VShell(R) Server 2.5 Official -- March 2, 2006 Copyright (C) 1995-2006 VanDyke Software, Inc. All rights reserved. This file contains a VShell product history. It includes lists of new features, changes, and bug fixes sorted by release. For a product description, installation notes, registration, and contact information, please refer to readme.txt (downloaded with this package). Changes in VShell 2.5.1 Official -- March 2, 2006 ------------------------------------------------- Changes: - VShell now returns a failure when SFTP write or create operations fail. - Command-Line Clients: Updated the Help File and man pages for the command-line clients to indicate that PKCS#12 keys can be used with the "-i" flag for X.509 authentication. Bug fixes: - VShell could incorrectly fail to convert a username to a SID when setting access permissions over SFTP. In rare circumstances, it could cause a crash. - Windows: Public-key authentication would periodically fail when trying to login to a machine account with the following LSA log error: "Unable to locate a domain controller for domain DOMAIN (DsGetDcName() failed): 1355". VShell now handles that error message properly and checks the local machine accounts. - Windows: VShell could crash when multiple connections occurred at approximately the same time. - Windows: VShell periodically crashed when a client connected to the server and connection filters were enabled. - Windows: Upgrading from previous versions of VShell failed because the currently running VShell service was not stopping before installing files. - Windows: VShell Control Panel crashes after trying to test an unresolvable hostname in either Port Forward or Connection filter entries. - Windows: SFTP connections were unable to find a valid home directory and would be disconnected, even when given access to the unrestricted root and having the appropriate rights. Now all fixed drives are properly checked for rights and used when appropriate. Each failed attempt is logged and the user will be disconnected if they don't have the rights to connect. - Windows: Even if the "Load the user's environment" option was off, SFTP connections would still load the environment and place the user in their "My Documents" folder if they had access to the unrestricted root.. "Load the user's environment" is now honored correctly. - Windows: Users could not have a root with a UNC path as their home directory for SFTP connections. This would cause them to be disconnected if only UNC paths were available as roots. - UNIX: SFTP connections would fail to connect from SFTP v5 clients. VShell no longer requires support for access masks if not appropriate for the negotiated SFTP version. Changes in VShell 2.5.0 Official -- November 17, 2005 ----------------------------------------------------- No changes Changes in VShell 2.5.0 Beta 3 -- November 8, 2005 -------------------------------------------------- Changes: - UNIX: Documented validation checks performed on X.509 UNIX configuration. Bug fixes: - Windows: Under 64-bit windows, any access by VShell to some directories (e.g., %windir%\System32) was automatically redirected by Windows to a new directory (e.g., %windir%\SysWOW64) because VShell is only a 32-bit application and Windows redirects these applications under 64-bit windows. This fix disables the automatic file system redirection. - Windows: The host key fingerprint text area in the VShell Control Panel was bigger than the group box that enclosed it. - UNIX: When user tried to access a virtual directory that was linked to AFS or NFS, the contents of those directories would not display within SFTP clients. Changes in VShell 2.5.0 Beta 2 -- October 27, 2005 -------------------------------------------------- New features: - UNIX: Client authentication using X.509 PKCS#12 certificates is now supported on VShell for HP-UX 11. - UNIX: AIX 5.2/5.3 now supports X.509 client authentication. Changes: - Merged the Windows and UNIX readme.txt and history.txt files. - vsftp now uses "/" to list the roots when connecting to a VShell server that has multiple roots defined. - Command-Line Clients: When installed with VShell, the command- line tools (vsh, vcp, and vsftp) read and store configuration information and host keys in the registry location HKEY_CURRENT_USER\Software\VanDyke\Client Pack\SSH2. Where necessary, data is migrated from HKEY_LOCAL_MACHINE\Software\VanDyke\VShell\Utils for administrators that may have modified any of the command-line client default config settings in the registry. - Windows: When upgrading VShell on an installation that previously installed the LSA Module for public-key-only authentication, the new LSA Module is automatically installed and a warning is given at the beginning of the installation if a reboot is necessary. Previous installers gave the choice to install the LSA Module, which could cause new installs to be unstable because they were using an old LSA Module. - Windows: When doing a silent upgrade of VShell on an installation that previously installed the LSA Module for public-key only authentication, the new LSA Module is automatically installed and the machine will be rebooted unless the user uses the /NOREBOOT option. - Windows: The VShell server registry hive is now created so that only system and administrator accounts have access. This ensures that all potentially confidential information, such as the Domain Controller and Default User's username and password, cannot be seen even in an encrypted form by users. - UNIX: Added vshelld to the Red Hat and Fedora serviceconf utility. - UNIX: When login access has been denied, client connections will get an