Release Notes Version 4.0.x

Major changes from version 3.7 to version 4.0

• New underlying operating system — Ubuntu Server 22.04 LTS. There was quite a few reasons that made us switch from the previous CentOS/RedHat family of Linux to Ubuntu. In short these included:
  • RedHat moved CentOS from a stable, free alternative to RedHat to essentially a development, unstable version of RedHat.
  • RedHat made changes to its licensing which causes a lot of concerns for the long term viability of alternatives such as Rocky Linux and Alma Linux that attempted to recreate what CentOS used to be.
  • Ubuntu Server is a very stable Linux variant that is used and supported by many players, including being the reference Linux for FIPS certified OpenSSL modules.
  • Ubuntu offers support for their LTS releases for 10 years.
  • Ubuntu has better support for more auxilliary functions and libraries. With CentOS we used to maintain about 10 packages that weren't distributed with CentOS. With Ubuntu the only package we maintain ourselves is Nginx and that's just because we have a couple of our own custom plugins for Nginx that's not publically available.
  • Ubuntu has a Pro license which essentially turns the free version of Ubuntu server into a commercially supported version of Ubuntu server for those that wish to get official server support. Further, the Pro license will enable NIST-certified FIPS crypto-modules and other similar benefits.
  So in a way, RedHat pushed us (and many others) away from their family of Linuxes and for us we landed on Ubuntu. So far we couldn't be happier.
  The annoying thing is that when moving operating system, in order to upgrade from previous versions we have to install a new system and Move the data across from the old to the new system. Luckily this process is well proven as we've moved from OpenBSD (v1.x), to CentOS 6 32bit (v2.x), to CentOS 7 64bit (v3.x) and now to Ubuntu Server 22.04 LTS (v4.x).
• Changed Duo Two-Factor Authentication to Universal Prompt.
• Re-Architected the login session database structure. The actual sessions are now stored in browser cookies meaning database sessions are not created until a user is logged in. This increases performance. This change means that any existing user will be logged out. Further improvements include:
  • Admin → System → User Sessions now holds all logged in sessions, and only logged in sessions. This means it's more transparent what goes on with logged in users.
  • Admin → System → now lists when a users session will expire and why — it will highlight if a logged in user is using Remember me cookies, Session cookies or Secure Token sessions for external users.
  • Admin → System → is also improved showing users location and system information in a better way.
  • Previously it wasn't possible to manually expire an existing Remember Me cookie, now it is.
  • Previously it wasn't possible to manually expire External Users, not it is.
• Added session limitations. By default users are permitted 2 active sessions and you can adjust between 1 and 3 sessions.
• Added Web Based Migration from another system, available during Getting Started.
• Added Web Based Restore from backup, available during Getting Started.
• Added Permission Policy Header — securityheaders.com now gives a default LiquidFiles system an A+ score.
• Sysadmins logging in from /login as opposed to / will not be saml redirected if set as requirement in sysadmin group — this is a fallback if the SAML server is not working (SAML certificate has changed for instance) .
• Update local domains when updating Public Hostname — add the domain of the Public Hostname if it's not already included in the Local Domains.
• Added a file_request_response email template.
• Updated libraries and functions such as Ruby on Rails 7, Ruby 3, Bootstrap 5.3, PostgreSQL 14...

Version 4.0.8 (released 2024-04-03)

• Fixes an issue authenticating with Duo when using Duo aliases.
• Fixes an issue where disks couldn't be expanded in some cases.

Version 4.0.7 (released 2024-03-07)

• Fixes an issue where large SAML responses could lead to a cookie overflow.
• Fixes an issue where Duo responses matched usernames with case sensitive.
• Fix for user filedrop message expiration is more than message max expiration.
• Fixes an issue where Set Manual Time wasn't working.
• Fixes an issue migrating from a v4.x to another v4.x system.
• Fixes an issue where the change data disk function didn't display the disk properly.

Version 4.0.6 (released 2024-02-26)

• Fixes an issue where previous attachments couldn't be used in API clients.

Version 4.0.5 (released 2024-02-22)

• Fixes for disk expansion when using nvme (SSD) disks.
• Fixed an issue where `ft add_admin` didn't work properly.
• Updated Ruby on Rails.

Version 4.0.4 (released 2024-02-21)

• Security: Fixes an issue where Strong Auth Remember would be "remembered" between different users that shared the same browser.
• Fixed an issue where Strong Auth Remember wasn't being set.
• Fixed an issue where PDF Preview wasn't working in shares.
• Fixes an issue with incorrect JSON root parameter with the Share API.
• Fixes a couple issues with the Share Log API.
• Fixes a couple of migration issues (the FTP service wasn't started if FTPdrops/FTPdirs was configured).
• Set the system hostname to the Public Hostname if not previously set.
• Fixed an issue resizing the filesystem from the F2 Setup menu.
• Fixed an issue deleting custom groups.
• Updated Libraries

Version 4.0.3 (released 2024-02-13)

• Fixes an issue where wasn't available in filedrop_message and filedrop_private_message email templates.
• Fixes an issue where it wasn't possible to set LDAP default group to Disable Logins or SAML default group to No default.
• Fixes an issue where system_path wasn't available in User Delivery Actionscripts.
• Fixes a problem where Firefox sometimes would logout users that went from Admin back to User area (sending files).
• Added TLSv1.3 (when configured) to FTPdrops and FTPdirs.
• Fixes an issue setting NTP configuration.
• Fixes an issue using outgoing http proxy from the command line.
• Migration fixes.

Version 4.0.2 (released 2024-02-01)

• Fixes an issue using outgoing http proxy.
• Fixes an issue configuring non standard http and https ports.
• Fixes an issue with SMS Strong Authentications.
• Added better hints for browsers when using SMS Strong Authentication to help autofill One Time Codes.
• Security improvement for external access (retrieving GeoIP data, connecting to Duo, SMS Auth, validating connectivity, ...)

Version 4.0.1 (released 2024-01-25)

• Fixes an issue where it wasn't possible to add a separate data disk.

Version 4.0.0 (released 2024-01-22)

• Initial Release of v4.0.

Incompatibilities and Warnings

These are a few things you need to be aware of when updating to LiquidFiles v4.0.

API Deprecations

XML API

It's no longer possible to use the XML API. The XML API has been deprecated and on it's way out for quite a while, and some functions did still work using XML up until the previous major release. With LiquidFiles v4.0, this has been removed and it's no longer possible to use any XML API functions.

Admin API changes

There's been some slight changes in the formatting in some the JSON response to make them more unified, for instance the Admin/User API. If you're using any Admin API function, please double-check with the indididual documentation that the functions still match what you're expecting.

Previous Attachment Upload API deprecated

Up until v3.6, the /attachments and /attachments/binary_uploads API functions have been global functions for most (all except shares) uploads. This function was deprecated in v3.7 and has been removed in v4.0. The currently supported upload method is to use individual functions such as /message/attachments/upload. Please see the individual API documentation for Message Uploads, Link Uploads, ...

Renamed API functions

In this release several API attributes have been renamed, please make sure to update any API functions you may have that uses any of these. is_local → local, is_sysadmin → sysadmin, is_domain_admin → domain_admin, is_admin → admin, is_user_admin → user_admin, is_pool_admin → pool_admin, use_maps → geoip.