Maverick Synergy 3.0.10 - May 4, 2022
Bug Fixes
o Refactor of VirtualFileFactory to provide consistent resolution of children.
o Intermediate non-existent paths along a virtual mount path should be read only.
o Calling enableFile twice on the same logging path should not create an additional log context but should instead reconfigure the existing context.
o Added isMount method to VirtualFile to make it easier to determine if the file object is a mount or not.
o VirtualMounts are now processed and cached in the VirtualFileFactory constructor.
o There is no method to reset the logging contexts.
o DirectFileJava7 attempts to set name of group/user using the SftpFileAttributes method that only accepts a numerical GID/UID.
o PublicKeyAuthenticator setKeyPair method incorrectly stores unmodifiable collection causing UnsupportedOperationException when keys are removed during authentication.
--------------------------------
Maverick Synergy 3.0.9 - March 21, 2022
Bug Fixes
o New generic JCE based Ed25519 key implementation incorrectly writes the public key parameter to the private key field resulting in the key being unusable after reload from file.
o Setting the read-only attribute on a SftpFileAttributes when version is <5 causes WinSCP to error during directory listing.
o Azure SFTP disconnects if SSH identification string contains an additional hyphen in the software/version/comments part of the identifier. These are now replaced with an underscore character.
o You cannot turn off the default IP banning policy which sometimes might get in the way of testing scripts.
o Upload performance is constrained compared to download performance due to insufficient default window space in SFTP configuration. Default SFTP window space changed to 16MB.
--------------------------------
Maverick Synergy 3.0.8 - March 4, 2022
Features
o Removed hard dependency on BouncyCastle JCE for ed25519 keys. This now supports any JCE provider that supports ed25519 algorithm.
o Refactored support for incomplete and non-functional feature in client to use HTTP, SOCKS4 and SOCKS5 proxies.
Bug Fixes
o SftpFileAttributes setGroup and setUsername never set flag SSH_FILEXFER_ATTR_OWNERGROUP.
o SftpFileAttributes does not use values set by setGroup/setUsername in v4 binary blob.
o SftpFileAttributes does not validate UID/GID are numeric values.
o Added getMount to VirtualFile interface for consistent mount returning function across virtual file types. Deprecated getParentMount on VirtualFileObject for same reasons.
o Added security options for PROXY protocol which are restrictive by default to ensure a user cannot spoof their IP address.
--------------------------------
Maverick Synergy 3.0.7 - Dec 14, 2021
Features
o Proxy protocol v1 is now supported for IP resolution through load balancers. Replaced remote address on Connection object with unresolved InetAddress containing the IP and port of the source connection.
o Further improvements to callback client and server.
o Added getSessionCount method to SshConnection.
o Added ExpiryConfiguration callback interface to ExpiringConcurrentHashMap to allow an external service to provide an expiry setting.
o VirtualShell now supports configuring the native command used when the user executes the 'osshell' command.
o Added ChannelFactoryListener interfaces to modify channels during creation by the DefaultServerChannelFactory.
o Require each channel to declare its channel type through the getChannelType method.
Bug Fixes
o SessionChannelNG does not delegate subsystem creation to a protected method, making it impossible to override behaviour.
o Default ping mechanism is now only used when idle time configuration is zero.
o Idle state mechanism incorrectly generates idle events every second after reaching the idle threshold.
o Failed to negotiate algorithm reports incorrect list of algorithms in exception text.
o addInterface in SshEngineContext should throw an error when an interface cannot start when the server is already running.
o Guard against NullPointerException in ComponentFactory configureSecurityLevel method.
o Close event from RootShell was not providing RootShell instance as an event source.
o Incorrect XOR of flag causes NPE in SftpFileAttributes setTimes methods.
o ConcurrentModificationExceptions discovered with local forwarding under load when implementation uses ChannelEventListeners for feedback.
o Fixes to VirtualShell "raw" mode to prevent duplicate reading of the session streams when a command needs direct access to the session.
o Fixed replacements when UnknownHostException captured in virtual shell welcome message.
o Wrapping SshConnection in SshClient can now optionally disable disconnection.
o Allow SshClientCommand runCommand execution from another class by making it public.
o Callback client reconnect interval is now fixed to interval provided rather than accumulative delay.
o Ensure channel without a data cache evaluates window space on channel data received.
o Use ConcurrentHashMap in ExecutorOperationSupport listener collection.
o A callback server should be identifiable by its identification string, e.g. SSH-2.0-CallbackServer
--------------------------------
Maverick Synergy 3.0.6 - Oct 19, 2021
Features
o Improvements and refactoring of reverse SSH connection "callback" API after testing in the reference product.
