* 12/29/97 -- Current working version 0.99.0pl11
  NEXT VERSION: 1.0.0

  Fix MDTM command so that it will no longer "miss" files, reporting
  them as non-existant even when they do exist.
  Status: Complete

  Numerous fixups that might affect <Limit> blocks.  All directory
  permission checks are now based on *absolute* directories, after
  symlinks have been recursed (when possible).
  Status: Complete

  Fixed several real and potential overflow bugs, use vsnprintf()
  everywhere now for security purposes.  Provide a rather horrid
  kludge for vsnprintf() on systems which don't have it.
  Status: Complete

  Minor fixups/porting issues.
  Status: Complete

  Find some way to source from port 20 (assuming standard FTP port)
  without having root.
  Status: Some work done, but commented out -- not working correctly
  
  NOOP command strangely has no implementation function.
  Status: Fixed

* 11/12/97 -- Current working version 0.99.0pl10

  The sample proftpd configurations describe the usage of 
  <Directory *> in <Anonymous> blocks to configure "defaults" which
  are inherited by other <Directory> contexts; however this usage
  is deprecated, and all such inherited limits should be directly
  applied to the <Anonymous> block itself.  Unfortunately, this creates
  a vulnerable security problem for proftpd admins running newer
  patchlevels with one of the sample old-style configurations.
  Fix up the sample configs, and add code to automagically move
  <Directory *> config contexts into the parent <Anonymous>.
  Status: Complete

  Fixups in config tree managment, so HideUser/HideGroup work
  ALL the time.  The whole configuration tree systems needs a complete
  overhaul, which is the first priority of dev version 1.1.0.
  Status: Complete

  Use setsid() when available instead of ioctl() to divorce from the
  controlling tty.
  Status: Complete

  src/support.c, typo when HAVE_SYS_STATVFS_H is defined.
  Status: Fixed

  Some optimizations are in order for src/dirtree.c, to avoid unnecessary
  recursion/iteration of the directive tree.
  Status: Complete

  fsync() was being called in src/log.c, unnecessarily.  Report from
  Magnus Stenman <stone@hkust.se>
  Status: Fixed

  Bug in find_config_next() catches SIGSEGV if called with a NULL argument
  (which is possible under certain circumstances).
  Status: Fixed

* 10/29/97 -- Current working version 0.99.0pl9

  MD5 hashed passwords don't work correctly under libc6.  The salt
  was being forcefully zero-terminated at the third character (the
  standard crypt() function only uses the first two chars as a salt).
  crypt() is now passed the entire crypted password as a salt, and
  can use as much of it as it likes.  Thus, if your libc supports
  a transparent crypt() function, which automatically uses md5_crypt()
  if it detects an md5 salt, proftpd will support md5 hashes
  transparently.  NOTE: Only libc6 is guaranteed to do this.
  Status: Fixed

  Bug involving searches via session.dir_config not working if there
  is no current matching directory configuration (thus mergeable
  directives, such as AllowOverwrite, don't work in VirtualHost configs
  which don't have any <Directory> contexts)
  Status: Fixed

  Bug in inet_copy_connection() allows potential data loss/corruption
  w/ old memory pools.
  Status: Fixed

  Add support for the common "magic cookies" (as supported by wu-ftpd)
  in DisplayLogin and DisplayFirstChdir displayed files.  This will
  also result in the addition of a ServerAdmin directive.  This was
  an oversight from the beginning, and is regarded as a bug rather than
  a feature request.
  Status: Complete

  Add support for ident protocol lookups (needed for magic cookies, and
  possibly logging in the future).
  Status: Complete

* 10/20/97 -- Current working version 0.99.0pl8

  One FTP client (the default win95 one, actually) appears to want
  to use XMKD instead of MKD to create directories.
  Status: Fixed

  The PASS command doesn't except spaces in passwords.
  Status: Fixed

  Apparently, there is still some problem with FTP clients properly
  parsing file sizes in data connection messages (Netscape and
  ncftp, for example, can't approximate transfer times when receiving
  files).
  Status: Fixed, Added SIZE command (how did that get left out??) 

