File: changelog

package info (click to toggle)
proftpd 1.2.0pre1-2
links: PTS
area: main
in suites: hamm
size: 1,468 kB
ctags: 2,106
sloc: ansic: 19,206; sh: 1,640; makefile: 480; perl: 235
file content (1141 lines) | stat: -rw-r--r-- 43,927 bytes
[ EDITOR'S NOTE:  It is possible that I may _personally_ no longer be
  doing active development on proftpd in the future, my time contraints
  are simply too much.  However, all rumors aside active development on
  proftpd DOES continue.  I AM and WILL be continuing to maintain the
  cvs tree and test/patch as necessary for those who submit updates
  and patches.  A mailing list is available at majordomo@evcom.net,
  subscribe proftpd-l.  Please submit all patches, inquires and the like
  to the above mailing list.

  Additionally, the cvs repository is available via anonymous cvs at:
  anonymous@proftpd.org, password: proftpd.

  For reference, you would do something like the following to access
  the anonymous repository:

  cvs -d :pserver:anonymous@proftpd.org:/var/cvs login
  Password: proftpd
  cvd -d :pserver:anonymous@proftpd.org:/var/cvs checkout proftpd

  The development version of proftpd can be accessed via:

  cvs -d :pserver:anonymous@proftpd.org:/var/proftpd-dev login
  Password: proftpd
  cvs -d :pserver:anonymous@proftpd.org:/var/proftpd-dev checkout proftpd-1.1

  Many thanks. ]

============================================================================

- mod_ls fixed (in a big way) ncftp's get -R should now work perfectly.

- Security patch fixes potential CWD/MKD stack smash exploit.

- CF_MERGEDOWN fixed, no longer dupes merged directives.

- mod_readme.c module added to contrib directory.

- mod_pam.c module added to contrib directory.

- RFC959 APPE command now works.

- Rehashing (-HUP) now properly discards old LogFormat logs,
  and recreates from the conf file. (Debian bug #28641)

- Retrying a transfer after a failed data connection no longer
  results in "Internal error: non-PASV mode, yet data connection
  already exists"

- PASV/PORT data-connection selections are now strictly RFC, i.e
  either one can override a previous PASV/PORT as long as the
  data connection has not yet actually been established.

- Arguments inside "%{}" logformat macros should now work as documented
  (i.e "%{%Y%m%d}t")

- Fixed memory leak in mod_ls.c, should no longer eat large amounts of
  memory when performing a recursive ls (-R).

October 17, 1998 - Version 1.2.0pre1

- Another dirtree recursion bug fixed, similar to that in 1.1.7pl3.

- Most auth related logging now includes destination IP and port.

- Default syslog facilities are now correct - PR#53 (jan.menzel@gmx.de)

- install -d (directory) no longer used, because of broken BSD-install.

- Configuration script cleanup, everything is now cached properly.

- Configure script now detects LOG_FTP and LOG_CRON, and allows their
  use via the SyslogFacility directive, if appropriate on the target
  platform.

October 10, 1998 - Version 1.1.7pl3

- Recursive dirtree walking code fixup, a gcc bug was being trigger
  in just the right circumstances.  Multiple UserAlias should now
  work properly with AuthAliasOnly turned on.

- GroupOwner now properly uses AuthUserFile/AuthGroupFile.

- Bug fix in directory listings, small oddity with listing symlinks 
  to a directory fixed.

- Performace tweaking to directory listing, time()/umask() no longer
  "over-called."

- Makefiles have been adjusted to be more admin friendly.  Now, by default,
  _everything_ is installed in the prefix directory (as specified by
  --prefix when running configure).  The config file is now:
  /usr/local/etc/proftpd.conf by default, and scoreboard is
  /usr/local/var/proftpd/.  This will require some changes for package
  maintainers.  To help with this, proftpd configure is now completely
  GNU autoconf compliant.  To build on a target system outside of
  a single prefix directory, you would do something like:

  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run

  This will install:
     o Admin and daemon binaries in /usr/sbin
     o Normal user binaries in /usr/bin
     o Configuration file in /etc
     o Manual pages in /usr/man

  Additionally, the scoreboard directory will be:
     o /var/run/proftpd 	(The additional directory is automatically
				 added and created at install)

- New header file, include/default_paths.h, path macros removed from
  top-level config.h

October 6, 1998 - Version 1.1.7pl2

- Pulled version macro out of include/conf.h and placed in it's own
  file, include/version.h

- PathAllowFilter/PathDenyFilter now apply to ALL write operations,
  not just STOR (as well as RETR).

- More than a single HideUser/HideGroup can now be used in a given
  context.  All such directives will be applied, so that all specified
  user/groups are hidden.

- AIX `tr' portability fix - PR#51 (flo@quit.mediaways.net) 

- all man pages updated

- ftpcount/ftpwho now take an additional argument, --path (or -p) which
  is the fullpath to the scoreboard files (as specified by the
  ScoreboardPath directive).  ftpcount/ftpwho is now more "intelligent"
  regarding the path not existing, warning the user.

- setpgid() is now used in preference to setpgrp(), if available
  on target platform.

- No more segfaults if incorrect /etc/passwd or /etc/group permissions.

- ExtendedLog w/out a command-class argument no longer causes a segfault.

