Rebex File Transfer Pack 2020 R3

Released: Jul 14, 2020

2020 R3 での更新項目

機能

  • All: Added binaries targeting Microsoft .NET Standard 2.1.
  • File Server: Added support for anonymous authentication.
  • File Server: Changed SSH cipher info logging style (unified with client-side SSH).
  • SSH: Enhanced legacy group exchange autodetection.
  • TLS Core: Added TlsSocket.ApplicationProtocol property to make it possible to determine protocol negotiated using ALPN extension.
  • TLS Core: Now always prefers RSA/SHA-2 for client certificate authentication in TLS 1.2.
  • TLS Core: Disabled ciphers based on AES/CBC and SHA-2 in legacy versions of TLS (they are only specified by TLS 1.2).
  • TLS Core: Improved error message when server certificate is rejected in TLS 1.3.
  • TLS Core: Improved error messages in TLS 1.3.
  • TLS Core: Logging improvements.
  • TLS Core: No longer sending 'internal error' alert to remote end on timeout.
  • TLS Core: Optimized TLS 1.3 internals.
  • TLS Core: TLS 1.3 initiates key update properly (before the AEAD limits are reached).
  • TLS Core: Unified behavior of the Receive and ReceiveAsync methods across TLS versions.
  • TLS: Added DisposeAsync method to TlsSocket.
  • TLS: Added server-side support for Application-Layer Protocol Negotiation (ALPN) extension (RFC 7301).
  • TLS: Added TlsParameters.CertificateChainMode property.
  • TLS: Added TlsStream class. Supports TLS 1.0-1.3 via Stream-based API.
  • TLS: An error is reported when trying to use one of deprecated methods via TlsServerSocket.
  • Cryptography: Memory usage optimizations in CNG layer.
  • Cryptography: On Microsoft Windows 10 and Microsoft Windows Server 2016 or higher, Microsoft CNG API is used for classic Diffie-Hellman calculations instead of legacy Microsoft CryptoAPI.
  • Cryptography: Optimized disposing of temporary keys in Certificate class.

不具合の修正

  • SFTP: Added workaround for misbehaving SSH_FXP_STAT on DataPowerSSH servers (SftpSettings.EnableBrokenDirectoryStatWorkaround option).
  • File Server: Fixed handling of unknown SSH packets received before authentication.
  • File Server: Workaround for very old OpenSSH 4.x/5.x clients that refuse to accept data packets while SSH renegotiation is in progress.
  • TLS Core: Fixed availability of TLS 1.3 session tickets (client side).
  • TLS Core: Fixed handling of multiple concurrent Receive or Send method calls in TLS 1.3.
  • TLS Core: Fixed handling of TLS 1.3 KeyUpdate handshake message.
  • TLS Core: Fixed server name handling for TlsSocket instances created from an already-connected Socket.
  • TLS Core: Fixed TlsException.Status to return ConnectionClosed for connection-closed errors.
  • TLS Core: Fixed TlsException.Status to return Timeout for timeout errors.
  • TLS Core: Fixed TlsSocket.ClientCertificate that returned an empty chain instead of null in some scenarios.
  • TLS: Fixed error messages reported on client certificate validation to properly refer to client certificate.
  • TLS: Fixed error reporting when trying to use SSL 3.0 on Microsoft Windows OS in FIPS-only mode.
  • Cryptography: Fixed encoding of ECDSA signatures in PKCS #7 CertificationRequest structure.