All notable changes to the project are documented in this file.
v2.15 - 2021-12-20
- CI status badge now to points to GitHub Actions, no more Travis-CI
- Silence some developer debug messages
- Always skip
.
and..
in FTP listings - Internal refactoring and code cleanup
- Fix mdoc warning, found by lintian
- Fix regression introduced in v2.14, server directory name shown in FTP
listings instead of
.
, e.g.MLST .
showed the directory name - Fix #36: for real this time, now also with a test case to verify
- Fix #38: duplicate entries in FTP listings, regression in v2.14. Caused by (initially unintentional) removal of sorted listings, where directories prior to v2.14 were listed first. This change, albeit an accident, actually helped clean up the code base and speed up replies
v2.14 - 2021-12-11
- Add support for
-o pasv_addr=ADDR
command line argument to override - Add support for
-p PIDFILE
command line argument the address passed to the client in passive mode, useful for some types of NAT setup - Add support for new libite (-lite) library header namespace
- Restored .tar.gz release archives
- Replaced Travis-CI with GitHub Actions
- Issue #36: MLST command without any argument blocks
- Fix memory leak in MLST/MLSD, only affects no-MMU systems where the kernel cannot free memory of processes on exit
v2.13 - 2020-06-30
- Unit test framework in place, with regression test for issue #31
- Issue #31: Socket leak in daemon accept() handling causing "Too many open files". Effectively causing denial of service
- Minor memory leak fixed, only allocated once at startup. Affects only non-MMU systems
v2.12 - 2020-05-25
- Use common log message format and log level when user enters an invalid path. This unfortunately affects changes introduced in v2.11 to increase logging at default log level.
- Issue #30: When entering an invalid directory with the FTP command CWD,
a NULL ptr was deref. in a DBG() message even though the log level is
set to a value lower than
LOG_DEBUG
. This caused uftpd to crash and cause denial of service. Depending on the init/inetd system used this could be permanent.
v2.11 - 2020-01-05
- Increased logging at default log level. Now users logging in,
downloading, uploading, directory creation/removal is logged by
default. Start with
-l error
to silence uftpd again
- Fix buffer overflow in FTP PORT parser, reported by Aaron Esau
- Fix TFTP/FTP directory traversal regression , reported by Aaron Esau
- Fix potential DOS through non-busy loop and segfault, by Aaron Esau
- Fix potential segfault through empty FTP password, by Aaron Esau
- Fix potential segfault through FTP PORT command, by Aaron Esau
v2.10 - 2019-08-15
- Issue #25: Add support for TFTP write support (WRQ)
- Slightly improved debug messages.
- Minor fix to TFTP error codes, only use standardized codes, and code 0 + custom error message for everything else
v2.9 - 2019-07-29
- Reduced log level for "Invalid path" and "Failed realpath()" syslog messages. Only relevant when debugging. For use on the Internet it will otherwise cause an excessive amount of logs due to GXHLGSL.txt
- Debian packaging fixes and updates:
- Reverts
-o writable
, due to fixing issue #22 - Fixes failing
dpkg -P uftpd
due to bug in postrm script
- Reverts
- Issue #21: Check for
pkg-config
before looking for deps. - Issue #22: Check FTP root security after having dropped privs.
This means no longer having to run with
-o writable
by default - Issue #23: FTP command
CWD /
does not work, affects all clients. This is a regression introduced in v2.8 while fixing #18
v2.8 - 2019-05-28
- The FTP command processor now always converts all inbound commands to uppercase to handle clients sending commands in lowercase
- Any arguments to the FTP
LIST
command are now ignored - Improved user feedback on bad FTP root error message
- Fix #18: KDE Dolphin, FTP client interop problems.
v2.7 - 2019-03-03
- Documentation updates, commands added in v2.5 and
writable
opt - Require libuEv v2.2, or later
- Issue #17: Issues with relative FTP root when running unprivileged
v2.6 - 2018-07-03
Bug fix release.
