Here are the changes from each release. To get the most recent version,
please visit the
download
page.
Version 2.1.2 - February 16, 1998
Problem fixed where BSD/OS 3.1 long passwords weren't recognized as valid.
A bug in the Linux C library that was affecting form2env from
parsing the report form correctly has been found and worked around.
This should solve the error from datemunger that was complaining
about not being able to convert back to a timestamp.
Bug fixed where log-group was only working if you also
specified log-user.
More educational domains auto-recognized.
An explicit error message is printed when a shared-memory pool
fails due to the system's kernel not being tuned to handle a large
enough pool.
Reports now use different intermediary files, so if there is
a problem it is easier to debug.
Version 2.1.1 - February 1, 1998
Changes to support IP Type-of-Service socket options.
Bugs fixed in NcFTPd Reporting Package scripts.
You can now "tickle" the server with a SIGHUP which
closes and re-opens the log files (no, it does not re-read the config files yet).
Bug fixed that caused some systems (Solaris) not to log the complete set of fields in the stat logs.
Version 2.1.0 - January 11, 1998
The new NcFTPd Reporting Package is now included with the distribution!
You can now run dynamically generated reports from your web browser,
with a variety of reports covering many areas.
See the documentation
for details.
You can now specify the owner, group, and permission umask used when
creating new log files and directories.
New CLNT command extension supported, so that FTP clients
can tell their FTP server which type of client they are using.
.
A little more flexible with pathnames containing spaces.
.
Version 2.0.7 - December 21, 1997
Changed default settings to allow better handling against
FTP bounce attacks.
Entries are now logged in the xfer logs for failed transfer attempts.
Better warnings printed when NcFTPd is run on a Linux system
without shared memory enabled in the kernel.
Bug fixed where under some circumstances group ownership may not be set.
Better warnings printed when a SunOS binary is run on Solaris
and vice-versa.
Working around problem caused by systems that send zero-padded octets
to PORT.
Version 2.0.6 - November 16, 1997
Bug (which turned out to be rare) fixed where the server could think
child processes were busy when they were available.
The restriction mode has been slightly enhanced so you can have
restricted users all use a single directory.
Fixed a problem with interaction with a ncftpd_authd.
Timezone bug in SITE UTIME fixed.
The server now uses better methods to determine the machine's full host
name.
The server now logs better when a child process exits.
There is now a SITE SYMLINK command to create symbolic links.
Version 2.0.5 - October 22, 1997
Bug fixed for ncftpd_passwd -I which was looping endlessly
instead of importing the file correctly.
Field added to the session logs to track users whose data connection
attempts failed.
Version 2.0.4 - October 13, 1997
Fixed a bug with restricted virtual users.
Bug fixed in ncftpd_spy which was not displaying idle
time correctly.
You can now do ncftpd_spy -w who which
prints out an HTML web page for who.
Version 2.0.3 - October 9, 1997
The online
documentation
has been updated. There is still much to do, though.
More small changes for ncftpd_spy.
Pared down the sample config files by removing rarely used options.
You can still use them, they just aren't documented there.
All of the config options are now
documented
at the web site.
The supplementary groups fix done for 2.0.1 has been re-implemented to
support NIS and SunOS better.
Version 2.0.2 - October 7, 1997
Bug in ncftpd_spy fixed which caused it to refuse to run
on some platforms.
Default shared-memory pool key changed to 0x77c0ffee from
0xc0ffee77.
There are now separate timeouts for idle, data transfer, and
connection establishment.
The built-in ls had a problem printing the usernames
for negative user or group IDs.
Version 2.0.1 - October 7, 1997
Bug fixed where a domain that was anonymous-only would have the feature that refuses low port numbers on by default.
Bug fixed where the supplementary groups weren't being set.
For systems running NIS, there is a still a problem; on these systems
only the primary group is in effect.
Version 2.0.0 - October 6, 1997
Workaround for a new memory leak I discovered in the Solaris 2.5.1 socket
library. It is important for Solaris users (both Sparc and
x86) to upgrade from 1.9.6 to avoid eventual problems with swap space
exhaustion.
NcFTPd no longer requires a child process for idle sessions.
Previously if you ran a 50-user server, you needed 50 processes running
at all times, even if most of them were idle.
The feature formerly known as "FTP-only users" has been replaced by an
incredibly more flexible authentication system. You can now mix and match
multiple password databases along with the /etc/passwd, use different
databases for each domain, etc. See the User
Management documentation for more.
If that wasn't enough, you can also now write your own customized authentication
process to handle logins for you. See the
documentation for more on how to interface with NcFTPd.
A rare bug with ls that only seems to come up from the Webtrends
FTP client has been fixed.
You can now configure each domain as to whether it is anonymous-only,
non-anonymous-only, or all-users.
You can now place a system-wide cap on the number of anonymous users you
allow out of the maximum.
You can configure each domain to have a cap on the maximum number of users
you allow out of the maximum. This can be useful to ensure that one
domain does not monopolize the server.
You can now configure a different welcome message, anonymous login message,
and non-anonymous login message on a per-domain basis.
When the password file is pre-loaded (only used to print names for ls),
it is loaded more efficiently.
