Fixed restart for 'store' operations.

Fixed minor security fault.

Fixed mutex problem in mykey.c processing, made linux build use large file switches.

Release build

Minor bug fixes

Fixed mlsd response

Added user impersonate to list and nlst functions

Minor bug fixes

New activation system (See http://www.netwinsite.com/activate.htm)

Minor bug fixes

Updated OpenSSL for new security fixes

Fixed SSL require client certificate bug

Install path fixed

DNS bug fixed

Install issue where it ignores the desired path (not fixed yet, still looking)

Made nwauth default authent module

Fixed lockups in authent process if not defined

Updated OpenSSL due to important bug fixes

Fixed restarting reuse address

Fixed saving of report settings

Fixed NLST command for non wildcard parameter

Fixed 100% CPU use for file uploads/downloads

file list 150 response during TLS/SSL session is now at right time interval

Fix for "421 Timeout..." on manager channel

Changed STAT command to include SSL mode and cipher group name for command channel.

Changed for better response times to accepting many connections simultaneously

Changed log messages, removed some supurflous, replaced with better ones.

Changed restart command, it now handles 64bit integers for restarting large files.

Added individual file size option for emailed reports.

Added cipher selection for NIST approved ciphers 3DES & AES.

Fixed spawing of external authentication processes to occur in the main thread (non-windows problem).

Fixed bug where SurgeFTP crashes on "signal terminate" while restarting.

Fixed error messages for anonymous login without home directory.

Fixed problem with emailed reports crashing SurgeFTP.

Fixed inaccuracy with dayly MB download limit.

Fixed hcount errors in log file

Fixed passwords with spaces (valid only for Windows NT system authentication)

Fixed value of domain authent command line options not being shown

Fixed erroneous reporting that seek failed.

Added new user program, run when user first logs in, to set up their home folder.

Changed emailed reports to list "transfered" rather than "filesize" for kbyte count

Changed emailed reports of type "week/*" to only be sent that one day, rather than every day

Changed Expired evaluation period to no longer provide ftp access.

Fixed corruption of email report settings.

Fixed internal "external authentication" cache to cache for 10min rather than 10hours

Fixed external authentication ftphome setting to see decimal point as end of number

Fixed problem with external authentication module handling code (from 2.2g5).

Added ftp SSCN command (Set Secured Client Negotiation) as per http://www.raidenftpd.com/kb/kb000000037.htm

Fixed bug in emailed reports indicating incorrectly empty lists "(no matching files located)"

Added setting to Global Authentication section: Strip User Domain

Added some more help pages.

Updated STAT command 211-response to use actual domain name instead of "hostname string"

Updated/added help pages, added some info on configuring for NAT/firewall

Added milli secconds to logging on non-windows systems

Cleared up some logging lines - fewer error messages

Removed some old ini settings that did nothing

Fixed SETEGID mutex locking problem on solaris

Fixed file handle problem on OSX crashing after some days running

Made list_aliases default to 'true' on installation and for new domains

fixed closing of data channel for retr of non-existant file.

fixed mirroring issue of not getting subdirectories

Added in a "Self Diagnostic" Thread which can allow surgeftp to crash after a time when it would otherwise completely lockup

Updated uninstall to remove rc startup links (linux)

fixed download kb/sec limit, was not working for limits below 65kb/sec

fixed quota cache memory file not being written to disk ".surgeftp_quota" this means it will not recalculate quota on every login

changed quota to allow 64bit int size limits.

sslftp is now automatically installed, cleans up install/upgrade.

added mirror setting - "Use SSL"

added setting - "force lowercase of home path" user class setting

removed some hcount error messages that were incorrect

fixed file/dir incorrect listing with "list .." traversing aliases

fixed user home path generation

fixed upgrade copying the surgeftp executable into correct directory (windows)

direct install of sslftp, no additional script file.

fixed response to CDUP command (2.2b)

added image in userclass page indicating home path

fixed install issues - missing templates

fixed ssl (random number error) on osx/solaris - surgeftp adds entropy

fixed minor osx details for install/upgrade

fix temp license key not expiring

fix for when thread crashes - surgeftp restarts with monitor process

fix for "Too many file handles open" crashes, assosiated with Daily Log rotation setting

fix compression method on main_photo.png file so that it displays in more browsers correctly.

