                    1.3.4 Release Notes
                  ------------------------

This file contains a description of the major changes to ProFTPD for the
1.3.4 release cycle, from the 1.3.4rc1 release to the 1.3.4 maintenance
releases.  More information on these changes can be found in the NEWS and
ChangeLog files.

1.3.4rc1
---------

  + Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
  + Fixed directory traversal bug in mod_site_misc (CVE-2010-3867)
  + Fixed sql_prepare_where() buffer overflow (Bug#3536)
  + Added Japanese translation
  + Many mod_sftp bugfixes
  + Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later
  + Fixed handling of utmp/utmpx format changes on FreeBSD
  + Automatic detection of MySQL, Postgres library and header file locations
  + Added support for SMTP authentication in ftpmail script
  + Updated fnmatch implementation, using glibc-2.9 version.

  + New modules:

    mod_copy

      This module provides the SITE CPFR and SITE CPTO commands, for
      allowing a client to copy files from one location to another on the
      server, without requiring downloads/uploads.  See
      doc/contrib/mod_copy.html for details.

    mod_deflate

      This module provides support for MODE Z, which uses compression to
      reduce the number of bytes required for data transfers and directory
      lists.  See doc/contrib/mod_deflate.html for more information.

      Depending on the data being transferred, clients can see quite
      a difference in the speed; see:

        http://www.smartftp.com/support/kb/file.php?f=192

      for some performance numbers.

    mod_ifversion

      This module allows for version-specific configuration sections of
      the proftpd config file.  It is useful for using the same proftpd
      config across multiple servers where different proftpd versions may
      be in use.  See doc/contrib/mod_ifversion.html for examples.

    mod_qos

      This module allows administrators to set networking-specific
      "Quality of Service" (QoS) bits on the packets used by the server.
      More information can be found in doc/contrib/mod_qos.html

  + New configuration directives:

    Protocols

      This directive can be used to specify which protocols can be used
      by a connecting client.  It is designed to work with mod_ifsession,
      so that it can be set on a per-user/group/class basis.  See
      doc/modules/mod_core.html#Protocols for details.

    ScoreboardMutex

      This directive is used to explicitly configure the patch to a
      "mutex" file used for scoreboard locking; this file is used to
      increase proftpd's performance under load.  See:

        http://bugs.proftpd.org/show_bug.cgi?id=3208

      for more information.

    SFTPClientAlive

      This directive is used to enable a protocol-level "keep alive"
      check for mod_sftp SSH connections.  More details can be found
      in doc/contrib/mod_sftp.html#SFTPClientAlive.

    WrapOptions

      The mod_wrap2 module has additional behaviors such as checking the
      allow/deny rules at client connect time (versus after login),
      and checking the allow/deny rules using all of a client's DNS names.
      The WrapOptions directive is used to configure these behaviors;
      see doc/contrib/mod_wrap2.html#WrapOptions for more information.

  + Changed configuration directives:

    BanOnEvent

      The BanOnEvent directive of the mod_ban module now supports
      LoginRate events; see doc/contrib/mod_ban.html#BanOnEvent.  This
      lets mod_ban reject clients which are logging in too quickly.

    ListOptions

      The mod_ls module now supports the -c and -u options for the LIST
      command.  The ListOptions directive handles these options as well.
      See the ls(1) man page for more details on these options.

      In addition, the NoErrorIfAbsent ListOption can be used to configure
      whether mod_ls returns a 226 response code, rather than the default
      450 response code, for a LIST/NLST command for a path which does not
      exist.  Some clients are sensitive to this use case.

    LogFormat

      The LogFormat directive now supports two additional variables:
      %I for logging the total number of bytes read from the network,
      and %O for logging the total number of bytes written to the network.
      Note that these values do NOT include any bytes for the TCP packet
      overhead.  The mod_sql module's SQLLog directive also supports these
      variables.

      These variables can be used to get a better idea of network traffic
      per session/client, as well as for comparing the relative network
      traffic of e.g. FTPS versus SFTP.
 
    SFTPOptions

      The mod_sftp module did not interoperate well with old ssh.com or
      with Tectia SSH clients.  Support for these clients was added to
      mod_sftp via the OldProtocolCompat SFTPOption (Bug#3480).  See
      doc/contrib/mod_sftp.html#SFTPOptions for more information.

    TLSOptions

      When verifying a client's certificate, the mod_tls module could
      be configured to check the iPAddress and/or dNSName portions of the
      SubjectAltName section of the client certificate, via the TLSOptions
      directive.  A new CommonNamedRequired TLSOptions is now supported,
      which tells mod_tls to check the CommonName (CN) section of the
      client certificate.  See doc/contrib/mod_tls.html#TLSOptions for
      details.

    UseSendfile

      The UseSendfile directive can now be used in <Directory> sections and
      .ftpaccess files.  This means that sendfile(2) support can be disabled
      on filesystems which do not support it, while still be used on other
      parts of the filesystem which can support it.

      The UseSendfile directive can now also configure how many bytes of
      a file to send via sendfile(2) at a time; this can be either in number
      of bytes, or in percentage of the file size.  The advantage of this
      is that now the ScoreboardFile (and ftptop/ftpwho) can show download
      progress rates when UseSendfile is enabled.

      See doc/howto/Sendfile.html for the full details.

  + Deprecated configuration directives:

    DisplayGoAway

      Support for this directive has been removed.

Last Updated: $Date: 2010/12/17 22:39:38 $
