Articles from general category

SFTPPlus Release 3.41.0

Thu 15 November 2018 | general release

We are announcing the release of SFTPPlus version 3.41.0 which adds support for running HTTP/HTTPS services behind a Layer 7 HTTP Application load balancer.

New Features

  • It is now possible to define a list of HTTP Host header origins accepted by the HTTP file transfer services and the Local Manager. This allows running compatible SFTPPlus services behind a load balancer without compromising on the default CSRF checks. [server-side][http][https] [#5138]

You can check the full release notes here.

• • •

SFTPPlus Release 3.40.1

Wed 14 November 2018 | general release

We are announcing the release of SFTPPlus version 3.40.1 which is a bugfix release. Starting with this version, the option to hide the SFTPPlus authentication session from the www-authenticate headers is visible in the Local Manager.

No other changes were done on this release on top of 3.40.0

Defect Fixes

  • The option to hide the SFTPPlus authentication session from the www-authenticate headers is now visible in the Local Manager. [server-side][http][https] [#5134]

You can check the full release notes here.

• • •

SFTPPlus Release 3.40.0

Tue 13 November 2018 | general release

We are announcing the latest release of SFTPPlus version 3.40.0.

New Features

  • SuSE Enterprise Linux without the Security Module and OS X are now distributed with OpenSSL 1.1.0h, making it possible to use TLS 1.2 and SHA2. [#5030]
  • It is now possible to use variable placeholders when defining the path for the local file event handler. [#5095]
  • You can now define the SSH keys used by the SFTP/SCP file transfer service and by the SFTP location as text values inside the configuration file. Storing SSH keys in external files is still supported. [sftp][scp] [#5096]
  • You can now define the SSL certificate and key pairs used by HTTPS/FTPS and the local manager services as text values inside the configuration file. [ftps][https] [#5097]
  • You can now hide the SFTPPlus session authentication method from the www-authenticate header. This can be used as a workaround for an authentication issue when using SFTPPlus with older HTTP clients, which don't recognize multiple www-authenticate headers. [server-side][http][https] [#5099]
  • It is now possible to make the files of an account available over HTTP as a public file transfer site. No username or password is required to access and manage those files. [server-side][http][https] [#5100]
  • It is now possible to filter event handlers based on the source IP address. [#5120]

Defect Fixes

  • When an SFTP transfer (upload or download) is interrupted, a dedicated event is emitted. In previous versions, no event was emitted to signal the transfer failure. [server-side][sftp] [#5027-1]
  • When an SCP transfer (upload or download) is interrupted, the emitted events now clearly signal the transfer failure. In previous versions, the same events as for a successful transfer were emitted. [server-side][scp] [#5027]
  • SFTPPlus no longer uses the MIME type database provided by the operating system. In older operating systems like SuSE 11, the MIME type for JavaScript files was defined as text/x-js, which caused failures in modern versions of Chrome and Firefox. SFTPPlus now defines the MIME type as application/javascript on any operating system. [local-manager] [#5075]
  • The speed for listing the folder content using the FTP/FTPS or HTTP/HTTPS file transfer services was improved. The improvement is observed especially on Windows, and when listing folders hosted by a remote Windows or NFS share. [server-side][ftp][http] [#5083]
  • The SCP server will now use the correct name to write a file when the client is requesting an upload without providing the base path. In previous versions, a file named '-t' was created instead. [server-side][scp] [#5094]

Deprecations and Removals

  • Event with ID 20107 was removed and replaced with the event with ID 20158. [#5095]
  • Events with ID 30013, 30048, 30052 were removed and replaced with the generic event ID 20077. Event with ID 30075 was removed and replaced with the generic event with ID 20158. [server-side][sftp][scp] [#5096]
  • Loading of SSL/X.509 certificates and keys from .DER files was removed. You should convert your certificates and keys to PEM format. PEM format is the only format supported by SFTPPlus. DER support was removed, as not all of its features were supported. For example, loading the certificate chain or using multiple certificate authorities was only supported for the PEM format. [ftps][https] [#5097-1]
  • Loading the certificate authority configuration from a directory containing multiple files is no longer supported. You can still use multiple certificate authorities for the same configuration by storing all the CA certificates in the same file. [https][ftps] [#5097]

You can check the full release notes here.

