Softpedia >Windows >Programming >Components & Libraries >edtFTPj/PRO >  Changelog

edtFTPj/PRO Changelog

What's new in edtFTPj/PRO 7.7.0

May 2, 2024
  • Add support for diffie-hellman-group16-sha512 & diffie-hellman-group18-sha512 to SSH/SFTP.
  • Add workaround for server bug in RSA 256 and RSA 512 public keys that are sent.
  • Replace TLS_DHE_RSA_WITH_AES_256_CBC_SHA384 with TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS.
  • Fix issue for TLS 1.2 re incorrect CertificateVerify hash being returned, which caused connectivity problems with some algorithms.

New in edtFTPj/PRO 7.6.0 (Nov 13, 2023)

  • Add support for SCP to the AsycnFileTransferClient and SecureFileTransferClient.
  • Fix bug in dirDetails() where user home directory is root.
  • Fix timing issue with executeCommand in SSH.
  • Fix bug in RSA 256 and RSA 512 key reading.

New in edtFTPj/PRO 7.5.0 (Jul 6, 2023)

  • Add support for the new PuTTY private key format (v3).
  • Add support for proxy settings in scripting.
  • Fix bug in SFTP event notifications. The bytesTransferred method reports the incorrect filename for multiple transfers.
  • Fix bug in recursive directory deletes. It was failing for directories with multiple levels.
  • In the multi-protocol client, set the default encoding for the control connection to UTF-8.

New in edtFTPj/PRO 7.4.0 (May 12, 2023)

  • Allow FXP_READ to return less bytes than requested if not pipelined downloads.
  • Improve executeCommand to include error output.
  • Fix resume bug. Resume doesn't work properly for certain servers, as the code gets the attribute size of the partially upload file from the server and that's returned as zero. Much safer just to supply the resume size which we know.
  • Fix SSLSocket close() issue (potential memory leak).

New in edtFTPj/PRO 7.3.0 (Oct 27, 2022)

  • Add support for rsa-sha2-256 and rsa-sha2-512 host key authentication for SSH/SFTP.
  • Add support for rsa-sha2-256 and rsa-sha2-512 for client public key authentication for SSH/SFTP.

New in edtFTPj/PRO 7.2.4 (Oct 6, 2022)

  • Fix "Invalid hash" error in TLS 1.2.

New in edtFTPj/PRO 7.2.3 (Mar 29, 2022)

  • Fix bug in ECDSA public key encoding (which can cause public key authentication failures with OpenSSH servers).

New in edtFTPj/PRO 7.2.2 (Mar 4, 2022)

  • Change host public key checking so entire known_hosts file is checked instead of failing when a public key entry matching the hostname is found (and is a mismatch).

New in edtFTPj/PRO 7.2.1 (Feb 15, 2022)

  • Less stringent checks changing directory. Some customers have reported failures with upgraded EFT servers when changing directory (File not found errors).
  • In SFTP, FTPFile.getPath() now returns the full path (and is consistent with FTP).

New in edtFTPj/PRO 7.2.0 (Oct 6, 2021)

  • Add setMaxQueuedReadRequests() to SSHFTPClient & SecureFileTransferClient. This allows disabling/enabling of queued read requests in SFTP.
  • Add AES256-CTR support to the new OpenSSH private file format reader. This is the new default algorithm.

New in edtFTPj/PRO 7.1.0 (Jun 16, 2021)

  • Add support for reading private keys stored in the new proprietary OpenSSH format.
  • Add diffie-hellman-group14-sha256 to SSH key exchange.
  • Fix bug with preferred host key algorithm and known_hosts interaction. Now combines available known_host algorithms with the preferred order that is previously set.

New in edtFTPj/PRO 7.0.0 (Feb 26, 2021)

  • Add support for ECDSA in SSH/SFTP. Includes ECDSA key exchange algorithms, ECDSA host keys and ECDSA user keys.

