INFO: Release history of Rebex libraries for .NET Compact Framework

This release history applies to the legacy edition of Rebex libraries for .NET Compact Framework.

Released: February162024

R5.15 #

List of changes in version 5.0.8813 from 2024-02-16:

SFTP: Fixed 'not authenticated' instead of 'not connected' error message.
SSH: Added support for strict key exchange extension (thwarts the so-called 'Terrapin attack').
SSH: Using lower local SSH channel numbers for better log readability.
SSH: Improved SSH session and channel lifecycle logging.
MIME: Added a workaround for broken messages with unescaped slash in a MIME parameter.
Mail: Fixed parsing of file names of UUEncoded attachments to properly handle whitespaces and other strange characters.
Terminal: Fixed possible 'Object is currently in use elsewhere' error when multiple instances of TerminalControl are used.
SSH Shell: Fixed an issue that could cause a tunnel to stop processing data after an SSH renegotiation.
TLS Core: Fixed possible deadlock when incomplete packet received after close_notify in TLS <=1.2.

Released: November032023

R5.14 #

List of changes in version 5.0.8708 from 2023-11-03:

FTP: Fixed handling of small port ranges in active mode.
Cryptography: Fixed validation of OCSP signer certificate's time validity.
WebSocket: Added APM async methods to WebSocketClient.

Released: September222023

R5.13 #

List of changes in version 5.0.8666 from 2023-09-22:

SSH: Fixed missing end-of-lines in new OpenSSH key format.
FTP: Fixed possible (but very rare) NullReferenceException while aborting a data transfer.
Networking: Fixed handling of IPv6 addresses in square brackets.
Proxy: Fixed formatting of IPv6 addresses for HTTP CONNECT proxies.
Proxy: Using 'Proxy-Connection' header instead of 'Connection' with HTTP CONNECT proxies.
TLS Core: Disabled workaround for DHE padding bug in old versions of MS Schannel.
Common: Un-deprecated CryptoHelper.ForceManagedAes property.
All: Fixed problems in finalizer logic.

Released: May312023

R5.12 #

List of changes in version 5.0.8552 from 2023-05-31:

TLS Core: Fixed server-side TLS curve selection.
File Server: Fixed filename handling in SCP's non-directory upload mode.
File Server: Fixed parsing of "\$" sequences in SSH commands.
File Server: Fixed escaping of "$" character in SCP commands.
Cryptography: Fixed lifecycle of AsymmetricKeyAlgorithm based on RSA CSP.

Released: Apr172023

R5.11 #

List of changes in version 5.0.8508 from 2023-04-17:

TLS Core: Fixed client-side TLS cipher suite check and server-side TLS cipher selection.
TLS Core: Fixed memory leak in server-side TLS session cache.
TLS Core: Fixed checking of selected elliptic curves.

Released: Jan302023

R5.10 #

List of changes in version 5.0.8431 from 2023-01-30:

File Server: Fixed handling of read-only items in raw directory listings.
SSH Core: Fixed rare NullReferenceException when closing an SshSession.
SFTP: Fixed free space calculation in Sftp.GetFileSystemInfo for macOS-based servers.
FTP: Fixed a bug in BeginGetDownloadStream/BeginGetUploadStream methods that left Ftp object in an unusable state on failure.
Common: Fixed potential premature release of an unmanaged buffer in SSPI interop code.
Common: Fixed CRL validator to be able to handle multiple URLs in CRL DistributionPoint.
Cryptography: Expired CRLs are removed from enhanced validator CRL storage.

Released: June302022

R5.9 #

List of changes in version 5.0.8217 from 2022-06-30:

FTP: Reusing control connection session for all data connections. Added Ftp.Settings.ReuseDataConnectionSession option to make it possible to enable previous behavior.
POP3: Fixed an issue in handling OAuth 2.0 authentication errors.
EWS: Added EwsSettings.ExpectContinueTimeout to make it possible to specify a timeout for '100 Continue' HTTP response.
TLS Core: Added support for TLS extended master secret extension (RFC 7627).
TLS Core: Fixed handling of NoRenegotiation alert.
TLS: Fixed Renegotiate() in TlsClientSocket/TlsServerSocket.