- ExtendedLog inside Anonymous will now override outer ExtendedLog
  directives _with the same filename_.  i.e.

  <VirtualHost 10.0.0.1>
    ExtendedLog /var/log/virt.log ALL

    <Anonymous ~ftp>
      ExtendedLog /var/log/virt.log NONE
      # No extended logging for this anonymous context AND
      # /var/log/virt.log

- %F cookies in DisplayLogin/DisplayFirstChdir should now properly display
  kb on _very_ large filesystems.

September 23, 1998 - Version 1.1.7pl1

- E-mail passwords no longer hidden by mod_log, while true passwords
  in an anonymous context ARE hidden in ps and ftpwho listings.

- Added -l command line option, displays a list of all compiled-in
  modules (ala apache).

- Updated much documentation.

- Symlinked contrib'd modules from the modules/ directory.  Copying
  a 3rd party or non-standard module into modules/ is therefore no longer
  necessary.  Just ./configure --with-modules=mod_1:mod_2:...:mod_n
  Actually, cvs doesn't allow symlinks, however they are created
  when you run ./configure, so the above _will_ work.

- New contrib module, mod_linuxprivs, uses the new POSIX standard
  capabilities found in Linux 2.1 kernels to provide "fine-grain"
  access control over the entire daemon after authentication.
  Essentially allows proftpd to run as non-root, and be _much_
  more secure.  See README.linux-privs

- Added additional shell code in configure which permits add'l
  modules (--with-module) to specify extra libraries that are needed
  and extra directories that the top-level make should chdir to and
  run make in.  The syntax (should be near the top of the module) is:

  $Libraries: -L[extra-lib-paths] -l[extra-lib]$
  $Directories: [whitespace delimited list of extra directories]$

  The contents of "Libraries" is passed VERBATIM to the linker.

  See contrib/mod_linuxprivs.c for examples of this.

- MaxClients/MaxClientsPerHost should now properly virtualize
  per <VirtualServer>

- MaxClients works again in <Anonymous> blocks.

- TransferLog, UtmpLog and ExtendedLog can now be used inside
  <Global>, <VirtualHost> and <Anonymous> blocks.

September 16, 1998 - Version 1.1.7

- New directive `AllowForeignAddress'.  Defaults to off.  When turned
  on, allows a client PORT command to specify an address _other_ than
  the client's own; thus allowing FXP, etc to work (server-to-server
  transfer).  When off, the typical (address mismatch) is logged if
  a client attempts this.  Even when turned on, low-numbered ports
  are not accepted.

- Mapping user/groups specified in <Anonymous> configurations is now
  defered until after client-connect.  This allows you to use user
  or group names that are specified in an AuthUserFile/AuthGroupFile
  database inside proftpd's configuration.

- <Anonymous ~user> should now work w/ (broken) FreeBSD.  Also,
  symlinks in <Anonymous> should work properly w/ <Limit>.

- Uploading a file into a symlinked directory no longer overrides
  <Limit> security (the fully resolved symlink path is used).

- The HANDLED, DECLINED and ERROR/ERROR_* macros now take an add'l
  leading argument, the cmd_rec* structure used by the module
  handler; instead of assuming the variable is always named "cmd".

- Two new directives, AllowUser and DenyUser, work exactly like
  AllowGroup/DenyGroup, except a "user-expression" is used instead
  of a group-expression.  The expression has the same syntax.  I know
  proftpd is in code freeze, but someone brought it to my attention
  that this represents more of a "bug" than a lack of feature.

- AllowGroup now works in <Limit LOGIN> blocks.

- MaxClientsPerHost fixed.  PR#46 (vlad@elis.tusur.ru)

- New command line option, --persistent (or -p) [0|1].
    0 = Disable _default_ PersistentPasswd support.
    1 = Enable _default_ PersistentPasswd support.
  Note that the option ONLY changes the default, it can still be
  explicitly set via the "PersistentPasswd" directive.

September 12, 1998 - Version 1.1.7pre1

- **CODE FREEZE**

- %L in DisplayLogin/DisplayFirstChdir now displays FQDN, likewise
  %E (by default) is `root@fqdn'.

- TransferLog NONE
    Disables all transfer logging (xferlog)
  WtmpLog NONE
    Disables wtmp logging
  SystemLog NONE
    Disables all syslog logging

- Potential segv during subsequent transfer operations after a RNTO
  fails fixed.  PR#45 (jay@cimedia.com)

- Added contrib/mod_ratio.c and contrib/README

- Native CC ports for IRIX 6.3, DEC OSF/1 and AIX 3.2

- New directive 'UseReverseDNS', takes one boolean argument
  (on|off|true|false).  Controls whether or not reverse DNS lookups
  are performed on *data connections* (reverse lookups are ALWAYS
  performed on control connections).  The default is `on'.  With
  reverse lookups disabled, the remote host name of a data connection
  if always set to the ascii equiv. of the dotted quad IP address.

September 8, 1998 - Version 1.1.6pl2

- Added contrib/ directory for contributed _unsupported_ utils/etc.
  Currently contains a third-party rewrite of the perl script `xferstats'.

- Added xferlog.5 manpage.

- Some tweaking to tcp and ip options, attempting to increase localhost
  performance on Linux 2.1.* kernels.  Now should get about 2MB/s
  on 2.1.* and > 5MB/s on 2.0.*.  Not sure why 2.0.* is faster, still
  looking at this.  Supposedly setting a large MTU in 2.1.* kernels
  can help greatly.

