1ChangeLog of JSch 2==================================================================== 3Last modified: Fri Jun 5 03:22:57 UTC 2015 4 5 6Changes since version 0.1.52: 7- bugfix: the rekey initiated by the remote may crash the session. 8- change: Logjam: use ecdh-sha2-nistp* if available, 9 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, 10 diffie-hellman-group14-sha1, 11 diffie-hellman-group-exchange-sha256, 12 diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 13- change: Logjam: diffie-hellman-group-exchange-sha256 and 14 diffie-hellman-group-exchange-sha1 will use 2048-bit key on 15 Java8's SunJCE, thanks to JDK-6521495 and JDK-7044060. 16- change: key words for OpenSSH's config file should be case-insensitive. 17- change: there should be the host name in "WARNING: REMOTE HOST 18 IDENTIFICATION HAS CHANGED" message. 19 20 21Changes since version 0.1.51: 22- bugfix: resource leak: duplicate keys in LocalIdentityRepository. 23- feature: added the support for SSH ECC defined in RFC5656, 24 ecdsa-sha2-nistp256, 25 ecdsa-sha2-nistp384, 26 ecdsa-sha2-nistp521, 27 ecdh-sha2-nistp256, 28 ecdh-sha2-nistp384, 29 ecdh-sha2-nistp521 30 This functionality requires Java7 or later. 31- feature: added the support for server host keys in 32 ecdsa-sha2-nistp256, 33 ecdsa-sha2-nistp384, 34 ecdsa-sha2-nistp521 35- feature: generating key-pairs in 36 ecdh-sha2-nistp256, 37 ecdh-sha2-nistp384, 38 ecdh-sha2-nistp521 39- change: aes192-ctr, aes256-ctr and 40 diffie-hellman-group-exchange-sha256 have been enabled 41 by the default. 42- change: key exchange methods, ecdh-sha2-nistp256, 43 ecdh-sha2-nistp384 and ecdh-sha2-nistp521 have been enabled 44 by the default. 45- change: the support for host keys in ecdsa-sha2-nistp256, 46 ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521 have been enabled 47 by the default. 48- change: 'examples/KeyGen.java' demonstrates how to generate 49 ecdsa-sha2-* key-pairs. 50- change: updating copyright messages; 2014 -> 2015 51- TODO: The ECC support is not functional on Java6 with BouncyCastle. 52 53 54Changes since version 0.1.50: 55- bugfix: reproducibility of "verify: false". FIXED. 56 Hundreds of thousands of connections had caused that exception. 57- bugfix: resource leaks at the failure of making local port forwarding. FIXED. 58- bugfix: NPE in connecting to the non-standard TCP port. FIXED. 59 This problem had appeared if a host-key does not exist in 60 "known_host" file. 61- bugfix: TCP connection may not be dropped if error messages from 62 the remote are too long. FIXED. 63- bugfix: SftpATTRS#getAtimeString() returns the wrong string. FIXED. 64- bugfix: bytes to be added by SSH_MSG_CHANNEL_WINDOW_ADJUST must be in 65 unsigned integer. FIXED. 66- bugfix: Util#checkTilde() should not convert a tilde in 67 "C:\PROGRA~1\". FIXED. 68- bugfix: A long long command for ChannelExec will cause 69 an ArrayIndexOutOfBoundsException. FIXED. 70- bugfix: ChannelSftp should not send bulk request greedily even if the remote 71 window has the enough space. FIXED. 72- bugfix: Util.createSocket() should throw an exception with 'cause'. FIXED. 73- bugfix: failed to parse .ssh/config in the EBCDIC environment. FIXED. 74- bugfix: com.jcraft.jsch.jcraft.HMACSHA1(used only for MacOSX) is not 75 reusable. FIXED. 76- bugfix: NPE caused by the delayed response for channel opening 77 requests. FIXED. 78- bugfix: hung-up in uploading huge data to ProFTPd without the config 79 'SFTPClientMatch "JSCH.*" channelWindowSize 1GB' FIXED. 80- bugfix: Cipher#init() may cause an infinite loop with 100% cpu use due to 81 https://bugs.openjdk.java.net/browse/JDK-8028627 FIXED. 82- bugfix: in some case, JSche#setKnowHosts(InputStream stream) may fail 83 to close the given stream. FIXED 84- change: com.jcraft.jsch.jcraft.HMAC* will not be used. 85 It seems Java6 on Mac OS X has fixed some memory leak bug in JCE, 86 so there is no reason to use c.j.j.j.HMAC* introduced at 0.1.30. 87- change: updating copyright messages; 2013 -> 2014 88- change: allowed to create the symbolic/hard link to the relative path by 89 ChannelSftp#symlink(String oldpath, String newpath) 90 ChannelSftp#hardlink(String oldpath, String newpath) 91- change: the availability of ciphers listed in "CheckCiphers" config will 92 not be checked if they are not used. 93- change: Util#fromBase64() will throw JSchException in stead of 94 RuntimeException, if the given string is not in base64 format. 95- feature: added the support for private keys in PKCS#8 format. 96- feature: introduced the interface com.jcraft.jsch.PBKDF to abstract 97 the implementation of Password-Based Key Derivation Function, 98 and added its implementation com.jcraft.jsch.jce.PBKDF by using JCE. 99 100 101Changes since version 0.1.49: 102- bugfix: "verify: false" error on Java7u6(and later). FIXED. 103 http://stackoverflow.com/questions/12279836/ssh-using-jschexception-verify-false-sometimes-fails 104 https://issues.apache.org/jira/browse/IVY-1374 105- bugfix: Session#setPortForwardingL(String bind_address, 106 int lport, String host, int rport) 107 will not work for the long host name. FIXED. 108- change: changed JSch#getIdentityRepository() to be public. 