Go Back   FlashFXP Forums > > > >

ioFTPD General New releases, comments, questions regarding the latest version of ioFTPD.

Thread Tools Rate Thread Display Modes
Old 01-19-2010, 08:19 PM   #1
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194
Default ioFTPD v7.1.0 Released (BETA)


ioFTPD support for NTFS junctions and symlinks.

Symbolic user paths (keep symlinks in current working path).

Help / site help commands (actual helpfiles coming soon!).

View and enable/disable devices and services. Useful for multi-ISP or local network servers.

iTCL access to directory listings and support for symbolic path resolving.

Several new site commands as well as new options to existing commands.

NOTE: A number of the new features like symbolic paths and NTFS junction awareness are enabled by default. I suggest you leave them this enabled, but if you have problems they can all be disabled or their behavior modified.

Latest Version:
Link: ioFTPD-v7.1.0.zip

Link: ioFTPD-v7.1.0-src.zip
Yil is offline   Reply With Quote
Old 01-19-2010, 08:21 PM   #2
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194
Default ChangeLog

v7.1.0 Release Notes:

1) Files in \System:
   Changed : ioFTPD.[exe,pdb] - Version
   Changed : tcl85t.[dll,pdb] - Version (tcl version 8.5.8)
   Changed : ioFTPD.ini - summary of changes by section...
     [FTP_Service]      : Device_Name - Comments changed
                          Explicit_Encryption - Comments changed
                          Encryption_Protocol - Comments changed
                          Get_External_Ident - Deleted
                          BNC_Host_1 - Added
                          Data_Devices - Comments changed
                          Random_Devices - Comments changed
     [Network]          : Ident_Timeout - Comments changed
                          Ignore_Hostmask_Idents - Comments changed
                          Log_Suppression_Increment - Added
     [VFS]              : Modify_Stats_On_Delete, Comments changed
                          NTFS_Reparse_Method, Added
                          VFS_Exported_Paths_Only, Added
     [VFS_PreLoad]      : DELAY, changed default to disabled
     [FTP_SITE_Permissions] : Added  devices           =     M
                                     dircache          =   1VM
                                     help              =     *
                                     ioverify          =     M
                                     loadsymbols       =     M
                                     refresh           = 3GV1M
                                     services          =     M
     [Ftp]              : Who_Hidden_Users, Changed suggested setting (no -)
                          Keep_Links_In_Paths, Added
                          Enable_Config_Commands, Added
                          OnlineData_Extra_Fields, Added
     [Help]             : *New section*, after [Ftp] section.
     [Events]           : OnClosedKick, Modified setting
     [Themes]           : New settings for Services, Devices, and Help added

2) Directories in \lib:
     Replace entire reg1.2 directory.
     Replace entire dde1.3 directory.
     Replace entire tcl8 directory.
     Replace entire tcl8.5 directory EXCEPT if you have installed o-dog's
       nxTools temp fix you will need to preserve the 'lib\tcl8.5\twapi'

3) Files in \scripts:
   Changed : ioGuiExt.itcl

4) Files in \text\ftp:
   Added   : Devices.Body, Services.Body
   Changed : Color, UserInfo.Header

5) Files in \doc:
   Added   : Help.txt SiteHelp.txt
   Changed : Cookies.txt, iTCL.txt
   Deleted : help.db help.msg

6) Files in \source:
     Replace entire \include directory.

*** Incompatible changes/defaults:

7) Removed ioFTPD.ini option (Get_External_Ident under [FTP_Service]).
   Obsoleted by new BNC_HOST_# feature below.

8) New ioFTPD.ini option (Keep_Links_In_Paths under [Ftp]).  By default the
   server will now keep symbolic links in the user's current path as I think
   users will find this more intuitive.  Previously symbolic links were
   resolved whenever encountered but that behavior doesn't work well with
   pure virtual directories and with 'sorted' style dirs.  Internally the
   fully resolved path will also be computed at the same time for complete
   permission checking, scripts use, etc.  Example:
     /sorted/dir1 -> /movies/dir1
     CWD /sorted/dir1
     Disabled: PWD => /movies/dir1, CDUP => /movies
     Enabled : PWD => /sorted/dir1, CDUP => /sorted

   NOTE: The shared memory ONLINEDATA structure which is essentially
         unchanged since v5 (tweaked a bit below!) continues to use the
         fully resolved path since that is expected by old scripts.  This
         may cause some issues if an EXEC scripts internally resolves a
         relative (../dir style) links but it can't be avoided unless the
         feature is disabled entirely.
9) New ioFTPD.ini option ('OnlineData_Extra_Fields' under [Ftp]).  By default
   the server will now place additional fields into the ONLINEDATA shared
   memory structure that doesn't affect the alignment of any existing fields
   if compilers act the way I think they should.  If 3rd party shared memory
   EXEC scripts or dlls incorrectly display the transfer status or have
   problems then just disable this feature.

