VShell(TM) 2.1.6 Official -- August 19, 2003 Copyright © 1995-2003 VanDyke Software, Inc. All rights reserved. This file contains a VShell product history. It includes lists of new features, changes, and bug fixes sorted by release. For a product description, installation notes, registration, and contact information, please refer to Readme.txt (downloaded with this installation). Changes in VShell 2.1.6 Official -- August 19, 2003 --------------------------------------------------- Changes: - Changed "MOTD File" in the VShell Control Panel to "Message of the Day File". Bug fixes: - User groups were being repeated when logging in using Public key-only as the authentication method. Changes in VShell 2.1.5 Official -- June 10, 2003 ------------------------------------------------- Bug fixes: - SecureFX could fail to connect to VShell 2.1 with SFTP roots on if no environment was loaded. - Triggers leaked two handles each time they were fired. - When VShell normalized paths, it would handle double slashes incorrectly. - VShell ignored SSH_IGNORE packets sent by SSH Communications clients, which could result in an unexpected protocol error, disconnection, or a hang. Vulnerabilities: - Sending an invalid packet containing an invalid format string could have caused the packet contents to be traced to the client if trace options or debug logging was on. - Removed various places where VShell did not use a format string. - Improved the execution mechanism and variable expansion, field splitting, and quoting for triggers. Changes in VShell 2.1.4 Official -- March 13, 2003 -------------------------------------------------- Bug fixes: - If VShell could not determine a home folder for a user, and single virtual root was on, VShell assigned "/" as the home folder. If a client like SecureFX later turned off single virtual roots, VShell would not have fully qualified paths after doing path resolution, and the mapping would fail. - The first time VShell is installed, it would crash when attempting to save an automatically generated host key (or when saving a new host key without a passphrase). Changes in VShell 2.1.3 Official -- March 5, 2003 ------------------------------------------------- Changes: - Added additional debug logging for public key-only authentication when using the LSA Authentication module. Bug fixes: - VShell would not allow a client to get an initial directory of "/" when in "SFTP Use Single Virtual Root" mode. - Name lookups could fail if the user specified a DNS-style domain name on authentication. - VShell could crash using GSSAPI and Kerberos after a successful authentication. - Poor port forwarding performance was caused by zero length packets when there was no available packet window. Changes in VShell 2.1.2 Official -- Jan. 2, 2003 ------------------------------------------------ Changes: - VShell now gives precedence to stdout data over stderr data. Bug fixes: - VShell would send a KEXINIT packet before checking whether the ident string was valid or not. This resulted in Nessus thinking that VShell supported SSH1. Changes in VShell 2.1.1 Official -- Oct. 15, 2002 ------------------------------------------------- New features: - Improved the representation of multiple roots for non-VanDyke Software SFTP clients. For such clients, VShell now represents multiple roots as a folder under a single, virtual root. Listing "/" displays all the roots. Changes: - Improved the usage text for the Vkeygen.exe utility. - Added registry only configuration option "Log Topic Debug Level". The option defaults to one. Bug fixes: - Port scanning VShell caused the service to stop responding. - VShell would close the SFTP channel if the SFTP client advertised a newer version than VShell supported. Now the channel is not closed. The client should continue to function, though it may have to disable some functionality. - The VShell service "failed" and needed a restart when there was a semaphore timeout. - The VShell process exited if more than 64 TCP/IP (port forwarded) connections were in progress at once. - Public-key subsystem did not handle garbage in the output stream (which usually happened when the user had output from their dot files when connecting). Changes in VShell 2.1 Official -- July 25, 2002 ----------------------------------------------- Changes: - Nokia OS SSH clients failed to connect to VShell because Nokia didn't support the Authentication Banner being sent. VShell now has a registry option "Disable Authentication Banner" to prevent this failure. Changes in VShell 2.1 Beta 4 -- July 16, 2002 --------------------------------------------- Bug fixes: - SFTP Root folders defined using %PROGRAMFILES% were not expanded correctly on NT 4 machines. Changes in VShell 2.1 Beta 3 -- June 25, 2002 --------------------------------------------- New features: - SFTP Root folder will now expand Windows' special variables for MyDocuments, MyMusic, MyDesktop, MyPictures, and ProgramFiles folders so that users see their unique special folders when they logon. (Note: Windows 2000 is required). - Added a user interface to configure Message of the Day (MOTD) from the VShell Control Panel configuration. - Added IP address (%I) and time (%T) variables to the SFTP trigger option. - Added three new configuration fields to modify the identification string given to clients as they authenticate to VShell ("Ident Version", "Ident Product", and "Ident Comment"). Changes: - Improved error handling in the new public-key assistant. - Added version information to Vkeygen.exe. - Changed the message displayed when VShell failed to load the profile and the error from the system was "An attempt was made to reference a token that does not exist." When you get this error, VShell now suggests that the registry may be too big. Bug fixes: - VShell could crash if it was being stopped while a connection attempt was made at the same time VShell stopped listening for new connections. - VShell could crash if the configuration was changed while VShell was accessing the host key. - Password authentication was denied if VShell was not able to list the public key directory. Changes in VShell 2.1 Beta 2 -- June 11, 2002 --------------------------------------------- Changes: - Improved public-key assistant logging when additional error information is available. Bug fixes: - VShell crashed when attempting to change an expired password during authentication. Changes in VShell 2.1 Beta 1 -- May 28, 2002 -------------------------------------------- New features: - Triggers: After files are uploaded to the VShell server, a trigger can invoke a program (for example, a virus scanner to ensure newly uploaded files are clear of damaging viruses) or move files from an upload folder to a destination folder elsewhere on the server or network. - Triggers: When users have exceeded the limit of failed authentication attempts, a VShell trigger can execute actions like e-mail notifications or pager alerts. - Public-key assistant makes it easier for users to upload their own public keys with a click of a button from supported clients. - Public-key assistant allows users to list and delete existing public keys on the server when using supported clients. - Require public-key authentication, but allow users to authenticate with just a password for a configurable number of times to initially upload public keys. - Force scrollback or "TTY mode" from the server so that users don't have to configure their clients to request TTY mode. - Allow or deny remote executions on a user-by-user or group basis. - Message of the day allows communication of up-to-date and important new information at logon. Changes: - When logging on using both public key and password, VShell now picks the better of the two NT user tokens so that network resources (e.g., mapped drives) are available to the user. Bug fixes: - SFTP for OpenSSH and some other clients didn't work because a backward slash (\) was being given at the root instead of a forward slash (/). VShell now presents a forward slash. - VShell would leak memory and possibly crash if a client issued multiple exec, shell, or subsystem requests.