- HideGroup now works if the file/directory is owned by the
  current user.

- Symlinks should now be displayed properly (again?!)

- The SIZE command now always returns files sizes as though IMAGE mode
  (binary) was the current transfer mode.  Calculating the transfer size
  on extremely large files in ascii mode can take a long time, and 
  represents a potential DoS attack.

- Two new directives: PathAllowFilter and PathDenyFilter.  Both take
  a single regular expression argument which respectively allow and
  disallow stored files depending on the regular expression match.

  Example:

  PathDenyFilter "(\.ftpaccess)|(\.htaccess)$"

  Note that these directives currently require libc posix regex
  support (regcomp()/regexec(), etc).  If not detected during
  configuration/compilation, you'll received a message indicating
  that the directives cannot be used, should you try to use them.
  A built-in regex library will hopefully be provided in the future.

- The -HUP signal (rehash) no longer loses all bindings (causing
  proftpd to not respond on any configured ports).  PR#40
  (mreimer@vpop.net)

- BSDI 3.1 port tested.  uid->user mapping should now work inside
  chroot, as well as authentication working properly.  PR#39
  (vermont@gate.net)

- sign problem fixed with PORT and PASV commands (affected Solaris)

- *really* long filenames will no longer cause an FPE in mod_ls

August 13, 1998 - Version 1.1.6pl1

- New directive context, <Global>.  Most other directives can be used
  inside a <Global> </Global> context (with the exception of a few
  where it makes no sense to do this).  Each <Global> tree is specially
  parsed and "merged" into BOTH the main host and all virtual hosts.
  This has the desirable affect of allowing the creation of a "global"
  configuration which is applied everywhere.  Multiple <global>
  blocks can be used; they will all be merged together after the
  configuration file is parsed.

- New core module, modules/mod_log.c, implements the following new
  directives and features:

  * SystemLog <filename>

    Redirects all "normal" syslog logging to the given filename.

  * LogFormat <nickname> "<format string>"

    Create a custom logging format to be identified by <nickname>.
    The format string can contain one or more of the following meta
    characters:

    %b                  - bytes sent for request
    %f                  - filename stored or retrieved
    %{FOOBAR}e          - contents of environment variable FOOBAR
    %h                  - remote host name
    %a                  - remote ip address
    %l                  - remote logname (from ident)
    %p                  - port of server serving request
    %v                  - servername of server serving request
    %P                  - process id of server serving request
    %r                  - full command received from client
    %t                  - Time
    %{format}t          - formatted time (strftime(3) format)
    %T                  - Time taken to transmit/receive file, in seconds
    %s                  - Numeric response code (status)
    %u                  - Local userid

    Default format is: "%h %l %u %t \"%r\" %s %b"

  * ExtendedLog <log-filename> [<command-classes] [<format-nickname>]]

    Creates an "extended" log.  <command-classes> is a comma delimited
    (no whitespace!) list of which commands to log (by class).  If
    no classes are specified, ALL commands are logged.  Valid classes
    are:

    none                - No commands
    auth                - Authentication commands (USER, PASS)
    info                - Informational commands (PWD, SYST, etc)
    dirs                - Directory commands (LIST, CWD, MKD, etc)
    read                - File reading (RETR)
    write               - File/directory writing or creation (STOR, MKD)
    misc                - Miscellaneous commands (SITE, etc)
    all                 - Log ALL commands

    <format-nickname> must be a predefined log format created with
    LogFormat.  If no format-nickname is specified, the default
    ("%h %l %u %t \"%r\" %s %b") format is used.

    ExtendedLog directives can be placed in the main server config,
    or in a <Global> or <VirtualHost> context, allowing you to have
    completely separate logfiles for different virtual hosts.

- New directive MaxInstances, used to control the maximum number of child
  processes allowed in standalone mode (and thus counter a DoS attack).
  Default is 'none' (unlimited child processes).

- New directive MaxClientsPerHost, PR #38 (vlad@elis.tusur.ru), restricts
  the maximum number of connections allowed from a given host/userid pair.
  Useful inside <Anonymous> blocks.

- No longer susceptible to "FTP bounce" attack (PORT command with low-
  numbered port)

Aug 9, 1998 - Version 1.1.6

- "./" and "../" are NOT listed in directory listings again.  This feature
  has been previously added per user request, but it is NOT standard
  and screws with mirroring software in a big way.  Using the
  LsDefaultOptions directive with a '-a' argument will cause ALL .dotfiles
  to be displayed, including "./" and "../".

- New directive 'TimeoutStalled', used to control the maximum number
  of seconds a data connection can be open w/ no actual data being
  tranferred.  Default is 'TimeoutStalled none' (no timeout).

- inet_aton() check put back in configure script.  inet_addr is now
  only used if no inet_aton() available on target platform.

- Verified OpenBSD 2.3 port works, one small fix for shadowed password
  handling.

- Added "true" vsnprintf()/snprintf() for OSF and other platforms
  that need it.

Aug 4, 1998 - Version 1.1.6pre4

- New directive 'ScoreboardPath', sets path for scoreboard file(s).
  Default is: /var/run

- ftpwho now takes -v argument, showing current working directory and
  full host name for each connection.