109- feature: added the following method to choose a canceled remote 110 port-forwarding with the specified bind address, 111 Session#delPortForwardingR(String bind_address, int rport) 112- feature: added support for following OpenSSH's sftp extensions, 113 posix-rename@openssh.com, 114 statvfs@openssh.com, 115 hardlink@openssh.com, 116 and some methods and a class to use those functionalities, 117 ChannelSftp#hardlink(String oldpath, String newpath), 118 ChannelSftp#statVFS(String path) 119 SftpStatVFS 120- feature: added support for OpenSSH's configuration file, 121 JSch#setConfigRepository(ConfigRepository configRepository) 122 JSch#getConfigRepository() 123 OpenSSHConfig class 124 Session#getSession(String host) 125 and added an example to demonstrate how to use it, 126 examples/OpenSSHConfig.java 127 OpenSSHConfig class will recognize the following keywords, 128 Host 129 User 130 Hostname 131 Port 132 PreferredAuthentications 133 IdentityFile 134 NumberOfPasswordPrompts 135 ConnectTimeout 136 HostKeyAlias 137 UserKnownHostsFile 138 KexAlgorithms 139 HostKeyAlgorithms 140 Ciphers 141 Macs 142 Compression 143 CompressionLevel 144 ForwardAgent 145 RequestTTY 146 ServerAliveInterval 147 LocalForward 148 RemoteForward 149 ClearAllForwardings 150- feature: added support for "diffie-hellman-group-exchange-sha256" 151- feature: allowed to use tilde(~) in the file name, 152 JSch#setIdentity(String prvkey, String pubkey) 153 JSch#setKnownHosts(String prvkey, String pubkey) 154- feature: added support for known_hosts file, which may include 155 markers(@revoke) and comments. 156 HostKey(String host, int type, byte[] key, String comment) 157 HostKey(String marker, String host, int type, 158 byte[] key, String comment) 159 HostKey#getComment() 160 HostKey#getMarker() 161- feature: added following methods to KeyPar class, 162 writePrivateKey(java.io.OutputStream out, byte[] passphrase) 163 writePrivateKey(String name, byte[] passphrase) 164- feature: allowed to set the connection timeout for the local port-forwarding, 165 and added following methods, 166 Session#setPortForwardingL(String bind_address, 167 int lport, String host, int rport, 168 ServerSocketFactory ssf, 169 int connectTimeout) 170 ChannelDirectTCPIP#connect(int connectTimeout) 171- feature: added the following method to Session class 172 getStreamForwarder(String host, int port) 173 and updated example/StreamForwarding.java to use that method. 174- feature: added following methods to Session class, 175 setPortForwardingL(String conf) 176 setPortForwardingR(String conf) 177- feature: allowed to have the session local HostkeyRepository, 178 Session#setHostKeyRepository(HostKeyRepository hostkeyRepository) 179 Session#getHostKeyRepository() 180- feature: added support for OpenSSH's local extension, 181 "no-more-sessions@openssh.com" and the method, 182 Session#noMoreSessionChannels() 183 184 185Changes since version 0.1.48: 186- bugfix: Some sftp servers will sometimes fail to handle bulk requests, 187 and whenever detecting such failures, we should re-send 188 requests again and again. FIXED 189- bugfix: KeyPair#getFingerPrint() should return a fingerprint instead 190 of keysize + " " + fingerprint. FIXED 191- bugfix: KeyPair#getKeySize() should return its key size. FIXED 192- bugfix: SftpATTRS#isDir() should return false for unix domain 193 socket files. FIXED 194- change: improved the heuristics for the password prompt in 195 the keyboard-interactive authentication. It may not be 196 started with "password:". 197- change: ChannelSftp#put(InputStream src, String dst) will not check 198 if dst is directory or not, and if an exception is thrown, 199 the check will be done. 200- change: if the compression is enabled without jzlib.jar, 201 an exception will be thrown. 202- feature: JSch#addIdentity() and KeyPair#load() methods will accept 203 Putty's private key files. 204 Note that Putty encrypts its private key with "aes256-cbc". 205 So, to handle such key files, "Java Cryptography 206 Extension (JCE) Unlimited Strength Jurisdiction Policy Files" 207 must be installed. 208- feature: hmac-sha2-256 defined in RFC6668 is supported. 209- feature: added following methods to KeyPair class, 210 byte[] getSignature(byte[] data) 211 Signature getVerifier() 212 byte[] forSSHAgent() 213 void setPublicKeyComment(String comment) 214- feature: added following methods to SftpATTR class, 215 boolean isChr() 216 boolean isBlk() 217 boolean isFifo() 218 boolean isSock() 219 220 221Changes since version 0.1.47: 222- change: the file transfer speed with ChannelSftp#get(String src) has been 223 improved; sending multiple requests at any one time. 224- change: by the default, at most, 16 requests will be sent at any one time 225 in ChannelSftp. 226- feature: added Session#{setIdentityRepository(),getIdentityRepository()} 227 228 229Changes since version 0.1.46: 230- bugfix: failed to initialize channels for the stream forwarding. FIXED 231- change: Session#getHostKey() will return the given hostkey 232 even if session is not established. 233- change: Logger will record additional messages about algorithm negotiations. 234- feature: added ChannelSftp#ls(String path, LsEntrySelector selector) method. 235- feature: added IdentityRepository#{getName(),getStatus()} methods. 236 237 238Changes since version 0.1.45: 239- bugfix: in the agent forwarding mode, "ssh-add -l" on the remote 240 will freeze. FIXED 241- bugfix: requests should not be sent to the closed channel. FIXED 242- bugfix: ChannelShell#setAgentForwarding(true) will cause 243 resource leaks. FIXED 244- change: for the efficiency, channel opening will be delayed 245 in local port forwarding. 246- change: added examples/Sudo.java to demonstrate sudo on exec channel. 247- change: authentication trials will be failed at 6 failures by the default. 248- change: updating copyright messages; 2011 -> 2012 249- feature: added JSch#setIdentityRepository(IdentityRepository irepo) to 250 integrate with jsch-agent-proxy. 251 252 253Changes since version 0.1.44: 254- bugfix: fields referred by multiple threads simultaneously should be 255 volatile. FIXED 256- bugfix: use local window size offered by the remote in sftp put. 257 FIXED 258- bugfix: SftpProgressMonitor#init was not invoked in sftp-put 259 for input-stream. FIXED 260- bugfix: sftp protocol version 3, 4 and 5 should allow only 261 UTF-8 encoding. FIXED 262- bugfix: Channel Subsystem had failed to set X forwarding flag. 263 FIXED 264- bugfix: Channel X11 had leaked some resources. 