Released: March222022

R5.8 #

List of changes in version 5.0.8117 from 2022-03-22:

HTTP: Added Settings.AllowRedirectDowngrade option (enabled by default).
HTTP: Fixed workaround for server-side bug (fixed handling of servers that send more data than they announced).
SFTP: Fixed Sftp.Settings.UseReadWriteModeForDownloads option behavior.
FTP: Fixed Ftp.Dispose() to properly update Ftp properties.
File Server: Enabled host key algorithms based on RSA/SHA-2 by default. Added SshParameters.EnabledHostKeyAlgorithmsWithSha2 option to make it possible to easily turn them off.
File Server: Fixed possible NullReferenceException in ServerSession.SendMessage method.
Cryptography: Fixed handling of expired cached CRL and OCSP responses.
Cryptography: Fixed Certificate.GetSignatureHashAlgorithm() for certificates signed by Ed25519 authorities.
Common: Fixed rare premature finalization of a buffer in SSPI interop that might lead to an AccessViolationException.

Released: December162021

R5.7 #

List of changes in version 5.0.8020 from 2021-12-16:

MIME: Improved ID check in MessageId constructor.
SMTP: Enabled Login(username, password, OAuth20) method.
POP3: Enabled Login(username, password, OAuth20) method.
IMAP: Enabled Login(username, password, OAuth20) method.
EWS: Enabled Login(username, password, OAuth20) method.
HTTP: Added HttpRequest.AddRange() method.
HTTP: Added HttpResponse.LastModified property.
HTTP: Added support for CredentialCache to HttpRequest.
HTTP: Fixed handling of "401" responses with "Connection: close" when "Expect: 100-continue" is enabled.
HTTP: Fixed handling of multiple "100 Continue" responses.
HTTP: Fixed HTTP session caching when the response stream has not been read until end-of-stream.
HTTP: Improved handling of empty UserName in NetworkCredential for Basic and Digest authentication.
SSH: Added support for PuTTY PPK3 format to SshPrivateKey.
SSH: Added support for 'x509v3-rsa2048-sha256' SSH key algorithm (RSA X.509 certificates, RFC 6187).
SSH: Added workaround for a server with broken SSH window size handling logic.
SSH: Fixed handling of oversized data packets from servers with broken window size logic.
Cryptography: Added OCSP support to built-in custom certificate validator. Preferred to CRL by default.
Cryptography: Added more values to X.509 RevocationReason enum.
Cryptography: Added support for private keys in PuTTY PPK3 format (uses Argon2 key derivation function).
Cryptography: Added workaround for Google's CRLs with non-constructed explicit ASN.1 nodes.

Released: November222021

R5.6 #

List of changes in version 5.0.7997 from 2021-11-22:

HTTP: Added support for PreAuthenticate with Digest authentication method.
HTTP: Very small timeouts (<1000) in HttpRequest.Timeout are treated as 1000 (one second).
SMTP: Optimized memory usage while sending a message.
EWS: Added support for 'ErrorConnectionFailedTransientError' error code.
File Server: Requesting 'Read' permission in addition to 'Delete' for source path of rename operation in PathAccessAuthorization event.
SCP: Fixed compatibility of legacy Scp class with recent OpenSSH releases.
Terminal: Added TerminalOptions.WaitForCloseConfirmation option.
TLS Core: Improved handling of exceptions in TlsSocket.Send method.
Cryptography: Fixed handling of RSAParameters without DP/DQ in AsymmetricKeyAlgorithm and PrivateKeyInfo.
Cryptography: Fixed loading of encrypted keys with empty passwords in new OpenSSH format.

Released: November082021

R5.5 #

List of changes in version 5.0.7983 from 2021-11-08:

HTTP: Enhanced error handling when more data than expected has been received.
HTTP: Fixed NotSupportedException in HttpResponse stream's BeginRead/EndRead methods.
Cryptography: Fixed possible (but rare) error when acquiring a private key for an X.509 certificate.