New in edtFTPj/PRO 6.2.0 (Feb 19, 2021)

  • Add hmac-sha256 and hmac-sha512 aliases for SFTP.
  • Workaround for SFTP servers that return a 0 file size, resulting in 0 size downloads.
  • Add fix for SFTP servers that cannot cope with pipelined downloads, resulting in downloaded files that are corrupted.
  • Fix key re-exchange issue.

New in edtFTPj/PRO 6.1.0 (Jul 6, 2020)

  • Download optimisation for high latency connections. Multiple read requests are now bundled together to reduce read times.
  • Fix bug in TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384. An SSLPrematureCloseException was received when this cipher suite was selected. Add SHA384 to signature/algorithm pairs in TLS 1.2.
  • Better logging of SSH channel open failures.

New in edtFTPj/PRO 6.0.0 (Jan 22, 2020)

  • Add support for TLS GCM ciphers:
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
  • TLS_RSA_WITH_AES_128_GCM_SHA256,
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
  • TLS_RSA_WITH_AES_256_GCM_SHA384,
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA384
  • Remove redundant TLS ciphers. If they are explicitly used in code they need to be removed and the code recompiled.

New in edtFTPj/PRO 5.3.2 (May 22, 2019)

  • Add support for setting SSLFTPValidator to SecureFileTransferClient.
  • Move BouncyCastle classes to a new namespace to avoid conflicts.
  • Improve handling of exists/changeDirectory.
  • Update with new JCE certificate. Note that this jar will only authenticate properly on Java releases 8u121, 7u131, 6u141 and later, as well as any OpenJDK release.

New in edtFTPj/PRO 5.3.1 (Oct 11, 2018)

  • Fix bug that results in NullPointerException in enableCipherSuites when using SecureFileTransferClient.

New in edtFTPj/PRO 5.3.0 (Sep 18, 2018)

  • Added elliptic curve cipher suites (TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA).

New in edtFTPj/PRO 5.2.6 (Aug 4, 2018)

  • Fix HTTP proxy code so it works with z/OS.
  • Ignore certificate load failures from unsupported certificate types when reading root certificates file.
  • SecureFileTransferClient and ScriptEngine now send PROT P for implicit mode FTPS as this is required by some servers, including Filezilla. If it is not supported by the server, the error is ignored.
  • AdvancedSSHSettings now has a setter for the validator, so SSHFTPValidator can now be replaced by a custom validator.

New in edtFTPj/PRO 5.2.5 (May 1, 2018)

  • Convert Developer's Guide to new HTML format.
  • Add ability to set a minimum TLS version.
  • Fix bug where Java connection pool opened unlimited connections (happened when deleting an entire directory).
  • Fix bug in SSHFTPOutputStream (Failed when the remote file being written to did not exist previously).
  • Send client SSH version string immediately on connection to the server (instead of waiting for the server to send its version string).
  • Minimum Java version supported is now 1.5.

New in edtFTPj/PRO 5.2.4 (Oct 27, 2017)

  • Modify reading of FTP replies to trim garbage characters prior to reply code.
  • Fix for SSH/SFTP server sending back corrupt file attribute messages. Now ignores errors and sets defaults instead of failing.
  • Deprecate use of SSH_MSG_KEX_DH_GEX_REQUEST_OLD in SSH/SFTP - some servers fail the key exchange otherwise.
  • Fix for keepAlive() for FTP servers that forbid NOOP.
  • Fix bug in dirDetails() where getPath() was not including the filename.

New in edtFTPj/PRO 5.2.3 (May 12, 2017)

  • Another TLS 1.2 fix for servers that only accept SHA256 signature algorithms.

New in edtFTPj/PRO 5.2.2 (May 12, 2017)

  • Fix TLS 1.2 issue - now sends the SignatureAlgorithms extension if TLS 1.2 is one of the protocol versions presented by the client. Apparently required for Microsoft IIS.

New in edtFTPj/PRO 5.2.1 (Nov 30, 2016)

  • Fix bug in TLS 1.2 where an error message "Unsupported hash or sig" is logged.
  • Fix ProFTPClient bug where proxy functionality was disabled.