265 FIXED 266- bugfix: packet compression may break sessions 267 in some case(transferring deflated data). FIXED 268- bugfix: failed to set dev-null for logger 269 FIXED 270- bugfix: even in sftp protocol version 3 session, some sftpd sends data 271 packets defined in sftp protocol 6 ;-( working around it. FIXED 272- bugfix: ChannelSftp file globbing logic had missed 273 the string "foo\\\*bar" as a pattern. FIXED 274- bugfix: sequential accesses to ChannelSftp by multiple threads may 275 break its I/O channel. 276 https://bugs.eclipse.org/bugs/show_bug.cgi?id=359184 FIXED 277- bugfix: KeyPair.load can not handle private keys cyphered with AES. FIXED 278- change: to improve sftp-put performance, send multiple packet at one time. 279- change: wait/notify will be used instead of sleep loop 280 in establishing channel connections. 281- change: increasing local window size for sftp get. 282- change: updating copyright messages; 2010 -> 2011 283- change: src/com -> src/main/java/com 284- feature: key-exchange method "diffie-hellman-group14-sha1" 285 (RFC4253#section-8.2) 286- feature: KeyPair#getPlulicKeyCommment() is added. 287 288 289Changes since version 0.1.43: 290- bugfix: hmac-md5-96 and hmac-sha1-96 are broken. FIXED. 291- bugfix: working around OOME in parsing broken data from the remote. FIXED. 292- bugfix: failed to send very long command for exec channels. FIXED. 293- bugfix: in some case, failed to get the response 294 for remote port-forwarding request. FIXED. 295- feature: support for private keys ciphered with aes192-cbc and aes128-cbc. 296 297 298Changes since version 0.1.42: 299- bugfix: the remote window size must be in unsigned int. FIXED. 300- bugfix: support for EBCDIC environment. FIXED. 301- bugfix: data may be written to the closed channel. FIXED. 302- bugfix: NPE in closing channels. FIXED. 303- bugfix: the private key file may include garbage data before its header. FIXED. 304- bugfix: the session down may not be detected during the re-keying process. FIXED. 305- change: try keyboard-interactive auth with the given password if UserInfo is not given. 306- change: working around the wrong auth method list sent by some SSHD 307 in the partial auth success. 308- change: working around the CPNI-957037 Plain-text Recovery Attack. 309- change: in searching for [host]:non-default port in known_hosts, 310 host:22 should be also checked. 311- change: updating copyright messages; 2009 -> 2010 312 313 314Changes since version 0.1.41: 315- bugfix: making exec request during re-keying process will cause 316 the dead lock for the session. FIXED. 317 Many thanks for PanLi at Prominic dot NET and www.prominic.net, 318 US based hosting company. Without their testing JSch with 319 hundreds of hosts and their bug reports, this problem 320 was not fixed. 321- change: updating copyright messages; 2008 -> 2009 322 323 324Changes since version 0.1.40: 325- bugfix: canceling the remote port-forwarding with the incorrect 326 bind-address. FIXED. 327- bugfix: sftp had missed to close the file in some case. FIXED. 328- bugfix: ls(sftp) will throw an exception for the empty directory 329 in connecting to some sftpd server. FIXED. 330- change: dropping the session gently in accepting incorrect packets. 331- change: by the default, aes128-ctr will be chosen if it is available 332 on the local and the remote. 333- feature: adding the support for the private key ciphered in AES256. 334- feature: new ciphers: aes128-ctr,aes192-ctr,aes256-ctr, 335 3des-ctr,arcfour,arcfour128 ,arcfour256 336 337 338Changes since version 0.1.39: 339- bugfix: ProxySOCKS4 had not been functional. FIXED. 340- bugfix: NPE at closing the session when it is not opened. FIXED. 341- change: JSch#getConfing has become public. 342 343 344Changes since version 0.1.38: 345- bugfix: session will be dropped at rekeying. FIXED. 346- bugfix: NPE should not be thrown at unexpected session drop. FIXED. 347- change: Channel#getSession() may throw JSchExecption. 348 349 350Changes since version 0.1.37: 351- bugfix: NPE should not be thrown at unexpected session drop. FIXED. 352- bugfix: AIOOBE at Session#connect(). FIXED. 353- bugfix: Even if 'true' is given for 354 Channel#setOutputStream(OutputStream out, boolean dontclose) 355 as the second paramter, 'out' will be closed. FIXED. 356- change: 'examples/Sftp.java' has been modified to demonstrate 357 ChannelSftp#reaplpath(String path) 358- change: setEnv(Hashtable env) for exec and shell channels have been 359 marked as @deprecated 360- feature: setEnv(String name, String value) has been added to exec 361 and shell channels. 362- feature: setEnv(byte[] name, byte[] value) has been added to exec 363 and shell channels. 364- feature: ChannelSftp#realpath(String path) has been added. 365- feature: ChannelExec#setCommand(byte[] command) has been added. 366- feature: com.jcraft.jsch.ChannelSftp.LsEntry has implemented 367 java.lang.Comparable 368- feature: Session#getServerAliveInterval(), Session#getServerAliveCountMaX() 369 have been added. 370 371 372Changes since version 0.1.36: 373- bugfix: some sftpd will send invalid data in sftp protocol 374 point of view, and we need to work around such data. FIXED. 375- bugfix: the stream forwarding had been broken since 0.1.30. FIXED. 376- bugfix: failed to detect 'SSH_MSG_CHANNEL_OPEN_FAILURE'. FIXED. 377- bugfix: ChannelSftp will generate the unfavorable absolute pathname 378 in some case. FIXED. 379- bugfix: failed to ignore the invalid public-key file. FIXED. 380- change: ignoring empty data sent by 'SSH_MSG_CHANNEL_DATA' and 381 'SSH_MSG_CHANNEL_EXTENDED_DATA'. 382- change: updating copyright messages; 2007 -> 2008 383- change: build.xml will enable 'javac.debug' option by the default. 