Skip to content

Releases: Dev00113/ioFTPD

v7.10.0

04 Mar 02:31
@Dev00113 Dev00113
v7.10.0
755c059

Choose a tag to compare

View all tags
v7.10.0 Latest
Latest

ioFTPD v7.10.0

Release date: 2026‑03‑03

This release introduces full long‑path support across all FTP operations, modern certificate‑generation options (RSA/ECDSA), and several important fixes to improve reliability on deep directory structures, UNC paths, and Windows long‑path environments.

Long‑Path Support

ioFTPD now supports files and directories whose absolute path exceeds the legacy 260‑character MAX_PATH limit, on:

  • Windows 10 build 14393 (v1607) or later
  • Windows Server 2016 or later

All FTP operations now work correctly on long paths:

  • Upload (STOR / APPE)
  • Download (RETR)
  • Delete (DELE / RMD)
  • Rename / Move (RNFR / RNTO)
  • Make directory (MKD)
  • Directory listing (LIST / MLSD / STAT)
  • Metadata operations (SIZE / MDTM / MLST)

User and group file formats are unchanged; no migration is required.

Requirements

All three conditions must be met:

  1. OS: Windows 10 build 14393+ or Windows Server 2016+
  2. Registry:
HKLM\SYSTEM\CurrentControlSet\Control\FileSystem\LongPathsEnabled = 1
  1. This build of ioFTPD, which includes an embedded longPathAware manifest

Configuration

A new INI key controls long‑path behavior:

[FTP]
Long_Path_Support = Auto   ; Auto (default), On, or Off
  • Auto — Detects OS support at startup and logs the result
  • On — Forces long‑path mode (requires registry key)
  • Off — Disables long‑path support and reverts to MAX_PATH behavior

Backend Support Matrix

Backend Status Notes
Local NTFS Full support Deepest and most reliable long‑path behavior
Mapped drive Full support Windows resolves UNC before ioFTPD sees it
UNC / SMB Partial SMB servers impose their own limits (typically 1–4 KB) and often reject before NTFS would

When a path is too long, ioFTPD now returns a consistent error:

550 <path>: Path too long for NTFS.

This replaces older, inconsistent messages such as Invalid filename.

Configurable Certificate Type for MAKECERT

A new per‑service INI key controls which key algorithm is used when ioFTPD auto‑generates a TLS certificate (either at startup or via SITE MAKECERT):

[FTP_Service]
Certificate_Type = RSA     ; RSA (default) or ECDSA

Supported Algorithms

Value Key Size Notes
RSA 2048‑bit Default. Maximum compatibility with all FTP clients.
ECDSA P‑256 Smaller keys, faster handshakes. Recommended for new deployments.

Unrecognized values fall back to RSA and log a warning.
The selected algorithm is logged and displayed in the FTP response when using SITE MAKECERT.

Fixes

RMD incorrectly returned “550 Directory not empty”

Directories containing only the internal .ioFTPD permissions file could not be removed on long paths because deletion of .ioFTPD silently failed.
This is now fixed.

Consistent “550 Path too long for NTFS.” reply

Previously, long‑path failures could return:

  • Invalid filename
  • OS‑dependent error messages
  • Any of four Windows error codes:
    ERROR_FILENAME_EXCED_RANGE, ERROR_INVALID_NAME, ERROR_PATH_NOT_FOUND, ERROR_FILE_NOT_FOUND

All six long‑path wrappers now normalize these into a single consistent FTP reply across:

STOR, APPE, RETR, DELE, RMD, MKD, RNFR, RNTO, MDTM, SIZE, MLST.

IoRemoveReparsePoint error handling

A failed FSCTL call followed by CloseHandle clobbered GetLastError(), causing silent failures.
Error propagation is now correct and logged.

Upgrading from v7.9.0

No configuration changes are required.
All new features are opt‑in via INI keys.
Binary compatibility with existing user and group files is maintained.

To enable long‑path support, set the Windows registry key and restart:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\FileSystem" /v LongPathsEnabled /t REG_DWORD /d 1 /f
Assets 3
Loading

v7.9.0

28 Feb 14:36
@Dev00113 Dev00113
v7.9.0
173208f

Choose a tag to compare

View all tags
v7.9.0

Release Highlights

Required:

New Features

  • Added MLST/MLSD commands (RFC 3659) — structured directory listings with standardized fact sets for modern FTP clients.

Security & Libraries

  • OpenSSL upgraded: 1.0.x → 3.6.1 with full TLS 1.3 and ECDHE support
  • Tcl upgraded: 8.5.9 → 9.0.2 (no source patches required)
  • New INI options: OpenSSL_SecurityLevel, OpenSSL_Ciphers13, OpenSSL_Groups
  • Updated MAKECERT: now generates a 2048‑bit RSA key, uses SHA‑256, includes modern X.509 extensions, and uses OpenSSL 3.x EVP APIs

Stability / Race Conditions

  • Fixed use-after-free race between ioCloseSocket and in-flight TLS IOCP callbacks
  • Fixed use-after-free race between ioCloseSocket and in-flight ReceiveLine IOCP callbacks
  • Fixed use-after-free race between ioCloseSocket and SendQuickComplete + hEvent close
  • Fixed UnregisterWaitEx(NULL) returning INVALID_HANDLE_VALUE — now blocks until dispatched callbacks finish
  • Fixed timer/TransmitFile race: InterlockedExchange + CloseSocket gate prevents double-complete

Memory Safety

  • Fixed 21 ULONGULONG_PTR pointer truncation sites in the custom bucket allocator
  • Fixed tolower() / toupper() undefined behaviour on signed char values ≥ 0x80 in all path comparators
  • Fixed pointer truncation in transfer‑rate structure initialization (SocketAPI.c)

Bug Fixes

  • Fixed OpenSSL legacy provider failing silently on deployment — path now resolved relative to exe at runtime
  • Fixed garbled log output when printing narrow (char*) filenames in Unicode build
  • Fixed XCRC direction inversion
  • Fixed 49‑day idle‑time wrap
  • Fixed FXP passive‑mode compatibility
  • Fixed MAKECERT buffer overrun
Loading