- scoreboard file (/var/run/proftpd-*) now contains much more information,
  as well as a header with magic number + version to aid in later
  file format changes.

- build/make fixes

July 31, 1998 - Version 1.1.6pre2

- __vsnprintf will now be used on Solaris systems.

- ident requests now timeout after 10 seconds, to avoid the ident
  firewall (or NAT) problem.  default timeout can be changed
  in include/options.h

- Can now be built outside of source tree (supposedly).  Now uses
  autoheader to generate config.h.in.  
  (PR#36 - objectx@polyphony.scei.co.jp)

July 30, 1998 - Version 1.1.6pre1 (cvs only)

- After authentication, clients can no longer use USER or PASS 
  commands (PR#37 - vlad@elis.easur.edu.ru).

- New directive 'Bind' (syntax: Bind <address>), permits binding of
  additional IP addresses to a VirtualHost (or main configuration).
  Bind may be used multiple times in a given context.

- AuthUserFile w/ same uid now should work correct for DefaultRoot
  purposes.  Keep in mind that there will _definitely_ be some oddities if
  you use duplicate uids/gids in your AuthUserFile/AuthGroupFiles.

- Symbolic links now properly "point" to their target (rather than
  to a bogus permission string)

- ftpwho now shows the % of transfer complete for sessions actively
  in RETR mode.  **WARNING**, because the scoreboard file format
  has now changed, make absolutely sure you do a complete 'make install'
  in order to update ftpwho/ftpcount when installing 1.1.6*.

- ./ and ../ are now ALWAYS displayed in file listings.

- New directive 'LsDefaultOptions', allows ftp admin to specify
  "default" options that will apply to all LIST/NLST/STAT commands
  (such as -a to display .dotfiles)

- New SyslogFacility directive, used to configure the syslog facility
  that proftpd uses for all logging.  When this directive is used,
  ALL logging is done at the given facility, rather than being broken
  up into AUTH/DAEMON.

- DirFakeMode, similar to DirFakeUser/DirFakeGroup, allows a "fake"
  octal mode to be configured, which all files/directories in the
  given context will be listed with.  Does not affect real permissions
  in any way.

July 21, 1998 - Version 1.1.5pl4

- mget should now work correctly (bug fix in fs_dircat)

- configure problem with Linux libc5 system fixed

- Bug fixes for match_ip (PR#35 -- eff@icomm.ru)

- AuthGroupFile now works correctly again.

- Fix (hopefully) for solaris compilation (libresolv)

July 19, 1998 - Version 1.1.5pl3

- dec unix portability fixes (fnmatch & glob)

July 18, 1998 - Version 1.1.5pl2

- now compiles under AIX 4.2.1.  Note: still quite a few compiler
  warnings, but then again, the AIX header files are definitely
  hinky.  gcc only.

- portability/compiler warning cleanup under irix 6.4.  gcc only.

- mod_auth.c now uses setgroups() instead of initgroups() so that
  AuthGroupFile will work correctly for setting up group membership

- "trapped" inside welcome.msg (or DisplayLogin directive file) should
  no longer occur if file does not exist.

- cd ~ will no longer dump core

- IRIX 6.2 portability fixes (thanks to jg@meer.net)

- modules/glue.sh should now be portable (heh)

- Deny/Allow directives now allow CIDR syntax (xxx.xxx.xxx.xxx/xx).

- .ftpaccess (dynamic configuration) is now only read ONCE per directory
  (unless it's mtime changes).  Should improve speed greatly.

July 14, 1998 - Version 1.1.5pl1

- GNUism fix in 1.1.5 accidentally removed the INSTALL variable, so
  make install will not work in 1.1.5.

July 14, 1998 - Version 1.1.5

- Removed GNUisms from Make.* files

- Minor portability fixes.

July 10, 1998 - Version 1.1.5pre3 (cvs only)

- ShowSymlinks Off directory virtualization should now work better
  (had problems with cdup, etc)

- Portability fixes for Solaris 2.5.1

- Minor proof reading of doc/API, with some additions.

- Minor code cleanup and obvious fixes to header and module source.

- If ShowSymlinks off is set, broken symbolic links are now completely
  hidden in directory listings.

- cwd should now work properly, instead of responding "No such file
  or directory" in some cases.

- HideUser/HideGroup work again (broken with conversion to vfs)

- Minor fixes in modules, now includes specific priority so cascading
  handlers will work properly.

- add_response()/add_response_err() should now work properly across
  module handler calls.  The response list is sent to the client once
  all handlers have run.

- src/data.c now properly uses add_response()/add_response_err()

- mod_ls.c should now handle aborted data connections properly using
  add_response_err()

- src/fs.c fixed so that new files are opened mode 0666 (which will of
  course be appropriately modified by the current umask)

July 9, 1998 - Version 1.1.5pre2 (cvs only)

- Patch to GNU glob() so that it no longer tries to closedir() on
  a NULL stream.

- In order to make glob() work with the virtual fs, it's pretty much
  necessary to have GNU glob().  Added additional tests in configure
  so that the provided GNU glob() will be compiled in if any important
  "GNUisms" of the target platform are missing.

- First attempt at virtual file system modularity.  new core file src/fs.c,
  all file operations are now piped through here.  Added a new test module,
  mod_tar.c, however do NOT be tempted to use it yet, it won't work
  properly.  Still more work to be done (hash tables, etc) in src/fs.c,
  before it's really functional.