384- change: added logging messages to IndentityFile and Session class. 385- change: followings are deprecated methods, 386 InputStream ChannelSftp#get(String src, 387 int mode) 388 InputStream ChannelSftp#get(String src, 389 SftpProgressMonitor, 390 int mode) 391- feature: following method is added, 392 InputStream ChannelSftp#get(String src, 393 SftpProgressMonitor monitor, 394 long skip) 395 396 397Changes since version 0.1.35: 398- bugfix: ChannelSftp can not handle the local filenames correctly on Windows. FIXED. 399- bugfix: '/' must be handled as the file separator on JVM for Windows. FIXED. 400- change: the system property 401 "javax.security.auth.useSubjectCredsOnly" 402 will be set to "false" for "gssapi-with-mic" 403 if that property is not given explicitly. 404- change: added changes about ChannelSftp#{pwd(), home()} to 405 ChangeLog; 'Changes since version 0.1.34:' section. 406 407 408Changes since version 0.1.34: 409- bugfix: the OutputStream from the channel may make the JVM 410 lockup in some case. FIXED. 411 There was a possibility that Channel#connect() may be failed 412 to initialize its internal without throwing the JSchException. 413 On such case, the write operation for OutputStream from 414 that channel will cause the system(JVM) to lock up. 415- bugfix: ChannelSftp had problems filename globbing. FIXED. 416- bugfix: the message included in SSH_FXP_STATUS must be UTF-8. FIXED. 417- change: ChannelSftp supports the filename globbing for 418 the filename in multi-byte characters. 419- change: ChannelSftp will internally handle filenames in UTF-8 encoding. 420- change: ChannelSftp#pwd() may throw an SftpException. 421- change: ChannelSftp#home() may throw an SftpException. 422- feature: following methods have been added in ChannelSftp 423 String getServerVersion() 424 String getClientVersion() 425 void setFilenameEncoding(String encoding) 426 String getExtension(String key) 427 428Changes since version 0.1.33: 429- bugfix: there had a possibility that the session may be broken 430 if ciphers for upward/downward streams are different. FIXED. 431- bugfix: the authentication method "keyboard-interactive" had 432 not been tried without UserInfo. FIXED. 433- bugfix: ChannelShell#setTerminalMode(byte[] terminal_mode) had 434 not been functional. FIXED. 435- bugfix: the remote port-forwarding to the daemon had been broken 436 since 0.1.30. FIXED. 437- change: the cipher "aes128-cbc" will be used if AES is available. 438- change: the interface 'com.jcraft.jsch.ForwardedTCPIPDaemon' has been changed. 439- change: the data transfer rate will be improved on some environment. 440- feature: ChannelExec can control the size of pty; 441 ChannelExec#setPtySize(int col, int row, int wp, int hp) is 442 added. 443- feature: the property "CheckCiphers" has been added. 444 Refer to 'examples/AES.java'. 445- feature: Session#setConfig(String key, String value), 446 JSch#setConfig(String key, String value) have been added. 447 448 449Changes since version 0.1.32: 450- bugfix: freeze in 'diffie-hellman-group-exchange-sha1'. FIXED. 451 By the default, 'diffie-hellman-group1-sha1' will be used 452 and if you have not chosen 'diffie-hellman-group-exchange-sha1' 453 explicitly, you don't have to worry about it. 454- bugfix: there should be timeout mechanism in opening a socket 455 for remote port forwarding. FIXED. 456 At the failure or timeout, 'SSH_MSG_CHANNEL_OPEN_FAILURE' 457 will be sent to sshd. 458- bugfix: there should be timeout mechanism in opening a socket 459 for X11 forwarding. FIXED. 460 At the failure or timeout, 'SSH_MSG_CHANNEL_OPEN_FAILURE' 461 will be sent to sshd. 462 463 464Changes since version 0.1.31: 465- bugfix: remote port forwarding will be hanged at its closing. FIXED. 466- bugfix: X forwarding channels will be hanged and some resources 467 will be leaked whenever they are closed. FIXED. 468- bugfix: failed to detect "Connection refused". FIXED. 469- bugfix: at the failure for keyboard-interactive auth method, 470 a session will be terminated. FIXED. 471- bugfix: due to the cancel for keyboard-interactive auth method, 472 a session will be terminated. FIXED. 473- change: com.jcraft.jsch.jcraft.Compression#uncompress will respect 474 the argument "start". 475- change: "gssapi-with-mic" will choose the default credential. 476- feature: Session#setPortForwardingL will return the assigned local 477 TCP port number; TCP port will be assigned dynamically if lport==0. 478- feature: support for SSH_MSG_UNIMPLEMENTED. 479- feature: support for PASSWD_CHANGEREQ. 480 481 482Changes since version 0.1.30: 483- bugfix: a problem in padding for ciphered private key. 484 PKCS#5 padding should be used. FIXED. 485- bugfix: crash in parsing invalid public key file. FIXED. 486- bugfix: a public key may not have a comment. FIXED. 487- bugfix: output stream from ChannelSftp#put will hang if it is closed 488 twice. FIXED. 489- feature: agent forwarding. To enable this functionality, 490 Channel{Exec,Shell,Sftp}#setAgentForwarding(boolean enable) are added. 491- feature: ChannelShell#setTerminalMode(byte[] terminal_mode) is added. 492- feature: Session#setDaemonThread(boolean true) to run internal threads as 493 daemon threads. 494- feature: an option "PreferredAuthentications" is added. 495 The default value is "gssapi-with-mic,publickey,keyboard-interactive,password". 496- change: if alias-name is given, non-standard TCP port number will not be 497 saved in 'known_hosts' file. 498 499 500Changes since version 0.1.29: 501- bugfix: ChannelSftp#cd() will not throw an exception even if 502 a file is given. FIXED. 503- bugfix: ChannelSftp#put() has a bug which will appear in using 504 on the slow network. FIXED. 505- bugfix: ChannelSftp#ls() has a bug which will appear in using 506 on the slow network. FIXED. 