  Add man pages for ftpshut, ftpwho and ftpcount.
  Status: Complete

  Cosmetic: Anonymous FTP connections display "password required"
  rather than "send e-mail address as password".
  Status: Fixed

  When a connection comes in to an IP that is not serviced (and
  DefaultServer is not set), the error message can appear odd if
  the destination IP cannot be resolved to a name.
  Status: Fixed

  Add an ftpshut utility for admins.  Proftpd already looks for a shutdown
  file, however there is no utility to create such.
  Status: Complete

* 9/24/97 -- Current working version 0.99.0pl7

  Add a man page which will be installed in /usr/man/man8.
  Status: Complete

  Implement MDTM command.  It's not in RFC959, but supposedly will
  be in the next revision.  The command is needed for certain client
  packages (such as debian's dpkg).
  Status: Complete

  Dotted quad IP addresses don't work in <VirtualServer> blocks,
  FQDNs only.
  Status: Fixed

  PORT command bug fixed, involving port components equal to 255.
  "Invalid PORT command" error will no longer occur.
  Status: Fixed

  Added --enable-shadow and --enable-autoshadow options to the GNU
  autoconf configure script.  Using 'configure --enable-shadow' will
  force shadow password suite compilation (-DUSESHADOW), regardless
  of the configuration scripts detection of shadowed passwords.  This
  allows binary distributors to produce shadow enabled binaries, even
  on non-shadowed systems.  --enable-autoshadow forces the automatic
  run-time shadow detection system to be compiled in (-DAUTOSHADOW).
  This feature is NOT recommended, as it allows password entries in
  the standard password database (/etc/passwd) to be used on shadow
  systems where an entry does not exist in the shadow database.  This
  is useful for binary distributors, who wish to produce a pre-compiled
  binary that will universally function on both shadow and non-shadow
  systems.
  Status: Complete

  Bug in _translate_ascii()/_xfer_write_data() in mod_xfer.c, allowed
  possible overwrite of io buffer on _long_ ascii transfers, causing
  a SIGSEGV after the write was completed.
  Status: Fixed
  
* 7/9/97  -- Current working version 0.99.0pl6
  
  Bug in io.c, involving not setting/resetting errno, allowed a previous
  EINTR error to be returned on a closed socket, thus causing a possible
  infinite loop.
  Status: Fixed

  Make ~username references in proftpd.conf resolve after a connection/
  at normal run-time rather than while hashing the configuration file.
  Status: Partially Complete (needs a good deal of rewrite)

  Bug in dir_realpath() with symlinks (recursion causes dir_realpath()
  to loop infinitely).
  Status: Fixed

  Refit utmp code to work _properly_.
  By: Randy McCaskill <rmccask@comm-data.com>
  Status: Fixed

  Create the initial mechanism for specifying a "per-connection"
  transfer ratio.  This will be expanded later with the addition of
  "permanent" per-user ratios and eventually even "psuedo-users."
  Status: Not complete, deferred for a couple versions

  Create a method of changing the "default root" directory given
  to a newly authenticated client.
  Status: Complete, see the new 'DefaultRoot' directive.

  Added "(x bytes)" to repsonse message sent on data connection open
  when RETRing a file.  This permits clients to compute estimated
  transfer times and time remaining.
  Status: Complete

  Added install-sh to the source distribution in order to properly use
  autoconf's installation program detection mechanism.
  Status: Complete

  Final fixes to autoconf to finish ports for Irix 5.3, BSDI 2.1 and
  Solaris 2.5.  Solaris 2.5 still reports some non-harmful warnings,
  due to broken header files.
  Status: Complete

* 6/10/97 -- Current working version 0.99.0pl5

  Added 'DefaultServer' directive which allows a server configuration
  (virtual or otherwise) to act as the default configuration for any
  connections inbound to unknown IP addresses to be handled without
  a specific VirtualHost block.
  Status: Complete

  Fixed a *massive* parsing bug which caused any operations on
  filenames/directories with spaces in them to not function.
  Status: Fixed