• • •

SFTPPlus Release 3.38.0

Fri 21 September 2018 | general release

We are pleased to announce the latest release of SFTPPlus version 3.38.0.

New Features

  • When the remote FTP/FTPS server supports the MLST command, SFTPPlus will use it to determine the existence of remote paths. [client-side][ftp][ftps] [#3885]
  • For a transfer, it is now possible to execute on destination commands which will include the source and destination path and file name. [client-side] [#4522]
  • New permissions allow-create-folder, allow-delete-folder, allow-delete-file, and allow-set-attributes were added to help defining a stricter configuration. [server-side] [#4955-1]
  • A new permission, deny-full-control was added to deny any action to the configured path. [server-side] [#4955]
  • You can now add custom values to the JSON payload sent by the HTTP event handler. This allows sending SFTPPlus HTTP events to existing webhooks like Slack or Splunk. [api] [#5068]

Defect Fixes

  • FTP/FTPS client operation can now successfully detect the absence of a file on a remote server. [client-side][ftp][ftps] [#3885]

You can check the full release notes here.

• • •

SFTPPlus Release 3.37.0

Thu 06 September 2018 | general release

We are pleased to announce the latest release of SFTPPlus version 3.37.0.

New Features

  • The HTTP and HTTPS file transfer API now support session based authentication. The Basic Auth login is still supported. [server-side][http][https] [#5009-1]
  • The HTTP and HTTPS file transfer services now have a session based login page. The Basic Auth login is still supported for web clients which don't support cookies. [server-side][http][https] [#5009]
  • LDAP authentication method was extended to allow defining a LDAP filter for LDAP users which are allowed to act as administrators through the Local Manager service. [manager] [#5010-1]
  • You can now define multiple authentication methods for the Local Manager service. [manager] [#5010-2]
  • OS authentication method was extended to allow defining a list of Operating System account groups which are allowed to act as administrators through the Local Manager service. [manager] [#5010]
  • You can now use Local Manager to configure the accounts and groups of the local-file authentication method. [#5041]
  • It is now possible to configure an event handler filter based on excluded usernames or components by using the ! (exclamation mark) to mark a value which needs to be excluded. [server-side][client-side] [#5043]
  • The MDTM FTP command now shows microseconds when displaying time. [server-side][ftp][ftps] [#93-1]
  • The FTP/FTPS server now supports MLST and MLSD commands (Listings for Machine Processing) as specified in RFC 3659. [server-side][ftp][ftps] [#93]

Defect Fixes

  • The authentication process now fails when an authentication is configured but not running. In previous versions, the stopped authentication method was skipped, and the authentication process continued with the next configured method. [security] [#5010]
  • When sending files to an FTP or FTPS destination location, transfers will no longer saturate the network, instead they will follow the TCP congestion signaling. In previous versions this issue was causing excessive memory usage and transfer failures over low bandwidth networks. [client-side][ftp][ftps] [#5033]
  • Comma-separated values in Local Manager can now be configured using a simple free-text input box. This allows editing existing values and makes it easier to reorder them. [management] [#5043]

Deprecations and Removals

  • HTTP file transfer service API now uses cookie-based authentication by default. In previous versions the default authentication method was HTTP Basic authentication, which remains an available method. [server-side][http][https][#5009-1]
  • The HTTP file transfer service API now uses JSON as the default content type for responses. In previous versions you would have to explicitly ask for JSON. Now, you need to explicitly ask for HTML. [server-side][http][https] [#5009]
  • Events with ID 20005 and 50008 were removed and replaced with event 20136. Events with ID 20135 and 20138 were removed and replaced with event 20142. [#5010-1]
  • Event with ID 50009 was removed, as OS administrators now use the OS authentication method. [#5010-2]
  • With the introduction of multiple authentication methods for the Local Manager service, you will now need to explicitly define the [server] manager_authentications configuration option. If manager_authentications is not defined (or left empty), SFTPPlus will fall back to the first defined Application authentication method. [#5010-3]
  • The include_os_group configuration options for roles was removed. Now you can explicitly define an OS authentication method for the Local Manager server. include_os_group was replaced by the manager_allowed_groups configuration option for the OS authentication method. [server-side] [#5010]

You can check the full release notes here.

• • •