New in edtFTPj/PRO 5.2.0 (Nov 10, 2016)

  • Add support for some SHA-256 ciphers in TLS: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256.
  • Fix DHE (Diffie-Helman Ephemeral) cipher usage for TLS 1.2.
  • Fix memory leak in SecureFileTransferClient.

New in edtFTPj/PRO 5.0.1 (Jun 13, 2016)

  • Added setMaxSSLVersion.
  • Fixed bug in TLS 1.2 client certificate verification.
  • Fix to dir list - ignore socket creation exception if empty directory.

New in edtFTPj/PRO 5.0.0 (Jun 13, 2016)

  • Now supports TLS 1.2.
  • Now uses the default OS settings for SO_SNDBUF and SO_RCVBUF unless explicitly set by setNetworkBufferSize().
  • Fix bug with setDisableChModAfterCreateDir().

New in edtFTPj/PRO 4.8.1 (Jun 13, 2016)

  • Support for SHA-384 signed certificates.
  • Added dirDetailsM() for listing using MLSD to SSLFTPClient.
  • Removed dependence on java.security.Security.getAlgorithmProperty (which is deprecated).

New in edtFTPj/PRO 4.8.0 (Aug 6, 2015)

  • Added new HMACS for SSH/SFTP: hmac-sha2-512, hmac-sha2-256.
  • Added new key exchange algorithm for SSH/FTP: diffie-hellman-group-exchange-sha256.
  • Added support for reading PKCS#8 formatted private keys in client certificates.
  • Fix executeCommand so that it doesn't fail if remote process writes to stderr but succeeds.
  • MVSFileParser fixes.
  • Fix NullReferenceException in FTP passive mode.

New in edtFTPj/PRO 4.7.0 (Jan 24, 2015)

  • TLS 1.1 implemented (SSL 3.2).
  • Set MAX_CERTIFICATE_CHAIN_LENGTH to 4 by default.
  • Fixed scripting engine bug to ensure quit() is called for IOExceptions..

New in edtFTPj/PRO 4.6.2 (Nov 3, 2014)

  • SSL 3.0 is now disabled by default for FTPS. This was motivated by the POODLE vulnerability in SSL 3.0.
  • Added setParallelWriteMode() to AdvancedSSHProperties (so it can be disabled).

New in edtFTPj/PRO 4.6.1 (Nov 3, 2014)

  • Fixed bug with ProFTPClient and recursive transfers ("hostname can't be null" error).
  • Documentation fixes.

New in edtFTPj/PRO 4.6.0 (Nov 3, 2014)

  • Set the server supplied long name in SFTP as the raw string in FTPFile rather than constructing it.
  • Changed transfers so that connection and handshake in passive mode is done after sending the command and prior to reading the reply. We found a server that requires this.
  • Added support for SHA-256/RSA/PKCS#1 certificates.
  • Added SSHClient ConfigFlags to AdvancedSSHSettings so they are available in SecureFileTransferClient.
  • Renew JCE certificate for another 5 years.
  • DeleteOnFailure now set to false by default.
  • Fixed bug in FTPInputStream/SSHFTPInputStream (which was causing the connection in SecureFileTransferClient to not be freed after closing stream).
  • Make reading of FTP replies more robust (copes better with nonsense).
  • Fix rekey failure with Globalscape.

New in edtFTPj/PRO 4.5.0 (Jul 1, 2013)

  • Improve performance of SecureFileTransferClient in retrieving connections from pool.
  • SSLFTPClient.setClientCertificate now allows a certificate chain to be supplied.
  • Add SSHFTPKeyException.
  • Don't load certificates with SHA384withECDSA public keys in SSLFTPCertificateStore (instead of failing).
  • Fix bug in reconnect() method for implicit mode (was calling auth()).
  • Fix SSLCertificateVerify from throwing a ClassCastException.

New in edtFTPj/PRO 4.4.0 (Dec 19, 2012)

  • Added setNetworkBufferSize() to SecureFileTransfer client and SSHFTPClient .
  • Allow SOCKS5 authentication without username and password.
  • Improved performance of binary input streams. Implement skip(), mark() and reset() for FTPInputStream and SSHFTPInputStream.
  • Catch tryLock() exceptions and ignore them. Add flag to avoid using tryLock().
  • Fixed setRemotePort order bug for SFTP. If setRemotePort was called before setProtocol(Protocol.SFTP) then the port was reset to 22.
  • Increased SSH minimum window size to 32K, up from 1K as this occasionally caused problems.

