VShell(R) Server 4.7 (Beta) -- January 4, 2022 Copyright (C) 1995-2022 VanDyke Software, Inc. All rights reserved. This file contains a VShell product history. It includes lists of new features, changes, and bug fixes sorted by release. For a product description, installation notes, registration, and contact information, please refer to readme.txt (downloaded with this package). Changes in VShell 4.7 (Beta 1) -- January 4, 2022 ------------------------------------------------- New features: - New options allow restriction of uploads according to file extension. - Idle timeout values for SSH2, FTPS, and HTTPS can now be subconfigured by location, user, or group. - The "Enable Sharing for SFTP Open" option can now be subconfigured for specific users, groups, or locations. - Windows, SFTP, FTPS, HTTPS: Added an option to not list system files. - Windows, SFTP, FTPS, HTTPS: Added an option to not list hidden files. - Windows: Added the ability to copy a trigger. - Windows: Added support for Windows 11. - Windows, SSH2/SFTP: For RADIUS authentication, added an option to strip the domain from the username. Changes: - In FIPS mode, digital signatures that use SHA-1 as the hashing algorithm can no longer be used because they are not allowed by the upgraded version of the FIPS library module. - For newly-generated RSA host keys, the minimum size is now 1024 bits. - When permissions of the internal database system user prevent a user's home directory from being automatically created, a message is logged. - Added an option to prevent clients from using ssh-rsa (SHA-1) as the algorithm for host key or publickey authentication. - HTTPS: Cookies now have the HttpOnly flag enabled. - HTTPS: Updated several of the jQuery libraries used, including update of jQuery UI to version 1.13.0. - HTTPS: Folder upload now works with mobile browsers. - HTTPS: The Login page no longer automatically capitalizes the username when a mobile browser is used. - HTTPS: When connected with Safari on an iOS device, a long click on a file or folder now displays the context menu. - HTTPS: When connected with Chrome on an Android device, double tapping (clicking) on a folder now opens the folder. - Windows: Added an option (registry-only) to check, after authentication, whether each and every virtual root is available. This option is on by default. - Windows: The VShell Control Panel now displays an error for an invalid SSH2 configuration with no key exchange algorithms. - Windows: In the VShell Control Panel, the Certificate Options page now appears under the Common Category. Bug fixes: - HTTPS: If the permissions for a virtual root were changed while there were active connections to the server, file access results for those connections could be inconsistent. - HTTPS: When the DELETE, PUT, or HEAD methods were disabled, VShell's response to the OPTIONS command would incorrectly indicate that they were all enabled. - HTTPS: Specifying an alternate log file folder using a subconfiguration did not change the destination to which HTTPS messages were written. - Windows: In the unusual case where a system issue prevents the server from impersonating the user while establishing the virtual file system, the server could crash. - Windows: When an LDAP server was used for authentication, connections could be counted incorrectly for the per-user connection limit. - Windows: When connected to an LDAP server with over 1000 users or groups, all the users or groups may not have been displayed. - Windows: The VShellConfig "sftp add" command could be used to unexpectedly create a virtual root with an empty path. - Windows: In the unusual case that a virtual root was created with an empty path, it was treated as an "
" virtual root. - Windows: In some cases, the VShell Control Panel could crash if a user was added to the Access Control or SFTP Commands pages but no permissions were selected before switching to a different page. - Windows: When configuring a remote SFTP virtual root to a remote server that only supported the Diffie-Hellman Group Exchange key exchange algorithm, the connection would fail. - Windows: If the configured RADIUS server was inaccessible during a RADIUS authentication attempt, a VShell service restart was required after the RADIUS server was reachable again. - Linux/Mac: If configured to log to a remote Syslog server, when a client disconnected some messages would not sent to the Syslog server and an error about "The specified network name is no longer available" would be written to the VShell log. - Linux/Mac: When using a vshell.lic file that included the demarcation lines for the start or end of a license block, VShell would fail to parse the actual license data.