4.208. vsftpd

The "delay_failed_login" and "max_login_fails" options, which can be set in the vsftpd.conf file, did not work correctly. Consequently, the user had an unlimited number of login attempts if the "userlist_enabled=YES" and "userlist_deny=NO" rules were specified in the vsftpd.conf file. The vsftpd daemon now properly uses a delay between two unsuccessful login attempts and also refuses any connection after a specified number of unsuccessful login attempts.

The vsftpd daemon did not handle file transfer failures correctly if the ftp-data port was blocked on the FTP client. As a consequence, vsftpd became unresponsive under these circumstances. The updated vsftpd daemon now reports such failures to the FTP client and the data transfer is terminated as expected.

An attempt to list files could lead to a data type overflow error if a directory contained files with owner's UID or GID that was higher then the maximum value of the "signed int" data type (that is 2147483647). Subsequently, the FTP connection was terminated. With this update, vsftpd has been modified to support UIDs and GIDs up to the maximum value of the "unsigned int" data type (that is 4294967294). Directory content is now listed as expected in the scenario described.

The vsftpd server previously did not support the UTF-8 feature. This update implements the UTF-8 feature for the vsftpd server in accordance with the Internationalization of the File Transfer Protocol (RFC 2640) standard.

The "ls" command previously did not support square brackets as wildcard characters in FTP connections. This update improves wildcard characters support in vsftpd and square brackets can now be used in regular expressions with the "ls" command accordingly.

With this update, vsftpd introduces the new "ssl_request_cert" option, which enables vsftpd to request certificates on incoming SSL connections.