OLD | NEW |
(Empty) | |
| 1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.or
g/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| 2 <html xmlns="http://www.w3.org/1999/xhtml"> |
| 3 <head> |
| 4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
| 5 <title>pyftpdlib Release Notes</title> |
| 6 </head> |
| 7 |
| 8 <body> |
| 9 <div id="wikicontent"> |
| 10 <h1><a name="Version:_0.5.0_-_Date:_2008-09-20" id="Version:_0.5.0_-_Date:_200
8-09-20">Version: 0.5.0 - Date: 2008-09-20</a></h1> |
| 11 <h2><a name="Major_enhancements" id="Major_enhancements">Major enhancements</a
></h2> |
| 12 <ul> |
| 13 <li><a title="Implement idle-timeouts" href="http://code.google.com/p/pyftpd
lib/issues/detail?id=72">Issue #72</a>: pyftpdlib now provides configurable idle
timeouts to disconnect client after a long time of inactivity. </li> |
| 14 <li><a title="pyftpdlib should impose a delay before replying for invalid cr
edentials" href="http://code.google.com/p/pyftpdlib/issues/detail?id=73">Issue #
73</a>: impose a delay before replying for invalid credentials to minimize the r
isk of brute force password guessing. </li> |
| 15 <li><a title="Implement permissions overriding" href="http://code.google.com
/p/pyftpdlib/issues/detail?id=74">Issue #74</a>: it is now possible to define p
ermission exceptions for certain directories (e.g. creating a user which does n
ot have write permission except for one sub-directory in FTP root). </li> |
| 16 <li>Improved bandwidth throttling capabilities of <a href="http://code.googl
e.com/p/pyftpdlib/source/browse/tags/release-0.5.0/demo/throttled_ftpd.py" rel="
nofollow">demo/throttled_ftpd.py</a> script by having used the new CallLater cla
ss which drastically reduces the number of calls to time.time(). </li> |
| 17 </ul> |
| 18 <h2><a name="Bugfixes" id="Bugfixes">Bugfixes</a></h2> |
| 19 <ul> |
| 20 <li><a title="Some unit tests failing on dual core machines" href="http://co
de.google.com/p/pyftpdlib/issues/detail?id=62">Issue #62</a>: some unit tests we
re failing on dual core machines. </li> |
| 21 <li><a title="Socket handles are leaked when a data transfer is in progress
and user QUITs" href="http://code.google.com/p/pyftpdlib/issues/detail?id=71">Is
sue #71</a>: socket handles are leaked when a data transfer is in progress and u
ser QUITs. </li> |
| 22 <li><a title="Orphaned file is left behind in case STOU fails for insufficie
nt user permissions" href="http://code.google.com/p/pyftpdlib/issues/detail?id=7
5">Issue #75</a>: orphaned file was left behind in case STOU failed for insuffic
ient user permissions. </li> |
| 23 <li><a title="Incorrect OOB data management on FreeBSD" href="http://code.go
ogle.com/p/pyftpdlib/issues/detail?id=77">Issue #77</a>: incorrect OOB data mana
gement on FreeBSD. </li> |
| 24 </ul> |
| 25 <h2><a name="API_changes_since_0.4.0" id="API_changes_since_0.4.0">API changes
since 0.4.0</a></h2> |
| 26 <ul> |
| 27 <li><a name="API_changes_since_0.4.0" id="API_changes_since_0.4.0">FTPHandle
r, DTPHandler, PassiveDTP and ActiveDTP classes gained a new timeout class attri
bute. </a></li> |
| 28 <li><a name="API_changes_since_0.4.0" id="API_changes_since_0.4.0">DummyAuth
orizer class gained a new override_perm method. </a></li> |
| 29 <li><a name="API_changes_since_0.4.0" id="API_changes_since_0.4.0">A new cla
ss called CallLater has been added. </a></li> |
| 30 <li><a name="API_changes_since_0.4.0" id="API_changes_since_0.4.0">Abstracte
dFS.get_stat_dir method has been removed. </a></li> |
| 31 </ul> |
| 32 <h2><a name="Migration_notes" id="Migration_notes">Migration notes</a></h2> |
| 33 <p><a name="Migration_notes" id="Migration_notes">Changes applied to the 0.5.
0 trunk should be fully compatible with the previous 0.4.0 version. Your existi
ng 0.4.0 based code will most likely work without need to be modified. The new
features in this release are detailed below. </a></p> |
| 34 <h3><a name="Idle_timeouts_and_new_class" id="Idle_timeouts_and_new_class">Idl
e timeouts and new CallLater</a> class</h3> |
| 35 <p>The previous version suffered the problem of not having a mechanism to di
sconnect clients after a long time of inactivity. This posed the risk for the F
TP server to be easily vulnerable to DoS attacks in which a lot of connected cl
ients could clump system's resources and sockets. </p> |
| 36 <p>0.5.0 version solved this problem by implementing a brand new polling loop
which, other than serving the connected clients, also checks if it is the pro
per time for scheduled functions to be called (if any). Thanks to the new loop
and the new CallLater class implementing <a href="http://code.google.com/p/pyftp
dlib/issues/detail?id=72" rel="nofollow">timeouts</a> and <a href="http://code.g
oogle.com/p/pyftpdlib/issues/detail?id=73" rel="nofollow">delays to invalid cred
ential replies</a> have been possible. </p> |
| 37 <p>FTPHandler class gained a new timeout attribute defaulting to 300 seconds w
hich is the maximum time of inactivity a remote client may spend before being di
sconnected. </p> |
| 38 <p>Also DTPHandler class gained a new timeout attribute defaulting to 300 seco
nds which roughly is the maximum time the data transfers can stall for with no p
rogress. </p> |
| 39 <h3><a name="Permission_exceptions" id="Permission_exceptions">Permission exce
ptions</a></h3> |
| 40 <p><a name="Permission_exceptions" id="Permission_exceptions">The DummyAuthori
zer now gives the possibility to define permission exceptions for directories.
For example, if you want to create a user which does not have write permission
except for one sub-directory in FTP root, you can now do as follows: </a></p> |
| 41 <pre><a name="Permission_exceptions" id="Permission_exceptions">>>> f
rom pyftpdlib import ftpserver<br />>>> authorizer = ftpserver.DummyAut
horizer()<br />>>> authorizer.add_user('user', 'password', '/home/ftp',
perm='elr')<br />>>> authorizer.override_perm('user', '/home/ftp/pub',
'elradfmw', recursive=True)</a> |
| 42 |
| 43 |
| 44 </pre> |
| 45 </div> |
| 46 </body> |
| 47 </html> |
OLD | NEW |