update osx build to install standard script to start surgeftp on boot

fix bug in e-reporting where surgeftp can crash

fix bug in e-reporting where surgeftp can crash on delete

improved signal handling

corrected report email headers To: From: Date:

fixed recurring report filter string to come from correct form field

added support for report email filter field to be comma seperated wildcard list

removed error log message "ftp thread started."

added support for SIGHUP signal to reload config file.

added setting for choosing the length of time that xfer*.dat files are kept for

fixed directory wildcard list returning -1 for size for case sensitive wildcard match

fixed restart action to correctly restart mirror and ereport processes.

improved file io/tcp use for faster transfer speeds in normal and ssl modes.

dailyquota added, limits bytes per day per userlogon

added command line option parameter for external auth processes.

fixed login caching not caching of externael auth parameters

fixed nolist access sometimes not working

fixed launching of external auth process by removing quotes from added path variable

improved install script for Solaris version

fixed default values from ini file coming through fixed initial denail of service from global limit setting.

added global limit setting for total concurrent users.

improved logging of open files in the status window

corrected Solaris install scripts to install startup & shutdown scripts correctly

fix mutex bug with emailed reports

fix crash on install on Solaris system

data transfer speed improvements

osx version now works (handles signal 10) & correct filesize shown

fixed spawning monitor process on linux with non-default install path (again)

emailed ftp reports feature introduced.

usergroup associated directorys

environment variables now included for watcher program

slightly faster time to shutdown surgeftp

implicit port is now enabled by default to port 990

can now obtain binary version from command line flag '-version'

command channel now requires less system resources

fixed saving new classes writing mapping directories correctly to ini file.

fixed spawning monitor process on linux with non-default install path.

fixed surgeftp use of linux/unix system database, now users home directory defined by system

fixed wild card listing returning correct file size

fixed xfer.dat and watcher report getting correct variable values (bytes,user,userip)

sslftp moves sslftp.txt file settings into registry for windows.

fixed windows XP Authentication problem, surgeftp logins must now also be given "logon as a batch job" for windows NT System Authentication.

openssl binary (and .cnf) copied to surgeftp install directory

updated mirror remote file path handling, uses specified path (with or without specified prefix slash)

corrected domain list for report & graph, when not using standard authentication setttings.

New User class is not created before you click on "save".

updated uninstall to ask for confirmation, and confirm uninstall.

fixed size command to return 550 when invalid filename used.

fixed windows listing style to allow "cd /dir", "cd /dir"

fixed windows listing to show correct file date

fixed windows listing showing time and filesize in filename (bad date format)

updated mirror to not add slash prefix to remote host path (some servers not recognise full path)

cached external auth user responses are flushed when server is "restarted"

quota is now enforced during file transfer.

quota file written, and quota calculated from correct location.

fixed cache lookups setting all external auth variables correctly

fixed external authenticatoin parameters dissapearing (with multiple parameters)

fixed ini file LF char stopping ftp server from loading. (Surgeftp stops when started)

fixed surgeftp user lockup on stor file (2.1s only).

added optional authentication process per domain settings, list on status page

added support for files larger than 2GB, now handles files up to 2**63-1 bytes.

added "accountstatus" flag to external auth response scanning

included openssl in distribution to make certificate with "surgeftp_ca" script file.

fixed caching of external auth user logins, cache is now used, upto 400 logins, upto 10 minutes

fixed "NLST \*" listing.

fixed too many user classes in a domain crashing SurgeFTP (29+ classes) (was actually limit on ini file size 20kb)

fixed STAT on single file to return data, previously no data.

sslftp fixed rare crash on mputs command.

sslftp fixed showing "status" command return data.

fixed DELE command not working with "Act as user" setting on unix type systems

changed list message "226 Transfer complete." for empty directory to "226 Transfer complete. (no files in directory)."

added directory mapping for authentication's ftphome setting - class setting

fixed STAT on file to return 213 response (was 211).

fixed STAT on file to use "213-" line before file stats.

fixed MLST on file to return 550 response for a failure (was 553).

fixed SIZE on file to return 550 response for a failure (was 553).

fixed "NLST -l /dir" returning real path and dir prefix

sslftp progress indicator indicates percent transfer and total bytes to transfer

fixed SIZE command to return 553 response if file does not exist.

fixed too many user classes in a domain crashing SurgeFTP (29+ classes)

sslftp does not retry if retrying is hopeless (i.e. put non existant local file name)

sslftp now correctly autoconfirms ascwww.kouwell.comii transfered files

rewrote users home directory code, fix multiple bugs with user in wrong home directory

Added openssl executable and correct make_ca shell command to make certificate

fixed MDTM command to return 553 instead of 213 for on some failures

output from CWD and PWD now reflect the global setting "Output in Windows or Unix style"

Added Domain Authentication Suffix setting - optional per domain

fixed alias mapping for anonymous login to specific path (rather than ~ path).