507- bugfix: a bug had sneaked in the remote port forwarding. FIXED. 508- bugfix: some APIs from JCE have the memory leak on Mac OS X, 509 so we have re-written the code(com.jcraft.jsch.jcraft.HMAC* 510 classes) without them. On Mac OS X, such new classes will 511 be used automatically. FIXED. 512- bugfix: the session will be crashed by the long banner message. FIXED. 513- change: '/dev/random' will not be referred on Gnu/Linux. 514- change: if non-standard TCP port number is used, that number will 515 be saved in known_hosts file as recent OpenSSH's ssh client does. 516- change: Channel#getOutputStream will not use Piped{Output,Input}Stream. 517- change: com.jcraft.jsch.HostKeyRepository interface has been 518 slightly modified. 519- feature: Session#setPortForwardingR(String bind_address, ...) has been added. 520- feature: the packet compression method 'zlib@openssh.com' has been supported. 521- feature: the hashed known_hosts file has been supported. 522 Refer to 'examples/KnownHosts.java'. 523- feature: the authentication method 'gssapi-with-mic' has been 524 experimentally supported. 525- feature: com.jcraft.jsch.Logger interface and 526 JSch#setLogger(Logger logger) have been added. 527 Refer to 'examples/Logger.java' for the usage. 528 529 530Changes since version 0.1.28: 531- bugfix: ChannelSftp#put will stack in some situations FIXED. 532- bugfix: ChannelSftp invoked 'glob_remote' redundantly. FIXED. 533- bugfix: ChannelSftp failed to make globbing for some file names. FIXED. 534- bugfix: ChannelSftp did not carefully read its input-stream. FIXED. 535- bugfix: ChannelSftp#lstat did not try globbing for given path. FIXED. 536- bugfix: at closing channel, eof_lcoal and eof_remote did not 537 become true. FIXED. 538- bugfix: IdentityFile did not carefully read file input-streams. FIXED. 539- bugfix: KeyPair did not carefully read file input-streams. FIXED. 540- bugfix: ProxySOCKS4 did not carefully read file input-streams. FIXED. 541- bugfix: ProxySOCKS5 did not carefully read file input-streams. FIXED. 542- bugfix: ForwardedTCPIPDaemom may fail in some situation. FIXED. 543- bugfix: X forwarding failed to handle the magic-cookie 544 in some case FIXED. 545 Thanks to Walter Pfannenmller. 546- bugfix: setKnownHosts in KnownHosts.java doesn't read the last 547 line if linefeed is missing FIXED. 548 Thanks to Henrik Langos. 549- bugfix: With StrictHostKeyChecking set to yes connect() 550 shouldn't ask. FIXED. 551 Thanks to Henrik Langos. 552- change: Identity#setPassphrase(String passphrase) is replaced with 553 Identity#setPassphrase(byte[] passphrase). 554- change: IdentityFile will clear its internal secrets at finalizing. 555- change: KeyPair will clear its internal secrets at finalizing. 556- change: KeyPair will clear its internal secrets at finalizing. 557- change: MAC#doFinal() is replaced with 558 MAC#doFile(byte[] buf, int offset) 559- change: at TCP socket reading timeout, keep-alive message will be sent 560 to the remote sshd. To disable this functionality, invoke 561 explicitly Session.setServerAliveCountMax(0) 562- change: PortWatcher stops to use InetAddress.getByAddress(). 563- change: in the user authentication, username, password and passphrase 564 will be encoded in UTF-8. 565- change: JSch#addIdentity will check duplicate keys. 566- change: SftpException#message has been deleted. 567- change: SftpException#getMessage() will return the detailed message. 568- feature: IdentityFile#setPassphrase(byte[] passphrase) is added. 569- feature: IdentityFile#clear() is added to clear its internal secrets. 570- feature: KeyPair#decrypt(byte[] passphrase) is added. 571- feature: JSch#addIdentity(String path, byte[] passphrase) is added. 572- feature: JSch#getIdentityNames() is added. 573- feature: JSch#removeIdentity(String name) is added. 574- feature: JSch#removeAllIdentity() is added. 575- feature: ChannelSftp#readlink(String path) is added. 576- feature: ChannelSftp#getHome() is added. 577- feature: Channel#connect(int connectTimeout) is added. 578- feature: ChannelShell#setPtyType(String ttype) is added. 579- feature: Session#setPassword(byte[] password) is added. 580- feature: Session#setHostKeyAlias(String alias) is added. 581- feature: KeepAlive is implemented and 582 Session#setServerAliveInterval(int interval) and 583 Session#setServerAliveCountMax(int count) are added. 584- feature: Session#sendKeepAliveMsg() is added. 585- feature: JSchException#getCause() may return a reason. 586- feature: SftpException#getCause() may return a reason. 587- feature: ChannelExec#setErrStream(OutputStream out, boolean dontclose) 588 is added. 589 590 591Changes since version 0.1.27: 592- bugfix: ChannelSftp#localAbsolutePath did not work correctly. FIXED. 593- bugfix: ChannelSftp#chmod did not work for directory. FIXED. 594- bugfix: ProxyHTTP had a bug in processing HTTP headers. FIXED. 595- bugfix: messages before server's version string should be ignored. FIXED. 596- feature: Environment Variable Passing. 597 598 599Changes since version 0.1.26: 600- bugfix: there was a session crash bug. That occurrence is rare, but 601 depends on the thread scheduling. FIXED. 602- bugfix: problems in generating remote/local absolute paths on sftp. FIXED. 603- bugfix: problems in handling cancel operations for sftp. FIXED. 604- bugfix: ChannelX11s were not terminated for a wrong cookie. FIXED. 605- bugfix: NoSuchAlgorithmException should be thrown if JCE is not 606 accessible. FIXED. 607- bugfix: ProxyHTTP should check the return code from proxy. FIXED. 608- bugfix: server's version string should be checked carefully. FIXED. 609- feature: some more improvements on sftp uploading. 610- feature: 'getUserName' method is added to Session class. 