2 * A crash could occur if a single letter share name was
3 dynamically evaluated as matching a cell name. This was
4 due to a failure to treat the comparison of two nul
7 * Docbook validation is performed by xmllint during builds.
9 * Volume package bugs in the file server can result in VOFFLINE
10 being returned to the client instead of VNOVOL or VMOVED. As
11 a result the Unix CM treats VOFFLINE the same as VMOVED and VNOVOL.
12 The Windows client has not. As a result, bugs in the file server
13 can cause the Windows client to lose if the volume has in fact
14 been moved to another server.
16 As part of this change, the volume location list is updated prior
17 to the volume status being applied to the server from which the
20 * If the pages to be flushed are from a readonly or backup volume
21 they can't be dirty. In this case there is no need to stabilize
22 the pages before they are locked and recycled.
23 Stablilization is performed on the cm_scache_t object so do not
24 stabilize and unstablize for each cm_buf_t object.
26 * Over the years the processing of the Freelance callbacks have
27 added functionality that behaves much more like FetchStatus checks
28 to a file server. If the data version of the object has changed,
29 get the new data. Given that is the case, we can remove much of
30 the original refresh logic that is rather race prone. Say goodbye
31 to cm_fakeGettingCallback and cm_fakeDirCallback.
33 * When processing a pioctl path with either smb_ParseIoctlPath or
34 smb_ParseIoctlParent, cm_SyncOp(CM_SCACHESYNC_NEEDCALLBACK|GETSTATUS)
35 must be called on the cm_scache_t object to ensure that it is up
36 to date before we permit cm_Lookup or other operations to be performed
37 on it. Add the cm_SyncOp() call to smb_ParseIoctlPath and
38 smb_ParseIoctlParent to ensure it is done for all pioctl operations.
40 * The 32-bit tools installer was displaying client configuration wizard
41 pages. Since, the 32-bit tools share configuration with the AFS
42 service, the 32-bit tools installer should not be attempting to change
43 client configuration. Remove said wizard pages from the 32-bit tools
46 * cm_data.rootSCachep is a global pointer to the cm_scache_t that
47 represents the root.afs volume root directory. Throughout the
48 code this cm_scache_t was being used without ensuring that a
49 callback to the volume is in fact valid.
51 Under most circumstances this would not be a problem. However,
52 it is possible for a request to fail due to the lack of a callback
53 at a critical moment. Add a new function cm_rootScachep() that
54 attempts to ensure that a callback is present (if possible) prior
55 to use the cm_scache_t object.
57 * When the contents of the Freelance root directory changes the fake
58 directory buffers are updated and a fakeDirVersion is incremented.
59 The dataVersion of the cm_scache_t object is supposed to be updated
60 on the next access by performing a fake get callback request.
61 Unfortunately, this did not always occur because of a race. If another
62 Freelance object is updated first, the root directory object would
63 never successfully get a fake callback.
65 This patchset ensures that the generation of the fake directory
66 buffer content and the callback are obtained under the same set
67 of locks thereby removing the race.
69 * Enforce in afsd_service that tokens can be set for alternate
70 userids only if the SetToken pioctl is called from the
74 * Revise SMB QuerySecurityInfo Response for MS10-020
76 MS10-020 (http://support.microsoft.com/kb/980232) has caused
77 many problems for implementors of SMB 1.0 servers and applications
78 that call GetFileSecurity() without checking the return code to
79 determine if the call succeeded. The gist of the vulnerability
80 was that the SMB redirector would pass any buffer it received
81 to the application regardless of whether or not it was valid.
82 MS10-020 protects the applications by strictly validating the
83 SMB response data structure and the data in the security descriptor
86 The problem for SMB 1.0 server implementors is that there have
87 been at least three different protocol descriptions for
88 NT_TRANSACT_QUERY_SECURITY_DESC published over the last decade
89 and all of them are incomplete. Therefore, just about no one but
90 Microsoft has an SMB 1.0 server implementation that produces the
91 exact out that they are expecting to validate.
93 The end result is that in an attempt to protect applications from
94 crashing due to invalid input being passed in directly caused
95 dozens of applications to crash by not returning any security
96 descriptor data at all. Even when the applications didn't crash
97 they might not have been able to save their data. Cisco WAAS
98 and NetApp DataOnTap systems were most adversely affected and
99 they have had CIFS protocol licenses for many many years.
101 To fix OpenAFS here is what needed to be done:
103 1. Instead of returning a security descriptor that gives ownership
104 to the NUL SID, give it to the Everyone SID and set the flag
105 that states that everyone has full access.
107 2. Validate the input parameters. In particular, check to ensure
108 that the SMB file descriptor is valid and the file has not
111 3. Enforce the maximum output data and parameter counts.
113 4. Handle buffer overflow and buffertoosmall conditions
114 in the manner that Microsoft expects them to be handled.
115 In particular, note that the parameter data which is returned
116 in the SMB Data Region is not counted in the Data Count.
117 Even if MaxData is 0, we can still return parameters values
118 as long as MaxParm is large enough.
120 * Prevent use of AFSCache file contents if mapped to
123 * The Windows version of "fs newcell" did not accept any parameters
124 and behaved quite differently from the Unix version. Instead of
125 permitting new cell information to be added, the Windows version
126 simply forced the existing cell information to be reacquired.