  Fixed a bug that could cause sigsegv in <Anonymous> configurations
  on virtual servers, when an incorrect username was entered.  This
  bug may have affected other areas, because it hit one of the directive
  tree search algorithms.
  Status: Fixed

  Added code (again from GNU libc) for fnmatch(), and a small shim
  for strsep().
  Status: Complete

  Added code (from GNU libc) for supporting getopt and getopt_long
  on systems which don't have it.  A "support" library has
  been added in the source tree, under /lib.  Eventually, all
  the routines from src/support.c should be added in here.
  Status: Complete (but not well tested)

  Add 'SocketBindTight' directive to configure how listen sockets
  are created/bound in standalone mode.
  Status: Complete

  Some minor problems with symbolic links.  After CWD into a symlink that
  points to a directory, PWD no longer returns the proper directory.
  Related to a larger problem with getcwd().
  Status: Fixed

  Add ShowSymlinks directive to control the displaying of an actual link *or*
  displaying as it's target.
  Status: Complete

  Allow/Deny/Order directives weren't quite "done" yet. :-)
  Status: Complete

* 6/5/97 -- Current working version 0.99.0pl4

  ASCII xfer from client -> server causes occasional corruption.
  Verified using WS-FTP95.
  Status: Fixed

  Timeouts, under certain conditions, are not timing out.  Suspect
  some piece of code is interfering w/ alarm() or timer operations.
  Status: Fixed

  A certain "newer" wsftp95 client seems to stall between each "mput"
  file for longish period of time (5 minutes or so).
  Status: Fixed

  Reasonably indent sample configuration files for easier readability
  Status: Complete

  Added new directives: UserPassword and GroupPassword.  Allows 
  "override" of a password normally found in /etc/passwd (or shadow)
  Syntax:  UserPassword <username> <hashed_password>
  <hashed_password> as produced by the crypt() function.
  Status: Implemented

  find_config()/find_config_next() aren't properly backward-recursing.
  This causes a problem when using multiple anonymous logins, among
  other things.
  Status: Fixed

  Add "AccessGrantMsg", to allow administrator to customize message
  sent when access is allowed.
  Status: Complete

* 6/2/97 -- Current working version 0.99.0pl3

  First beta release was 0.99.0pl2, one small patch applied to create
  0.99.0pl3 (VirtualHost patch)

  Add "Merge" directive to control merging of <Directory> and
  <Anonymous> directives from master list into VirtualHost lists.
  Status: Incomplete

  FTP from Netscape does not work properly.  Probably PASV mode
  problem.
  Status: Fixed - 0.99.0pl4

  Directives in top level configuration aren't caught when dir
  check operations look for them.
  Status: Fixed - 0.99.0pl4

  <Directory /> contexts aren't working properly if no other <Directory>
  context exists which matches.  <Directory /*> works properly.
  Status: Fixed - 0.99.0pl4

  xferlog logging doesn't record full pathname of anon transfers
  Status: Fixed - 0.99.0pl4

  Fix SIGSEGV on additional transfers after a REST+RETR operation
  fails.
  Status: Fixed, REST appears to work properly in all cases now
          0.99.0pl4

  Add 'make install' option compliant with GNU autoconf and GNU
  Makefile standards.
  Status: Complete, Not tested.

* 4/26/97 -- Current working version 0.99.0pl1

 Implement REST command to allow transfer recovery.
 Status: Completed - 6/1/97

 Transfer logging (ala wu-ftpd, plus extensions)
 Status: Completed - 6/1/97

 Make HideUser and HideGroup work.
 Status: Completed - 6/1/97

 Implement SIGHUP rehashing, and SIGHUP iteration to children.
 Status: Completed - 6/1/97

 ServerType inetd mode doesn't work.
 Status: Completed - 6/1/97
 
* 4/24/97 -- Current working version 0.99.0

 Change times reported by "ls" type operations (i.e. LIST or NLST -l)
 to be GMT rather than local time.  Just found out that this is the
 standard used by FTP servers. :-)
 Status: Complete, introduced into 0.99.0pl1