- Issue #16: 100% CPU when client session exits
- Add missing include file for
gettimeofday()
- Flush stdout logging when running in the foreground
v2.5 - 2018-06-06
The VLC Android app release.
- Support for
ABOR
FTP command, issue #14 - Support for
REST
FTP command, issue #13 - Support for
EPSV
andEPSV ALL
FTP commands, issue #11 - Basic support for
MLST
andMLSD
FTP commands to provide support for the VLC android app., issue #9 and #12 - Add
OPTS MLST <ARG>
to let client manage order of facts listed inMLST
andMLSD
calls - Add
CDUP
FTP convenience command, alias toCWD ..
- Add
DELE
FTP command to delete files - Add
MKD
andRMD
FTP commands to create and remove directories - Refactor
LIST
,RETR
,STOR
andPASV
FTP commands for speed
- Really fix 100% CPU problem, issue #9. Multiple failure modes in
libuEv and improper handling of
waitpid()
in event loop callback - Use libuEv callback also for
PASV
FTP connections - Fix
NLST
+LIST
line endings, must be \r\n
v2.4 - 2017-09-03
Bug fix release.
- Handle non-chrooted use-cases better, ensure CWD starts with /
- Increased default inactivity timer: 20 sec --> 180 sec
- Ensure FTP
PASV
andPORT
sockets are set non-blocking to prevent blocking the event loop - README.md updates, add usage section and improve build + install
- Fix 100% CPU issue. Triggered sometimes when a user issued
CWD ..
v2.3 - 2017-03-22
Bug fix release.
- Add support for
MDTM
, modify time, some clients rely this - Add support for correct
SIZE
when in ASCII mode - Add basic code of conduct to project
- Add contributing guidelines, automatically referenced by GitHub when filing a bug report or pull request
- Fix 100% CPU bug caused by
RETR
of non-regular file or directory - Fix segfault on missing FTP home
- Fix ordering issue in fallback FTP user handling, introduced in v2.2
- Fix error message on
CWD
to non-directory - Fix
.deb
generation and debconf installation/reconfigure issues
v2.2 - 2017-03-14
- Sort directories first in FTP
LIST
command - Make sure to exit all lingering FTP sessions on exit
- Logging: reduced verbosity of common FTP commands
- Logging: show client address on failed file retrieval
- Full Debian/Ubuntu
.deb
build support, including debconf, asking user what services (FTP and/or TFTP) to run. - Verify FTP/TFTP root directory is not writable by default
- New option to allow writable FTP/TFTP root, disabled by default
- Fix FTP directory listings, was off-by-one, one entry missing
- Issue #7: Spelling error in
README.md
- Issue #8: Install missing symlinks for
in.ftpd.8
andin.tftpd.8
v2.1 - 2016-06-05
- Remove GIT submodules for libuEv and libite, these two libraries are now required to be installed separately.
- The output from
uftpd -v
now only shows the version.
v2.0.2 - 2016-02-02
Minor fix release.
- Distribution build fixes for companion libraries
- Missing critical files in uftpd distribution
v2.0.1 - 2016-02-02
Minor fix release.
- Upgrade to libite v1.4.2 (GCC 6 bug fixes)
- IPv6 address conversion error, found by GCC 6
- Make install of symlinks for
in.tftpd
&in.ftpd
idempotent. Check any existingin.ftpd
andin.tftpd
symlinks before bugging out. Fixes problem of uftpd install failing on already existing symlinks.
v2.0 - 2016-01-22
Sleek, smart, simple ... UNIX
- Greatly simplified command line syntax
- Run inetd services by calling
in.ftpd
andin.tftpd
symlinks - Migrate to GNU configure and build system
- Update and simplify man page
- Build statically against bundled versions of libite (LITE) and libuEv
- Update bundled libuEv to v1.3.0
- Update bundled libite to v1.4.1
- Do not allow VERSION to be overloaded by build system
- Do not enforce any optimization in Makefile, this is up to the user
- Minor fixes to redundant error messages when running as a regular user
v1.9.1 - 2015-09-27
Minor fix release.
