View Single Post
Old 04-26-2011, 04:51 PM  
Too much time...
Join Date: May 2005
Posts: 1,194
Default v7.7.0 Changelog

v7.7.0 Release Notes:

1) Files in \System:
   Changed : ioFTPD.[exe,pdb] - Version
   Changed : tcl85t.[dll,pdb] - Version
   Changed : libeay32.dll, ssleay32.dll - Version
     Added : libeay32.pdb, ssleay32.pdb - Version
   Changed : Help-SiteCmds.ini
   Changed : ioFTPD.ini - summary of changes by section...
     [FTP_Service] : OpenSSL_Options options and comments changed.
     [VFS]         : Default_Directory_Attributes    = 777 0:0
     [FTP_SITE_Permissions] : Rename "sectionnum" to "sectionums"
                              stat              =     *
     [Ftp]         : Single_Closed_Exempt_Name added
                     Who_Sort_Output added
                     Who_Hidden_Users comment changed
                     Banned_User_Flag added
     [Threads]     : Io_Threads              = 4
                     Remove Encryption_Threads option.
                     Section commands changed.

2) Directories in \lib:
     Replace entire reg1.2 directory.
     Replace entire dde1.3 directory.
     Replace entire tcl8 directory.
     The tcl8.5 directory is a bit trickier.  Probably the easiest thing to
       do is copy and overwrite all the files from the new directory into your
       existing dir.  For the record, here's some info on the subdirs:
         TCL: http1.0, msgs, opt0.4, tzdata (encoding not shipped w/ioFTPD)
         ioNinja-v0.8.9.6-2009-06-29: encoding, http, http2.5, twapi, zlib1.1
           *** nxHelper shipped with ioNinja is v2.3 but you need the v2.4
               one from nxTools else you get package require errors!
           *** opt0.4 is part of TCL, use the one shipped with ioFTPD
           *** reg1.1 is old, ioFTPD includes lib/reg1.2 which is better
     lib/nxHelper and lib/sqlite3 are part of nxTools

3) Files in \text\ftp:
   Changed : GroupList.[Header, Body]
   Changed : MyInfo.[Sections, Totals]
   Changed : UserInfo.[Sections, Totals]
   Changed : UserList.Footer

4) Files in \Doc:
   Changed : Cookies.txt
   Changed : Events.txt
   Changed : iTCL.txt
   Changed : Site-cmds.txt

5) Files in \Source
   Changed :

*** New Features:

6) New site command (site stat).  Displays all the information normally
   displayed after a file transfer including server close / shutdown
   notifications, any personal messages, and the TransferComplete file with
   the statline(s) which usually contains things like section, ratio, credits
   stats, freespace, etc for the current dir.  The speed will be from the last
   data channel transfer be it from a file transfer or a directory listing.

7) Modified site command (site users [ -errors ] [ -- | -+ ] [ <user-glob> ]).
   Previously this command just listed users matching the <user-glob> pattern
   or returned a list of all known users if no arguments were given.  That
   still works the same, however the list of matching users is now remembered
   and called the 'matching' list.  You can then refer to the users in the
   matching list via the '--' and '-+' syntax:
     '--' => start with the current matching list, but remove users from it
             who don't match the new <user-glob>.
     '-+' => add previously non-matching users to the list who match the new

   Because all negative search terms in <user-glob> are processed first the
   ability to iteratively include / exclude users is much more powerful.
   Consider the command 'SITE USERS !V .1 -Bob' which will find all SiteOps
   and the user Bob provided they aren't also VFS Admins.  Now compare that
   to 'SITE USERS !V .1" followed by 'SITE USERS -+ Bob' which will match all
   SiteOps who aren't also VFS Admins and the user Bob.  You can see that if
   Bob happened to be a VFS Admin you would get different results.  In fact
   ONLY by using the matching list could you get the results you probably

   Now for the really cool bit.  The '--' and '-+' prefixes that refer to
   the matching list are now valid arguments to these other site commands:

   This is really useful because it's sometimes tricky to craft a 'site
   change' command to modify just the users you wanted.  At the minimum it
   has always been a good idea to use 'SITE USERS <user-glob>' to see who
   would be effected, but with the new matching list feature you can view the
   list of users, make sure it's correct, and use 'site change --' to modify
   only the users you just verified.