   The gritty details:
       BYTE      bTransferStatus;
         USHORT    usDeviceNum;
       ULONG     ulDataClientIp;
       USHORT    usDataClientPort;
   Since LONG values are word aligned and bTransferStatus should only take
   1 byte there should be 3 free bytes to play with.  I decided to use 2 of
   them to store the internal device number associated with the data transfer
   so scripts and ioGUI (updated itcl script only) can display this
   information.  I probably only needed 1 byte for usDeviceNum but decided to
   play it safe since, in theory, devices can be created, reconfigured,
   removed, etc and thus numbers over 255 might be possible in rare setups in
   the future.  
   Tested with the old SiteWho.exe and ioGui in shared memory mode.

10) New ioFTPD.ini feature (Enable_Config_Commands under [Ftp]).  This
    defaults to false which will disable all access to the ADD, DELETE,
    INSERT, REPLACE, and SAVE options of the 'site config' command even to
    'M' flagged users.  To re-enable this functionality just set this to True.
    I believe the ability to remotely modify the server's configuration should
    really only be done through script addons which can validate proposed
    changes and apply them atomically so the .ini file is never left in a
    broken state and the server unable to recover.  There is also a security
    issue.  While 'M' flagged users are implicitly trusted and the only ones
    with access to any of these options in the first place the potential for
    modifications to the underlying operating system and non-vfs-exported
    paths is something that shouldn't be possible by default.  The only known
    use of these options was to dynamically change the server's global and
    per-client bandwidth limits via the ioGUI addon.

11) The names of users and groups may no longer start with a plus sign ("+")
    to support things like "site chgrp +grpname" without ambiguity.

12) The maximum number of real directories that can be mounted on the same
    VFS mountpoint has been reduced to 31 from 32 so I can use a new bitmask
    to represent location information while reserving an "other" bit for
    things like submounts and virtual directories.

*** New Features

13) New ioFTPD.ini option (BNC_HOST_# under services such as [FTP_Service]).
    You can now limit access to the IDTN command to specific IP addresses or
    hostnames instead of just being able to enable/disable the option.  The
    command will also no longer accept the loopback or non-routable local
    addresses as valid remote IP addresses since they could always connect
    directly.  Thus 10.*.*.*, 127.*.*.*, 172.16.*.*, and 192.168.*.* are all

14) New ioFTPD.ini option (NTFS_Reparse_Method under [VFS]).  The server
    now supports 3 modes for handling NTFS directory junctions and symbolic

    IGNORE : Treats all directories the same which means the server isn't
             aware of NTFS reparse points at all [old method].

    SHARE  : Make the server aware of NTFS reparse points so it can just keep
             a link to the target directory instead of a completely separate
             directory listing in the dir cache.  This mode also allows the
             NTFS junction/symbolic link timestamp to be updated correctly
             because it's aware that the time we are interested in is that of
             the target directory and not the reparse point itself.  For
             servers with a lot of 'sorted' style links this will reduce
             memory usage.  NTFS reparse points still show up in directory
             listings as plain directories.

    SYMLINK: This is effectively 'SHARE' mode as far as the directory cache
             itself is concerned.  When displaying the directory in listings
             it should be shown as if it were an ioFTPD symbolic link to the
             target directory.  To me this is the preferred way to view the
             listing, however extra processing is required to determine the
             target of the link because NTFS junctions use real directory
             paths and the server must return a VFS path just as ioFTPD
             symbolic links do.  Therfore a real->symbolic path converter is
             used on the fly as the reversal is VFS mountfile dependent.
             [This is the new default]

    NOTE: 'SYMLINK' mode has a real advantage over 'SHARE' mode.  Because
          the listing is clear that you are dealing with a link and not a real
          directory you can safely and easily delete the link.  In FTP clients
          like Flash, Rush, etc this results in a simple file delete and they
          won't ask permission, or try, to decend into the directory and start
          deleting it's contents so it can remove the directory itself.  This
          is particularly important because doing so would remove the only
          copy of the files as they are actually in the target directory.

    WARNING: For the moment reverse VFS resolving used in 'SYMLINK' mode
             requires the target directory be exported in the .vfs file else
             it won't be reversible.