You can now create a file called /etc/nologin.ftp to prevent new
logins to the server so you can shut it down. NcFTPd now also
honors the /etc/nologin file, if that exists.
When you choose to restrict users based on group membership, you can now
choose to restrict them by primary group only or primary group and supplementary
groups.
You can now change the default nice setting of the server.
You can set the option allow-pasv=no to disable passive FTP.
Similarly, you can set the option allow-port=no to require passive
FTP.
There is now a server-name option so you can configure which hostname
appears in the 220 connect banner.
The server now requires you to use a PID file.
The feature that automatically turns on the execute bit on an upload can
now be turned on or off by changing the u-auto-chmod-uploads option.
The auto-chmod feature now peaks inside the file being uploaded
to see if it looks like a UNIX executable program
or script, in case the file extension does not indicate it.
NcFTPd now implements a SITE UTIME command, so that FTP
clients can set the modification time on files they uploaded. Current
versions of NcFTPPut support this feature,
as will a new version of NcFTP.
Bug fixed for the Solaris version where the IPC directory wasn't getting
cleaned up properly after the server exitted.
The server now logs a bit fewer messages (i.e. processes starting and exiting).
ncftpd_passwd is completely different to reflect the changes in
the virtual user system.
Oh yeah, by the way, the price increased from $29 to $39 for the 50-user
server. But that's still cheap ;-) Registered users
for version 1.9.6 and earlier do not need to pay for this or any
future upgrade!
Version 1.9.7 - October 29, 1997
Workaround for a new memory leak I discovered in the Solaris 2.5.1 socket
library. It is important for Solaris users (both Sparc and
x86) to upgrade from 1.9.6 to avoid eventual problems with swap space
exhaustion.
When the password file is pre-loaded (only used to print names for ls),
it is loaded more efficiently.
A rare bug with ls that only seems to come up from the Webtrends
FTP client has been fixed.
Digital UNIX fix, which adds proper handling of long passwords.
The server now uses better methods to determine the machine's full host
name.
The server now logs better when a child process exits.
There is now a SITE SYMLINK command to create symbolic links.
Version 1.9.6 - July 20, 1997
There are now separate binary releases for HP-UX 9.0 and 10.0.
There is now a binary releases for Digital UNIX 4.0.
Instead of one /incoming directory tree, any directory path that
contains a incoming directory node gets the special behavior defined
for incoming directories.
There is now a ftp-passwd-users-only option if you don't want
real users to be able to login.
Version 1.9.5
When restricting groups, you can now restrict all groups except a list
of named groups.
Changes to support HP-UX 10's protected password database.
Bug fixed where downloads were never allowed from /incoming, no
matter what the value of allow-download-from-incoming-dir was.
Instead of one /incoming directory tree, any directory path that
contains a incoming directory node gets the special behavior defined
for incoming directories.
There is now a ftp-passwd-users-only option if you don't want
real users to be able to login.
Server can now run external programs to process events (upload, download,
login, and logout).
PID file now contains all the process IDs for all the processes, so you
can easily tell which process is which.
The ncftpd_spy utility can now dump all the PIDs, if you don't
want a PID file.
Supporting some ancient pre-RFC 959 FTP commands that a few FTP
clients are using.
Some files are automatically created with the execute bit set (.cgi,
.pl, .sh, .tcl, .exe).
Version 1.9.4
FTP-only users now no longer require you to set u-restrict-mode=homedir
explicitly.
More compatible with replacement versions of crypt() in the standard
library.
FreeBSD's MD5 passwords are now accepted on other platforms, such as Linux.
Version 1.9.3
Bug fixed where aborting a transfer too soon could cause a crash.
Verbose logging additions.
Logs now do not contain the carriage return character.
.
Now there are separate releases for BSD/OS 2.1 and 3.0.
The FreeBSD release is now mostly statically linked instead of mostly dynamically-linked.
On FreeBSD, it displays a message about SYSVSHM and also includes a README-FreeBSD
about it.
Version 1.9.2
Bug fixed where ls -R could cause a crash.
Version 1.9.1
There are now separate versions for IRIX 5.3 and 6.2.
Not bothering to cache the password file if a-ls-names and u-ls-names
are both no.
Login banner no longer displays registration junk.
Version 1.9.0
Added powerful, yet easy, support for FTP-only users. This lets you have
pseudo-users that can FTP to the server but not actually login. The best
part about it is that you don't need to have any special hacks in your
real /etc/passwd file or setup any weird groups.
Restarting transfers in ASCII mode now works, despite that behavior not
being defined in the RFC. This was done mostly so the CuteFTP client will
shut up.
For the restricted group feature, a user is now restricted if the user
is a member of a supplementary group. Previously the user was only restricted
if the primary group as listed in the /etc/passwd.
Version 1.8.0
Added support for TCP
Wrappers' access control via the /etc/hosts.allow and /etc/hosts.deny
files.
Added a field to the xfer logs which makes it easy to tell whether
a transfer finished successfully, was aborted, or incomplete.
You can now have logins/logoffs and transfers syslogged.
Version 1.7.6
Bug fixed where uploads were timing out after 30 seconds, instead of whatever
the idle-timeout was set to.