1.3.0 Release Notes ------------------------ This file contains a description of the major changes to ProFTPD for the 1.3.0 release cycle, from the 1.3.0rc1 release to the 1.3.0-stable release. More information on these changes can be found in the NEWS and ChangeLog files. 1.3.0rc1 --------- + New configuration directives: MaxConnectionsPerHost Similar to MaxClientsPerHost, the administrator can configure the maximum number of connected clients from a single host at one time. Unlike MaxClientsPerHost, though, the MaxConnectionsPerHost limit is evaluated prior to authentication, i.e. before the client has sent any USER and PASS commands. SQLBackend mod_sql now supports a SQLBackend configuration directive, for selecting the specific database backend module to use on a per-vhost basis. Previously, mod_sql could only be compiled with one backend module at a time; the module has been enhanced to support multiple backend modules. Since multiple backends are now possible, SQLBackend was added so that the administrator could specify which to use. If only one backend module is used, e.g. mod_sql_mysql, then that backend is used by default, and no SQLBackend directive is required. SQLEngine mod_sql supports a new SQLEngine directive. This directive can be used to configure mod_sql to only be used for authentication, or only for logging, or for both. It is also used to create an section that does not use mod_sql for lookups, but still have mod_sql used for non-anonymous users. UseSendfile ProFTPD now automatically checks for sendfile support, and uses it if present. The UseSendfile directive can be used to configure proftpd not to use the sendfile() function if necessary. Note that if sendfile support is enabled, tools like ftpwho and ftptop will not show the transfer rate for downloads. These tools work by reading the scoreboard, and the scoreboard is updated periodically during uploads and downloads. However, when sendfile() is used, scoreboard does not have a chance to be updated. This is only true for downloads; the tools will continue to show the transfer rate for uploads. + Enhanced configuration directives: ExtendedLog There is a new logging class, SEC (short for "SECURE"). This logging class captures RFC2228-related security FTP commands. ListOptions The -S list option, for listing files sorted by file size, has been added. + New command-line options: The new -V and --settings command-line options display various compile-time settings of the compiled proftpd binary. + New configure options: --enable-dso This configure option enables DSO support in the compiled proftpd, and causes the mod_dso module to be compiled in. See the README.DSO and doc/howto/DSO.html files for details. --enable-facl This configuration option enables support for POSIX ACLs, on systems that support them, in the compiled proftpd. See the README.facl file for more information. + New modules: mod_delay There is the possibility of a timing attack on proftpd, leading to discovery of valid user names (Bug #2480). This module was added to mitigate this timing attack; see doc/modules/mod_delay.html for more information. mod_dso This module handles the dynamic loading and unloading of shared modules from the running proftpd server. Note that this module requires the --enable-dso configure option to be used when compiling proftpd. See README.DSO for more information on shared modules. The doc/modules/mod_dso.html file contains documentation for this module. mod_facl This module uses the FSIO API to provide checking of file permissions that use POSIX ACLs. The --enable-facl configure option must be used when compiling proftpd for this module to be used. See the README.facl file for more information. mod_load This module provides the ability to deny a connection if the system load is above a configurable limit; useful for imposing resource restrictions. The doc/contrib/mod_load.html file contains documentation for this module. + Enhanced modules: mod_ldap The mod_ldap module has been updated to version 2.8.15. mod_quotatab The mod_quotatab module now supports enforcing hard limits at the filesystem level. This means that if the quota limit is a hard limit, and a client exceeds that limit, the upload will fail. Previously, the upload would succeed, but the file would be automatically deleted. mod_tls The mod_tls module now supports the CCC FTP command, which can be used by FTPS clients to secure data transfers with FTPS servers in a firewalled environment. + New Display variables: %{total_bytes_in} %{total_bytes_out} %{total_bytes_xfer} %{total_files_in} %{total_files_out} %{total_files_xfer} These new Display variables use the new variable syntax; see doc/howto/DisplayFiles.html for details. + Deprecated configuration directives: Bind The Bind directive was causing too much confusion, and did not do as many system administrators assumed it. Rather than using Bind to associate a server configuration with an IP address, administrators would assume it was meant for making ProFTPD bind to a single address. Rather than having a configuration like this: Bind host2.domain.com ... The and DefaultAddress directives can now handle multiple address, so that the above configuration becomes: ... Last Updated: $Date$