SFTPPlus Release 3.40.0

Tue 13 November 2018 | general release

We are announcing the latest release of SFTPPlus version 3.40.0.

New Features

  • SuSE Enterprise Linux without the Security Module and OS X are now distributed with OpenSSL 1.1.0h, making it possible to use TLS 1.2 and SHA2. [#5030]
  • It is now possible to use variable placeholders when defining the path for the local file event handler. [#5095]
  • You can now define the SSH keys used by the SFTP/SCP file transfer service and by the SFTP location as text values inside the configuration file. Storing SSH keys in external files is still supported. [sftp][scp] [#5096]
  • You can now define the SSL certificate and key pairs used by HTTPS/FTPS and the local manager services as text values inside the configuration file. [ftps][https] [#5097]
  • You can now hide the SFTPPlus session authentication method from the www-authenticate header. This can be used as a workaround for an authentication issue when using SFTPPlus with older HTTP clients, which don't recognize multiple www-authenticate headers. [server-side][http][https] [#5099]
  • It is now possible to make the files of an account available over HTTP as a public file transfer site. No username or password is required to access and manage those files. [server-side][http][https] [#5100]
  • It is now possible to filter event handlers based on the source IP address. [#5120]

Defect Fixes

  • When an SFTP transfer (upload or download) is interrupted, a dedicated event is emitted. In previous versions, no event was emitted to signal the transfer failure. [server-side][sftp] [#5027-1]
  • When an SCP transfer (upload or download) is interrupted, the emitted events now clearly signal the transfer failure. In previous versions, the same events as for a successful transfer were emitted. [server-side][scp] [#5027]
  • SFTPPlus no longer uses the MIME type database provided by the operating system. In older operating systems like SuSE 11, the MIME type for JavaScript files was defined as text/x-js, which caused failures in modern versions of Chrome and Firefox. SFTPPlus now defines the MIME type as application/javascript on any operating system. [local-manager] [#5075]
  • The speed for listing the folder content using the FTP/FTPS or HTTP/HTTPS file transfer services was improved. The improvement is observed especially on Windows, and when listing folders hosted by a remote Windows or NFS share. [server-side][ftp][http] [#5083]
  • The SCP server will now use the correct name to write a file when the client is requesting an upload without providing the base path. In previous versions, a file named '-t' was created instead. [server-side][scp] [#5094]

Deprecations and Removals

  • Event with ID 20107 was removed and replaced with the event with ID 20158. [#5095]
  • Events with ID 30013, 30048, 30052 were removed and replaced with the generic event ID 20077. Event with ID 30075 was removed and replaced with the generic event with ID 20158. [server-side][sftp][scp] [#5096]
  • Loading of SSL/X.509 certificates and keys from .DER files was removed. You should convert your certificates and keys to PEM format. PEM format is the only format supported by SFTPPlus. DER support was removed, as not all of its features were supported. For example, loading the certificate chain or using multiple certificate authorities was only supported for the PEM format. [ftps][https] [#5097-1]
  • Loading the certificate authority configuration from a directory containing multiple files is no longer supported. You can still use multiple certificate authorities for the same configuration by storing all the CA certificates in the same file. [https][ftps] [#5097]

You can check the full release notes here.