    The reverse resolver needs testing, and perhaps a few performance tweaks,
    so if you have problems try 'SHARE' mode.

    NTFS junctions (which are a type of reparse point):
    NTFS symbolic links (available on Vista+ as a type of reparse point):
    NOTE: ioFTPD doesn't create NTFS symbolic links (it uses ioFTPD symbolic
          links which are always available).

    IMPORTANT: If you use a script or if the server supports creating NTFS
               symbolic links in the future please see the above symbolic link
               article on how to enable the creation of symbolic links by
               regular users and non-elevated admins which is something you
               want to do for the account running ioFTPD.  NTFS junctions
               which are what most scripts use don't seem to require special

    Windows Explorer in Window XP and before show NTFS junctions (it doesn't
    support NTFS symlinks) as regular directories.  In Vista+ they show up
    the same as shell shortcuts ( .lnk files) which makes them far more useful
    since you realize you are dealing with a link and unlike ioFTPD symlinks
    you can access the target directory by simply clicking on it.

    It is unclear how NTFS drive/filesystem mountpoints should be handled.
    NTFS symbolic links to files instead of directories are possible, but
    ioFTPD will simply treat these as regular files.

15) New ioFTPD.ini option (VFS_Exported_Paths_Only).  This safety feature
    only works when 'NTFS_Reparse_Method' is set to 'SHARE' or 'SYMLINK'.
    When enabled it prevents accessing files and directories that are not
    explicitly exported via the VFS file.  Thus a NTFS junction/symlink to
    c:\Windows wouldn't work since it's unlikely you actually put that into
    a VFS file.  This is a safety feature for use with NTFS reparse points
    and doesn't effect ioFTPD symbolic links because they already had to
    be valid VFS paths and thus resolvable via the .vfs file.

16) Broken NTFS junctions/symlinks used to not show up in directory listings
    because they were unlistable.  For regular users they will now show up as
    a file with no permissions, i.e. "----------", which should be easy to
    spot.  However, 'VM' flagged users will see it as a symbolic link, but
    the target will be the invalid real path (not VFS!) from the NTFS junction
    or symbolic link.

17) Hidden/Private directories now support a new option that exempts the
    custom access check from links returned in virtual directory listings.
    Previously the returned VFS links in virtual directories were treated the
    same as regular ioFTPD symbolic links with regards to permission
    checking.  However, if the first character of the flag-style permission
    string for the hidden/private directory [chattr 0] is a ":" then that
    triggers the hidden/private access check override and users can now access
    the file or directory provided they have the normal user/group read (+r)
    permissions along the path and on the item itself.  There are few extra
    restrictions though.  The link returned in the virtual directory activates
    the override mode, but it will be de-activated before processing any
    ioFTPD symbolic links as a safety measure.  Similarly, the default it to
    not trust that users have access to the target of links returned in
    virtual directories, hence the additional requirement that hidden/private
    dirs must also have the ":" prefix option specified.
    *** This feature has not been tested. ***

18) New FTP command (HELP [-][<cmd>]).  Without an argument or just a '-'
    this command displays a short summary of known FTP commands.  With a valid
    command it provides information about how to use that command, valid
    arguments and options, and any other useful information the user may need
    to know.  A dash ('-') prefix before the command name, or by itself for
    the summary, disables theme/color output.  This may be necessary in some
    FTP clients if the output is to be captures and displayed into a different
    window than would normally process the color/themes.  The descriptions
    usually include a note about which RFC or webpage the command's formal
    description and syntax can be looked up at.

19) New site command (site help [-][<cmd>]).  Without an argument this command
    displays a short summary of site commands recognized by the server that
    the user should have access to.  Access to individual commands are not
    verified at runtime but a mechanism for limiting output to certain user
    flags is supported in the helpfile itself.  With a valid command that the
    user has access to (this is checked at runtime) it provides information
    about how to use the site command, valid arguments and options, and other
    useful information the user may need to know.  Undocumented site aliases
    are shown to the user if they have access to the command.  A dash ('-')
    prefix before the command name, or by itself for the summary, disables
    theme/color output (see above).  Details for 1VM restricted commands may
    include references to server .ini configuration options that affect how
    the server processes the command.

20) New site command (site refresh [<dir>]).  This command simply marks the
    current directory (no argument) or the specified directory in the
    directory cache as "stale" or "dirty" so the next time it is access it
    will be refreshed from disk.  You cannot refresh pure virtual directories
    at the moment, but just re-listing them will auto-refresh anyway.  There
    shouldn't really be a need for this command, but it can't hurt and is
    useful during testing.