- Optimized src/dirtree.c quite a bit, in order to get the number of
  stat()/lstat()s down.  Still lots of work to be done in this area.

- Added add_response() and add_response_err() core functions so that
  it is now easier for modules to add a response to the list send to
  clients once all handlers have been called.

- ShowSymlinks now defaults to 'On' in ALL cases (both anonymous and
  otherwise).  This seems to make more sense.

- include/privs.h modified to be more portable.  Now uses seteuid()
  if possible, otherwise setreuid().  posix saved uids are no longer
  "manipulated", as this can be non-portable (some bsds for example).

- Added fgetpwent()/fgetgrent() to libsupp for systems which do not
  provide it in libc.  configure now checks for these functions.

- Added conditional code for FreeBSD2.* and 3.*, so sockets are created
  as root (and thus the SO_REUSEADDR problem doesn't occur).

June 27, 1998 - Version 1.1.5pre1 (cvs only)

- Complete redesign of modules API.  New file "doc/API" documents the 
  version 2.0 API.  The redesign _significantly_ enhances module
  capabilities, including "cascading" command handlers, authentication
  handlers, and more.  This will allow third-party modules to
  significantly enhance & change proftpd's behaviour.  Of important note
  are:

  * New module modules/mod_unixpw.c, which implements the new 2.0
    authentication module API in regard to unix password (nis,
    /etc/passwd, etc) lookups and authentication.

  * New core functions in src/auth.c.  All authentication/user/group/
    password operations are now handled by the auth_* functions, which
    provide the "glue" to the modular authentication system.

  * New directive 'PersistentPasswd', allows the "persistent" password
    feature to be enabled/disabled at runtime.  The default is platform
    dependant (on whether or not configure determines that this is needed).
    If you are running NIS, you will VERY likely want to shut this off.

  * AuthUserFile and AuthGroupFiles now turn on persistence for passwd/
    group file lookups, and will now base authentication (as well as
    directory listings) on the indicated file(s).

  * A sample module has been included (modules/mod_sample.c).  This
    is a real working module that can be included in proftpd with the
    "--with-modules=mod_sample" (see below) argument to configure.
    The module doesn't do anything terribly useful, but it's extensively
    documented (well, sort of :}).

  * Additional modules may now be installed/configured at configure
    time.  The core modules (mod_core, mod_auth, mod_xfer, mod_site,
    mod_ls and mod_unixpw) must ALWAYS be compiled in, however add'l
    modules can be added using the '--with-modules=[module_list]'
    argument to configure.  [module_list] is a colon seperated list
    of add'l modules *w/out* .o or .c extensions.  Example:

    ./configure --with-modules=mod_sample:mod_mymod

- When binding to port 20, proftpd will now retry the bind up to 10
  times if it fails with "Address in use".

June 26, 1998 - Version 1.1.4

- RootLogin should now work as advertised.

- A few configure script fixes, now tests for libresolv & libbind.

- DirHideUID and DirHideGID directives have been renamed to
  DirFakeUser & DirFakeGroup, respectively.  These seem to make
  more sense, as "Hide" in proftpd is used elsewhere to mean files &
  directories actually _invisible_ to the user.

- Updated Free Software Foundation address.

- PR#29: MaxClient anonymous fix

June 14, 1998 - Version 1.1.4pre1

- Ooops.. new i/o code didn't properly detect EOF.  Fixed.

- A few fixes from Andrew Tridgell <tridge@samba.anu.edu.au>
  (I think we're almost ready to go to tarball, once the timeout
    problems are resolved)

- Timer problems w/ new i/o code should _hopefully_ now work.  Please
  let me know immediately if there are any timeout related problems.

- STAT command is now back in (and moved to mod_ls).

June 13, 1998 - Version 1.1.3 (cvs only)

- CHANGES has been renamed to changelog

- The I/O system has been *completely* rewritten.  This was done for
  three reasons: simplicity, to pave the way for easier module
  linkage (i.e. mod_pam, etc), and because the old way just wasn't
  Right<tm>.  :P  The new system is non-asyncronous (unlike the old),
  meaning that proftpd processes now block while transfering data.
  As a primary result of this, recursive directory listings (ls -R)
  will now work exactly as expected (no more ncftp timeouts).  Much
  code has been removed from modules/mod_xfer, and a new core
  object file has been added: data.c, who's purpose is to handle
  everything necessary for data connections.  Of course, src/io.c
  has changed vastly because of this.

- Numerous fixes to mod_ls.c, so that aborted directory listings
  are now handled properly, and some optimization.

- Fix in dirtree.c, now sure how this was even working, but a bad
  pointer cast resulted in directives inside a <Limit> block not
  being iterated through properly.

- PATH_MAX fixed in mod_ls

- GLOB_PERIOD is now tested for in configure, if it's not found
  gnu glob*() is compiled in, regardless of glob() availability
  on the target system.

- PR#27 (gustav@pvv.ntnu.no) applied, with some modifications.
  This moves some of the config macros used by modules to dirtree.h
  (where they really belong), as well as configuration support routines
  to dirtree.c.  Also adds two additional directives [Note: I altered
  their names slightly to make them a bit more recognizable, also
  extended their usage], which are as yet undocumented:
 
  DirHideUID On|Off [<userid to display>] -
    Causes all directory listings to be displayed as though they
    are owned by <userid>.  If <userid> is not specified,
    the username "ftp" is used instead.

