changes

wu-ftpd类unix下的ftp服务器,可用于嵌入式系统

 o  Corrected an error which caused AIX to sometimes report 0 for the
    filesize when a download begins.

 o  There were a number of places there was no check for errors from
    alloc()/malloc()/calloc().

 o  defumask was causing problems on HPUX.  Another case of mis-matched
    definition/extern.

 o  There were several places where int was being used and size_t was
    correct.  This may, or may not, fix problems getting the daemon to work
    on AIX.

 o  Added the ability to restrict users to their home directories.  This
    has the effect of doing a "soft" chroot and is best used with guest
    users.  Several new ftpaccess clauses were added to support this:

        restricted-uid <uid-range> [...]
        restricted-gid <gid-range> [...]
        unrestricted-uid <uid-range> [...]
        unrestricted-gid <gid-range> [...]

 o  Sun forgot to include RAND_MAX in their implementation of
    srand()/rand() on SunOS 4.1.  Choose a (hopefully) correct value.  This
    has dire consequences for PASV port randomization of it's wrong.

 o  The Perl script for xferstats provided with the daemon calls for
    /usr/local/bin/perl when Perl is usually in /usr/bin/perl.  You
    shouldn't be using this script anyway, get Phil's version; it's MUCH
    better.

 o  Corrections to QUOTA support.

 o  OPIE can now use the OPIE access file, allowing some users to user
    password authentication while requiring others to use OPIE.

 o  Wildcards (*) on hostmatch used to work and don't any more.  The were
    removed because the original method was insecure.  Corrected the
    problem and re-instituted this feature without the potential security
    problems of the old method.

 o  /etc is cluttered enough but the config files make it harder than it
    has to be to use /etc/ftpd for the daemon configuration files.  Updated
    config files to test for a value before setting the default.  Look in
    src/makefiles/Makefile.lnx for an example of how to automatically test
    the target for this, or just add -DUSE_ETC_FTPD to COPTS in your
    Makefile.

###########################################################################

Changes in 2.4.2-BETA-18-VR14: Released 15 February, 1999

 o  The correction for SCO had an effect on Digital Unix with C2 Security
    (SECUREOSF).

 o  Fixed some dumb coding mistakes in realpath.c

 o  Port for NextStep 3.3 corrected.

 o  Fixed a compile error for quotas on Linux; seems Redhat or someone
    forgot to #include a file deep in the OS runtime headers.

 o  Corrections for SecureWare systems so the daemon can build on SCO
    OpenServer 5.

 o  There were points where multiple replies due to realpath() returning an
    error could hang the remote client.  Removed the extra replies.

 o  The size of a buffer used by the *_realpath() functions is BUFSIZ and
    should be MAXPATHLEN.  Actually, this was the case many places in
    extensions.c.

 o  The anti-NOOP code didn't work.  The timer was being restarted too
    often.

 o  The reason debug doesn't work in daemon-mode is it's initialized too
    late.

 o  Back in VR8 I turned off the sleep slowing down password guessers
    because there are times when signals can be off when the sleep occurs
    and that would hang the daemon.  Let's fix that and re-enable the
    sleep.

 o  Still more buffer-overflow points which can cause problems.  This time
    it's in the writing of the xferlog.  Sigh.  This really should be
    rewritten.

 o  Disallow PASV connections from IP addresses different than the control
    connection.  This is not a complete fix, but it will stop connection
    theft where the attacker is on a different machine than the victim-
    client.

 o  There is an old, well-known PASV port race designed into the FTP
    protocol.  To make it harder for this race to succeed, do not depend
    upon the underlying system to randomly choose the PASV port.  The only
    correct solution to this problem is a client-side issue: open the
    connection before issueing the transfer command.