Released: August052021

R5.4 #

List of changes in version 5.0.7888 from 2021-08-05:

HTTP: Order of HTTP request headers as specified by HttpRequest.Headers is used when constructing the HTTP request.

Released: July142021

R5.3 #

List of changes in version 5.0.7866 from 2021-07-14:

SFTP: SFTP v4 error code are interpreted as unknown error in SFTP v3.
File Server: Added support for SFTP v5.
File Server: Fixed compatibility issues in SCP protocol.
Mail: Improved MSG reader to read 'subject' from PidTagConversationTopic MAPI property when needed.
SSH: Fixed race condition in OpenSSH-style compression startup code (occasionally caused connection failures during authentication with SSH compression was enabled).
Networking: Fixed casing in 'Basic' HTTP proxy authorization header.
Cryptography: Removed X.509 certificate chain range nesting validation from custom certificate validator (it is not prescribed by RFC 5280 and it is not a common practice any more).
Cryptography: Optimized creation of algorithm objects in CNG layer (.NET CF 3.9 only).

Released: June142021

R5.2 #

List of changes in version 5.0.7836 from 2021-06-14:

FTP: Added Ftp.Settings.MdtmSetTimeOffset property.
File System: Fixed obfuscated method names in FileSystemProvider log.
File Server: Fixed error handling in SSH session's periodic timer callback.
File Server: Fixed handling of failed sessions to make sure they are removed from the sessions collection.
File Server: Updated SshConsole.Clear() method to reset cursor position in addition to clear the screen.
File System: Fixed handling of non-seekable streams supplied to NodeContent CreateReadOnlyContent method.
Mail: Trimming input value in ContentType, ContentLocation and ReturnPath constructors.
Mail: Added MsgMessageException exception class (represents errors related to Outlook MSG format).
Mail: Improved handling of invalid SMTP addresses in MSG parser.
EWS: Fixed logging of port value in Ews.Connect method.
IMAP: Improved error handling when parsing IMAP envelope fields.
Terminal: Adapted behavior of "Erase Screen" to match usual terminal behavior (does not reset cursor position).
ZIP: Improved error messages, added more sanity checks.
HTTP: Enhanced error handling when connection is closed prematurely in chunked mode.
Networking: Added support for SOCKS5 servers that respond with domain name.
SSH: Optimized usage of ChaCha20/Poly1305 in SSH.
Cryptography: Added ChaCha20Poly1305 class that implements ChaCha20/Poly1305 with an API that resembles .NET's AesGcm class.
Cryptography: Clearing output data in AesGcm class when authentication tag is invalid.
Cryptography: Fixed parsing of Cryptographic Message Syntax envelopes with unsupported OIDs.
Cryptography: Improved ChaCha20/Poly1305 performance.
Cryptography: Improved performance of AES/CTR ciphers (used in SSH).
Cryptography: Added support for private keys using PBKDF2 with HMAC/SHA-2 (RFC 8018 / PKCS #5 v2.1).
Common: Improved error handling when raising events via synchronization context.

Released: March082021

R5.1 #

List of changes in version 5.0.7733 from 2021-03-08:

FTP: Added workaround for PureFTPd server's handling of NOOP command.
File Server: Added FileServer.Settings.FileShareMode property to make it possible to specify file share mode for opened files.
File Server: Added ShellCommandEventArgs.Raw property (contains unparsed arguments for custom command).
File Server: Fixed behavior of FileServer.Unbind(EndPoint) method.
File Server: Fixed race condition when closing outstanding file handles during SFTP channel closure.
File Server: Changed default value for Settings.KeepAlivePeriod to 300 seconds.
File Server: Improved error messages when no SSH server keys or bindings were specified when starting the server.
EWS: Added Ews.Settings.HttpHeaders property to make it possible to specify custom HTTP headers.
EWS: Added EwsMessageInfo.Sensitivity property.
ZIP: Improved Zip64 format detection.
HTTP: Fixed behavior of HttpSettings.SslSession (no longer ignored).
Networking: More meaningful exception is throw when attempting to use NTLM authentication on platforms that don't support it.
SSH: Added workaround for WingFTPServer server that uses 'ssh-rsa' with SHA-2 when client announces RSA/SHA-2 support.
SSH: Fixed handling of unknown channel requests (not sending reply if not requested).
Cryptography: Fixed Ed25519 PKCS #8 key structure (now compatible with OpenSSL).
Cryptography: Speed-up of ChaCha20/Poly1305 (used in SSH and TLS).