  DirHideGID On|Off [<groupid to display>] -
    As above, however this affects the group of files and dirs
    listed instead of the owner.

  Both directives can be used in main config, <VirtualHost> and
  <Anonymous> blocks.

- New RootLogin directive (by popular request <g>).  This directive
  takes one boolean argument and allows root login <yuck> when enabled.
  Need I even say "Be Careful"?  root logins are still logged, however.

- New IdentLookups directive.  Undocumented, controls whether or not
  the RFC1413 protocol is used upon user connect to "attempt" to
  determine the remote username (which is used in certain messages).
  Default is that ident lookups are on.
  Syntax: IdentLookups off

June 1, 1998 - Version 1.1.3pre2 [not released]

- A few ansi C fixups, should aid w/ portability.  Thanks to
  Andrew Tridgell <tridge@samba.anu.edu.au> for PR#23.

- <Directory> syntax now allows for "~/dir" or simply "~".  When such
  a directory is used, resolution of the actual path is "defered" until
  a user authenticates, at which time ~ is replaced with the user's
  full home directory (just as DefaultRoot does).

May 26, 1998 - Version 1.1.3pre1

- TransferLog _should_ now be configurable in either main config,
  <VirtualHost> or <Anonymous> contexts. PR#19

- Patch from 1.0.x: PR#18

- No code changes, but one undocumented feature of DefaultRoot
  is that the syntax "DefaultRoot ~/directory" will cause all matching
  users to be jailed into $HOME/directory.

- Massive code changes in mod_auth, all for the support of the new
  AnonymousGroup directive (undocumented, at this time).

  Syntax: AnonymousGroup <group-expression>
  All users matching <group-expression> are assumed to be anonymous
  logins (i.e. require no password).  Be careful with this one. :)

  Useful for a "all anonymous" virtualhost, such as.

  <VirtualHost 10.0.0.1>

    DefaultRoot ~/ftp
    AnonymousGroup users

  </VirtualHost>

  Thus, all users in group `users' now have their own private anonymous
  ftp site (assuming they have an `ftp' directory).  Site wide access
  control for home directories will come next.  <grin>

May 25, 1998 - Version 1.1.2

- Various small patches from production source tree (PR#16 & PR#17)

- Port 0 now disables socket binding on a particular host or virtualhost
  (see development.notes for technical info)

- A few misc. changes to mod_ls.

May 24, 1998 - Version 1.1.2pre2

- anonymous Directory/User patch from 1.0.3.

- Finally broke down and fixed the "port 20" problem.  Note that there
  was NO GOOD WAY TO FIX THIS, so I settled for the lesser of all evils.
  Not sure if it will stay this way forever, but proftpd now behaves like
  legacy ftp servers and uses either posix.1 saved-uids or bsdish uid
  swapping when a user authenticates, which essentially means that it
  can "restore" root privs if needed (such as to bind to a low numbered
  port).  This is a _major_ change in design, policy-wise at least (code
  changes are minimal).  Strongly suggest those running 1.1.x take a look
  at the code to make sure there are no gaping holes.

- because of the above change, proftpd now blocks nearly all signals when
  switching to root and performing privileged operations.  Such operations
  have also been altered so that they should never block (and thus signals
  are unblocked immediately).

May 21, 1998 - Version 1.1.1

- Fixed mod_ls to handle ShowSymlinks directive properly

- Added glob.c/glob.h from gnu libc6 to libsupport, and appropriate
  detection to configure script.  glob() will now be available on non
  posix.2 systems.

- Added DenyGroup and AllowGroup directives (see html docs)

May 20, 1998 - ** Version 1.1.1pre1 branched off from 1.0.3pre1

- mod_ls now in place, list and nlst commands now fully support
  -R (recursion) and the like.  Created new cvs repository
  (/var/proftpd-dev) for development version.  Please bang on this
  to see if it breaks.

- dropped old "auth deamon" support from 1.1.0pre-alpha.  It was
  the right direction, but not the "right way".

May 20, 1998 - Version 1.0.3pre1 (cvs only)

- RFC patch (Entering Passive Mode)

- SIGSEGV when unable to connect to client data port.

May 19, 1998 - Version 1.0.2

- uid/gid swapping is now used on systems that don't support posix.1
  saved ids.  If your libc's headers defined _POSIX_SAVED_IDS, the
  saved id mechanism will be used.

- Outbound data connections now bound to the appropriate virtual host
  address rather than the main system address (firewall related)

- Some additional #ifdefs inserted for solaris2.x.

- Various RFC959 patches...

  - Multiline replies are now fully RFC compliant.

  - DELE and RMD now return 250 instead of 200.

  - MKD now returns 257 "full/path/to/new/dir" - directory successfully created.

  - PWD and MKD now properly quote the " character.

May 18, 1998 - Version 1.0.1

- Added scripting in configure.in to check for various C compiler
  flags "desired", some of which are gnuisms (such as -Wall).  Non-gcc
  compilers should no longer choke on such.

- Added Solaris2.6.README, regarding oddities with solaris' xti.