Bug Fixes
o SSH.com key fails to parse due to check length operation on array constructed from the declaration of length; however, an additional byte to protect the MPINT from being negative was added to the length. Causing the final check length operation to fail.
o SftpClient pattern matching put methods use wrong parent path resulting in incorrect file transfer results.
o Implemented the setting of attributes bits in SFTP v6 SftpFileAttributes.
o VirtualMount needed a default set of permissions in order to provide a valid long name response.
--------------------------------
Maverick Synergy 3.0.5 - Sept 20, 2021
Features
o Added setTimes method that allows SFTP v4 creation time attribute to be set, including sub-second times.
o Support signals. See AbstractSessionChannel.signal(String).
o Native session implementation and associated factory for "osshell" command to drop virtual session into a native session.
o VirtualMount option for lastModified and read-only flag which is now used by VirtualMountFile to return values.
Bug Fixes
o If PasswordAuthenticator is passed to SshClient.authenticate it should be translated into keyboard-interactive if the remote server only supports keyboard-interactive regardless of context preference to support password over keyboard-interactive.
o PasswordOverKeyboardInteractiveCallback should defer obtaining the password until authentication is being performed.
o Loading a license from a file was broken.
o OpenSSL private key file support broken due to incorrect reflection class name.
o Removed broken BouncyCastle OpenSSL public key file support as this was not complete and never implemented correctly.
o VirtualMountFile should not resolve child until absolutely necessary to prevent the list of mounts from becoming slow due to destination resolution.
o Regular expression file matching exists but is not used in matchRemoteFiles.
--------------------------------
Maverick Synergy 3.0.4 - Aug 18, 2021
Features
o Refactor of callback client; separated CallbackContextFactory and added SshConnection parameter to event methods.
o Added before/after methods to Utils.
o Create an SshClient from an existing SshConnection to allow wrapping of "jump" hosts.
o Added CallbackRegistrationService for management of callback clients within a callback server.
Bug Fixes
o Missing server-level collection of GlobalRequestHandlers.
o Changed use of VFS SFTP 3.2.0 from snapshot to final version.
o Made SwitchingCallbackContext constructor public.
o Don't print stack trace of unsupported command, just log the error.
o Allow protected access to child channel factories of ShellCommandFactory.
o Allow protected access to console and ShellCommandFactory of VirtualShellNG session implementation.
o Default callback identifier made consistent with SSH identification practices.
o Authentication future is not processed as part of client disconnect.
o BouncyCastle 1.69 cannot load ED25519 key.
o ClientAuthenticator should allow SshException to propagate.
o NPE when no license is set.
o Client authenticators need to signal failure of the authenticator to their parent future.
--------------------------------
Maverick Synergy 3.0.3-FINAL - Jul 21, 2021
Bug Fixes
o Configure default connection timeout value of 600 seconds and ensure zero value is treated as no timeout.
o VirtualMountFile and VirtualMappedFile now cache children until refreshed.
--------------------------------
Maverick Synergy 3.0.2-FINAL - Jul 20, 2021
Bug Fixes
o File listing in VirtualFileFactory returns duplicate path entries for parents of mount entries.
o VirtualMountFile no longer attempts to resolve its target file during construction and defers this until some operation is attempted on the file object.
o Change junixsocket dependency of maverick-sshagent to version 2.3.4 to remove its transitive dependency of log4j 1.2
--------------------------------
Maverick Synergy 3.0.1-FINAL - Jul 9, 2021
Bug Fixes
o Idle connection timeout issues after authentication.
--------------------------------
Maverick Synergy 3.0.0-FINAL - Jul 7, 2021
Features
o Added isRunning method to AbstractSshServer.
Bug Fixes
o VirtualMountFile fails when its path within its parent mount does not exist.
o Idle connection timeout issues after authentication.
--------------------------------
Maverick Synergy 3.0.0-RC7 - May 26, 2021
Features
o Added optional symlinkTo and readSymbolicLink methods to AbstractFile.