Released: March032021

R5.0 #

List of changes in version 5.0.7726 from 2021-03-03:

All: Changed release naming scheme ('R5.0' instead of '2019 R3.8').
SSH: Fixed format of SshPublicKey.GetPublicKey() response for public keys initialized from PublicKeyInfo or AsymmetricAlgorithm.
TLS Core: Added SslSettings.SslPreferredHashAlgorithm and TlsParameters.PreferredHashAlgorithm options to make it possible to force specific hash algorithm for RSA signatures in TLS 1.2.
Networking: Optimized timeout infrastructure in ProxySocket.Connect (previously caused strange behavior on high load).
Cryptography: No longer needlessly detecting CNG "TRUNCATE" support (.NET CF 3.9 only).

Released: February102021

2019 R3.7 #

List of changes in version 5.0.7712 from 2021-02-10:

TLS Core: Added SslSettings.SetPreferredSuites/GetPreferredSuites methods to make it possible to specify client-side TLS cipher preference.
Cryptography: Fixed memory leak in RSA signature verification.
Cryptography: Optimized memory usage in symmetric encryption transformations based on Windows CNG API (.NET CF 3.9 only).

Released: November032020

2019 R3.6 #

List of changes in version 5.0.7613 from 2020-11-03:

HTTP: Added HttpRequest.CookieContainer and HttpResponse.Cookies properties.
HTTP: Improved TLS session cache behavior in scenarios with load balancing servers.
HTTP: Enhanced authentication to only attempt to use NTLM, Kerberos or Negotiate if the OS is configured to supports them.
HTTP: Fixed possible NullReferenceException in Cookie parser if the received cookie contains particular corrupted value.
FTP: Fixed culture-specific handling of DateTime in Ftp.SetFileDateTime method.
FTP: Closing currently connecting sockets when Dispose method is called.
SMTP: Closing currently connecting sockets when Dispose method is called.
POP3: Closing currently connecting sockets when Dispose method is called.
IMAP: Closing currently connecting sockets when Dispose method is called.
EWS: Added a check to EwsFolderId(EwsSpecialFolder, string) constructor to make sure the specified mailbox is not empty.
EWS: Added EwsFolderInfo.UnreadItemCount property.
EWS: Added EwsSearchParameter.HasFlag search parameter (enabled searching by flag).
EWS: Added support for searching by custom "X-" headers.
EWS: Added support for Sensitivity header.
EWS: Added Ews.Settings.ExpectContinueSizeThreshold option.
EWS: Using EWS X-AnchorMailbox HTTP header to maintain mailbox affinity.
MSG: Fixed error message that occurs when a 2GB limit for Outlook MSG files is exceeded.
SSH Shell: Added Ssh.TunnelError event for handling tunnel errors.
File Server: Added workarounds for incompatibilities in SSH renegotiation with JSCH, SSH.NET and very old OpenSSH.
File Server: Enhanced FileServer infrastructure API to make it possible to start SFTP/SSH session on a pre-connected Socket.
File Server: Enhanced virtual shell's mkdir command to support '-p' option.
File Server: Fixed algorithm support check when adding an Ed25519 key to FileServer.Keys collection.
Networking: Restored missing NetworkSession.InstanceId property.
TLS Core: Fixed concurrent access in server-side TLS session cache.
TLS Core: Fixed normalization of premaster secret in server-side ECDH calculations in TLS.
TLS Core: Updated TlsCipherSuite.Secure/Weak/Fast enum values. Updated TlsParameters.AllowedSuite default.
Security: Fixed behavior of XtsStream.CanSeek and CanRead properties.
Cryptography: Added built-in support for Ed25519 algorithm.
Cryptography: Added Rebex.Security.Cryptography.AesGcm class (equivalent to .NET 5.0's AesGcm class).
Cryptography: Added SetOtherNames/GetOtherNames methods to CertificateInfo class ('Other Name' support in SANs).
Cryptography: AsymmetricKeyAlgorithm.ImportKey method can initialize Ed25519 key from seed (in addition to private key).
Cryptography: AsymmetricKeyAlgorithm.Register method made thread-safe.
Cryptography: Deprecated CryptoHelper.ForceManagedAes property.
Cryptography: Enhanced compatibility with unsupported legacy versions of CryptoAPI.
Cryptography: Enhanced SignedData.Load(Stream) and EnvelopedData.Load(Stream) methods to support Base64-encoded format (PEM) as well.
Cryptography: Enhanced workaround for RSA CSPs with lack of SHA-2 support.
Cryptography: Added Ed25519 support to Certificate class. (Not yet supported by the built-in certificate validator).
Cryptography: Fixed handling of non-content data in Certificate(byte[]) constructor and CertificateChain.LoadP7b(Stream) / CertificateRevocationList.Load(Stream) methods.
Cryptography: Fixed parsing of constructed primitive ASN.1 types with more than two layers of nesting.
Cryptography: Fixed version number in PKCS #10 CertificationRequest structure.
Common: Added SspiAuthentication.IsSupported method.
Common: Optimized internal cancellation infrastructure.

