Host= field.
    Since so many sites are behind NAT firewalls failing to specify
    for Bind= when specifying an external ip or dynamic dns name could cause
    the server to fail to start properly or result in unroutable sockets.
    Now if you do not specify a Bind= option it will default to all local
    interfaces (which is good) and you need only set this option in those
    specific situations where you must force a particular interface to be
    used.  Changed ioFTPD.ini description of how to setup Host/Bind options.

26) Modified behavior for finding a SSL certificate to use.  If the service
    specifies a Certificate_Name (the normal place to define it) then that is
    tried first.  If not valid or not specified then the Host= value for the
    device associated with the service is tried provided it is different than
    the generic ANYHOST value of  Finally as a fallback the default
    name of "ioFTPD" will be used.

27) Errors in loading the TLS/SSL library (the SSPI stuff), opening the
    certificate store, or creating the server/client credentials (i.e.
    you didn't specify a valid certificate name) are now logged to the
    error logfile.  This should hopefully provide more information for
    users having issues setting up TLS/SSL.

28) A directory is considered "empty" if it consists only of files starting
    with ".ioFTPD", thumbs.db, and/or desktop.ini.  Previously the two hidden
    system files would prevent a directory that looked empty from being

29) An "empty" directory that is marked read-only can now be deleted.  The
    reason this is necessary is because customized folders (such as from
    "Customize this Folder...") specifically enable the read-only
    bit for the directory and fail to clear it even if customizations are
    removed.  This is tricky to notice since ALL directories claim they are
    read-only when you examine their properties in explorer.

30) Crashes will no longer result in the c:\ioFTPD.crash.log file being

31) The error log entry for hosts not matching the user mask changed from
    "Host 'IDENT@HOST-ELSE-IP" did not match any of user 'USER' allowed hosts."
    "Host 'IDENT@IP' (HOST) did not match any of user 'USER' allowed hosts."

*** New Features

32) New ioFTPD.ini option (Max_Resolver_Threads under [Network]).  Added an
    option to change the maximum number of worker threads that may be used to
    resolve hostnames.  Large heavily used sites may wish to raise this.

33) New ioFTPD.ini option (Immune_Hosts under [Network]).  List of space
    separated wildcard IPs/hosts that should be immune from auto-banning.

34) New ioFTPD.ini option (Immune_Users under [Network]).  A full ioFTPD
    user permission specifier to indicate users whose IP/host masks should be
    immune from auto-banning.  Be VERY careful here since just one immune
    user with *@* now or in the future effectively turns off everything.  I
    don't suggest using this option.

35) New site command (site bans immune) displays the immune IP / host list
    and indicate the source [.ini->immune_hosts, username->immune_users match].

36) New ioFTPD.ini option (Secure_Ip_# under [Network]).  A series of optional
    rules used to enforce what user IP/Host masks must look like depending on
    who is changing the user account.  Similar to glftpd's secure_ip option,
    but more powerful.  See the .ini file for full documentation.

37) If site addip rejects an IP/Host mask because Secure_Ip is enabled and
    no rule matches then a human readable form of the rules is displayed.

38) Site addip will now remove and/or reject redundant entries.  For example
    if a user already has *@* it makes no sense to allow the addition of 
    *@ (new).  Similarly if you add *@* all other existing entries
    will be removed automatically (existing behavior).  Attempts to add an
    exactly matching entry will no longer result in remove/add events in the
    admin log since nothing actually changed.

39) New site command (site MakeCert).  First determine the preferred name for
    the certificate by looking for a Certificate_Name= for the service, or
    the Host= value for the device specified for the service provided it isn't, or finally the default value of ioFTPD.  Then create and install
    in the CurrentUser My/Personal store a new certificate if one doesn't
    already exist.  Requires the file system/makecert.exe and the M flag.
Yil is offline   Reply With Quote