Released: May 24, 2020

2020 R2 での更新項目

機能

• File Server: Added FileServerSettings.EnableEventsForFailedTransfers option.
• File Server: Added ServerSession.Cipher property to make it possible to determine SSH ciphers used by each session.
• File Server: Added support for AEAD encryption ciphers ('aes128-gcm@openssh.com', 'aes256-gcm@openssh.com' and 'chacha20-poly1305@openssh.com').
• File Server: Added support for encrypt-then-MAC ciphers ('hmac-sha2-256-etm@openssh.com' and 'hmac-sha2-512-etm@openssh.com').
• File Server: Enhanced handling of 'pty-req' and 'window-change' SSH channel requests - wrong values are rejected.
• File Server: Enhanced ShellModule class to make it possible to implement custom SSH subsystems.
• File Server: Virtual shell now treats the line-feed character as end-of-line indicator in addition to carriage-return character.
• SSH Shell: Added LocalEndPoint and RemoteEndPoint properties to SshTunnel class.
• Terminal: Improved TerminalControl.Bind method behavior to prevent needless locking.
• SSH: Added new properties to SshCipher to make it possible to determine IDs of active ciphers.
• SSH: Added workaround for a weakness in legacy CBC ciphers.
• TLS Core: Enhanced TlsSocket.Timeout property to apply to subsequent Send, SendAsync, Receive and ReceiveAsync methods even when TLS is already active.
• TLS Core: Improved and unified behavior of the TlsSocket Shutdown/ShutdownAsync methods when negotiation has not been started.
• TLS Core: Improved TLS exception reporting.
• TLS Core: Logging improvements.
• TLS Core: Optimizations in TLS 1.3 internals.
• TLS Core: Support for the TLS 1.3 record with empty application data payload and random padding.
• TLS Core: Unified TlsSocket.Cipher property behavior across TLS versions.
• TLS: Added TlsServerSocket class. Provides server-side TLS 1.3, 1.2, 1.1 and 1.0 support.
• Cryptography: Added ContentInfo.ToStream() method.
• Cryptography: Enhanced Certificate.LoadDerWithKey to support RSASSA-PSS and RSAES-OAEP for RSA keys.
• Cryptography: Improved AsymmetricKeyAlgorithm to support RSASSA-PSS and RSAES-OAEP with keys loaded via ImportKey method.
• Cryptography: Optimized Certificate and CertificateChain class to only consume native resources when needed.
• Cryptography: Optimized CNG handles cleanup.

不具合の修正

• File Server: Fixed client authentication using X.509 certificates.
• File Server: Fixed handling of unknown SSH packets.
• TLS Core: Fixed availability of TLS 1.3 session ticket when the receive side of the connection has already been closed.
• TLS Core: Fixed behavior of server-side DoNotCacheSessions option (which previously led to connection failures).
• TLS Core: Fixed some cases of missing AggregateException unwrapping.
• TLS: Fixed TlsClientSocket.EndConnect method.
• Cryptography: Fixed AsymmetricKeyAlgorithm.GenerateDiffieHellmanParameters slowness (only affected the previous release).