###########################################################################

Changes in 2.4.2-BETA-18-VR13: Released 1 February, 1999

 o  Added module loadavg.c stripped from Sendmail.  This is not currently
    compiled.  The module is for testing connection limits based upon
    system load, which is planned for a future version of the daemon.

 o  Fixed a bug where access.c was logging garbage because of bad linkage
    to ftpd.c, this appeared on a number of syslog messages instead of the
    remote user identification (via RFC 931).

 o  Added and ftpaccess clause to listen on a single IP address instead of
    INADDR_ANY.  This is incompatible with virtual host support as things
    now stand and will require a major rewrite to fix.  I needed it for a
    specific site and decided to leave it in.  The new clause is:

        daemonaddress <address>

 o  Fixed a bug in the 'connection from' message.  The AUTH (RFC 931) was
    too late and the remote address and host name hadn't been determined
    yet.

 o  Fixed a bug in the quota support which caused a crash if there was no
    file support (/etc/fstab /etc/mtab) on some systems.

 o  Added documentation for class= phrases missed in VR12 and promised for
    this release.

 o  The realpath fix in VR12 for NFS had an off-by-one.

###########################################################################

Changes in 2.4.2-BETA-18-VR12: Released 1 January, 1999

 o  Added a missing library building for SGI.

 o  Added a few small tweaks for building on NetBSD.

 o  Added a compile-time option to suppress syslog messages about pid locks
    forcing a sleep.

 o  Preload the ftpaccess file before becoming a daemon.  This can have a
    big impact on the performance for busy sites.  It also loads before the
    chroot command-line option so the /etc/ftpaccess file does not need to
    be in the protected area.

 o  The ftpwho and ftpcount commands internally use ps(1).  Appearently, on
    at least Linux, there's a move afoot to change the ps(1) command so it
    no longer accepts dashes on the command-line options.  How annoying.
    Ah well, if the target is Linux, use ps(1) without dashes to make the
    silly command shut UP!

 o  The cleanup in the last patch also cleared up some potential problems
    with the upload clause.  The daemon is no longer critically sensitive
    to minor formatting errors on this clause.

 o  Added 'class=' parameter for noretrieve, allow-retreieve, path-filter,
    delete, umask, chmod, overwrite, rename and upload clauses.  Cleaned up
    the functions a bit for readability.

 o  Port for Digital Unix 4.0(b) corrected.

 o  Corrected a coding error which prevented proper use of the
    address:netmask form for access control.

 o  Corrected problems with NFS and the new realpath code in VR10.  Some
    problems with several security models and NFS have been corrected.

###########################################################################

Changes in 2.4.2-BETA-18-VR11: Released 1 December, 1998

 o  Corrected a problem with CWD when no parameter is given and the user is
    anonymous or guest.  The command should work but returns an error
    instead; the error reveals the underlying file system.  CWD with no
    parameter should work like CWD ~.

 o  Correcte problems with the new realpath.c on SunOS.  Basically, the
    getcwd() function on SunOS is too buggy to use so we had to switch to
    getwd instead.  SunOS has joined AIX as systems which do not provide
    the runtime support needed to avoid all buffer overruns in realpath().

 o  Changed the lslong and lsshort ftpaccess clauses to support more
    complex command lines.  Added lsplain to modify the default 'ls'
    behaviour.

 o  The byte count for ASCII mode file reception was off by a few
    characters.  This bug had been there for a very long time.

 o  A bad extern in ftpcmd.y caused garbage to be logged for the
    remoteident.

 o  initsetproctitle was once again causing signal 11 crashes.  Moved the
    call further up yet again and they're not happening.

 o  Added an option to completely disable PASV mode and/or PORT mode.

 o  Added syslog message if started as a standalone daemon and there is no
    ftpaccess file being used.

 o  Linux libraries now define some paths already in src/pathnames.h so we
    need to #include <paths.h> first.  Did this in config/config.lnx.

 o  Linux library includes no longer #define MAXMNTENT so if it's not there
    #define it in extensions.c until someone has the time to fix this
    right.

 o  Added -r option to chroot the daemon during startup.