21) New site command (site dircache).  This command shows the number of
    buckets in the directory hash along with the "max" number of items per
    bucket.  The actual number in each bucket is then shown in a table
    format so you can view the distribution.

    Summary counts are then displayed:
         Dirs -> Total number of directory entries in the hash table
        InUse -> Directories currently in use / locked
       Locked -> Soft-locked directories which are in the process of being
                 moved across filesystems.
       Shared -> Count of NTFS junctions/symlinks in cache, only valid
                 with 'NTFS_Reparse_Method' set to 'SHARED' or 'SYMLINK'.
    FileInfos -> Number of file/dir fileinfos referenced by dirs.
    InfosUsed -> Directory info structures in use.  Shared directories
                 retain a reference to the target directory and thus
                 the in use count will usually count shared dirs.
      No Info -> No directory info found which usually indicates an

22) New feature for site command (site chgrp <user>).  If you don't provide
    any group modification requests to site chgrp it will just list the groups
    the user currently belongs to now instead of complain about missing args.

23) New feature for site command (site chgrp <user> -*).  The original chgrp
    command only toggled group membership.  Later the [+-.] features were
    added to support setting the primary group and to explicitly request
    membership or non-membership in a group which was useful for people
    writing command macros.  However, there was no way to guarantee a final
    group list if the user had been added to additional groups the macro
    didn't know to remove them from.  Thus the new '-*' option which removes
    the user from all current groups so you can start from a clean slate.
    Please note that the user will always be a member of at least one group as
    GID #1 (by default 'NoGroup') is the group any user not a member of at
    least one group is automatically added to.

24) The output of 'site chgrp' has been changed to better indicate what
    changes are taking place and has been colorized when themes are enabled.

25) Modified site commands (site {chmod|chown} [-R] <arg> <wild*?>:).  The
    new ":" postfix operator indicates that you wish to just modify only
    files that match the wildcard.  This is the compliment to the already
    available "/" postfix operator that affects only directories.

26) Modified site commands (site {chmod|chown} <wild*?>[/|:]).  You can now
    specify a wildcard without enabling the recursive (-R) option.  You may
    also use the postfix "/" or ":" options to affect just directories or
    files in the target directory or current directory if no path specified.

27) Modified site command (site addip).  When specified with no arguments
    it will now display hostmask requirements for the logged in user rather
    than complain about insufficient arguments.

28) New option to the LIST/STAT/NLST commands (-d).  Limit output to
    directories and symbolic links.  This could technically be called a
    bugfix since the feature was broken but documented.

29) New option to the LIST/STAT/NLST commands (-f).  Limit output to
    just files.  The -d/-f options along with -1 option useful for scripters.

30) New option to the LIST/STAT commands (-V).  Available only to VFS Admins
    ('V' flag) and Master accounts ('M' flag) this option replaces the
    group field with a list of "-" separated indexes into the current VFS
    mount table for the directory where information from real directories was
    used to display the entry.  This allows you to see which files and
    directories span across real filesystems.  A result of just "-" means no
    information available, and a '0' index indicates a directory that is a
    mountpoint or virtual directory.  It is anticipated that in the future
    information about the actual mount table will be returned or made easily
    available but exactly how hasn't been determined yet.

31) The "site who" command now masks any paths used in commands and applies
    the hide mask to the data path as well.  Thus "MKD /private/foo" will
    show up as "MKD <hidden>" now.  Previously the current working directory
    determined if the command should be hidden but this didn't account for
    scripts that never leave the root directory and issue MKD, STOR, etc all
    with full paths into directories that shouldn't be displayed.

32) New site command (site services [ LIST | { ENABLE | DISABLE } <service> ]).
    LIST will display known services along with their configuration/status.
    ENABLE/DISABLE will modify the status of the specified service.  You may
    only disable a <service> if you are not connected to it.  

33) New site command (site devices [ LIST | { ENABLE | DISABLE } <device> ]).
    LIST will display known devices along with their configuration/status.
    ENABLE/DISABLE will modify the status of the specified device.  You may
    only disable a <device> if:
      1) It is not the default device of any active service.
      2) It is not the last active data device of any active service.
      3) You are not currently connected to the device.
    Because of these restrictions it is likely you will have to disable
    service(s) ('SITE SERVICES DISABLE <device>') before you will be able
    to disable some devices.

    If you have multiple ISP connections to a machine and wish to enable
    or disable them individually you will likely find it useful to create
    a unique service/device pair bound to each ISP rather than just one
    service using two devices.

