Maverick Synergy 3.0.10 - May 4, 2022 Bug Fixes o Refactor of VirtualFileFactory to provide consistent resolution of children. o Intermediate non-existent paths along a virtual mount path should be read only. o Calling enableFile twice on the same logging path should not create an additional log context but should instead reconfigure the existing context. o Added isMount method to VirtualFile to make it easier to determine if the file object is a mount or not. o VirtualMounts are now processed and cached in the VirtualFileFactory constructor. o There is no method to reset the logging contexts. o DirectFileJava7 attempts to set name of group/user using the SftpFileAttributes method that only accepts a numerical GID/UID. o PublicKeyAuthenticator setKeyPair method incorrectly stores unmodifiable collection causing UnsupportedOperationException when keys are removed during authentication. -------------------------------- Maverick Synergy 3.0.9 - March 21, 2022 Bug Fixes o New generic JCE based Ed25519 key implementation incorrectly writes the public key parameter to the private key field resulting in the key being unusable after reload from file. o Setting the read-only attribute on a SftpFileAttributes when version is <5 causes WinSCP to error during directory listing. o Azure SFTP disconnects if SSH identification string contains an additional hyphen in the software/version/comments part of the identifier. These are now replaced with an underscore character. o You cannot turn off the default IP banning policy which sometimes might get in the way of testing scripts. o Upload performance is constrained compared to download performance due to insufficient default window space in SFTP configuration. Default SFTP window space changed to 16MB. -------------------------------- Maverick Synergy 3.0.8 - March 4, 2022 Features o Removed hard dependency on BouncyCastle JCE for ed25519 keys. This now supports any JCE provider that supports ed25519 algorithm. o Refactored support for incomplete and non-functional feature in client to use HTTP, SOCKS4 and SOCKS5 proxies. Bug Fixes o SftpFileAttributes setGroup and setUsername never set flag SSH_FILEXFER_ATTR_OWNERGROUP. o SftpFileAttributes does not use values set by setGroup/setUsername in v4 binary blob. o SftpFileAttributes does not validate UID/GID are numeric values. o Added getMount to VirtualFile interface for consistent mount returning function across virtual file types. Deprecated getParentMount on VirtualFileObject for same reasons. o Added security options for PROXY protocol which are restrictive by default to ensure a user cannot spoof their IP address. -------------------------------- Maverick Synergy 3.0.7 - Dec 14, 2021 Features o Proxy protocol v1 is now supported for IP resolution through load balancers. Replaced remote address on Connection object with unresolved InetAddress containing the IP and port of the source connection. o Further improvements to callback client and server. o Added getSessionCount method to SshConnection. o Added ExpiryConfiguration callback interface to ExpiringConcurrentHashMap to allow an external service to provide an expiry setting. o VirtualShell now supports configuring the native command used when the user executes the 'osshell' command. o Added ChannelFactoryListener interfaces to modify channels during creation by the DefaultServerChannelFactory. o Require each channel to declare its channel type through the getChannelType method. Bug Fixes o SessionChannelNG does not delegate subsystem creation to a protected method, making it impossible to override behaviour. o Default ping mechanism is now only used when idle time configuration is zero. o Idle state mechanism incorrectly generates idle events every second after reaching the idle threshold. o Failed to negotiate algorithm reports incorrect list of algorithms in exception text. o addInterface in SshEngineContext should throw an error when an interface cannot start when the server is already running. o Guard against NullPointerException in ComponentFactory configureSecurityLevel method. o Close event from RootShell was not providing RootShell instance as an event source. o Incorrect XOR of flag causes NPE in SftpFileAttributes setTimes methods. o ConcurrentModificationExceptions discovered with local forwarding under load when implementation uses ChannelEventListeners for feedback. o Fixes to VirtualShell "raw" mode to prevent duplicate reading of the session streams when a command needs direct access to the session. o Fixed replacements when UnknownHostException captured in virtual shell welcome message. o Wrapping SshConnection in SshClient can now optionally disable disconnection. o Allow SshClientCommand runCommand execution from another class by making it public. o Callback client reconnect interval is now fixed to interval provided rather than accumulative delay. o Ensure channel without a data cache evaluates window space on channel data received. o Use ConcurrentHashMap in ExecutorOperationSupport listener collection. o A callback server should be identifiable by its identification string, e.g. SSH-2.0-CallbackServer -------------------------------- Maverick