New in edtFTPj/PRO 4.3.0 (Oct 8, 2012)

  • Fixed hostname checking with FTPS when presented with a wildcard certificate.
  • Added diffie-hellman-group14-sha1 to SSH key exchange algorithms.
  • Fixed invalid host signature which can occur when rekeying in SSH if a non-standard port is used.
  • Fix to cope with bug in Maverick server library when listing directories - Maverick returns empty SSH_FXP_NAME messages which are now treated as if they were SSH_FXP_STATUS messages.
  • Add existsDirectory method to SecureFileTransferClient.

New in edtFTPj/PRO 4.2.0 (Sep 3, 2012)

  • Added support for aes128-ctr, aes192-ctr and aes256-ctr ciphers to SFTP.
  • Fixed bug in multiple put & get methods where if the full remote path was supplied, it ended up in the parent.

New in edtFTPj/PRO 4.1.0 (Feb 14, 2012)

  • Added resumeNextDownload(long) to SSHFTPClient, SSLFTPClient and FTPClient so that partial downloads can be done.
  • Added isControlSecure() method to SSLFTPClient to determine if the control connection is secure.
  • Oops. Put hmac-sha1 back as the first HMAC chosen.
  • Apply timeout to message store retrieval on connect().

New in edtFTPj/PRO 4.0.0 (Nov 30, 2011)

  • Added support for [email protected] compression (delayed compression).
  • Algorithm settings for SSH now apply only for the particular SSHFTPClient or SecureFileTransferClient instance that they are set on (previously were static properties). WARNING: if you are using the enable/disable methods on SSHFTPAlgorithm explicitly, this is a breaking change!
  • Added support for FTPS servers that require logging in prior to PBSZ/PROT.
  • Added 'type' command to the script engine.
  • Apply timeout to getting a connection from the connection pool.
  • Deprecated SSLFTPClient constructors now use a non-zero default timeout (which is the same as the default constructor timeout).
  • Add setCheckDirReadableForChDir() to SSHFTPClient.
  • Fix so that IBM JVMs support AES encrypted private keys.

New in edtFTPj/PRO 3.9.1 (Aug 23, 2011)

  • Fix so FTP shell supports filenames with spaces (in double quotes).
  • Fixed problem where bytesTransferred isn't called at completion of transfer in SecureFileTransferClient for small files.
  • Minimize logging when waiting in loop for window adjust from server, and throw exception if window stopped.

New in edtFTPj/PRO 3.9.0 (Aug 23, 2011)

  • Added SSHFTPClient.fileDetails().
  • Added lcd (local directory change) to FTP scripting.
  • Added support for GeneralizedTime in ASN.1 certificate parsing (fixes "Not a UTC_TIME" exception).
  • Fixed integer overflow problem in file upload when the SSH remote window size is greater than MAX_INT.
  • Made local channel counter static so channel number doesn't restart at 0.
  • Change obfuscator (now Proguard), and changed obfuscation so that obfuscated class names are different independent of case (as having two names that are the same other than case doesn't work in JBoss, which is buggy)

New in edtFTPj/PRO 3.8.1 (May 24, 2011)

  • Added support for using ACCT in SecureFileTransferClient and FileTransferClient.
  • SSHFTPClient.delete() now throws an exception if a directory is supplied.
  • Fixed SSHFTPClient.keepAlive() so it gets a response from the server.
  • Removed 2GB resume limit from SFTP.