34) New supercookie options (%[Service(name)(field)]).  Possible field names
    increased from 'Users' and 'Transfers' to the following list:
       Name                 Name of Service
       Active               "Active" or "Inactive"
       HostIP               "<invalid>", "<any>", or IP (i.e. "")
       HostPort             Control port listening on
       DeviceName           Name of device to bind control port to
       DeviceID             ID of device control port is bound to
       Users                Number of logged in users
       MaxClients           Maximum number of logged in users, -1 = no limit
       Transfers            Current data transfers in progress
       AllowedUsers         "<all>" or flag-style permission string
       CertificateInUse     "<disabled/invalid>" or cert name in use
       CertificateWhere     "Certificate_Name", "Device HOST=", "default", ""
       EncryptionType       "Explicit" or "Implicit"
       RequireSecureAuth    "<disabled>", or flag-style permission string
       RequireSecureData    "<disabled>", or flag-style permission string
       ExternalIdentity     "True" if at least one BNC defined else "False"
       MessageLocation      Path to message files
       DataDevices          List of device names or "<default>"
       DataDeviceSelection  "Random" or "FIFO"
       AcceptsReady         Number of pre-created sockets ready

35) New supercookie (%[Device(name)(field)(size)]).  Possible field names:
       Name            Name of device 
       ID              Numeric device id
       Active          "Active" or "Inactive"
       BindIP          "<invalid>", "<any>", or IP (i.e. "")
       HostIP          "<invalid>", "<any>", or IP (i.e. "")
       PasvPorts       num, num1-num2
       OutPorts        "<Service port - 1>", "<any>", num, num1-num2
       OutRandomize    "True" or "False"
       GlobalOutLimit  Max total outbound bandwidth for device
       GlobalInLimit   Max total inbound bandwidth for device
       ClientOutLimit  Max per-client  outbound bandwidth for device
       ClientInLimit   Max per-client inbound bandwidth for device
    The size argument is optional for GlobalOutLimit, GlobalInLimit,
    ClientOutLimit, and ClientInLimit and defaults to bytes, see Cookies.txt
    for a list of valid size specifiers.

36) New cookie (%[$Device]).  Name of device you are connected to.

37) New cookies (%[ShowService] and %[ShowDevice]) are valid only during
    'site services list' and 'site device list' respectively and indicate
    the item name to display information on.

38) Missing EXEC and TCL scripts now return a "Cannot find script" error
    message along with the error code.

39) Changed log entry for deleting user:
     Disabled user account '%s' and marked it for deletion (msg=%s).
    <none> or msg

*** iTCL Changes

40) Updated TCL to v8.5.8.

41) New iTCL global variable ($cwd).  This is the user's current visible
    working directory in the VFS (i.e. the output of the 'PWD' command) and
    is the path used to resolve relative links entered by the user.  This
    used to always be the same as $pwd (the normalized or absolute path) but
    if the new 'Keep_Links_In_Paths' option under [Ftp] is enabled then $cwd
    may contain symbolic links in it.  [resolve target $cwd] == $pwd.

42) New iTCL command option ([resolve Symbolic <path> [<cwd>]).  Similar
    functionality to [resolve vfs] but it will keep all symbolic paths in
    the result (and any from <cwd>) while internally processing them to
    follow the links, verify existance, and check permissions.

43) New iTCL command option ([resolve Normalize <path> [<cwd>]).  Just
    normalize (i.e. processes ".", "..", etc) in <path> to return a new VFS
    path without any relative links in it.  No permission checking, link
    resolving, etc is performed.  This is a simple string processing
    operation.  Starts from the supplied <cwd> which is taken as is (no
    normalizing/resolving/verification), the users current symbolic working
    directory if available or '/'.

44) New iTCL command option ([resolve list <path>]).  This option allows
    access to the internal directory listing logic for the first time by
    having it generate a list where each element contains all the detailed
    information about the file, directory, symlink, or virtual directory
    mountpoint available to the regular LIST, STAT, etc routines.  It's
    particularly useful in that it returns summary information when using
    merged/raided dirs.

    Each element of the list looks like:
      { name type uid user gid group size mode attributes
        win-last-time unix-last-time win-alt-time unix-alt-time
        subdir-count {realpath link ...}
        {chattr-0 chattr-1 chattr-2 chattr-3} }
    'type' field is: 'd' (dir), 'f' (file), or 'l' (ioFTPD link)
    'win*' times are the actual FILETIMEs.
    'unix*' times are in time_t or unix style times (seconds)
    'realpath' and 'link' come in pairs where 'realpath' is the full path
       to the real directory and link {} if a regular directory or in the case
       of an NTFS junction the fully resolved target directory path.  This
       sublist will be {} for virtual dirs or mountpoints.
    The first 4 "reserved" chattr fields are returned in order as well:
       Private, ioFTPD Symlink, <reserved>, <reserved>.

