=================================
**Major enhancements**
- 5: it is now possible to set a maximum number of connections and a maximum
number of connections from the same IP address.
- 36: added support for FXP site-to-site transfer.
- 39: added NAT/Firewall support with PASV (passive) mode connections.
- 40: it is now possible to set a range of ports to use for passive
connections.
**RFC-related enhancements**
- 6: accept TYPE AN and TYPE L8 as synonyms for TYPE ASCII and TYPE Binary.
- 7: a new USER command can now be entered at any point to begin the login
sequence again.
- 10: HELP command arguments are now accepted.
- 12: 554 error response is now returned on RETR/STOR if RESTart fails.
- 15: STAT used with an argument now returns directory LISTing over the
command channel (RFC-959).
**Security Enhancements**
- 3: stop buffering when extremely long lines are received over the command
channel.
- 11: data connection is now rejected in case a privileged port is specified
in PORT command.
- 25: limited the number of attempts to find a unique filename when
processing STOU command.
**Usability enhancements**
- : Provided an overridable attribute to easily set number of maximum login
attempts before disconnecting.
- : Docstrings are now provided for almost every method and function.
- 30: HELP response now includes the command syntax.
- 31: a compact list of recognized commands is now provided on HELP.
- 32: a detailed error message response is not returned to client in
case the transfer is interrupted for some unexpected reason.
- 38: write access can now be optionally granted for anonymous user.
**Test suite enhancements**
- File creation/removal moved into setUp and tearDown methods to avoid
leaving behind orphaned temporary files in the event of a test suite
failure.
- 7: added test case for USER provided while already authenticated.
- 7: added test case for REIN while a transfer is in progress.
- 28: added ABOR tests.
**Bug fixes**
- 4: socket's "reuse_address" feature was used after the socket's binding.
- 8: STOU string response didn't follow RFC-1123 specifications.
- 9: corrected path traversal vulnerability affecting file-system path
translations.
- 14: a wrong response code was returned on CDUP.
- 17: SIZE is now rejected for not regular files.
- 18: a wrong ABOR response code type was returned.
- 19: watch for STOU preceded by REST which makes no sense.
- 20: "attempted login" counter wasn't incremented on wrong username.
- 21: STAT wasn't permitted if user wasn't authenticated yet.
- 22: corrected memory leaks occurring on KeyboardInterrupt/SIGTERM.
- 23: PASS wasn't rejected when user was already authenticated.
- 24: Implemented a workaround over os.strerror() for those systems where it
is not available (Python CE).
- 24: problem occurred on Windows when using '\\' as user's home directory.
- 26: select() in now used by default instead of poll() because of a bug
inherited from asyncore.
- 33: some FTPHandler class attributes wasn't resetted on REIN.
- 35: watch for APPE preceded by REST which makes no sense.