   If there are any users records who couldn't be accessed the command will
   report a count of them if the caller has the Master flag.  You can then
   use the '-error' option to see what usernames had problems.  Errors should
   only be possible with the use of a 3rd party shared user module like

8) Modified site change commands (site change <target> { homedir | vfsfile |
   tagline | opaque | groupvfsfile | groupdescription } <none>).  You can
   now specify "<none>" as the new value to any of the above change commands
   and the field will be cleared.  This is important because some commands
   like 'site change tagline' had no way to clear a user's tagline once set.
   Some commands like site change vfsfile and groupvfsfile still accept
   "default" to clear the field, and site change groupdescription will allow
   "none" to do the same thing, but "<none>" is now standardized across them

9) By default the server will no longer accept logins (except from a single
   exempt user defined in the .ini file) until all OnServerStart events have
   finished.  I'm not aware of any 3rd party scripts except NxMyDB who
   currently use this event and the new guarantee should be useful to it.

10) Modified site command (site close [ -single ] [ { -kick | -new } ]
    [<reason>]).  Site close now accepts the '-single' option (available only
    to 'M' flagged accounts) which puts the server into "single user" or
    "administrative" mode.  This mode doesn't exempt the users defined by
    the 'Close_Exempt' .ini option, so the only users allowed to stay logged
    in is the user issuing the command and the user defined by the new
    'Single_Closed_Exempt_Name' .ini option.  Ordinary users will see the
    normal site close message, users who would normally be exempt from site
    closure will now see this additional line when trying to login:
      530-ADMIN MODE CLOSURE BY '<username>'.
    This new option can be useful if you have a bunch of siteops and you want
    to close the site but they are all normally exempt.  It also provides a
    way to perform actions best done without any active transfers.

11) New ioFTPD.ini option (Single_Closed_Exempt_Name under [FTP]).  The single
    username defined here can always login to the server even if the server
    is in single-user / administrative mode or if the startup scripts are
    still running.
    WARNING: ioGUI uses the ioFTPD account and probably should NOT be running
    if single user mode is entered to do things like renumbering sections,
    mass modification of userfiles, etc because it won't pickup the changes
    so just disconnect and reconnect when done.

12) New ioFTPD.ini option (Banned_User_Flag under [FTP]).  This defines a
    single user flag character to indicate a user has been banned from logging
    in.  By default, the user will see the message
      'Account has been temporarily banned'
    if they try to login, however the actual text may be different if using
    an OnBannedLogin event.  Default is 'B'.  Leave undefined to disable.
    NOTE: The ability to set a ban time for users is not currently provided
          because it would require a change to the userfile or some tricks
          with overloading a field and that could cause issues with nxMyDB
          and/or 3rd party scripts.  However a very simple script and a new
          scheduler event should be able to add the ability while also showing
          the reason for the ban when the user tries to log in.  In the future,
          when there are enough changes to make it worth modifying the
          userfile, these features will be supported by ioFTPD itself.
    NOTE: Banning a user doesn't automatically kick them if already connected.

13) New event (OnBannedLogin).  This event is run whenever a user tries to
    login and has the Banned_User_Flag as one of their user flags.  Treated
    the same as OnExpiredLogin and OnDeletedLogin which means if the event
    returns an error code the generic 'Invalid password' error is displayed

14) New ioFTPD.ini option (Quiet_Login_Flag under [FTP]).  This defines a
    single user flag character to indicate that normal LOGIN: and LOGOUT:
    log entries to ioFTPD.log should not be made.  This flag is very useful
    to prevent BNC log spam.  Default is 'Q'.  Leave undefined to disable.

