SafeTP Windows Client Change Log -------------------------------- 2.0 --- added support for Windows ME added Anti-Idle feature minor GUI touch-ups fixed bug: strange characters occasionally appearing in session list MD5 (SafeTP20.EXE) = 9a31c9dda8790b22dcebfd80f464fc09 1.9 --- added client-side firewall friendliness feature that makes SafeTP active transfers far more likely to work correctly in the presence of client-side transparent or NAT firewalls (when the server is using sftpd 1.46 or newer) added integrity-only data connection option (tamperproof data) that provides higher data transfer performance than full encryption added configuration control for setting the recognized FTP ports added an option to bypass a serverIPMismatch warning which may be OK in some configurations expanded win9x TCP/IP connection limit to handle connection-intensive applications exclude win32SL.exe Dell OpenManage client which is known to be incompatible added more robust input parsing to handle some rare FTP servers which aren't fully 959-compliant added more prominent version stamp and about box button on manager updated the crypto export section of the end-user license and included copying.lib license information file updated the online help file turned off ascii translation on the logfile fixed reported network byte order and version stamp on layer installation added missing log entry for relaying 226 after encrypted data xfer updated win95 installer to use new microsoft-provided winsock 2 upgrade patch fixed bug: "Unrecognized layer request" error that occasionally crashes SafeTP.EXE fixed bug: crash in LIBGMP.DLL due to a thread-safety problem in GMP fixed bug: crash that reported "Unknown command on ss" fixed bug: the server key database interface sometimes removed legitimate keys ("Removing corrupted key:") for IP addresses containing ".0." fixed bug: trashed data that sometimes occured when using IE for FTP with data encryption fixed bug: a very rare GUI feedback loop in the manager fixed bug: keyboard accelerators in the manager occasionally activated non-visible controls fixed bug: a potential buffer overflow (not exploitable) MD5 (SafeTP19.EXE) = 24457a1c96d1e77540b9f3f4dc1fd642 1.8 --- Fixed bug: SafeTP.exe crash on a server control channel response over 4KB Added admin-configurable server key defaulting Added registry setting for usernames to consider anonymous Changed installer to set install directory permissions on NTFS drives Sped up installer to avoid copying some temporary setup files Cleaner uninstall program - more likely to remove files before reboot Updated license agreement Fixed bug: Rare problem on NT where RPC service fails to start on reboot Fixed bug: Rare problem where registry permissions on the SafeTP tree don't get set MD5 (SafeTP18.EXE) = c7bd492ef5f7e6991b4575d8b8389989 1.7 --- Minor version - mostly cosmetic changes added parker.eecs host key to default database Added support for silent (batch) installation fixed bug: certain (rare) buggy firewalls would terminate 959 connects over SafeTP due to a PORT command getting divided into 2 datagrams Gave STPMgr better error correction when installed and not active Various small updates to help file fixed bug: in rare cases, user disables layer after WSAStartup() and before socket()) could see an err message "SafeTP layer not found" STPMgr: fixed tab browse sequences, added keyboard shortcuts NTSP6 platform detection fixed bug introduced in 1.6 related to NT server key MD5 (SafeTP17.EXE) = 57bdfe9d55b40dfc654ed52c11b41fcf 1.6 --- added 16-bit support (removed most stack allocation from STPLayer) replaced crypto code with Gnu MP - makes logins approximately 7x faster! fixed bug: if install pathname contained spaces (or a quoted arg), many bad things happenned fixed bug: debug log was enabled by default STPMgr Installation Phase 2 created - offloaded lots of crap from InstallShield, much more robust made default install dir c:\windows\safetp\ Added +s +r attribs on files to make accidental deletion harder Added auto-merge of distribution server key database in initkeys.txt added server key import/export UI improved interactiveness of server key list Added warnings about deletion to install and helpfile updated to use shastring checksums fixed bug: implemented a full version of string recvLine() to prevent buffer overruns on big server replies (README) got rid of MAX_CONTROL_LINE_LENGTH Added CR's to keylog made checkseed only prompt on layer active added better error reporting to SAFETP.EXE - send to client on cs when possible Added memory leak checking & fixed some small leaks Fixed it so 959-dropdown warning doesn't appear on a non-220 server greeting Added restart apps/sessions for changes to take effect fixed spelling errors in messages fixed winsock2.2 detect to account for possibility that ws2_32.dll is in path somewhere Added auxilliary icon to STPMGR Removed README.TXT Added STPTest fixed bug where SafeTP was reclosing the ss sockets and closing some INVALID_SOCKET's that was causing STPLayer to get loaded (dunno why) Various small security fixes from Scott's review added UserIsAdministrator() Win2000 & NTSP5 platform detection Updated policy module interface integrated SPTable for more generality- no inf. recursion in presence of other SPI MD5 (SafeTP16.EXE) = d9e3676569f49dd2265ac7fb5426f0d5 1.5 --- added support for sftpd on port 353 (alternate sftpd configuration) added server key branding to the server key list made client key security warning less threatening fixed SPI flags to use IFS_HANDLES, got a little closer to supporting 16-bit apps renamed key update button to refresh minor UI tweaking to the entropy gathering screen fixed installer priority problem under NTSP0 MD5 (SafeTP15.EXE) = d25996109f48b273eecab1155f24e87c 1.4 --- Integrated makekeys functionality in a GUI form in STPMGR Added client key screen- reports on age of key, allows rebuilding and auto-rebuild options Merged install and activate buttons into a single on/off radio button Added advanced settings interface: application include/exclude, and logging file control fixed WSPDuplicateSocket in layer Fixed a logging problem on NT SP0 that caused messages to be truncated (added locking across threads) Updated docs to list york 21 as test server Added DNS lookup capabilities to AddKey Added reverse DNS lookup to display hostnames on server keys screen 1.3 --- Added a snazzy new InstallShield Installation program that should smooth out all installation problems - tested on all platforms. Also includes a comprehensive uninstall program. Added STPSETUP.DLL project to support above. Added a helpfile with context-sensitive interface. Fixed bug- User trying to use SafeTP without ever making his keys may cause strange crash (on-the-fly weakkey generation) Fixed bug- fixed registry permissions masking that causes strange results on NT Now shipping all binaries in release configuration Added weakkey generation to makekeys Various cosmetic changes to makekeys messages Enhancements to allow SYSTEM user to store user settings in a protected registry area - allows system services that use ftp to utilize SafeTP, as well as allowing the upcoming NT version of sftpd to run as a system service with DSA keys in the registry. Added settings abstraction to support above Added Registry access control functions Added ability to turn logging on/off for each user Per-user SafeTP instances and username logging Added platform server/workstation detection 1.2 --- Made installer more robust Added an option for detecting and warning the user before allowing a non-anonymous password to be sent in the clear (in compatibility mode) Fixed a repainting bug in the STPMGR session grid Fixed the column widths in STPMGR to accomodate non-standard system font settings. 1.1 --- Similar to 1.0. Added serverIP to protocol Fixed a transparency bug in netscape that caused broken FTP connections to be reset Fixed crashes in the cleanup sequence of SAFETP.EXE on NT Fixed process freezes in STPLAYER.DLL on NT4SP0. 1.0 --- First release version