45) Modified iTCL command ([group delete <group>]).  You can now only delete
    groups with no members.  This check wasn't performed before and would
    leave the userdb in an invalid state.  First remove users from the group
    and then you can delete it.

46) Missing TCL scripts now record create a log entry in SystemError.log
    just as EXEC scripts do.  The test for TCL scripts before trying to
    execute them prevents things like ::tcl_pkgPath variable not being
    defined errors which obscures the real cause of the problem.

47) Fixed a bug by increasing the default buffer size allocated for names of
    TCL waitobject's which was causing ioNinja to generate all those
    translation error log entries.

48) Fixed a bug in [resolve <target|vfs>] when passing a <cwd> argument.

49) Tcl_RegisterHandleLockFunctions(AcquireHandleLock, ReleaseHandleLock) has
    been added as a new exported C function to the standard TCL dlls.  This
    is the first time the TCL code has been modified for use by ioFTPD.
    Previously only the makefiles and command line options used for compilation
    were touched.  In order to fix the race condition with new sockets being
    automatically inheritable by child processes it is necessary to share a
    lock with the rest of the server and thus some way to communicate what to
    share is required.  This function just registers 2 callback functions to
    call before and after socket and/or process creation.

*** Bug Fixes:

50) Fixed a bug in the %[site2] cookie when using the limit argument which
    could cause the server to crash.

51) Fixed incorrect file size being reported in data mode connection response.

52) Fixed a bug in manually preloading directories where the server was
    counting total opened directories and not directory depth for deciding
    when to stop caching dirs.  This meant effectively only the specified
    directory and it's subdirs was getting cached ahead of time and not the
    whole tree.

53) Fixed the 'Who_Hidden_User' line in the default.ini file.  It should be
    "sitebot" and not "-sitebot".

54) A rename that results in moving a directory tree across filesystems will
    no longer examine mountpoints under the move point because they won't be
    moved and thus shouldn't be included in the size used to determine if
    there is enough available free space on the target disk.

55) PBSZ command now provides the correct reply according the to FTP
    specification if a size other than '0' is requested.

56) Fixed a bug where Group ID #1 (by default 'NoGroup') could be deleted.
    GID #1 is special because any users without membership in any other group
    is automatically a member of this one and thus it should always exist.

57) Fixed a bug where TCL and EXEC scripts that output non-failure error
    codes lines such as "200-" and then throw an uncaught error or crashed
    were being interpretted as successful and would therefore have the normal
    "200 Command successful" response appended to them.  Now they return a
    "550 Command failed (script): <error>" failure message.  TCL scripts
    throwing exceptions return an error of "Fatal script error", while a
    range of normal windows error messages associated with processes and
    pipes are possible for EXEC scripts.

58) Fixed a bug with random data appearing in the ident field of the user's
    current hostmask if 'Ident_Timeout' was set to 0 to disable the server
    from sending IDENT requests.

59) Fixed a bug with parent directory information (..) in listings being

60) Fixed a bug where symbolic links were always counted as having been
    changed when site chmod ran across them even if they weren't.

61) Modified recursive routine to allow processing of directories only which
    can help save a little CPU time during preloading and during chmod -R on
    dirs only.

62) Fixed a bug in site chgrp that would leave a reference to a group open
    open in some situations that could keep the group from being
    deleted until the server was restarted.

63) Fixed a bug in adduser/gadduser where groups counters could be incremented
    twice .

64) Modified the way some error messages are displayed yet again...
    1) Try to print the error in english.
    2) Next try to print the error in the local language, but append the
       error number in parens after the text so I can look it up :)
    3) Just output "Unknown Error (num)"

65) Fixed a bug with the directory update routine modifying the old root
    FILEINFO structure which can be shared and shouldn't be touched.  This
    likely had no serious side effects, however in some cases the FILEINFO
    needed to be reallocated while still being shared or in use elsewhere
    which is very bad.  The server will now mark the old copy as stale and
    creates a new one to share.  The refcount will allow for cleanup of the
    old entry when it is no longer needed.