15) New ioFTPD.ini option (Who_Sort_Output under [FTP]).  If set to True then
    the 'site who' output is case-insensitive sorted rather than shown in
    connection-id-slot (like site swho) since this is more useful to users.

16) Site Who for 1M flagged users no longer obscures the arguments to site
    commands, or hides paths.  It will, however, apply the Who_Hidden_Users
    attribute provided the hidden user isn't actively transferring a file.
    This still allows you to filter out sitebots, ioGUI, etc. from listings
    provided they aren't consuming bandwidth in which case you probably want
    to know about it as a SiteOp.

17) Site Who is a even more restrictive about hiding a user's actions if the
    user is determined to be in or transferring from a hidden path.

18) If the user has logged in with a '-' password prefix indicating they are
    a bot/script and wish for only single line command responses the server
    will no longer display the .ioFTPD.cwd and .ioFTPD.messages files when
    the bot CWD's into a directory and it will disable theme support.

19) The server will now return more descriptive login failure messages in a
    couple of cases if a valid username and password has been supplied.  In
    particular, if the VFS file specified by the groupfile, userfile, or the
    system default .vfs file is unable to be opened you will now see:
      530 Login failed: Error with VFS file.
    and if the VFS file was able to be loaded but the user's home directory
    or the '/' directory were unable to be resolved you will see:
      530 Login failed: Error with home directory.
    This should favorably resolve one of the most common issues new ioFTPD
    administrators have since lots of people seem to forget to setup the .vfs
    file and the 'Invalid password' error was misleading.

20) The server will now verify that the default TCL initialization script can
    be run successfully, or it will fail to start with an error message and a
    logfile entry.  This is particularly important because someone (including
    me!) will forget which version of TCL libraries is in the /lib directory
    and won't figure out why scripts are failing in weird ways.  The most
    common indication you had a TCL dll/lib mismatch is with the [clock]
    command not working.

21) Initialization errors with TCL will still report that the 'Event' module
    failed, but will now mention it was a TCL version issue.

22) ioFTPD error messages to the logfile during initialization will now record
    the textual error message if the log system has been initialized.

23) New super cookies (%[Max]).  Valid when processing UserList.Footer this is
    the total number of users found.  %[Pos] holds the total matching users.

24) %[Ratio(999)] now returns the LeechName setting from [Ftp] section in the
    .ini file, i.e. Leech, Unlimited, etc.

25) When processing [UserInfo,MyInfo].Totals the %[CreditSection] cookie will
    be set to -1 if per-section stats shown, else 0 and %[ShareSection] 
    will be the total number of sections defined.    

26) Added a "safety" word to all AllocateShared() memory allocations and to
    all FileInfo's that is checked prior to decrementing the reference count.
    If corruption is detected an entry is made to the Error log and details
    about the callstack are made to the Debug log.  If this does get triggered
    perhaps a pattern will emerge so we can find the problem.

27) Updated OpenSSL to v1.0.0d.

*** iTCL Changes

28) Updated TCL to v8.5.9.

29) New TCL command (ioServer { open | closedfor | close ... }).
    open      : Returns -1 if server already open, else the time the server
                was originally closed.
    closedfor : Returns -1 if the server is not closed, else a tuple like
                { time-server-closed close-msg-reason }
    close [ -single <username> ] [ -new ] [ <reason> ]
                Returns 0 if the server was just closed else the time it was
                previously closed.  The -single <username> option enables
                single user mode for the given username.  The -new option
                prevents logging non-exempt users off and just prohibits new
                users.  Unlike 'site close' this command doesn't offer a way
                to immediately kick users, just use [client kill] after the
                server has been closed.
    NOTE: The open/close commands generate ioFTPD.log events just like site
          open/close would.  The user/group names displayed in the log are
          based upon the currently active userfile, else "<unknown>" if not
    With programmatic access to the site open / close command and the new
    guarantee that all OnServerStart events will be executed before the server
    accepts connections you can now start a server up closed to logins and
    keep it that way while performing operations that are best done without
    anyone online.