611 612 613Changes since version 0.1.25: 614- bugfix: infinite loop/hang on connection at unexpected error during 615 key-exchanging operation. FIXED 616- bugfix: delays on sftp uploading. FIXED 617- bugfix: failed to purge a host-key from its repository in some case. FIXED. 618- feature: SOCKS4 proxy 619 620 621Changes since version 0.1.24: 622- bugfix: remote port forwarding is not established. FIXED. 623- bugfix: failed to parse known_hosts file if it has a long public key blob. 624 FIXED. 625- bugfix: sftp put/get operations keep failing. FIXED. 626- bugfix: ChannelShell.setXForwarding always set xforwarding to be true. FIXED. 627- change: ChannelShell.setPty is added. 628- change: Proxy interface is free from session object. 629- change: added examples/ScpToNoneCipher.java to demonstrate NONE Cipher switching. 630- feature: added NONE Cipher switching support. 631- feature: timeout check will be enabled for proxy connections. 632 633 634Changes since version 0.1.23: 635- bugfix: there was resource leak problems in closing local port forwardings. 636 FIXED. 637- bugfix: there was a session crash problems in using aes-cbc cipher. FIXED. 638- change: ChannelSession.setPtySize was redefined. 639- feature: added SocketFactory for remote port forwarding. 640 Session.setPortForwardingR(int rport, String host, int lport, 641 SocketFactory sf) 642- feature: added ServerSocketFactory for local port forwarding. 643 Session.setPortForwardingL(String boundaddress, 644 int lport, String host, int rport, 645 ServerSocketFactory ssf) 646 647Changes since version 0.1.22: 648- bugfix: there was a freeze problem at fails on key-exchanging. FIXED. 649- bugfix: race-condition forcefully disconnects session in closing channels. 650 FIXED. 651 652 653Changes since version 0.1.21: 654- bugfix: there is a bug in read() method implementation for the 655 input-stream returned from ChannelSftp.get(). FIXED. 656- bugfix: at fail on requesting for the remote port forwarding, 657 an exception should be thrown. FIXED. 658- bugfix: SSH_MSG_CHANNEL_OPEN request for the X11 forwarding should not 659 be accepted if clients don not expect it. FIXED. 660- bugfix: there is a problem in transferring large data(mote than 1GB) 661 to sshd from recent OpenSSH(3.6.1 or later). FIXED. 662 For security concerns, those sshd will re-key periodically and 663 jsch had failed to handle it. 664- bugfix: 'exec', 'shell' and 'sftp' channels will fail if the acceptable 665 packet size by remote sshd is not so large. FIXED. 666- bugfix: there are problems in 'InputStream ChannelSftp.get(String)' 667 and 'OutputStream put(String)'. FIXED. 668- feature: added boolean flag 'dontclose' to 669 * setInputStream(), 670 * setOutputStream() and 671 * setExtOutputStream() 672 methods of Channel class. 673- feature: added 'com.jcraft.jsch.ChannelSubsystem' 674- feature: allowed to control the compression level in the packet compression. 675 Refer to 'examples/Compression.java'. 676- change: modified 'com/jcraft/jsch/jce/KeyPairGenRSA.java' to be complied 677 on JDK 1.2. 678- change: 'examples/ScpTo.java' and 'examples/ScpFrom.java' will use 679 'long' type for the file size instead of 'int'. 680- change: 'Identity.getSignature' method will not expect 'session'. 681- change: while waiting for socket connection establishment, Thread.join 682 will be used instead of Thread.sleep. 683 684 685Changes since version 0.1.20: 686- known issue: there are problems in 'InputStream ChannelSftp.get(String)' 687 and 'OutputStream put(String)'. They will be re-implemented 688 in the next release. 689- bugfix: EOF packets should not be sent twice. This bug had crashed 690 the session on every channel close. FIXED. 691- bugfix: at the fail on opening connection to remote sshd, 692 a misleading exception "invalid server's version string" 693 had been thrown. FIXED. 694- bugfix: fixed a bug in hadling the size of remote channel window. 695- bugfix: channels should not be closed even if EOF is received. FIXED. 696- bugfix: fixed bugs in file name globbing on sftp. 697- change: to transfer packets efficiently, the size of internal buffer 698 for each channel has been increased. 699- change: ChannelSftp.ls will return a vector of 700 com.jcraft.jsch.ChannelSftp.LsEntry. Sorry for inconveniences. 701- feature: added ForwardedTCPIPDaemon. Refer to 'examples/Daemon.java', 702 which demonstrates to provide network services like inetd. 703- feature: ChannelExec.setPty() method to request for assigning pseudo tty. 704- feature: added ciphers "aes128-cbc", "aes192-cbc" and "aes256-cbc". 705 Refer to 'examples/AES.java'. 706- feature: local port-forwarding settings can be dynamically deleted 707 by the bound address. 708- feature: added 'Channel.isClosed()'. Channel.getExitStatus() should be 709 invoked after Channel.isClosed()==true. 710 711 712Changes since version 0.1.19: 713- ClassCastException while calling ChannelExec.finalize() method. FIXED. 714 Thanks to wswiatek at ais dot pl. 715 716 717Changes since version 0.1.18: 718- fixed problems related to thread-safety. 719 Thanks to Eric Meek at cs dot utk dot edu. 720- At the lost of the network connectivity to the remote SSHD, clients 721 connected to the local port were never made aware of the 722 disconnection. FIXED. 723- fixed confusions in handling EOFs from local input stream and 724 the input stream for remote process. 725- 'com.jcraft.jsch.jce.AES128CBC' is added, but it is not be functional in 726 this release. It will work in the next release. 727- Some sshd(Foxit-WAC-Serve) waits for SSH_MSG_NEWKEYS request before 728 sending it. FIXED. 729- fixed a problem in connecting to Cisco Devices. 730 Thanks to Jason Jeffords at comcast dot net. 731- changed the method 'add' of 'HostKeyRepository' interface. 732- 'UIKeyborarInteracetive' will ignore empty prompt by sshd. 733- added 'sendIgnore()' method to 'Session' class. 