Stefan Hornburg (Racke)

Pure-FTPd 1.0.23 has been released

2009-10-23

Version 1.0.23 has just been released.

Grab it from http://download.pureftpd.org/pub/pure-ftpd/releases/

This version should fix a lot of old-standing issues. Transfers are more

reliable and should flawlessly handle any kind of cancelation and

disconnection. Virtual quotas should also be way better than they used to be.

FTP over TLS is also more reliable, way faster than it used to be and

overall compatibility with clients has been greatly enhanced. Logging also

received some improvement.

Some limitations of the initial TLS support were also lifted, like the

STAT command that used to be intentionally blocked in this context.

Noticeable changes for users and sysadmins :

- LDAP authentication can now be performed through binding in addition to

passwords. In this mode, the server asks the LDAP server to bind as the user

trying to authenticate, and accepts or rejects the session according to the

result. The FTP server doesn't have to retrieve any password, therefore

allowing to use an unprivileged LDAP account.

You can change the authentication method through the LDAPAuthMethod

property in the pureftpd-ldap.conf configuration file.

- Atomic uploads now only happen when they would really be needed, or if

-0 (--notruncate) has been enabled. Using them remain recommended if you're

using virtual quotas, though.

- Dangling .pureftpd-upload-* files should be a thing of past.

- Up to 10000 files per directory are now listed by default instead of 2000.

I still fail to catch why people are piling on so many files in a single

directory, and worse, are listing them all using FTP. But bumping this limit

looks like a common request.

- When a user blows his quota, the upload is immediately aborted. This is a

radical changes from previous versions, where the upload wasn't interrupted,

but the file got deleted afterwards. This logic (giving time to delete other

files in order to make room before the end of the upload) turned out to be

extremely confusing. Also, the ALLO command, as performed by some clients

before an upload, will now immediately tell the client whether an upload can

take place without blowing the quota. So that the upload won't start at all if

there's no room for it.

- The --fortunesfile /path/to/file.txt option now totally disables the

default banner, and only your custom one is displayed (without the << >>

quotes).

Some noticeable changes for packagers :

- ./configure --with-localstatedir=... can change the base directory for

run-time files like the scoreboard (still defaults to /var).

- man pages have paths (like /etc and /var/run) rewritten according to your

confinguration.

- privsep is on by default. Use --without-privsep if you really want to

disable this.

- ./configure --without-banner is gone. It's pointless now since the banner

can be totally changed using --fortunesfile=...

- It's recommended (although not absolutely necessary for this version) to

create a dedicated unprivileged user named _pureftpd or pureftpd, without

any shell nor valid home directory. Don't use it for anything, even not for

virtual users.

- PAM support is compiled by default on OSX.

- "enabled" as a value for FTPStatus is accepted again (LDAP)

- ./configure --with-implicittls builds a FTPS (implicit SSL) server. The

protocol is incompatible with FTP and explicit SSL, and the port number is

different (990). Don't enable this unless you absolutely want implicit SSL.

Some third-party projects are listed in the README.Contrib file. Don't

hesitate to report other related projects.

Last but not least, there's now a github repository:

http://github.com/jedisct1/pure-ftpd

And a mailing-list archive:

http://archives.pureftpd.org/archives.cgi?100

(Posted by author Frank Denis on the mailing list).