30) New TCL command option ([user SingleLineResponse]).  Returns 1 if the '-'
    prefix was used on password during login indicating a bot/script, else 0.

*** Bug Fixes:

31) Fixed a bug with "Invalid symbolic path (pwd was <path>)." lines showing
    up in the error log improperly.  This created a lot of log spam when
    scripts like nxAutoNuke would run as the [resolve pwd] calls would
    trigger the bug.

32) Fixed a bug where the individual directory lock for cached dirs wasn't
    handling all cases correctly.  If the directory was locked and there were
    2+ other threads waiting on the event created to hold waiters and then the
    directory was release by the original owner and another waiter was added
    a new event would be created to hold waiters even though there were threads
    waiting on the original event still!  I'm not sure exactly what happens
    besides the event handle being leaked, but it's possible users could get
    stuck on the abandoned event, multiple users could "own" the lock, etc...

33) Fixed a bug where the RETR command was decreasing the active download
    count immediately as well as after the download finished.  This meant
    that the active download count goes increasing negative and rendered the
    max concurrent download setting for the user ineffective.

34) Fixed a bug where the STOR command could leave the active upload count
    incremented if the server had trouble creating / appending the file.

35) Fixed a bug with the STOR command where the data channel could be reset
    twice if the download failed in certain situations like not enough
    credits, etc.

36) Fixed a bug with AllocateBuffer() that always doubled the size of the
    buffer even if the minimum size requested was met.

37) Fixed a bug where invalid login attempts may leave the mountfile open.

38) Fixed a race condition with newly registered connections.

39) Fixed a bug where Login_Attempts = 1 under [FTP] would prevent users
    from logging in.  Default is 3.

40) Fixed a bug in determining if a path is a mountpoint or not.

41) Fixed a bug with message files not ending with \r\n generating an extra
    blank line.

42) Fixed a race condition on counting total logins for a user.

43) Fixed a race condition on the device share count.

44) Fixed a bug in PWD_Copy() that didn't handle pure virtual directories
    properly and could result in the server crashing in some cases.

45) Fixed a bug where the virtual event field associated with an item that
    resolved to a real path in a pure virtual directory wasn't being updated.

46) Fixed a bug if both sides of the %[IF] super cookie were zero length.

47) Fixed a bug in PWD_CWD2() which didn't close an open FileInfo which would
    lead to a memory leak if the directory was later updated or flushed from
    the cache.

48) Fixed a bug where the data channel socket might not be initialized before
    its first use if the first data transfer command failed.

49) Fixed a bug where it might be possible to close the wrong socket if the
    server ran out of passive/active local ports.

50) Fixed a memory leak when displaying a list of users for site re-add/purge.

51) Fixed two memory leaks with 'site grpdel'.

52) Fixed a memory leak in 'site help'.

53) Fixed a bug in DeleteLockObject() not marking the 2nd handle as invalid.

54) Fixed a memory reference count issue in 'site devices|services'.

55) Fixed a memory leak in 'site ioverify'.

56) Fixed a bug in 'site perms' which didn't close an open FileInfo, and fixed
    a pathname memory leak.

57) Fixed a bug with 'site perms -<yourself>' which would improperly update
    your userfile reference count.

58) Fixed a bug in 'site chattr' which wasn't closeing the FileInfo.

59) Worked around a bug in TCL during shutdown after TCL_FinalizeThread() had
    been called and returned in each thread with a TCL interpreter, but when
    TCL_Finalize was called on the main thread it would crash because not all
    the threads had actually cleaned up completely.  From the manual I fail to
    see how ioFTPD did anything wrong, but I've added code to mitigate the

60) Fixed a bug in 'site who' which would call Free() on NULL if no excluded
    paths were defined.

61) Fixed a bug in 'site refresh' which wouldn't free all paths when dealing
    with merged directories.

62) Added a workaround for WinSock returning an odd error that resulted in:
      426 Connection closed: The semaphore timeout period has expired.
    and changed it to more accurately reflect what was going on:
      426 Connection closed: Data transfer timeout.
Yil is offline   Reply With Quote