Surge now uses OpenSSL in all builds (2.1m and later)

Surge has now support for user home dir to be user subdir e.g. ~/public_html

Surge fix of broken foo hashing algorythm (the slash wasn't working)

sslftp has new commands "compare", "autoretry", "autoconfirm", "memory"

added extra permission checking for accepting upload/download files.

fixed Deleting a user with domain suffix authentication

fixed anonymous login without home dir set crashing SurgeFTP

fixed some alias not showing up in list output

Fix SSL dropping connection (very rare bug) - strange client errors on particular files

Windows and unix filepaths are displayed with correct seperator

sslftp updated - progress indicator uses commas in byte count.

sslftp updated - logs in with username and password passed on commandline "sslftp user:pass@domain"

fixed minor memory leak of user home path (~20bytes per login), occured with certain settings

fixed user quota being written to wrong directory, fixed subsequent incorrect quota value

fixed user home setting, occured with certain settings

fixed Mirror Last Fetch from showing year 1970 when mirror was queued.

fix for root directory being user home directory, reporting cannot create user home directory error

Changing Authent process restarts SurgeFTP rather than shutting it down.

Status page shows OpenSSL or RSA, for encryption library

Status page shows base Operating system basic type, ftp_reset_port(Windows/Linux/Solaris/FreeBSD/Mac OSX

added/fixed "no suffix for default domain" to not work, if setting not previously set.

SSLFTP no longer prompts you to save login data, can use "save" command instead.

SSLFTP fix for timeout not allowing another connection.

SSLFTP fix for login details with site name. e.g. open user:pass@site

fix for MLSD MLST commands "File or Directory does not exist" error

Windows installer incorrectly reports installing 2.1d

Redesign of Web GUI controls, much easier to navigate between configuring domains and classes.

Planned OSX and FreeBSD builds of SurgeFTP - full SSL capabilities.

New User Class is now set with basic alias and user type.

Added Searchable help.

Added windows uninstall option for control panel add/remove programs.

User Lookup on Users page confirms if lookup succeeds.

User page confirms if password change succeeds.

Mirror thread is now viewable on status page.

Mirror sets file date and time as per original file.

Open files now viewable on status page.

Reports now handle spaces in filepaths. old xfer.log files will still be incorrect

Reports can scan for wildcard patterns in filenames.

removed ability for users to specify device names com, lpt, aux, etc...

Report Page can now select which domain to make report for

fixed channel closing on timeout, rather than never closing (rare bug).

fixed changing users password & adding new users.

fixed surgeftp to make nwauth use surgeftp directory rather than dmail

fixed bug in Linux (and Solaris?) version locking up and crashing on rare occurance.

fixed several typo's in web pages

fixed "dir b*" bug showing file not exist rather than list b* files

fixed restarting of monitor

fixed - Correct home path is set instead of default /home/username

Added settings for ftp port & web admin in Surgeftp.

Added secure web admin connection, https protocol.

fix for bug where surgeftp crashes while launching watcher executable

Added open files list to status page.

Added Anonymous hammering detection, configure on global settings page.

Updated Global settings page, more save buttons

If authent process dies, Surgeftp waits for auth process to start up, and then tries authenticating again

Surgeftp now has setting to disable client certificate requirement (global)

sslftp fix for mput locking up

sslftp can set prefered protocol by commandline -tlsv1 -sslv2 -sslv3

sslftp can set prefered protocol by "protocol n" from prompt.

sslftp indicates secure protocol in use on connection.

watcher program download is spawned after file is closed.

class name is shown in class list and class properties (it was not displaying it after saving)

Adding a user to database through the gui now automatically sets domain prefix or domain suffix.

fix for ssl not accepting on data channel

mgets works properly with * wildcard.

fix for surgeftp lockup (100%cpu use & not reasponding) at least one instance of problem, seems to be last one

fix bug that could crash surgeftp on viewing status page.