- Upgrade to libuEv v1.2.3 (bug fixes)
- Upgrade to libite v1.1.1 (bug fixes)
- Add support for linking against external libuEv and libite
- Misc. README updates
- Check if libite or libuEv are missing as submodules
v1.9 - 2015-07-23
Bug fix release. FTP and TFTP sessions can now run fully in parallel, independent of each other. Also improved compatibility with Firefox built-in FTP client and wget.
- Upgrade to libuEv v1.2.1+ for improved error handling and a much cleaner API.
- Major refactor of both FTP and TFTP servers to use libuEv better.
- Move to use libite v1.0.0 for
strlcpy()
,strlcat()
,pidfile()
and more. - Add proper session timeout to TFTP, like what FTP already has.
- Add support for
NLST
FTP command, needed for multiple get operations. This fixes issue #2, thanks to @oz123 on GitHub for pointing this out! - Add support for
FEAT
andHELP
FTP commands used by some clients.
- Fix issue #3: do not sleep 2 sec before exiting. Simply forward the
SIGTERM
to any FTP/TFTP session in progress, yield the CPU to let the child sessions handle the signal, and then exit. Much quicker! - Fix issue #4: due to an ordering bug between the main process calling
daemon()
andsig_init()
, we never got theSIGCHILD
to be able to reap any exiting FTP/TFTP sessions. This resulted in zombies(!) when not being called asuftpd -n
- Fix issue #5:
LIST
andNLST
ignores path argument sent by client. - Fix issue #6: FTP clients not detecting session timeout. Caused by
uftpd not performing a proper
shutdown()
on the client socket(s) beforeclose()
. - Fix problem with libuEv not being properly cleaned on
distclean
. - Fix problem with uftpd not exiting client session properly when client simply closes the connection.
v1.8 - 2015-02-02
- Updated README.md
- Add TODO.md
- Add CHANGELOG.md, attempt to align with http://keepachangelog.com
- From now on Travis-CI only runs when pushing to the dev branch, so all new development must be done there.
- Upgrade to libuEv v1.0.4
- Fix insecure
chroot()
reported in Coverity Scan CID #54523. - Minor cleanup fixes.
v1.7 - 2014-12-21
The TFTP Blocksize Negotiation release.
- Support for RFC 2348, TFTP blocksize negotiation
- Support for custom server directory, instead of FTP user's
$HOME
- Log to
stderr
when running in foreground and debug is enabled
v1.6 - 2014-09-12
Fix missing libuEv directory content generated by make dist in v1.3, v1.4, and v1.5.
- Since the introduction of the event library libuEv the make
dist target has failed to include the libuev sub-directory.
This is due to the
git archive
command unfortunately not supporting git sub-modules.
v1.5 - 2014-09-12 [YANKED]
Major fix release, lots of issues reported by Coverity Scan fixed. For details, see https://scan.coverity.com/projects/2947
Note: This release has been yanked from distribution due to the tarball (generated by the make dist) missing the required libuEv library. Instead, use v1.6 or later, where this is fixed, or roll your own build of this release from the GIT source tree.
- Add support for Travis-CI, continuous integration with GitHub
- Add support for Coverity Scan, the best static code analyzer, integrated with Travis-CI -- scan runs for each push to master
- Fix nasty invalid
sizeof()
argument torecv()
causing uftpd to only read 4/8 bytes (32/64 bit arch) at a time from the FTP socket. This should greatly reduce CPU utilization and improve xfer speeds. Found by Coverity Scan. - Fix minor resource leak in
ftp_session()
whengetsockname()
orgetpeername()
fail. Minor fix because the session exits and the OS usually frees resources at that point, unless you're using uClinux. Found by Coverity Scan. - Various fixes for unchecked API return values, prevents propagation of errors. Also, make sure to clear input data before calling API's. Found by Coverity Scan.