Released: July142020

2019 R3.5 #

List of changes in version 5.0.7491 from 2020-07-14:

FTP: Added FtpExtensions.ExtendedPassiveMode (enables EPSV if supported by the server).
SFTP: Added workaround for misbehaving SSH_FXP_STAT on DataPowerSSH servers (SftpSettings.EnableBrokenDirectoryStatWorkaround option).
File Server: Added support for anonymous authentication.
File Server: Fixed handling of unknown SSH packets received before authentication.
File Server: Changed SSH cipher info logging style (unified with client-side SSH).
File Server: Workaround for very old OpenSSH 4.x/5.x clients that refuse to accept data packets while SSH renegotiation is in progress.
File Server: Added FileServerSettings.EnableEventsForFailedTransfers option.
File Server: Added ServerSession.Cipher property to make it possible to determine SSH ciphers used by each session.
File Server: Added support for AEAD encryption ciphers ('aes128-gcm@openssh.com', 'aes256-gcm@openssh.com' and 'chacha20-poly1305@openssh.com').
File Server: Added support for encrypt-then-MAC ciphers ('hmac-sha2-256-etm@openssh.com' and 'hmac-sha2-512-etm@openssh.com').
File Server: Enhanced handling of 'pty-req' and 'window-change' SSH channel requests - wrong values are rejected.
File Server: Enhanced ShellModule class to make it possible to implement custom SSH subsystems.
File Server: Fixed client authentication using X.509 certificates.
File Server: Fixed handling of unknown SSH packets.
File Server: Virtual shell now treats the line-feed character as end-of-line indicator in addion to carriage-return character.
Mail: Added MailSettings.AllowOversizedLines option.
Mail: Added MailSettings.DoNotTrimHeaderValues property.
Mail: Added ParsingHeader event to MailMessage and MimeEntity, making it possible to custom-process headers on input.
POP3: Added OAuth 2.0 authentication support.
IMAP: Added workaround for Office365 servers that do not properly handle OAuth 2.0 tokens sent as IMAP literals.
EWS: Fixed parsing of SOAP messages with 'xsd:any' elements.
SSH Shell: When TerminalOptions.LocalEcho is enabled, echo opcode is requested on SSH channel.
SSH Shell: Added LocalEndPoint and RemoteEndPoint properties to SshTunnel class.
Terminal: Improved TerminalControl.Bind method behavior to prevent needless locking.
HTTP: Fixed HTTP request retry behavior. Retry request is not initiated when failed request already started sending the request body.
SSH: Enhanced legacy group exchange autodetection.