- Incorporate patch from Kelemen Peter <fuji@chiara.csoma.elte.hu>:

  - Solaris 2.6 typedefs in_addr_t in /usr/include/netinet/in.h,
    ugg.

- Incorporate patch from Simon Wilkinson <sxw@dcs.ed.ac.uk>:

  - Problem with NAMLEN macro, introduces possibility of proftpd
    underallocating and segfaulting.  [Ed: it's good to get rid of this
    one, thanks Simon!]

- Incorporate patch from Stephen R. van den Berg <srb@cuci.nl>:

  - Two bugfixes with respect to the HideNoAccess flag.
  - Fix a bug with respect to the default hostname taking over a specific
    virtual host by accident.
  - Allow for passwd and group file specification.  This allows one
    to completely virtualise a virtual host with a separate user/group
    list. [Ed: This also most _DEFINITELY_ requires NEED_PERSISTANT_PASSWD]

???????? ??, 1998 - Version 1.0.1

- SITE CHMOD now works properly with octal modes that don't have a
  '0' prepended (patch originally released as 'proftpd-1.0.0-chmod.patch'.

- proftpd-1.0.0-localtime.patch applied.  Directory listings return
  localtime rather than gmtime.  Note that the mdtm localtime patch has
  NOT been applied, and will not (it's just plain "wrong"). :)  It can
  be found at ftp://ftp.proftpd.org/patches

December 29, 1997 - Version 1.0.0

- MDTM no longer reports certain files as non-existant.

- NOOP command now correctly implemented.

- Minor cleanups/porting aids.

- Several potential stack overrun bugs fixed.

- Numerous fixes that could affect <Limit> blocks depending on your
  usage of symlinks.  All <Limit> checking is now done on *absolute*
  directories, after symlinks have been recursed.
  Status: Complete

November 18, 1997 - Version 0.99.0pl11

- Fixed bug which could cause proftpd to catch SIGSEGV if a
  'UserAlias' directive was the last non-BLOCK directive in a 
  particular context.

- fsync() is no longer called in src/log.c, typo fixed in
  src/support.c

- setsid() is now used instead of ioctl() in src/main.c, should
  be more portable.

- Numerous fixes in directive tree management, as well as some
  optimization.  If it weren't for this change, pl11 would be
  1.0.0, but I'm not totally convinced that something didn't slip
  through in all the changes.  Please let me know if proftpd
  behaves oddly in relation to configuration, or if directives
  don't behave in a documented fashion.

November 11, 1997 - Version 0.99.0pl10

- MD5 hashed password authentication will now work if your libc
  supports transparent use of md5_crypt() from the crypt() function.
  Only libc6 is guaranteed to do this, some libc5s do (under Linux).
  MD5 support has NOT been natively added, your libc MUST provide it.

- Fixed bug involving certain directives not being found if at least
  one <Directory> context didn't exist for a server/anon configuration.
  Notably, AllowOverwrite will now work if placed in a <VirtualHost>
  context without being inside of a specific <Directory> block.

- Fixed memory hole/bug in inet_copy_connection(), which may have
  been responsible for data loss/corruption/odd behavior.

- Added "magic cookie" replacement strings for DisplayLogin &
  DisplayFirstChdir files.  These are as follows:

    %T		Current Time
    %F		Available space on file system
    %C		Current working directory
    %R		Remote host name
    %L		Local host name
    %u		Remote username as reported by the ident protocol
    %U		Local username used at login
    %M		Maximum number of connections in this context
    %N		Current number of connections in this context
    %E		Server admin's email address (as specifed by the
		ServerAdmin directive)

- Added ServerAdmin directive to specify an e-mail address for the
  ftp administrator.  Defaults to 'root@hostname' if not specified.

- Added support for ident protocol lookups, used for "magic cookies"
  in DisplayLogin/DisplayFirstChdir.

October 29, 1997 - Version 0.99.0pl9

- Added man pages for ftpwho(1) and ftpcount(1).

- Added X* versions of all the three letter commands.  Some FTP clients
  (Win95's default, for example) use these instead of the three letter
  (RFC) versions.

- Passwords can now contain spaces.

- Added the SIZE command (not sure how it got left out), so that FTP
  clients which rely upon it to estimate transfer time (ie. ncftp)
  now work properly.

- Cosmetic fix.  Anon FTP connections now display "send e-mail address
  as password" rather than the "password required" message.

- IPs that do not map to names are now displayed properly when no
  configuration is defined for the address (no VirtualHost).

- Added an ftpshut utility (plus man pages) for admins.  Installed in
  /usr/sbin by default.

October 12, 1997 - Version 0.99.0pl8

- ** CODE FREEZE **  No new features will be added to this development
  tree.  pl8 will be released shortly for testing.  If all goes well
  for this (or future pls if needed), this will become 1.0.0.  Then,
  a new tree will be started for 1.1.x, for all the new and lusted after
  featurage. =P

- Added a simple man page, which is installed (by default) as
  /usr/man/man8/proftpd.8.

- Added the non-RFC (but defacto standard) MDTM command, used by some
  clients to determine the modification time of a file (debian's
  dpkg, for example).

- Bug fix in the PORT command, didn't allow arguments greater than
  254 to be passed, which means that any two-byte port which consists
  of '255' caused "Illegal PORT command."