66) Fixed a bug where the server would mark a directory cache item as dirty,
    but it wouldn't mark the root FILEINFO structure as dirty and thus
    directory listings would continue to print the possibly incorrect
    subdirectory information from the FILEINFO reference they hold onto.
    There was an even worse possibility if the subdirectory was flushed from
    the cache while marked dirty but with the same timestamp.  In that case
    the subdir would never get updated in the parent directory listing until
    the parent dir was forced from the cache or the subdir timestamp changed.
    It should be noted that the actual contents of the subdir when entered
    were always correct, just the timestamp/perms/etc of the subdir listed
    from the parent would show up as incorrect.

67) Fixed a bug where an empty or unreadable .vfs file would cause the server
    to crash.

68) Fixed manipulation of the device list outside of holding the lock.

69) The MS encryption library ioFTPD uses seems to register/unregister the dll
    so that it can't be unloaded while there is an active context.  This is
    OK behavior, but it does mean it's acquiring the ldr_lock and that is what
    is getting stuck so I've wrapped a few calls to the encryption library
    with the same lock used for sockets and child processes.  If the problem
    goes away, we can undo this and see if the problem returns.  

70) Include Log_Suppression_Increment option in the default .ini.  Feature was
    introduced and documented in v6.5 ChangeLog but didn't make it into
    the file.  It basically allows you to increase the delay between each
    suppressed message instead of using the default of '1'.

71) Fixed the foreground/background color example in the message files as I
    had the colors switched from the description.

*** Internal non-visible changes:

72) Replaced hundreds of references to VOID * types all over the code with
    the real type being used to better debug and catch errors.

73) Eliminated DataOffset usage in most site commands to make things cleaner.

74) Modified the server configuration functions to no longer assume a single
    .ini file.  This allows for .ini style help files, and for color/theme
    information to be places into a separate file for easier updating.

75) Exported functions Config_* changed... added Config_GetIniFile.

76) Exported function OpenDirectory changed.


77) I don't think ioMoveDirectory understands NTFS junctions/symlinks and
    thus any rename that is really a move across filesystems that operates
    on one will end up moving the real items...  Will need to convert
    relative symbolic links into absolute links if copied if they will
    point to a different dir at their target location.
Yil is offline   Reply With Quote
Old 01-19-2010, 08:35 PM   #3
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194

There are quite a number of "simple" things that I wanted to get into this release that just didn't make it including user requested features. The framework for low disk space events for isteana got pulled since it had a problem with symbolic link stuff I added so I'll fix that and put it in the next one. The ability to re-write user-commands never got added and I thought that would be useful. Per-session transfer stats. They are all on the to-do list though.

The actual helpfiles (2 files, one for regular and one for site commands) will be ready in a few more days and should install by just putting them into the right directory if it's just text editing left.

This release modifies the TCL libraries for the first time so I can try to fix the lockup bug once again, and the TCL folk came out with a new release as well and figured I'd upgrade so unfortunately you have to change a bunch of crap instead of just the dll...
Yil is offline   Reply With Quote
Old 01-20-2010, 01:03 AM   #4
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194

Forgot to include this in the ChangeLog... but I tweaked the itcl version of ioGUI (just the server script not the executable) so it will display the service and device connections are made with now. The service was always supposed to be displayed but never was so I just combined the data into the field since it wasn't filled in correctly.

I also now fill in the data connection's IP/host/port information in the shared memory structure and the .itcl grabs it from there as well so ioGUI will now show you more info on the data connections.
Yil is offline   Reply With Quote
Old 01-21-2010, 05:00 AM   #5
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
Flow's Avatar
Join Date: Dec 2001
Posts: 306

Thanks Yil!, looking farward trying this release
Flow is offline   Reply With Quote
Old 01-21-2010, 08:34 AM   #6
Join Date: Feb 2007
Posts: 31

wow a lot of changes/features.. thanks Yil
I try it

edit: does BNC_HOST_# support the wildcard * ?

Last edited by l.d.m; 01-21-2010 at 12:55 PM.
l.d.m is offline   Reply With Quote
Old 01-21-2010, 02:15 PM   #7
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194

l.d.m: No, BNC_HOST_# just resolves names to an IP address during startup/rehash and then uses the address to check if it's a valid BNC. My assumption is BNCs are static IP addresses or at least have a fixed name that can be resolved. The one thing it doesn't do, now that I think about it, is handle multiple IPs returned from looking up a hostname. Probably not a big deal, but it only uses the first returned.
Yil is offline   Reply With Quote
Old 01-21-2010, 03:28 PM   #8
Join Date: Feb 2007
Posts: 31

thanks for your quick reply!