authentication failure instead of a login denied failure. This makes it more difficult for hackers to mine the server for information since they cannot tell if an account doesn't exist or has been denied. A login access denied message is logged to the server, but not sent to the client. - UNIX: On startup and restarts (HUP), vshelld checks the CertificateTrustedRootsDirectory, CertificateIntermediatesDirectory, and CertificateUsernameMapFilename to make sure they are valid and reports errors or warnings as appropriate. - UNIX: VShell checks to see if CertificateUsernameMapFilename is a file or directory and logs an error if it is a directory. X.509 certificate authentication will be disabled when this error occurs. Bug fixes: - Upgraded to zlib 1.2.3 (http://www.zlib.net/), which contains a fix for an overflow security problem in that library. - Migrated the ConnectionFilterTable and PortForwardFilterTable configuration items to ConnectionFilterTableV2 and PortForwardFilterTableV2. This was done to allow users to move back and forth between 2.3 and 2.5 easily. Changes in these configuration items to accommodate IPv6 would cause trouble if used in 2.3 or earlier versions of VShell. - Command-Line Clients: Specifying an OpenSSH .pub key as the public key on the command line would hang or incorrectly report success and fail to authenticate. Now, an "incorrect format" error is displayed because the private key should be specified on the command line. - vsftp: Crashed when using an OpenSSH generated RSA public/private key pair with a passphrase and then entering an invalid passphrase at the prompt during client authentication. - Windows: Sent Windows security attributes over SFTP when clients connected to VShell for Windows. - Windows: vcp crashed when CTRL+C was pressed during long transfers, and gave the following error "This application has requested the Runtime to terminate it in an unusual way.": - UNIX: X.509 user certificates with any of the Key Usage, Netscape Cert Type, and Extended Key Usage as required X.509 extensions could not be used for authentication. The following error would be reported: Unexpected BSAFE error in file bsafe/BSafePkcs12Store.cpp on line 197: 1852, possibly caused by corrupt data. Any open connection will be closed. Disconnecting from server: Unable to authenticate using any of the configured authentication methods. The clients and VShell now register these extensions but do not currently check to prove that the certificate is usable for client authentication. - UNIX: The SFTPVirtualDirectories configuration items can now contain directories with a trailing "/". Previously, trailing "/" would cause the following error in the VShell log: "Could not map filename /path/ to a valid filename using the defined virtual roots". Changes in VShell 2.5.0 Beta 1 -- October 6, 2005 ------------------------------------------------- New features: - VShell and the clients forward X.509 certificates over the public-key agent. This allows clients to use the forwarded agent when connecting to another machine after their first connection. - VShell configuration option "Idle NO-OP Timeout". When this option is greater than 0, a NO-OP will be sent to all connected clients on a interval equal to the number of seconds configured. By setting this option to a number greater than 0, VShell can now detect when a client dies due to a network error and close down the connection properly. - Support for IPv6 addresses in VShell and the command-line tools (vsh, vcp, vsftp, and vpka). VShell does not support IPv6 on AIX 4.3 or HP-UX 11. If this is an ongoing concern for you, please contact the VanDyke Customer Support Group at the following address: http://www.vandyke.com/support/ - Logging for the trigger command line being executed. - New file trigger parameters report error codes (%C), bytes read/written (%B), and if the end of file was reached on downloads (%E). - New configuration only option "FireFileTriggersOnError" controls whether file triggers are fired on error conditions. To preserve previous behavior, the default is to fire triggers on error conditions. - If file logging fails, VShell now logs the failure to the "Application" event log (under Windows) or syslog (under UNIX). - Windows: Command-line clients can authenticate using X.509 certificates in PKCS#12 format. - Windows: New registry only option "TriggerWaitSeconds". If this parameter is set to a non-zero value, VShell will wait that number of seconds for a trigger to complete and then log the trigger's success or failure. - Windows: Logging to the LSA Authentication Module when user impersonation succeeds or fails. - Windows: Added a -h parameter to Who.exe that will display hostname instead of IP address. - UNIX: Client authentication using X.509 certificates. This feature is currently not supported on VShell for FreeBSD, Mac OS X, or AIX 5.2/5.3. If this is an ongoing concern for you, please contact the VanDyke Customer Support Group at the following address: http://www.vandyke.com/support/ - UNIX: Support for X.509 intermediate certificates and CRLs. - UNIX: File-based X.509 CRL checking of certificate validity and revocation. - UNIX: The command-line clients can now authenticate using X.509 certificates in OpenSSH format. - UNIX: Authenticate using X.509 certificates in PKCS#12 format. Client authentication using X.509 PKCS12 certificates is not supported on VShell for HP-UX 11. However, OpenSSH style X.509 certificates will work. If this is an ongoing concern for you, please contact the VanDyke Customer Support Group at the following address: http://www.vandyke.com/support/ - UNIX: Man page documentation for