TLSWrap v1.04

TLSWrap is a TLS/SSL FTP wrapper/proxy for UNIX and Windows, allowing you to use your favourite FTP client with any TLS/SSL-enabled FTP server.

Features

• Full encryption of both control and data connections (data encryption is optional, see README) following the standard defined in RFC 4217.
• Allows existing FTP clients to support Transport Layer Security/Secure Socket Layer.
• Works on both UNIX and Windows.
• One process handles all connections (non-blocking I/O).
• A helper process does hostname lookups so the main process is free for other work during slow lookups.
• Both C source and Windows executables for both 32-bit (x86) and 64-bit (x64: AMD64 and EM64T) systems are available.
• Proper support for X.509 certificates, see here
• TLSWrap is also included as a package/port in Gentoo Linux, FreeBSD and grml - Linux Live-CD.
• Used/recommended by AT&T Worldnet, University of California at Berkeley, Katholieke Universiteit Leuven and others.

Tested on the following platforms

• NetBSD 2.0.2 (i386, Alpha)
• OpenBSD 3.0 (i386, Alpha)
• FreeBSD 6.1 (i386, Alpha)
• Solaris 7 (SPARC with both GCC and WorkShop Compilers 5.0 98/12/15 C 5.0)
• Solaris 9 (SPARC)
• Compaq Tru64 UNIX V5.1B (Alpha with both GCC and Compaq C V6.5-207)
• HP-UX 11i v2 (IA64 with both GCC and HP C/aC++ B3910B A.06.12 [Aug 17 2006])
• HP-UX 11i v2 (PA-RISC with both GCC and HHP92453-01 B.11.X.35098-35101.GP HP C Compiler)
• Debian GNU/Linux 2.2r5 (i386, StrongARM)
• Mac OS X v10.4 Tiger (PPC with GCC)
• Red Hat Enterprise Linux AS 4.0 (x64 and IA64 with GCC 3.4.3)
• Red Hat Enterprise Linux AS 4.0 (IA64 with Intel(R) C Itanium(R) Compiler 9.0)
• Red Hat Enterprise Linux AS 4.0 (i386 with Intel(R) C Compiler for 32-bit applications, Version 9.0)
• SuSE Linux Enterprise Server 10 (Itanium II)
• Ubuntu Linux 6.10 (i386)
• Windows 2000 (i386 with Cygwin)
• Windows 2000 (i386 with Intel(R) C++ Compiler for 32-bit applications, Version 8.1)
• Windows 2000 (i386 with Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8804 for 80x86)
• Windows XP Pro (i386 with Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50630 for 80x86)
• Windows XP Pro (i386 with Intel(R) C++ Compiler for 32-bit applications, Version 9.0)
• Windows XP Pro x64 (x64 with Intel(R) C++ Compiler for Intel(R) EM64T-based applications, Version 9.0)
• Windows XP Pro x64 (x64 with Microsoft (R) C/C++ Optimizing Compiler Version 14.00.50630 for x64)
• Windows Vista Business (i386 with Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.42 for 80x86)

Recent changes

1.04

• The fixing of the silly memleak introduced a bug that could cause crashes on some systems, fixed. Thanks to Jukka Anttonen for reporting it.
• Upgraded TLSWTray to MFC 8.

• At least one ftpd can't handle PROT before USER, this is (unfortunately) allowed by the TLS FTP spec so handle it properly.
• The debug mode crashed on Linux and probably some other OSes.
• It now is possible to build a version for Windows 9x/ME (which does not have the possibility to run as a service). This is the first version ever to work properly on this platform, as the old Cygwin version didn't work on 9x.
• Improved the error handling for connection resets in the TLS handshake.
• Improved the error handling for connection attempts blocked by software firewalls in Windows.
• Fixed a silly memleak.
• All binary distributions upgraded to OpenSSL 0.9.8d and MFC 8.

• Minor HP-UX fixes (UNIX95 vs UNIX98 vs current).
• Fixed detection of recent versions of the Intel compiler on Linux, to prevent a strange compilation error on Itanium systems.
• A small fix to work with the recently released OpenSSL 0.9.8.
• Since OpenSSL 0.9.8 supports 64-bit Windows (x64 and IA64), TLSWrap also does:
  
  I have provided an installer for Windows x64, just like for the normal x86 version. The installer is unfortunately 32-bit for now, but everything else is 64-bit. The included OpenSSL DLL's are compiled with the Intel C++ Compiler 9.0 for EM64T and should in many cases have superior performance compared to the 32-bit versions (I get twice the speed with AES on my EM64T CPU, but the performance will vary with algorithm and CPU type).
  
  I found a bug in OpenSSL 0.9.8 that broke DES encryption when using the latest Intel compiler. The included DLL's have this fix applied and the next official version of OpenSSL 0.9.8 will also have this fix.

• Fixed a bug in the startup code that could randomly prevent it from loading on Windows XP Pro x64 Edition (and theoretically on other Windows versions).
• The Configuration Manager should not start if the TLSWrap service is not installed, fixed. Improved some error messages.

• Added support for Active FTP (both PORT and EPRT modes supported).
• Added support for X.509 user certificates.
• Improved the certificate handling in the Configuration Manager (and updated Windows pictures).

• There is now a native Windows version for Windows 2000/XP which can be installed as a Windows service. I added some GUI tools to help configuring it. This version is a lot faster than the old Cygwin versions.
• TLSWrap now properly supports scalable Public Key Infrastructure (PKI) through X.509 certificates, see here.
• Various fixes and changes, including cached SSL sessions for data connections. See the ChangeLog for detailed information on what has been fixed and changed.

Download

Version 1.04

Version 1.03

Version 1.02

Related links

Software and website Copyright © Tomas Svensson <info(at)tlswrap.com> 2002-2009 Privacy Policy | Imprint