Rebex File Transfer Pack 2020 R3
Released: Jul 14, 2020
2020 R3 での更新項目
機能
- All: Added binaries targeting Microsoft .NET Standard 2.1.
- File Server: Added support for anonymous authentication.
- File Server: Changed SSH cipher info logging style (unified with client-side SSH).
- SSH: Enhanced legacy group exchange autodetection.
- TLS Core: Added TlsSocket.ApplicationProtocol property to make it possible to determine protocol negotiated using ALPN extension.
- TLS Core: Now always prefers RSA/SHA-2 for client certificate authentication in TLS 1.2.
- TLS Core: Disabled ciphers based on AES/CBC and SHA-2 in legacy versions of TLS (they are only specified by TLS 1.2).
- TLS Core: Improved error message when server certificate is rejected in TLS 1.3.
- TLS Core: Improved error messages in TLS 1.3.
- TLS Core: Logging improvements.
- TLS Core: No longer sending 'internal error' alert to remote end on timeout.
- TLS Core: Optimized TLS 1.3 internals.
- TLS Core: TLS 1.3 initiates key update properly (before the AEAD limits are reached).
- TLS Core: Unified behavior of the Receive and ReceiveAsync methods across TLS versions.
- TLS: Added DisposeAsync method to TlsSocket.
- TLS: Added server-side support for Application-Layer Protocol Negotiation (ALPN) extension (RFC 7301).
- TLS: Added TlsParameters.CertificateChainMode property.
- TLS: Added TlsStream class. Supports TLS 1.0-1.3 via Stream-based API.
- TLS: An error is reported when trying to use one of deprecated methods via TlsServerSocket.
- Cryptography: Memory usage optimizations in CNG layer.
- Cryptography: On Microsoft Windows 10 and Microsoft Windows Server 2016 or higher, Microsoft CNG API is used for classic Diffie-Hellman calculations instead of legacy Microsoft CryptoAPI.
- Cryptography: Optimized disposing of temporary keys in Certificate class.
不具合の修正
- SFTP: Added workaround for misbehaving SSH_FXP_STAT on DataPowerSSH servers (SftpSettings.EnableBrokenDirectoryStatWorkaround option).
- File Server: Fixed handling of unknown SSH packets received before authentication.
- File Server: Workaround for very old OpenSSH 4.x/5.x clients that refuse to accept data packets while SSH renegotiation is in progress.
- TLS Core: Fixed availability of TLS 1.3 session tickets (client side).
- TLS Core: Fixed handling of multiple concurrent Receive or Send method calls in TLS 1.3.
- TLS Core: Fixed handling of TLS 1.3 KeyUpdate handshake message.
- TLS Core: Fixed server name handling for TlsSocket instances created from an already-connected Socket.
- TLS Core: Fixed TlsException.Status to return ConnectionClosed for connection-closed errors.
- TLS Core: Fixed TlsException.Status to return Timeout for timeout errors.
- TLS Core: Fixed TlsSocket.ClientCertificate that returned an empty chain instead of null in some scenarios.
- TLS: Fixed error messages reported on client certificate validation to properly refer to client certificate.
- TLS: Fixed error reporting when trying to use SSL 3.0 on Microsoft Windows OS in FIPS-only mode.
- Cryptography: Fixed encoding of ECDSA signatures in PKCS #7 CertificationRequest structure.