- Fix oversight in checking for invalid/missing FTP username. Found by Coverity Scan.
- Fix potential attack vector. Make sure to always store a NUL string terminator in all received FTP commands so the parser does not go out of bounds. Found by Coverity Scan.
- Fix parallel build problems in
Makefile
.
v1.4 - 2014-09-04 [YANKED]
Note: This release has been yanked from distribution due to the tarball (generated by the make dist) missing the required libuEv library. Instead, use v1.6 or later, where this is fixed, or roll your own build of this release from the GIT source tree.
- Update documentation, both built-in usage text and man page.
- Fix bug in inetd.conf installed by .deb package for TFTP service. Inetd forked off a new TFTP session for each connection attempt.
v1.3 - 2014-09-04 [YANKED]
Added support for TFTP, RFC 1350. Integration of the asynchronous event library libuEv, to serialize all events. Massive refactoring.
Note: This release has been yanked from distribution due to the tarball (generated by the make dist) missing the required libuEv library. Instead, use v1.6 or later, where this is fixed, or roll your own build of this release from the GIT source tree.
- Incompatible changes to the command line arguments, compared to v1.2!
- Add libuEv as a GIT submodule, handles signals, timers, and all I/O.
- Refactor all signal handling, timers, and socket
poll()
calls to use libuEv instead. Much cleaner and maintainable code as a result. - Clarify copyright claims, not much remains of the original FtpServer code, by Xu Wang.
v1.2 - 2014-05-19
- Add support for logging to stdout as well as syslog.
- Fix embarrassing problem with listing big/average sized directories.
v1.1 - 2014-05-04
Haunted zombie (¬°-°)¬ release.
- Add strict FTP session inactivity timer, 20 sec.
- Change some logs to informational, only seen in verbose
-V
mode. - Revise .deb package slightly and add support for creating an FTP user and group on the system. This is used to both find the default FTP home directory, to serve files from, and also the UID/GID to drop to when being started as root.
- Fix zombie problem. Forked off FTP sessions did not exit properly and
were not
wait()
'ed for properly, so uftpd left a zombie processes lingering after each session. - Fix ordering bug in security mechanism "drop privs"
v1.0 - 2014-05-04
First official uftpd release! :-)
- Forked from FtpServer, by Xu Wang.
- Add permissive ISC license.
- Massive refactor, code cleanup/renaming and "UNIX'ification":
- Add actual command line parser.
- Cleanup all log messages.
- Reindent to use Linux KNF.
- Use system's FTP user to figure out FTP home directory, with
built-in fallback to
/srv/ftp
- Use system's
ftp/tcp
port from/etc/services
. - Chroot to FTP home directory.
- Support for dropping privileges if a valid FTP user exists.
- Use
fork()
instead of pthreads for FTP client sessions. - Daemonize uftpd by default, detach from controlling terminal and reparent to PID 1 (init).
- Add support for running as an
inetd
service. - Add wrapper for
syslog()
instead of usingstdout/stderr
. - Add basic
uftpd.8
man page.
- Add OpenBSD
strlcat()
andstrlcpy()
safe string functions. - Add support for NOOP (keepalive sent by some clients).
- Add support for SIZE.
- Add support for TYPE, at least
IMAGE/BINARY
. - Add basic dependency handling to Makefile.
- Add support for building Debian .deb packages.
- Handle "walking up to parent" attacks in several FTP functions.
- Fix memory leaks in
recv_mesg()
caused by dangerous homegrown string functions. Replaced with safer OpenBSD variants. - Fix absolute paths in FTP
LIST
command. - Fix Firefox FTP mode
LIST
compatibility issue. - Fix "bare linefeeds" warning from certain FTP clients in ASCII mode.
Lines must end in the old
\r\n
format, rather than UNIX\n
.