New in edtFTPj/PRO 3.8.0 (Apr 7, 2011)

  • Added support for AES encrypted private keys (would receive an error message like 'Algorithm AES-128-CBC not recognized' previously).
  • Added support for multiple AVAs of each type in SSL/TLS certificates. Resolves exception thrown parsing certificates "Multiple AVAs found in an RDN".
  • SFTP parallel mode fix to eliminate locking.
  • importDefaultKeyStore() now uses "javax.net.ssl.trustStore" property to locate the key store, and if not found tries lib/security/jssecerts and then lib/security/cacerts.
  • FTPFile.getPath() should not include the filename, only the directory, for all protocols. This includes FTPFile objects returned from dirDetails() and fileDetails().
  • Fixed bug in MLST parser. FTPFile path no longer includes the filename to make consistent with dirDetails().
  • If MLST not supported fileDetails() now falls back to SIZE and MDTM.
  • Return an empty array of features if FEAT returns no features (but is implemented by the server). Tweak array so only actual features are returned.

New in edtFTPj/PRO 3.7.0 (Feb 7, 2011)

  • Added support for diffie-hellman-group-exchange-sha1 for SSH/SFTP.
  • Added SSHFTPAlgorithm.CIPHER_ARCFOUR.
  • Fixed bug re reading multi-line replies.
  • Connection pool mods to check a connection is valid once removed from pool.
  • Fix keepAlive() in SSHFTPClient so that it throws an exception when called if disconnected.

New in edtFTPj/PRO 3.6.1 (Jan 19, 2011)

  • Fixed resume bug (introduced in 3.6.0).
  • Trim spaces in front of FTP reply codes.
  • Added OS/400 directory listing parser.
  • Added setRemoteEOL() to AdvancedSSHSettings.
  • Added changeIntoPathDirectory(boolean) to prevent the default behaviour of changing into the directory if a remote path is supplied instead of a filename.

New in edtFTPj/PRO 3.6.0 (Dec 21, 2010)

  • Add arcfour to list of supported ciphers for SSH/SFTP.
  • Make Blowfish the default cipher for SSH/SFTP.
  • Ensure that "." and ".." don't appear in listings that use wildcards.
  • Added RollingFileAppender.
  • Added a system property to add a prefix to all edtFTPj/PRO loggers (for use with log4j).
  • Tweaks to UnixFileParser for some unusual formats.
  • Don't throw an exception if SSH_MSG_IGNORE message body has an invalid length.

New in edtFTPj/PRO 3.5.0 (Sep 16, 2010)

  • Fix bug where the attributes sent with FXP_OPEN were being corrupted, potentially resulting in bizarre timestamps on remote files.
  • In SSHFTPValidator, include hashed host names in getKnownHostKeys() and getKnownHosts().
  • Improve IPv6 support.
  • Fix problem with directory listings when there is permission problems.
  • Fix bug with wildcard directory names and symlink names.

New in edtFTPj/PRO 3.4.1 (Jul 1, 2010)

  • If FXP_OPEN fails don't send attributes (fixes potential permissions problem when uploading a new file introduced in 3.4.0).
  • Permit 232 code to be returned from USER command.

New in edtFTPj/PRO 3.4.0 (Jun 16, 2010)

  • Add ability to abort listings when using a callback.
  • Fixed bug in reading extended file attributes (see 3.2.0 - it wasn't fixed there).
  • Fixed potential SFTP hang in State.waitForState().
  • Fixed Android "HeapWorker is wedged" problem in SftpFileInputStream.finalize().
  • Fix "Unsupported operation" error when sending FXP_OPEN (don't send attributes).

New in edtFTPj/PRO 3.3.0 (Apr 30, 2010)

  • Add callback allowing each entry returned from dirDetails and listDirectory to be processed one by one, without creating a list of all entries. Useful for very large listings where memory could be a problem.
  • Fixed bug where when autoPassiveIPSubstitution is used with proxies, it can result in the incorrect IP address being used.
  • Fix CRC mismatch bug because of leading zeros in CRC.
  • Add 'set acct' to ScriptEngine so that the ACCT command can be used.
  • Mask argument to ACCT in logging.
  • Fix progress monitor bug in SecureFileTransferClient.

