Articles and news

New Features

• It is now possible to configure HTTP POST event handlers and HTTP authentication methods with multiple URLs which will act as a fallback. [#1788]
• You can now configure file transfers to ignore source files older than a certain time. [client-side] [#5081]
• SFTP and SCP protocols now support the hmac-sha2-512 MAC algorithm. [sftp][scp] [#5313-1]
• SFTP and SCP protocols now support diffie-hellman-group14-sha256, diffie-hellman-group15-sha512, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, and diffie-hellman-group18-sha512 key exchange algorithms as required by RFC-8268. [sftp][scp] [#5313]
• You can now configure a retention period for the archived files of a transfer. Older files from the archive folder will be automatically removed by SFTPPlus. [client-side] [#5314]
• The SFTPPlus globbing expressions now support defining multiple patterns in a logical disjunction expression OR using the vertical bar character |. [#5316]
• Remote SSH server's fingerprint can now also be defined as SHA1, SHA256, an SSH public key, or an X.509 SSL/TLS certificate. MD5 fingerprints are still supported. [client-side][sftp] [#5327-1]
• Alpine Linux 3.10 on X86_64 is now a supported platform. [#5282]
• The bundled OpenSSL libraries in Windows, Generic Linux, and OS X, were updated to version 1.1.1c. [#5286]

Defect Fixes

• The ignore_create_permissions configuration option will now also ignore setting attributes when a file is created. In previous versions, attributes were ignored only for folders. [server-side][sftp] [#1741]
• The HTTP CONNECT proxy now works with HTTP endpoints. In previous versions, it was only working with HTTPS endpoints. [#1788]
• Transfers with a WebDAV location as source no longer fail when the WebDAV server returns a "302 FOUND" response. The response is now ignored and considered a transient error. [client-side][webdav][sharepoint] [#5300], [#5309]
• File dispatcher event handler can now handle events with more than 2 associated paths. In previous versions, only the first and the last paths for an event were handled. [#5317-1]

Deprecations and Removals

• The ssh_server_fingerprint configuration option was replaced by a new ssh_server_identity option in new configurations. The ssh_server_fingerprint option is still accepted for backward compatibility with older configurations. [client-side][sftp] [#5327]
• Support for Alpine Linux 3.7 on X86_64 was removed. [#5282]
• Support for Ubuntu Linux 14.04 LTS on X86_64 was removed. Please try the generic Linux package if you still use this version of Ubuntu Linux. [#5312]

You can check the full release notes here.

New Features

• The embedded Let's Encrypt client now has the option to debug the HTTP ACME protocol. [#5287]
• It is now possible to install multiple SFTPPlus instances on the same Windows operating system, all operating and active at the same time. [#5291]

Defect Fixes

• The embedded Let's Encrypt client can now successfully request certificates. A defect was introduced in 3.48.0, which was preventing requesting new certificates. [lets-encrypt] [#5287]

You can check the full release notes here.

New Features

• You can now use PXF / PKCS#12 certificates in SFTPPlus without converting them to the PEM format first. [#2596]
• The HTTP file transfer server web UI now has dedicated ID for each UI element making it easier to implement themes. [web-server][http][https] [#3224]

Defect Fixes

• Documentation for the group's ssh_authorized_keys_path configuration option was updated to specify that reading multiple SSH keys from a single file is not supported. This implementation change was done in version 2.6.0, but the documentation was not updated until now. [server-side] [#1296]
• FTP client transfers no longer create empty files on transfer failures. [client-side][ftp][ftps] [#3006]
• You can now create new SFTP services from the Local Manager web interface. This issue was introduced in version 3.46.0. [server-side][sftp] [#4124]
• When using the client shell, passwords are now masked by default. [security][client-side] [#5213]
• Local Manager's web interface now has an explicit button for disabling a password. In previous versions it was required to type disabled to disable the usage of a password. [manager] [#5236]

You can check the full release notes here.

New Features

• HTTP POST event handler can now be configured to automatically retry on network and HTTP errors. [server-side][http-api] [#2619]
• It is now possible to configure a file transfer service to emit debugging events for the low-level protocol used. [http][ftp][ftps][sftp][scp][server-side] [#2697]
• The Python Extension event handler now handles events on multiple CPUs. In previous versions all events were handled by a single CPU. [#5262]
• A new destination path action named single-file was added to transfer multiple source files as a single destination file. [client-side] [#4054]
• You can now disable the overwriting rule for a transfer destination. In this way, the file is uploaded right away, without doing any extra requests on the server. [client-side] [#4054]
• Debian 9 is now a supported platform. [#3353]

Defect Fixes

• When changing the current folder in FTP, the SFTPPlus server now only checks that the path is a folder and that path traversal is allowed. It no longer tries to see if the operating system allows listing content. Asking the operating system to list content for every target directory could have caused performance issues. [server-side][ftp][ftps] [#2111]
• You can now use a local directory with a large number of files (more than 10.000), as the source for a transfer. [client-side] [#1319]
• The local filesystem source location no longer stops to monitor the source on I/O errors. It will log an error and retry to get the content again after changes_poll_interval seconds. [client-side] [#3350]
• The SysV and OpenRC init scripts now work when executed as root user. This was a defect introduced in 3.42.0. [#3353]

Deprecations and Removals

• The Python Extension event handler no longer takes a parent argument. The events are no longer handled in separate threads. Instead, they are added to a queue to be executed on a dedicate CPU. [#5262]
• Support for Ubuntu 16.04 on ARM64 was removed. [#3353]
• Support for Debian 8 was removed. [#3353]

You can check the full release notes here.

New Features

• You can now configure multiple domains for a free Let's Encrypt certificate using the subjectAlternativeName field. [server-side][ftps][https] [#5108]
• A new event handler of type external-executable was added to execute external scripts or programs. [#5234]
• Windows Server 2019 is now a supported platform. [#5241-1]
• The bundled OpenSSL libraries in Windows, SLES 11, and OS X were updated to versions 1.1.1b, adding support for TLS 1.3. [#5241]

Defect Fixes

• The WebDAV location now ignores HTTP proxy errors when they occur while monitoring a remote SharePoint Online site. [client-side][https] [#5114-1]
• The WebDAV location now works with multiple parallel transfers from the same SharePoint Online source. [client-side][https] [#5114]
• The SFTP and SCP file transfer services will no longer block the whole SFTPPlus process during the SSH handshake. [server-side][sftp][scp] [#5202]

Deprecations and Removals

• Event with ID 20057, emitted when execute_at_startup times out, was removed and replaced by event with ID 20056. [#5234]

You can check the full release notes here.