Synergy 3.0.6 - Oct 19, 2021 Features o Improvements and refactoring of reverse SSH connection "callback" API after testing in the reference product. Bug Fixes o SSH.com key fails to parse due to check length operation on array constructed from the declaration of length; however, an additional byte to protect the MPINT from being negative was added to the length. Causing the final check length operation to fail. o SftpClient pattern matching put methods use wrong parent path resulting in incorrect file transfer results. o Implemented the setting of attributes bits in SFTP v6 SftpFileAttributes. o VirtualMount needed a default set of permissions in order to provide a valid long name response. -------------------------------- Maverick Synergy 3.0.5 - Sept 20, 2021 Features o Added setTimes method that allows SFTP v4 creation time attribute to be set, including sub-second times. o Support signals. See AbstractSessionChannel.signal(String). o Native session implementation and associated factory for "osshell" command to drop virtual session into a native session. o VirtualMount option for lastModified and read-only flag which is now used by VirtualMountFile to return values. Bug Fixes o If PasswordAuthenticator is passed to SshClient.authenticate it should be translated into keyboard-interactive if the remote server only supports keyboard-interactive regardless of context preference to support password over keyboard-interactive. o PasswordOverKeyboardInteractiveCallback should defer obtaining the password until authentication is being performed. o Loading a license from a file was broken. o OpenSSL private key file support broken due to incorrect reflection class name. o Removed broken BouncyCastle OpenSSL public key file support as this was not complete and never implemented correctly. o VirtualMountFile should not resolve child until absolutely necessary to prevent the list of mounts from becoming slow due to destination resolution. o Regular expression file matching exists but is not used in matchRemoteFiles. -------------------------------- Maverick Synergy 3.0.4 - Aug 18, 2021 Features o Refactor of callback client; separated CallbackContextFactory and added SshConnection parameter to event methods. o Added before/after methods to Utils. o Create an SshClient from an existing SshConnection to allow wrapping of "jump" hosts. o Added CallbackRegistrationService for management of callback clients within a callback server. Bug Fixes o Missing server-level collection of GlobalRequestHandlers. o Changed use of VFS SFTP 3.2.0 from snapshot to final version. o Made SwitchingCallbackContext constructor public. o Don't print stack trace of unsupported command, just log the error. o Allow protected access to child channel factories of ShellCommandFactory. o Allow protected access to console and ShellCommandFactory of VirtualShellNG session implementation. o Default callback identifier made consistent with SSH identification practices. o Authentication future is not processed as part of client disconnect. o BouncyCastle 1.69 cannot load ED25519 key. o ClientAuthenticator should allow SshException to propagate. o NPE when no license is set. o Client authenticators need to signal failure of the authenticator to their parent future. -------------------------------- Maverick Synergy 3.0.3-FINAL - Jul 21, 2021 Bug Fixes o Configure default connection timeout value of 600 seconds and ensure zero value is treated as no timeout. o VirtualMountFile and VirtualMappedFile now cache children until refreshed. -------------------------------- Maverick Synergy 3.0.2-FINAL - Jul 20, 2021 Bug Fixes o File listing in VirtualFileFactory returns duplicate path entries for parents of mount entries. o VirtualMountFile no longer attempts to resolve its target file during construction and defers this until some operation is attempted on the file object. o Change junixsocket dependency of maverick-sshagent to version 2.3.4 to remove its transitive dependency of log4j 1.2 -------------------------------- Maverick Synergy 3.0.1-FINAL - Jul 9, 2021 Bug Fixes o Idle connection timeout issues after authentication. -------------------------------- Maverick Synergy 3.0.0-FINAL - Jul 7, 2021 Features o Added isRunning method to AbstractSshServer. Bug Fixes o VirtualMountFile fails when its path within its parent mount does not exist. o Idle connection timeout issues after authentication. -------------------------------- Maverick Synergy 3.0.0-RC7 - May 26, 2021 Features o Added optional symlinkTo and readSymbolicLink methods to AbstractFile. Bug Fixes o Do not read or write SSH_FILEXFER_ATTR_SUBSECOND_TIMES if the parent time flag has not been specified. o Refactored SFTP session cleanup to ensure events are always generated. o EVENT_AUTHENTICATION_STARTED added and fired once to indicate client has started authentication service with username parameter, EVENT_USERAUTH_STARTED now is fired at the beginning of each separate authentication attempt with parameters for user and method being attempted. o Fixed event started/finished attributes in authentication to encompass the entire authentication step, and separately on each individual attempt. o