fixed bug that made some SSL connection not close

sslftp allows logon details as part of site name e.g. "user:pass@site"

fix multiple spawnings of surgeftp / auth proccess

fix direcory list of real file paths

fix thread handle leak (not sure if bug is in any realease versions)

fix directory case sensitivity on NT

fix for users ending up in wrong directory (bad auth module responses)

can change logging level without restarting

can change log home without restarting

fixed bug, partial command loss (introduced in 2.0m13)

added surgeftp.log dayly roll setting.

redone status page, shows list of active connections.

can change thread reuse without restarting

added status page monitoring of threads in use

removed memory leak parameter arg in thread accounting wasn't being freed.

xfer.log files are now flushing with the global_log_flushng setting.

surgeftp decreased response time to accepting ftp connections, noticible for sites with lots of Domains.

removed real directory info from "file not exist message" and similar

fixed some bad linux install problems, wrong paths etc...

some minor tweaks to performance

some minor bug fixes

Added support for hashing directories of users name. e.g. c:\home\bo\bob

changed the Global "Bind to a single IP" setting, to be a comma seperated list, can bind to many IP addresses now.

Added "watcher" program settings for your own activity logging scripts.

Authent Domain flag changing by web gui is now set at runtime, it does not require a restart of the server.

made reading, and not showing lists, into seperate settings (permissions on aliases), they were both keyed on the "read" permission.

Support for "user quota" and "IP to connect from" responses from external authentication module. "ftpquota" and "ftpfromip" variable flags.

You can now have the domain based logs put in an alternative location - global setting.

Added setting to disable wildcard multi-directory listings on commands like "ls n*".

fixed bug that made lots of surgeftp.exe processes on windows

fixed bug "cd ~" not working under certain circumstances

fixed bug reporting incorrect IP address in response string from a PASV command.

fixed bug, caching of "authentication processes startup failure" as "bad login"

fixed bug trailing slashes on aliased directories make SurgeFTP go boom, e.g. c:\

fixed bug loosing or corrupting settings for medium-length path or alias strings.

sslftp (client) can now abort transfers with ctrl-C

sslftp added command line setting "sslftp -version" which reports what version it is.

sslftp no longer uses the system call to get_pass on all platforms, so that you can script passwords.

Fixed some security issues with admin page

Added global_adminip setting to restrict admin users to certain ip addresses.

Many fixes/features added to sslftp

Added to sslftp/client, hash command, and CTRL-C abort during transfer.

Fixed crash with mirroring anything on Solaris.

Fixed sslftp/client problem with directory listings being truncated.

Fixed fault with more than 2 virtual domains

Fixed default behavior, if 'noretrieve' is blank it will now allow files to be fetched.

Change client name from 'sftp' to 'sslftp' to avoid conflicts on unix platforms.

Fixed mode for directories created by mirror(s) on unix

Fixed mget,mput behavior when 'a' is pressed. (it used to skip a file)

Fixed path separators on Windows so network shares work correctly.

Fixed noretrieve with wild cards etc.

Fixed faults reported with Windows 95/98 file behavior

First release including support for SSL/TLS encryption, not yet in all builds, see ssl.htm for more information.

Fixed fault in mirroring code.

Fixed problem with quota limits applying when not defined.

Fixed bug which could cause crashes

Fixed bugs in extern authent module processing.

Added 'ftpquota' to valid authent responses and a quota setting to calasses, this implements a virtual quota based on space used in the user's home directory.

Example of response from authentication module.

+ok username config 0 ftpquota=100 ftphome="d:\home\bob"

Now accepts username 'ftp' as synonym for 'anonymous'

Authent modules can now return ftpgid, ftpuid, ftphome, note that ftphome is only used if the class 'home' is not defined.

Added new features to class template

Made longest alias apply rather than 'last' alias.

Fixed bug with virtual domain support.

SuregFTP 1.1b 29-Dec-2000

Made the user 'ftp' a synonym for 'anonymous' and corrected the response text for anonymous logins.

Added $username as a valid variable to use in aliases, it is replaced by the users username. e.g. /home/$username

Added virtual domain support for users logging in with user@domain.name as their address, SurgeFTP will search its list of domains and if it finds 'domain.name' it will pretend the user connected to that virtual domain.

Added support for -lR listing options to NLST and LIST ftp commands.

Fixed rare intermittent crash when processing MLST ftp command.

Added directory browsing and deletion access settings.

First release build