734- added '-p' for scp command in 'examples/ScpTo.java' to preserve 735 modification times, access times, and modes from the original file. 736 737 738Changes since version 0.1.17: 739- added 'com.jcraft.jsch.HostKeyRepository' interface. 740 It will allow you to handle host keys in your own repository 741 (for example, RDB) instead of using 'known_hosts' file. 742- added methods to get the finger-print of host keys. 743 refer to 'examples/KnownHosts.java'. 744- improved 'known_hosts' file handling. 745 - comment lines will be kept. 746 - SSH1 host keys will be kept. 747 - each hostname can have multiple host keys. 748- fixed a crash bug in processing private keys which have too long key-bits. 749 750 751Changes since version 0.1.16: 752- 'com.jcraft.jsch.jce.DHG1' and 'com.jcraft.jsch.jce.DHGEX' are moved to 753 'com.jcraft.jsch' package. 754- added APIs to handle hostkeys included in 'known_hosts', 755 JSch.getHostKeys(), 756 JSch.removeHostKey() 757- allowing to set timeout value in opening sockets, 758 Session.connect(int timeout) 759 760 761Changes since version 0.1.15: 762- adding support of setting mtime for remote files on sftp channel. 763- setKnownHosts method of JSch class will accept InputStream. 764- implementation of Basic password authentication for HTTP proxy. 765- fixed a bug in checking which ssh protocol version remote sshd supports 766- SSH_MSG_CHANNEL_OPEN_FAILURE will be handled correctly. 767- methods in SftpATTRS class has been public. 768- working around SIGBLOB bug hidden in older sshd. 769 770 771Changes since version 0.1.14: 772- fixed a crash bug in accepting keep-alive messages. 773- the parent directory of 'known_hosts' file will be created 774 if it does not exist. 775- the Subsystem channel support was removed. 776 777 778Changes since version 0.1.13: 779- added 'setClientVersion' method to Session class. 780- fixed hung-up problem on SftpChannel in connecting to 781 the sshd, which does not support sftp. 782- fixed OutOfMemory exception problem in decrypting a private key 783 with bad passphrase. 784- fixed hung-up problem in communicating with the sshd, 785 whose window size is small. 786- RuntimeExceptions will be thrown from jsch APIs. 787- SSH_MSG_CHANNEL_SUCCESS and SSH_MSG_CHANNEL_FAILURE requests 788 have been supported. 789 790 791Changes since version 0.1.12: 792- added the partial authentication support. 793- allowing to change the passphrase of a private key file 794 instead of creating a new private key. 795- added 'examples/ChangePassphrase.java' 796- the interface 'UIKeyboardInteractive' has been modified. 797 798 799Changes since version 0.1.11: 800- RSA keypair generation. 801- added the method 'getFingerPrint' to KeyPair class, 802 which will return the finger print of the public key. 803- fixed a bug in generating non-ciphered private key. 804 805 806Changes since version 0.1.10: 807- fixed a bug in the password authentication, sneaked in 808 0.1.9. By this bug, the password authentication had failed every time. 809 810 811Changes since version 0.1.9: 812- username and password can be in UTF-8 encoding. 813- DSA keypair generation. 814- added 'examples/KeyGen.java', which demonstrates 815 the DSA keypair generation. 816 817 818Changes since version 0.1.8: 819- fixed crash problems on the local port forwarding. 820- fixed crash problems on the remote port forwarding. 821- added setErrStream() and getErrStream() to ChannelExec. 822- added keyboard-interactive authentication support. 823- modified TripleDESCBC to support IBM's JDK 1.4.1. 824- added 'examples/UserAuthKI.java', which demonstrates keyboard-interactive 825 authentication. 826 827 828Changes since version 0.1.7: 829- added APIs for sftp resume downloads and uploads. 830 The author greatly appreciates 831 elpernotador(webmaster at unlix dot com dot ar), 832 who motivated him to hack this functionality. 833- 'examples/Sftp.java' demonstrates sftp resume functionality. 834 Please refer to "put-resume", "put-append", "get-resume" and 835 "get-append" command. 836- added the support of 'window-change' request. 837- fixed a freeze bug in 'Inputstream get(String src)' method of 'ChannelSftp' 838 class. 839 840 841Changes since version 0.1.6: 842- added 'int getExitStatus()' method to 'Channel' class. 843- fixed crash bugs in closing channels for port forwarding. 844- fixed glitches in managing forwarded ports. 845 846 847Changes since version 0.1.5: 848- fixed crash bugs in port forwarding. 849- modified to use "ssh-rsa" for key-exchanging by the default. 850- the port forwarding setting can be canceled dynamically. 851- fixed a freeze bug in getting an empty file on sftp channel. 852 853 854Changes since version 0.1.4: 855- fixed a bug in managing local window size. 856 The local window should be consumed by CHANNEL_EXTENDED_DATA packet. 857- checking the availability of the ssh session in opening channels. 858 In some case, ssh session had been freezed. 859- java.io.File.separator will be refereed in generating local pathname 860 on sftp channel. 861- absolute local pathname will be handled correctly on sftp channel. 862 863 864Changes since version 0.1.3: 865- fixed a serious bug, which had leaked resources related to 866 ChannelExec. 867- added the older SFTP protocol(version 0, 1, 2) support. 868- fixed a problem in the authentication step for FSecure's sshd. 869- fixed a bug, which had broken Diffie-Hellman key exchange in some case. 870- implemented the file name globbing for local files on sftp session. 871- fixed a bug in the file name globbing. 872- added an interface 'SftpProgressMonitor'. 873- modified 'examples/Sftp.java' to demonstrate displaying progress-bar 874 in transferring files. 875 876 877Changes since version 0.1.2: 878- modified 'build.xml' to allow Ant users to compile jsch with debug 879 support (i.e. line-number tables) by overriding the property 880 javac.debug on the command line. 881- added a property 'StrictHostKeyChecking'. 