Pure FTP server
Include
directive.pure-authd
and pure-extauth
are now always owned by root
in order to cope with the absence of CAP_DAC_OVERRIDE
on Linux. Suggested by Arkadiusz Miśkiewicz, thanks!pure-certd
, can run
external code written in any language in order to map SNI names to TLS certificates.AUTHD_CLIENT_SNI_NAME
environment variable set when the client uses SNI.make install
does not overwrite existing configuration files any
more. The example files layout has changed._ftp
can be used as an alternative to ftp
everywhere.pure-pw
command gets to new switches: -C
(as
a hint regarding the number of simultaneous login attempts) and -M
(total memory, in MB, to reserve for password hashing).PRET
command has been added. It can avoid opening useless data
connections for nonexistent content.NLST
command doesn't perform globbing any more.MLSD
command now prepends the path to file names._ftp
can be used as an alternative to "ftp" for anonymous sessions.{argon2}
(from {argon2i}
). Ditto for MySQL and PostgreSQL: the authentication method is now called argon2
instead of argon2i
, and includes both Argon2i and Argon2id.GLOB_TIMEOUT
seconds (17 seconds by default) when matching some patterns, no matter what the configured recursion level was. This has been fixed, and upgrading is highly recommended. This was reported by Russ Cox, thanks!People with commercial support can immediately download updated binary packages for FreeBSD, NetBSD, OpenBSD, Dragonfly BSD, IllumOS, any Linux distribution, as well as the Windows port and the iOS library.
stdout
/stderr
.force_default_gid
and force_default_uid
now work as documented.ONLY_ACCEPT_REUSED_SSL_SESSIONS
switch (introduced in Pure-FTPd 1.0.22 circa 2009, but disabled by default back then due to client compatibility concerns) is now on by default, except in broken clients compatibility mode.-2
/--certfile=
to set the path to the certificate file when using TLS.