the new X.509 related configuration parameters in vshelld_config. Changes: - Changed the configuration option "Listen V4 Addresses" to "Listen Addresses" because VShell now supports listening on IPv6 addresses. Values stored in "Listen V4 Addresses" will be migrated at run time to "Listen Addresses" if the new configuration parameter is not set. - Changed the -preserve flag to only preserve the file mode and not user and group. - VShell now creates a debug log entry when the maximum SSH2 packet size is exceeded. - Users could see virtual root directories they didn't have access rights to view if their initial directory was blank. The virtual root was displayed but the user didn't see the contents or have rights to access it. Now VShell will check to see if a user has rights to a directory before displaying the directory. VShell will now skip invalid directories in a quest for the SFTP root directory. - Changed the Initializing Firewall message to display IPv6 addresses properly. - vsftp: Display error message if connection closed unexpectedly. - Windows: Changed the Connection and Port Forward Filters categories in the VShell Control panel to allow IPv4 and IPv6 addresses to be entered for IP and Netmask filters. - Windows: Changed the VShell installer to wait for the VShell service to stop. Previously, VShell installations could fail because the service or clients were still running. - Windows: The VShell Domain Controller User can now use NETBIOS domain\user or user@domain style. Previously these user styles would not work as the domain controller user, so you couldn't distinguish between local and domain users with the same name. The user@domain style is not supported in a Windows NT 4.0 domain. - Windows: When parsing the X.509 user map file specified by the "CertificateUsernameMapFilename" configuration option, invalid lines are logged and the file will continue being parsed. Previously the whole file was considered invalid on any error. - Windows: Improved support for IPv6 addresses in the default bind address for VShell, X11 forwarding, and port-forwarding. - Windows: VShell now logs invalid connection and port-forward filters when reading the configuration and the VShell Control Panel will no longer display or allow the entry of invalid connection or port-forward filters. Previously invalid filters would be displayed in the VShell Control Panel, but would cause an incorrect filter to be selected in the filter list. - UNIX: The VShell and ClientPack installers for HP-UX 11 now install the gcc libraries needed to run VShell into /usr/local/vshell/bin. It is no longer necessary to install a specific version of gcc to use VShell. Bug fixes: - SSH Communications servers changed from using MD5 to SHA1 for X.509 certificates. VShell now detects this and also uses SHA1. - VShell can now set owner and group over SFTP for group and user names containing hostnames or IP addresses containing dots. - VShell now processes all data after a channel EOF is received. Previously VShell might have ignored some data when the channel closed. This bug could have appeared during the following operation if file1.txt was greater than 100K: vsh localhost "cat - > newfile.txt" < file1.txt - When nonexistent users attempted to login, VShell would check for their public key in the root directory. Now public-key authentication checks to see if the user exists before attempting to get their key. Clients will not see any change in behavior to indicated the user does not exist. - Windows: Fixed a potential crash when setting an ACL with an invalid user or group name. - Windows: Fixed potential crash during installation caused by calling VShell with -install, -remove, or -version and not properly initializing a critical section lock. - Windows: If "Load the user's environment" is not checked and the user has no My Documents folder, fall back to using the C:\ drive as the root if possible. - Windows: Previously, CTRL+C would not work when connecting to VShell for Windows for programs like Edit, Emacs, and Ping. VShell for Windows now will pass CTRL+C on to these programs. - Windows: When the user's public key folder does not exist, VShell logs that the folder doesn't exist instead of logging the file is writable to group or other. - Windows: vsh sometimes crashed when remotely executing a command from the Windows Services for UNIX shell. - UNIX: Credentials acquired by PAM modules on behalf of the user where not available to the user. - UNIX: Fixed the error reported when connecting to an invalid port from Mac OS X. Previously, the clients would report "broken pipe" and they now correctly report "connection refused". - UNIX: Fixed the UNIX command-line clients (vsh, vcp, vsftp, and vpka) to authenticate against VShell for Windows using password authentication with a password containing 8-bit characters like "ü". This does not currently work on FreeBSD 4.8, AIX 4.3, and HP-UX 11. If this is an ongoing concern for you, please contact the VanDyke Customer Support Group at the following address: http://www.vandyke.com/support/ - UNIX: SIGTERM and SIGHUP signals were not received on HP-UX 11. - UNIX: Fixed error under HP-UX 11 during automatic shutdown of the server (when shutting down the machine). The shutdown messages will no longer display an error caused by calling "stop()" instead of "do_stop()" when shutting down vshelld. - UNIX: VShell now logs the correct error when the user's public- key folder does not exist. - UNIX: The users .vshell directory could have been created with incorrect permissions. Now, the .vshell directory only has read, write, and execute permissions for the directory's owner.