Bug Fixes
o Do not read or write SSH_FILEXFER_ATTR_SUBSECOND_TIMES if the parent time flag has not been specified.
o Refactored SFTP session cleanup to ensure events are always generated.
o EVENT_AUTHENTICATION_STARTED added and fired once to indicate client has started authentication service with username parameter, EVENT_USERAUTH_STARTED now is fired at the beginning of each separate authentication attempt with parameters for user and method being attempted.
o Fixed event started/finished attributes in authentication to encompass the entire authentication step, and separately on each individual attempt.
o Allow JVM default trusted CA certificate store password of "changeit" to be overridden with System property maverick.trustedCACertsPassword.
o Use ConcurrentLinkedQueue to prevent concurrent modification on shutdown hooks collection.
o Refactored support for OpenSSH certificate extensions to include support for custom extension definitions.
o Fixed broken server-side SCP and command initialization.
o Removed NONE value from SecurityLevel. This was only used in NoneCipher and NoneHmac, which are not installed by default and the option was confusing in other contexts.
o Add server socket channel to all permanent accept threads.
o Support for SHA2 signature usage in RSA certificates.
o Fixed VirtualMappedFile double slash problem when resolving actual file path.
o Double shutdown results n OutOfMemoryError.
o Creating a directory over SFTP should fail if the parent does not exist. This can be overridden with FileSystemPolicy method setMkdirParentMustExist.
--------------------------------
Maverick Synergy 3.0.0-RC6 - May 4, 2021
Bug Fixes
o Upgraded BouncyCastle dependencies to 1.68 (BC) and 1.0.2 (BC-FIPS)
o Upgraded commons-io dependency to 2.7.
o Authentication hangs if the server does not support KBI authentication or if `preferKeyboardInteractiveOverPassword` is false.
o The static executor field on SshContext can be shutdown and then reused by another SshClient, resulting in an exception.
--------------------------------
Maverick Synergy 3.0.0-RC5 - April 6, 2021
Bug Fixes
o FileLoggingContext fails with NPE when the log path is relative.
o Authenticators setup in SshClientContext would incorrectly be attempted multiple times.
o ClientStateListener authenticate method no longer passes a List of Authenticator objects to be started after it returns. Authentication should be initiated within the authenticate handler.
o Ensure that password authenticator future is triggered when wrapped within automatic keyboard-interactive conversion.
o Don't pass authenticator to PasswordOverKeyboardInteractiveCallback because there is no way for its future to be completed.
o OpenSSH certificate extension values and critical options not encoded correctly during sign operation.
o Fixed connection-based logging which was incorrectly preventing logging without an identification or user-configured value.
o Moved some VirtualFileFactory log statements to TRACE as they are even too chatty for DEBUG mode.
o Callback role switching was broken for normal SSH clients due to changes made in TransportProtocol relating to the posting of identification string.
o Moved connection error TRACE statement to DEBUG
o Callback mount URI should be passed to VFSFactory as the base path.
o AbstractFileSystem should be resilient to an error during getAttributes call in readDirectory call.
--------------------------------
Maverick Synergy 3.0.0-RC4 - Mar 17, 2021
Features
o Added shutdownAndExit method to SshEngine designed for calling before application shutdown (it is the applications responsibility to exit, this is just for clean up).
o Added context option to disable preference of using keyboard-interactive authentication over password.
Bug Fixes
o Fixed race condition where authentication client can receive failure message from the none authenticator.
o OpenSSH RSA certificate incorrectly attempted to be decoded as ECDSA.
o NPE when DefaultLoggingContext.shutdown is called and no file watcher has been initialized.
o Removed synchronization from EventServiceImplementation to prevent delays in event handlers from slowing down other threads.
--------------------------------
Maverick Synergy 3.0.0-RC3 - Feb 2, 2021
Bug Fixes
o Ensure console logger flushes out after a log statement has been written to console.
o Forwarding channel receiving SSH_MSG_CHANNEL_CLOSE before SSH_MSG_CHANNEL_EOF could hang due to reliance on remote EOF state being received prior to accepting channel close.
o Added default timeout support to CachingDataWindow during put operation.
--------------------------------
Maverick Synergy 3.0.0-RC2 - Jan 25, 2021
Bug Fixes
o Fixed implicit narrowing of long to int from code scan warning.
o SshServer required a method to be able to set the default Security Level.
o Made ByteArrayReader more resilient to length errors when processing messages.
--------------------------------
Maverick Synergy 3.0.0-RC1 - Dec 27, 2020
Features
o Major refactor to support more shared code with the Maverick Legacy APIs.
o Removed all dependencies from core maverick-synergy-client and maverick-synergy-server modules to enable clearer choice on third-party dependencies.
o CBC ciphers have been deprecated. You can enable CBC ciphers by calling ComponentManager.enableCBCCiphers();
o DSA keys have been deprecated. We will no longer generate them, but you can enable support for using them if the remote server requires them with ComponentManager.getInstance().enableAlgorithm("ssh-dss");
o SftpSubsystem will now detect SftpOperationWrapper interface on installed AbstractFileFactory implementation.
o Added event listener registration to SshConnection interface.
Bug Fixes
o Selector threads and executor service threads have now been marked as daemon threads.