###########################################################################

Changes in 2.4.2-BETA-18-VR10: Released 1 November, 1998

 o  There was a buffer-overrun in the realpath function.  Imported the
    FreeBSD realpath() function to correct this error.

 o  The Perl xferstats wasn't updated to match the new xferlog format with
    the new completion-code field on the end.

 o  AUTH (ident) the remote user during login.  Record the results in the
    syslog.

 o  RFC-931 (AUTH/IDENT) was finished up.  The log messages now show the
    RFC-931 user if one is known.

 o  Support for some Hitachi flavors of Unix was added.

 o  Major cleanup of build and the makefiles.

 o  A number of minor fixes, mainly having to do with differences between
    ANSI/ISO and K&R C.

 o  Fixed several points of confusion when some things (like size_t) are
    not the same size as an int.

 o  Added the -Q command-line option to suppress access to the PID files.
    NOTE: Without PID files, the limit ftpaccess clause cannot determine
    the number of users in the given class.

 o  Added a -p option which allows the port to be specified for the control
    connection.  Command-line options are also provided to allow both the
    data and control port numbers to be specified.

 o  The daemon did not use the correct method to choose the port for the
    data connection in PORT mode.  The daemon will look up the data port in
    /etc/services.

###########################################################################

Changes in 2.4.2-BETA-18-VR9: Released 15 October, 1998

 o  Cleaned up a few large, confusing 'if' statements in the code.

 o  Changed my mind.  Regular expressions don't work well unless there's
    some way to tell they're there.  Backed out all regular expression
    matching for file/path names in the ftpaccess file.  This issue will be
    re-evaluated in a later version.  Globbing still works everywhere it's
    reasonable to use it.

 o  Dead code removed.

 o  Noted a number of places where strcmp was used but strcasecmp would be
    more appropriate.  This makes the ftpaccess file easier to maintain
    since small typographical errors won't matter so much any more.

 o  Added regular expression matching to deny-mail.

 o  There were reports of errors on AIX with malloc.  Testers confirm
    problem in send_data().  Working on the supposition that the problem is
    data alignment: the 'blksize' is off_t and malloc() wants a size_t;
    added a conversion step which should eliminate the problem.

 o  Fixed another discrepancy between the ANSI and K&R function
    definitions.

 o  Support globbing/wildcards throughout ftpaccess file for file and
    directory comparisons.

 o  Added for OPIE (One-time Passwords In Everything).  You will need OPIE
    libraries installed to use this.  OPIE is available from
    ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz

 o  The extensions for 'absolute' or 'relative' pathname comparison were
    not case-insensitive.  They should have been.

 o  Add 'allow-retrieve' to allow retrieval of files which would be denied
    by earlier 'noretrieve' clauses.  The ftpaccess clause is:

        allow-retrieve [absolute|relative] [class=<classname>]... [-] <filename> ...

 o  Support regular expressions in noretrieve.

 o  Port for Digital Unix with C2 Securuty (SECUREOSF) corrected.

 o  Allow access control commands to use address/netmask or CIDR.

 o  Corrected a hostname matching bug.

 o  Allow host names instead of IP numbers.

 o  Reduce the number of DNS lookups needed for virtual host support.

 o  xferlog now indicates success or failure.

 o  realpath() needs root permissions to prevent errors under certain
    security models.

###########################################################################

Changes in 2.4.2-BETA-18-VR8: Released 1 October, 1998

 o  AIX complained (rightly so) about several problems with the source
    which prevented compiling using K&R.

 o  DEC Unix 3 complains about the function 'main()' having more than two
    parameters for STRICT ANSI/ISO C compliance.  This warning can be
    safely ignored.

 o  Corrected several minor problems and fixed errors in syslog in the
    support/makefiles/Makefile.dec and src/makefiles/Makefile.dec which
    prevented bulding on DEC Unix 3.x.

 o  Added USE_VAR and USE_ETC for IRIX (sgi) configuration.

 o  Added two more virtual-server features so we can deny anonymous login
    on a virtual servier and so we can allow specified users to log in even
    though they're real or chroot'd to another directory.  Also added a
    feature to deny real, guest or anonymous on the default server.  The
    new ftpaccess clauses are:

        virtual <address> private
        virtual <address> deny <username> [<username> ...]
        virtual <address> allow <username> [<username> ...]