SSH: Added new properties to SshCipher to make it possible to determine IDs of active ciphers.
SSH: Added workaround for a weakness in legacy CBC ciphers.
TLS Core: Added TlsSocket.ApplicationProtocol property to make it possible to determine protocol negotiated using ALPN extension.
TLS Core: Always preferring RSA/SHA-2 for client certificate authentication in TLS.
TLS Core: Disabled ciphers based on AES/CBC and SHA-2 in legacy versions of TLS (they are only specified by TLS).
TLS Core: Fixed server name handling for TlsSocket instances created from an already-connected Socket.
TLS Core: Fixed TlsException.Status to return ConnectionClosed for connection-closed errors.
TLS Core: Fixed TlsException.Status to return Timeout for timeout errors.
TLS Core: Fixed TlsSocket.ClientCertificate that returned an empty chain instead of null in some scenarios.
TLS Core: No longer sending 'internal error' alert to remote end on timeout.
TLS Core: Fixed behavior of server-side DoNotCacheSessions option (which previously led to connection failures).
TLS Core: Improved TLS exception reporting.
TLS Core: Logging improvements.
TLS Core: Unified TlsSocket.Cipher property behavior across TLS versions.
TLS: Added TlsParameters.CertificateChainMode property.
TLS: An error is reported when trying to use one of deprecated methods via TlsServerSocket.
TLS: Fixed error messages reported on client certificate validation to properly refer to client certificate.
TLS: Added TlsServerSocket class. Provides server-side TLS 1.2, 1.1 and 1.0 support.
TLS: Fixed TlsClientSocket.EndConnect method.
Cryptography: Memory usage optimizations in CNG layer.
Cryptography: Optimized disposing of temporary keys in Certificate class.
Cryptography: Added ContentInfo.ToStream() method.
Cryptography: Enhanced Certificate.LoadDerWithKey to support RSASSA-PSS and RSAES-OAEP for RSA keys.
Cryptography: Fixed AsymmetricKeyAlgorithm.GenerateDiffieHellmanParameters slowness (only affected the previous release).
Cryptography: Improved AsymmetricKeyAlgorithm to support RSASSA-PSS and RSAES-OAEP with keys loaded via ImportKey method.
Cryptography: Optimized Certificate and CertificateChain class to only consume native resources when needed.
Cryptography: Optimized CNG handles cleanup.
WebSocket: Enhanced keep-alive logic. Pings are now send from Poll method as well if appropriate.
ZIP: Added workaround for empty file names in GZIP files.

Released: March272020

2019 R3.4 #

List of changes in version 5.0.7350 from 2020-03-27:

All: Fixed several occurences of culture-sensitive string formatting.
All: Fixed several occurrences of wrong synchronization context.
SFTP: Fixed an issue in GetItems() method that caused file system items with an unknown type to not be filtered according to the specified mask.
SFTP: Fixed a possible deadlock when adjusting SSH channel window size during SSH renegotiation.
SFTP: Fixed handling of symbolic link source paths in non-recursive multi-file operation.
SFTP: Unified GetConnectState() behavior with mainstream platforms.
FTP: Fixed an issue in GetItems() method that caused file system items with an unknown type to not be filtered according to the specified mask.
FTP: Fixed transfer aborting logic that caused data connection sockets to remain unclosed in some scenarios.
FTP: Using TLS version of the control connection when negotiation the data connection.
FTP: Fixed handling of symbolic link source paths in non-recursive multi-file operation.
FTP: Unified GetConnectState() behavior with mainstream platforms.
File Server: Added support for 'curve25519-sha256' key exchange cipher (equivalent to already-supported 'curve25519-sha256@libssh.org'). (Needs a plugin.)
File Server: Added support for 'check-file' SFTP extension, making it possible to calculate hashes of remote files.
File Server: Added FileServer.Settings.MaxIdleDuration and IgnoreKeepAlive to make it possible to easily force closure of idle sessions.
File Server: Fixed a renegotiation issue that could lead to decryption error.
File Server: Fixed FileServer.Stop() method to no longer faiil with 'The specified socket is already in use' error in rare scenarios.
File Server: Fixed partial authentication message processing to ensure no authentication method is used twice during a single authentication session.
File Server: Fixed reporting of writable permissions for read-only files.
Mail: No longer throwing an exception when parsing invalid UUEncoded data.
SMTP: Added workaround for a bug in .NET 4.0 which triggers an exception when sending email via SmtpDeliveryEngine.System with SmtpDeliveryMethod.PickupDirectory method if no host is specified.
POP3: Improved handling of Exchange-style domain+login+mailbox usernames.
IMAP: Improved handling of Exchange-style domain+login+mailbox usernames.
IMAP: Added workaround for IMAP servers with incomplete COPYUID responses.
Terminal: Added workaround to terminal Unbind method for SSH servers that don't properly respond to SSH_MSG_CHANNEL_CLOSE and caused the method to block until timed out.
HTTP: Improved selection logic of client certificates in HttpRequest.ClientCertificates collection.
HTTP: Added GetHeaders methods representing HEAD request to WebClient class.
HTTP: Added missing ResponseHeaders property to WebClient class.
Networking: Added missing 'buffer' argument check to some Send/Receive methods in ProxySocket/TlsSocket.
Networking: Fixed unhandled ObjectDisposedException or misleading SocketException when ProxySocket.Connect aborted due to timeout.
Networking: Fixed rare race condition in TLS and SSH internals.
TLS: First release of Rebex TLS library.
TLS Core: Fixed breaking changes in the behavior of seldom-used parts of TlsSocket API.
TLS Core: Improved TLS logging.
TLS Core: Added support for ChaCha20-Poly1305 cipher suites to TLS.
TLS Core: Fixed behavior of TlsSocket methods after Dispose has been called.
TLS Core: Fixed behavior of TlsSocket.Shutdown.
TLS Core: Improved argument checks in TlsSocket base class.
SSH: Fixed possible deadlock during SSH renegotiation (client-side).
SSH: Added a workaround for a bug introduced in OpenSSH 8.0 that rejects 'sender channel' numbers in the upper half of uint32 range.
SSH: Added SshEncryptionMode.AEAD (to replace SshEncryptionMode.GCM).
SSH: Added support for ChaCha20-Poly1305 AEAD cipher ('chacha20-poly1305@openssh.com') to SSH client.
SSH: Added support for 'curve25519-sha256' key exchange cipher (equivalent to already-supported 'curve25519-sha256@libssh.org'). (Needs a plugin.)
SSH: Enhanced performance of ChaCha20-Poly1305 cipher ('chacha20-poly1305@openssh.com') in SSH client.
SSH: Fixed possible deadlock in SSH client when processing incoming EOF packet while waiting for remote receive buffer size to increase.
Cryptography: Added workaround for bad RSA/PSS signature algorithm identifiers with missing parameters.
Cryptography: Enhanced 'Invalid key format' error message when loading a private key.
Cryptography: Fixed serial number handling in CertificateIssuer to conform to RFC 5280 constraints.
Cryptography: Added workaround for RSA signatures shorter than the key size.
Cryptography: Fixed AsymmetricKeyAlgorithm.GetRawPublicKey() key format when RSA via MS CNG is in use (only supported on .NET Compact Framework 3.9).
Cryptography: Enhanced error message when a Diffie-Hellman key that is too large is encountered.
ZIP: Fixed an issue in GetItems() method that caused file system items with an unknown type to not be filtered according to the specified mask.
ZIP: Fixed handling of symbolic link source paths in non-recursive multi-file operation.
Common: Internal optimizations.