- If a dotted quad IP is used in a <VirtualHost> block, proftpd refuses
  to allow connections (FQDN must be used).  Fixed -- Numeric IPs
  will now work correctly.

- Bug which caused proftpd to crash when transfering large amounts of
  ASCII mode data (notably, gigantic directory listings) fixed.

- Added --enable-shadow and --enable-autoshadow arguments to the
  configure script.  These are for use by binary distributors, to
  force certain code options to be compiled in.  For more information,
  see the TODO file.

September 23, 1997 - Version 0.99.0pl7

- Added 'DefaultRoot' directive which allows all users or certain
  groups to be chroot() jailed at login (into either their home
  directory, or a specified directory).  See the directive reference
  documentation (http://www.proftpd.org/reference.html) for more
  info.

- Fixed nasty bug in I/O, where a "infinite loop" was possible if
  a client dropped the control connection at just the right moment.
  This bug fix is the main impetus behind releasing 0.99.0pl7 ASAP.
  Hopefully all such "stuck loop" problems are fixed now.

- Directory interpolation (i.e. ~username) is now done during normal
  run time, instead of at config file parse time.  This will prevent
  problems with user's home directories changing and proftpd needing
  to be restarted.  Note: This still needs some rework in the next
  version.

- Fixed bug in code dealing with symlinks.  Symlinks will no longer
  cause proftpd to "hang" in a loop eating all CPU.  Note: Maximum
  symbolic link depth is 32.

- Complete refit of utmp/wtmp code.  Utilities such as 'last'
  should now work correctly -- no more missing host field, odd tty
  names and permanent ("still logged on") logins.

- Clients which estimate download transfer time will now work
  correctly.

- autoconf/configure should now produce configure/header files that
  will allow ProFTPD to compile _relatively_ cleanly under Irix 5.3,
  BSDI 2.1 and Solaris 2.5.  Solaris does report some non-harmful
  warnings due to broken sun header files.

July 8, 1997 - Version 0.99.0pl6

- Numerous code cleanups so compilation *should* look clean with
  -Wall.

- Added 'DefaultServer' directive to allow configuration of a particular
  server (virtual or root) which handles all incoming "unknown"
  destination addresses.  See documentation for more info.

- Fixed a *massive* parsing bug which caused any operations on filenames
  or directories with whitespace in them to fail.

- Fixed bug which caused SIGSEGV when trying to login to anonymous
  server with unknown username.

- Added more code for portability, namely fnmatch() and strsep().
  Irix 5.3 and BSDI ports close but not done, Irix is *almost* there.
  (thanks go to Chris Brown <chrisb@siggy.iceonline.com> for all his
  efforts)

- Debug level 4 now logs all commands to syslog (instead of level 2).
  PASS commands are intentionally hidden.

June 26, 1997 - Version 0.99.0pl6-private

- Added a support library which will include all code that might
  be missing from a particular platform's libc.  Currently includes
  getopt() and getopt_long().  This is to aid portability issues.

- Added 'SocketBindTight' directive to configure how listening sockets
  are bound when proftpd is in standalone mode.  See reference.html
  for more info.

- Fixed problem with CWD/PWD and symlinks.  Navigating through symbolic
  links to directories should now work properly.

- Added 'ShowSymlinks' directive to control how links are displayed
  in directory listings.  See reference.html for more info.

- Allow/Deny/Order directives inside <Limit> contexts now work fully
  and properly.

- A couple GNU autoconf tweaks to aid in porting efforts.

June 10, 1997 - Version 0.99.0pl5

- Major fixes to ftpcount/ftpwho and proftpd's run-time logging.
  ftpcount/ftpwho *should* now accurate report all user's currently
  logged in and proftpd will no longer duplicate entries.

- ASCII xfer from client to server caused occasional corruption.  Fixed.

- Timeouts not working in certain cases due to a race condition.  Fixed.

- ws_ftp95 (some version) had a problem w/ proftpd due to both sides
  of a data connection not being closed.  Fixed.

- Multiple anonymous logins not working properly due to a slight
  recursion bug.  Fixed.

- Idented sample configuration files for easier readability.

- Added AccessGrantMsg, UserPassword and GroupPassword directives.
  See documentation for usage.

June 4, 1997 - Version 0.99.0pl4

- PASV mode transfers fixed.  Netscape and possibly other web browsers
  use PASV mode.

- Top level configuration directives checked as part of normal
  FTP command authorization weren't working unless a <Directory>
  context existed which matched (at some level) the command.
  Example of broken configuration which is now fixed:

  Port 21
  ...
  AllowOverwrite on
  ...
  # No <Directory /*> exists, so AllowOverwrite would not apply

- <Directory /> wasn't being used at all, however <Directory /*>
  worked.  Fixed.

- /var/log/xferlog "wu-ftpd" style logging wasn't recording full
  pathnames of files transfered.

- Various problems with restarted transfers (via REST) either not
  restarting or causing later transfers to not function.  Fixed.

- <VirtualHost> caused "Bad file number".  Fixed.

- Added 'make install' to install proftpd, ftpcount and ftpwho
  (simply a symlink to ftpcount).

**********************************************************************

June 1, 1997 - Version 0.99.0pl3

- First publically available beta.  Submitted into Debian 2.0
  linux distribution w/ some intermediate fixes that will end up
  in 0.99.0pl4