Allow JVM default trusted CA certificate store password of "changeit" to be overridden with System property maverick.trustedCACertsPassword. o Use ConcurrentLinkedQueue to prevent concurrent modification on shutdown hooks collection. o Refactored support for OpenSSH certificate extensions to include support for custom extension definitions. o Fixed broken server-side SCP and command initialization. o Removed NONE value from SecurityLevel. This was only used in NoneCipher and NoneHmac, which are not installed by default and the option was confusing in other contexts. o Add server socket channel to all permanent accept threads. o Support for SHA2 signature usage in RSA certificates. o Fixed VirtualMappedFile double slash problem when resolving actual file path. o Double shutdown results n OutOfMemoryError. o Creating a directory over SFTP should fail if the parent does not exist. This can be overridden with FileSystemPolicy method setMkdirParentMustExist. -------------------------------- Maverick Synergy 3.0.0-RC6 - May 4, 2021 Bug Fixes o Upgraded BouncyCastle dependencies to 1.68 (BC) and 1.0.2 (BC-FIPS) o Upgraded commons-io dependency to 2.7. o Authentication hangs if the server does not support KBI authentication or if `preferKeyboardInteractiveOverPassword` is false. o The static executor field on SshContext can be shutdown and then reused by another SshClient, resulting in an exception. -------------------------------- Maverick Synergy 3.0.0-RC5 - April 6, 2021 Bug Fixes o FileLoggingContext fails with NPE when the log path is relative. o Authenticators setup in SshClientContext would incorrectly be attempted multiple times. o ClientStateListener authenticate method no longer passes a List of Authenticator objects to be started after it returns. Authentication should be initiated within the authenticate handler. o Ensure that password authenticator future is triggered when wrapped within automatic keyboard-interactive conversion. o Don't pass authenticator to PasswordOverKeyboardInteractiveCallback because there is no way for its future to be completed. o OpenSSH certificate extension values and critical options not encoded correctly during sign operation. o Fixed connection-based logging which was incorrectly preventing logging without an identification or user-configured value. o Moved some VirtualFileFactory log statements to TRACE as they are even too chatty for DEBUG mode. o Callback role switching was broken for normal SSH clients due to changes made in TransportProtocol relating to the posting of identification string. o Moved connection error TRACE statement to DEBUG o Callback mount URI should be passed to VFSFactory as the base path. o AbstractFileSystem should be resilient to an error during getAttributes call in readDirectory call. -------------------------------- Maverick Synergy 3.0.0-RC4 - Mar 17, 2021 Features o Added shutdownAndExit method to SshEngine designed for calling before application shutdown (it is the applications responsibility to exit, this is just for clean up). o Added context option to disable preference of using keyboard-interactive authentication over password. Bug Fixes o Fixed race condition where authentication client can receive failure message from the none authenticator. o OpenSSH RSA certificate incorrectly attempted to be decoded as ECDSA. o NPE when DefaultLoggingContext.shutdown is called and no file watcher has been initialized. o Removed synchronization from EventServiceImplementation to prevent delays in event handlers from slowing down other threads. -------------------------------- Maverick Synergy 3.0.0-RC3 - Feb 2, 2021 Bug Fixes o Ensure console logger flushes out after a log statement has been written to console. o Forwarding channel receiving SSH_MSG_CHANNEL_CLOSE before SSH_MSG_CHANNEL_EOF could hang due to reliance on remote EOF state being received prior to accepting channel close. o Added default timeout support to CachingDataWindow during put operation. -------------------------------- Maverick Synergy 3.0.0-RC2 - Jan 25, 2021 Bug Fixes o Fixed implicit narrowing of long to int from code scan warning. o SshServer required a method to be able to set the default Security Level. o Made ByteArrayReader more resilient to length errors when processing messages. -------------------------------- Maverick Synergy 3.0.0-RC1 - Dec 27, 2020 Features o Major refactor to support more shared code with the Maverick Legacy APIs. o Removed all dependencies from core maverick-synergy-client and maverick-synergy-server modules to enable clearer choice on third-party dependencies. o CBC ciphers have been deprecated. You can enable CBC ciphers by calling ComponentManager.enableCBCCiphers(); o DSA keys have been deprecated. We will no longer generate them, but you can enable support for using them if the remote server requires them with ComponentManager.getInstance().enableAlgorithm("ssh-dss"); o SftpSubsystem will now detect SftpOperationWrapper interface on installed AbstractFileFactory implementation. o Added event listener registration to SshConnection interface. Bug Fixes o Selector threads and executor service threads have now been marked as daemon threads.