882- added 'UserAuthNone' class to request a list of authentication methods on 883 remote sshd. 884- channels will be managed in each sessions. 885- added 'ChannelSubsystem', which allows users to use their own 886 implementations for subsystems. 887- added 'isEOF()' method to 'Channel' class. 888- supported key pair files in DOS file format. 889 890 891Changes since version 0.1.1: 892- added the file name globbing support on sftp session. 893- fixed a bug in the public key authentication. 894 When there was not a public key in ~/.ssh/, that problem occurred. 895- improved the 'setTimeout' method. 896- fixed a typo in 'LICENSE.txt' 897 898 899Changes since version 0.1.0: 900- added 'rekey' method to 'Session' class for key re-exchanging. 901- added 'rekey' and 'compression' command to 'examples/Sftp.java'. 902- added new 'get' and 'put' methods to 'ChannelSftp'. 903 Those methods will operate I/O streams. 904- methods in 'ChannelSftp' will throw 'SftpException' 905- 'ChannelSftp.Ssh_exp_name' is added for the output of 'ls'. 906 Thanks to Graeme Vetterlein. 907- added 'setTimeout' and 'getTimeout' methods to 'Session' class. 908- guess will be done in the algorithm negotiation step. 909- FSecure's DSA private key has been supported partially. 910- hostkeys will be saved into 'known_hosts' file. 911- fixed a bug in 'Util.toBase64' method. 912- 'Identity' will reject unrecognized keys. 913- 'build.xml' will check if jzlib is available or not. 914 Thanks to Stefan Bodewig. 915- added javadoc target in 'build.xml'. 916 Thanks to Robert Anderson. 917 918 919Changes since version 0.0.13: 920- fixed a bug in connecting to Fsecure's sshd on Windows. 921- the license is changed to BSD style. 922 923 924Changes since version 0.0.12: 925- fixed a bug in verifying DAS signatures. 926- added 'SftpATTR' class, which allow you to get attributes of remote files on 927 sftp channel, and 'stat', 'lstat' method are added to 'ChannelSftp' class. 928- added 'getInputStream' and 'getOutputStream' methods Channel class, which 929 return passive I/O streams. 930- 'setIdentity' method is deleted from 'Session' class and 931 'addIdentity' method is added to 'JSch' class 932- 'setUserName' method is deleted from 'Session' class and 933 'getSession' method of 'JSch' class is changed. 934- 'isConnected' method is added to 'Session' class. 935- 'UserInfo' interface is changed. 936 937 938Changes since version 0.0.11: 939- taking care of remote window size. 940- adding 'disconnect' method to 'Channel' and 'Session' classes. 941- signal sending support. 942- 'mkdir' command for sftp. 943- 'fromBase64' method has been moved to Util class and 'toBase64' method has 944 also been added to that class. 945- 'KnownHosts' class for checking host-key in 'known_host' file. 946- 'examples/KnownHosts.java' has been added. 947- 'setUserName' and 'setPassword' methods have been added to Session class. 948- 'UserInfo' interface has been changed. 949- The implementation of compression has moved to 'com.jcraft.jsch.jcraft' 950 package. 951- fixed a bug in handling 'SSH_MSG_CHANNEL_REQUET' request. 952- fixed a bug in sending multiple requests on a single session. 953 954 955Changes since version 0.0.10: 956- Diffie-Hellman key exchange 'diffie-hellman-group1-sha1' is supported. 957 Refer to 'src/com/jcraft/jsch/jce/DHG1.java'. 958 Thanks to Mitsugu Kitano, whose feedback was very helpful. 959- By the default, 'diffie-hellman-group1-sha1' will be used in the 960 key exchange step. 961- The file attribute on 'SSH File Transfer Protocol' is supported. 962 Now, we can say JSch supports 'SSH File Transfer Protocol'. 963- 'examples/Sftp.java' is updated. 964 'chgrp','chown','chmod' commands are supported. 965 966 967Changes since version 0.0.9: 968- SSH File Transfer Protocol is supported partially. 969- 'examples/Sftp.java' is added. 970 This example is a tiny sftp command and supports 'cd','put','get','rm',etc. 971- 'close' method is added to Channel interface. 972- build.xml for examples is added. 973 Thanks to Ronald Broberg. 974 975 976Changes since version 0.0.8: 977- the tunneling through a SOCKS5 proxy is supported. 978- 'examples/ScpFrom.java' is added. 979- 'com.jcraft.jsch.UserInfo' interface is modified. 980 981 982Changes since version 0.0.7: 983- Packet comression is supported. 984- 'examples/Compression.java' is added. 985- JZlib is included. 986 987 988Changes since version 0.0.6: 989- RSA host key is supported. 990- RSA public key authentication is supported. 991 992 993Changes since version 0.0.5: 994- DSA public key authentication is supported. 995- examples/UserAuthPubKey.java is added. 996- examples/ScpTo.java is added. 997 998 999Changes since version 0.0.4: 1000- 3des-cbc is supported. 1001- hmac-sha1 is supported. 1002- hmac-md5-96 is supported. 1003- hmac-sha1-96 is supported. 1004 1005 1006Changes since version 0.0.3: 1007- port forwarding, similar to the -L option of SSH. 1008- examples/PortForwardingL.java is added. 1009- examples/StreamForwarding.java is added. 1010- examples/Exec.java is renamed as examples/Shell.java 1011- stream forwarding is added. 1012- ChannelSftp class is added for implementing filexfer. 1013- interfaces for jsch users are changed. 1014 1015 1016Changes since version 0.0.2: 1017- remote exec is supported. 1018- examples/Exec.java is added. 1019- build.xml and some scripts for Ant are added. (lbruand) 1020- Const class is added. (lbruand) 1021 1022 1023Changes since version 0.0.1: 1024- the tunneling via HTTP proxy is supported. 1025- port forwarding like option -R of ssh command. 1026 the given port on the remote host will be forwarded to the given host 1027 and port on the local side. 1028