I also probably found a bug: I set "Explicit_Encryption = False" to use implicit ssl
it seems to work but then it stucks after PBSZ command:
Connected to *.*.*.*
Connected. Negotiating SSL session..
Ident Request: *.*.*.* - UserID: ldm
SSL negotiation successful...
SSL encrypted session using cipher DES-CBC3-SHA (168 bits)
220 FTP Server ready.
it happens with ioFTPD v7.1.0 and v7.0.3, but NO with v6.9.3
I use windows server 2k3 and ioFTPD run as SYSTEM account
and no errors in logs
l.d.m is offline   Reply With Quote
Old 01-21-2010, 05:41 PM   #9
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194

I haven't verified it, but I bet that's a real bug. V7.0 changed the way input/output routines are handled a bit in order to fix a bug with the way data was sent immediately to the user instead of through the regular buffering mechanism. I remember I had to update the way the server started accepting user input and I guess that change needs a tweak to work with implicit SSL connections which have already sent/received data during negotiation. I'll see what I can do for you.
Yil is offline   Reply With Quote
Old 01-23-2010, 08:13 PM   #10
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
Flow's Avatar
Join Date: Dec 2001
Posts: 306

Ok, now im freshly new reconf. Yil, what zs do you recomend? and that ioYil script you´v been working on. Does it reach like -alpha or -beta stage yet?. I like to try it out. Thanks
Flow is offline   Reply With Quote
Old 01-24-2010, 07:16 AM   #11
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194

Heya Flow. There is really only one choice for a site script at this point in time and that's nxTools. As far as zipscripts go, you do have a few choices but ioNinja seems like the popular choice as it has a eggdrop bot that works with it and nxTools. There are problems with both but no show stoppers.

As far as ioYil goes, I haven't really touched it in a months as I've been mainly playing with this release. There are a number of tricky elements with site scripts like ioYil because they are tied to the FTP pretty closely and can be rather fragile. For instance, the recent change to preserve symbolic links in the path is actually a rather important change because it affects resolving all relative paths that a site script needs to process when deleting/moving/renaming directories or files. Luckily normal usage isn't relative so everything sorta works if you just ignore the problem, but that isn't a good solution. There are perhaps 2-3 "big" items like the disk spanning / free space logic that I need to support in the server before I think it makes sense to switch back to the script writing so it will probably be a while...

I'm also going to have to seriously consider switching over to openSSL just to ditch the MS encryption libraries in the hope that doing so reduces or eliminates the lockup bug. Unfortunately I don't think I can't use the easy high level interfaces that most people use because of the way ioFTPD is setup so it will be harder to do...
Yil is offline   Reply With Quote
Old 01-24-2010, 09:24 AM   #12
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
Flow's Avatar
Join Date: Dec 2001
Posts: 306

OpenSSL sound really good. Thanks for the addon advice. Ill setup nxTools for now.
Flow is offline   Reply With Quote
Old 01-24-2010, 02:46 PM   #13
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
Flow's Avatar
Join Date: Dec 2001
Posts: 306

Ok, put on som nxMagic stuff. Everything seems smooth. Very cool
Flow is offline   Reply With Quote
Old 01-24-2010, 03:36 PM   #14
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
Join Date: Jan 2004
Posts: 301

when the site is locking up yil does it say if they are fxping and if so what the other server is? most issues i have had with flashfxp betas were with drftpd (as well as the little issue you sorted for me )

Just wondering if there is a pattern emerging
ArtX is offline   Reply With Quote
Old 01-25-2010, 12:14 AM   #15
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
Join Date: May 2005
Posts: 1,194

I don't think the lockup issue has anything to do with fxp specifically. However I think I might have mentioned that the MS encryption library uses a ref count on the number of encryption contexts still open so you can't unload the dll while it's still in use. It also seems to register/de-register itself a lot as some sort of crypto provider which makes sense but might be causing issues as both of those actions require acquiring the lock that gets stuck. Because openSSL is a simple library I'm hoping it won't do anything like that. Therefore I think I can say that the more SSL connections opened and closed the higher the chances of locking up. I'd really like to hear from someone who has the problem and doesn't use encryption at all. That would tell me I'm looking in the wrong place...

I should mention that external scripts (either via EXEC or called from inside TCL scripts) appear to be necessary to see this problem. I don't think anyone running a plain non-script server has locked up with the newer versions. On the other hand, the sites that really abuse ioFTPD all use scripts so it's hard to call that as well...
Yil is offline   Reply With Quote

commands, enabled, path, site, symbolic

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -5. The time now is 07:15 AM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)