New in edtFTPj/PRO 3.2.0 (Apr 30, 2010)

  • New JCE code signing certificate from Sun valid for 5 years.
  • Fixed resume download bug where if resume() is called twice, firstly on an existing file, and then when there is no local file, the second download also resumes.
  • Fixed SFTP problem with hang in ChannelDataWindow.waitForWindowSpace() when an exception had been thrown in the message transport.
  • Extra SSHFTPClient authentication method permitting order of publickey then password auth to be swapped.
  • Added SSHFTPClient.setAuthenticationChangePassword, allowing the password to be changed while authenticating - easier to user than using PasswordChanger.
  • Added proxy package Javadoc to distribution.
  • Fixed SFTP bug where extended attributes weren't read for SSH_FXP_NAME.
  • Add Information Exchange listing parser.
  • Add Netware listing parser.
  • Scripting language now allows the parser to be explicitly set.

New in edtFTPj/PRO 2.1.3 (Feb 26, 2009)

  • Ignore errors from FX_STAT while listing directories. Some directories on some servers (such as '/') seem to permit listing but return "File does not exist" when FX_STAT-ed.
  • Restrict size of FXP_WRITE data block to max packet size.
  • Fix SecureFileTransferClient hang when connect() fails in some situations.
  • Fix SecureFileTransferClient hang when uploadByteArray() fails.
  • Make directory listing in SFTP smarter (if a composite path is supplied).
  • Fix for Korean months in UnixFileParser.
  • Tweaks to retry functionality.

New in edtFTPj/PRO 2.1.0 (Oct 27, 2008)

  • Fix OpenSSH public key parsing so that comments are optional, not required.
  • Now supports OpenSSH private key files encrypted using DES-EDE3-CFB.
  • Added ability to disable rekeying after 1 GB for SFTP.
  • Fixed bug in SSHFTPClient.dirDetails() where the permissions string was not being returned.
  • Added setPermissions() to SecureFileTransferClient and AsyncFileTransferClient.
  • Added 'quote' and 'site' commands to scripting language.
  • Fixed bug where control socket isn't closed if connect succeeds but initial commands fail, or handshake fails.
  • Refactored directory listing parsing.
  • Add FTPFile.isFile().
  • Fixed bug in FTPInputStream.read() and SSHFTPInputStream.read().
  • Fix bug in Logger where edtftp.log.level property is not set correctly.
  • Print out CodeSource in logging.
  • Fix bug applying umask to permissions in SFTP.
  • Use FXF_TRUNC when creating a new file (some servers insist on it).
  • Add DISABLE_CHMOD_AFTER_CREATE_DIR config flag for SSHFTPClient, for disabling setting permissions on a directory that has just been created (on rare occasions problematic).
  • For resuming uploads, now send SIZE prior to establishing data socket.
  • Implement automatic retry for FTP/S transfers.

New in edtFTPj/PRO 1.5.4 (Aug 16, 2007)

  • ScriptEngine.executeScript() now returns ScriptResult.
  • Fix dirDetails() bug whereby an incorrect separator was used when setting FTPFile.setPath()
  • Fix bug which could cause an exception in SSLFTPCertificateStore.exportKeyStore().
  • Fix bug arising when certificate common name checking is disabled (FTPS).
  • Fix SFTP bug with RSA private keys - authentication would fail randomly.
  • Add ScriptResult class, which is returned from ScriptEngine.executeScript().
  • Add client and server validation to the ScriptEngine for FTPS.

New in edtFTPj/PRO 1.5.3 (Jul 19, 2007)

  • Ignore FTPException from size() if resume is being tried for an upload (which occurs if the file does not exist).
  • Added SSHFTPInputStream and SSHFTPOutputStream.
  • Added setForceUniqueNames() so that STOU always gets used.
  • Fix in parsing code for Connect:Enterprise UNIX.
  • Added accessors for message fragment collections used in parsing server messages for FTP/S.

New in edtFTPj/PRO 1.5.2 (May 31, 2007)

  • Added flag to Logger permitting thread names to be prepended to Logger name.
  • Fixed "The host signature is invalid" error that can occur for some SFTP servers.
  • Improved connected() method for JRE 1.4 .
  • Change dirDetails() to cope with SYST unsupported.
  • Added ability to provide multiple alternative host-names to check a server certificate's Common Name (CN) field against.