Released: October292019

2019 R3.3 #

List of changes in version 5.0.7242 from 2019-10-29:

SFTP: Improved behavior of stream-based PutFile methods with DisableProgressPercentage (stream length is no longer determined).
FTP: Improved behavior of stream-based PutFile methods with DisableProgressPercentage (stream length is no longer determined).
File Server: Enhanced handling of exceptions in custom events.
File Server: Enhanced normalization of Windows-like paths (only applies to AcceptWindowsPaths option).
File Server: Fixed timing out of not-yet-authenticated sessions.
Mail: Added workaround for TNEF messages with invalid attachment media types.
MIME: Added workaround for a mix of RFC 2231 and MIME-style parameter encoding.
MSG: Fixed handling of end-of-line sequences in MSG properties.
HTTP: Fixed port handling in HTTP session caching.
HTTP: Fixed WebException.Status and Message for errors related to DNS resolving, proxies and TLS.
SSH: Fixed ECDH via CNG on .NET Compact Framework 3.9.
TLS Core: Enabled ECDH via CNG on .NET Compact Framework 3.9.
TLS Core: Added TlsBulkCipherMode.AEAD (to replace TlsBulkCipherMode.GCM).
TLS Core: Removed support for two legacy unsecure anonymous ciphers (DH_anon_EXPORT_WITH_DES40_CBC_SHA and DH_anon_EXPORT_WITH_RC4_40_MD5).
Cryptography: Added PkcsBase.LoadSignedOrEnvelopedData method (a replacement for deprecated PkcsBase.Load).
Cryptography: Optimized memory usage when loading CRLs from cache in the built-in custom certificate validator on .NET Compact Framework.
WebSocket: Optimized operation with KeepAliveInterval of 0.
Common: Fixed possible ArgumentOutOfRangeException in custom .NET Compact Framework thread pool.
Common: Fixed possible crash on .NET Compact Framework 3.5 when SSPI single sign-on is attempted.
SFTP: Added Settings.PreferInteractiveAuthentication option (prefer 'keyboard-interactive' to 'password' authentication).
SCP: Added Settings.PreferInteractiveAuthentication option (prefer 'keyboard-interactive' to 'password' authentication).
File Server: Added FileServerUser constructors that accept FileSystemProvider.
File Server: More common forms of ungraceful session termination are no longer logged as errors at LogLevel.Error.
Mail: Disabled Attachment.DisplayName normalization (only FileName should have been normalized).
Mail: Enhanced TNEF (winmail.dat) parser to detect embedded resources.
SSH Shell: Added Settings.PreferInteractiveAuthentication option (prefer 'keyboard-interactive' to 'password' authentication).
SSH Shell: Added Ssh.StartSocksServer method (starts a local SOCKS5 proxy server that tunnels connections through SSH).
Terminal: Fixed VirtualTerminal.SetScreenSize to notify the server.
HTTP: Fixed an issue in cachable HTTP session detection that prevented sessions from being cached in some scenarios.
SSH: Added SshGssApiCredentials.AccountName property to make it possible to specify an account name to be passed to the SSH server.
SSH: Added workaround for legacy WS_FTP 7.x servers that encode long SSH packets improperly.
SSH: Fixed SshChannel.SendEof method not to send EOF when channel has already been closed.
Common: Optimized internal Task infrastructure on old .NET platforms.

Released: August222019

2019 R3.1 #

This legacy edition release corresponds to mainstream edition release 2019 R3.1.

List of changes in version 5.0.7174 from 2019-08-22:

SFTP: Improved logging of single-item SSH_FXP_NAME responses.
FTP: Added workaround for occasional '451 Transfer aborted' observed with Pure-FTPd.
FTP: Added workaround for Pure-FTPd's nonconvencial responses.
FTP: Enhanced PutFileUnique to be compatible with Pure-FTPd's STOU command response.
FTP: Transfer aborting made compatible with Pure-FTPd.
File Server: Enhanced log to include enumerated item count when directory has been enumerated.
Telnet: Fixed occasional logging of multiple "Received 0 byte(s) of data" messages.
Terminal: Added check which limits color indices received from server to 256 colors to prevent an exception.
TLS Core: Modified TlsVersion.Any to only include TLS 1.0, 1.1 and 1.2.

Released: June282019

2019 R3 #

This is the first legacy edition release and corresponds to mainstream edition release 2019 R3.