128 This update adds a new pioctl, VIOCNEWCELL2, to support the
129 implementation of a Unix-style "fs newcell". The functionality
130 added here differs from the Unix version in the following ways:
132 1. "fs newcell" with no arguments is still accepted
133 in order to maintain compatibility with prior Windows
136 2. "fs newcell -cell <cell> -dns" instructs the cache manager
137 to add the new cell but obtain the vldb server info from
140 3. "fs newcell -cell <cell> ... -registry" instructs the cache
141 manager to add the new cell and also save the cell configuration
142 data in the registry for use the next time the service restarts.
144 4. The -vlport and -fsport options are accepted although the
145 -fsport value is currently unsupported by the cache manager.
147 * New registry value "FreelanceImportCellServDB" instructs Freelance
148 to create a mount point for every cell name listed within the
151 * Path MTU discovery for Rx is activated.
153 * Rx socket input buffer is converted to a circular buffer.
155 * Fix usage of cm_FreeServerList(). Do not set the server list
156 pointer to NULL after calling cm_FreeServerList(). Doing so
157 can result in a memory leak.
159 * Only enable Rx NAT pings on a single anonymous connection at a
162 * Fix cm_IoctlSkipQueryOptions() buffer management. Prevents a
163 potential read beyond end of memory buffer.
165 * Reduce requested privileges when reading registry CellServDB
166 to the minimum required.
168 * Add support for RPC Pipe Service NetWkstaGetInfo levels
169 101 and 102 which are called on Windows 7 and 2008-R2.
171 * Prevent integer overflow during quota percent used calculation
172 in Explorer Shell Extension (RT 126846)
174 * Generate a meaningful error if "fs listacls" or "fs setacls"
175 are executed on the Freelance root.afs volume.
177 * RXAFS_InlineBulkStat errors must be processed via cm_Analyze.
178 RXAFS_InlineBulkStatus does not return errors such as EACCES,
179 VNOVOL, VNOVNODE, VOFFLINE, VBUSY, VIO, VMOVED, etc. as an RPC return
180 code. Instead they are returned in the status info errorCode field
183 Traditionally, the error associated with the first FID in the query
184 list has been returned to the caller of cm_TryBulkStatRPC().
185 However, the error has never been processed through cm_Analyze()
186 which means that the per-vnode processing for VNOVNODE and the volume
187 global processing for VMOVED, VNOVOL, etc. has never been performed.
188 As a result, failover to other .readonly volume instances cannot occur,
189 volume moves will not be handled, and files that have been deleted
192 This patchset makes the following changes:
194 1. If an inline bulk operation has been performed and the inline
195 errorCode is a volume global error, then that error replaces
196 the RPC return code within the cm_Analyze() processing for
197 the RPC. This will affect whether or not a retry operation
200 2. The variable 'inlinebulk' is reset to 0 at the top of the
201 cm_Analyze() loop in case failover from an inlinebulk capable
202 file to an inlinebulk incapable file server takes place.
204 3. The FID that is passed into cm_Analyze() is not a real fid.
205 Instead it consists of the cell and volume but vnode = 0.
206 This ensures that the error (if any) is not applied to the
209 4. If an inline bulk operation was performed, prior to performing
210 the cm_MergeStatus() operation a vnode a check is made to
211 determine if an error was returned for that vnode. If so,
212 cm_Analyze() is called with no connection, a fake cm_req_t,
213 the fid, and the error. This permits cm_Analyze() processing
214 to be performed on the file.
216 * Show configuration pages for all types of MSI installations
218 The OpenAFS MSI installer wizard used to not show any configuration
219 pages for "Typical" and "Complete" installations. Setting the
220 workstation cell and logon options during installation required
221 selecting the "Custom" option. Many users choose the "Typical" option
222 during installation, and thus would never see the configuration pages.
223 Therefore, for these users, the workstation cell was being set to the
226 This patch makes the workstation cell and logon option configuration
227 pages visible to all types of installations (except silent
228 installations which show no UI).
230 * cm_LookupInternal creates Freelance mount points and symlinks
231 when queries cannot be found in the Freelance root.afs directory.
232 If the search name is a full cell name for which vldb information
233 can be obtained, then a mount point is added. If the search name
234 is a left-most substring or the full cell name with a dot appended
235 to it, then a symlink was created. This approach created a very
236 poluted Freelance name space.
238 This patchset makes the following changes:
240 1. Do not create symlinks with a dot appended to the cellname
242 2. Do not create symlinks where the left-most substring is not
243 a full dot separated component of the cellname.
245 3. Permit lookups to succeed when we would have created a
246 symlink in the past without creating the symlink.
248 * BPlus tree lookups are much faster than searching through
249 the native directory format on Windows because the case sensitive
250 hash tables cannot be used successfully. Permit BPlus trees
251 to be used except when called with cm_BPlusDirFoo as the action
252 function because cm_BPlusDirFoo is used to build the BPlus trees
253 from the native directory format.
255 * Symlinks are ending up in the Freelance root.afs directory that
256 end with a dot. Make sure it cannot happen.
258 * cm_FreelanceAddMount and cm_FreelanceAddSymlink is supposed to
259 return the allocated FID of the entry that was added. However,
260 cm_NameI is called to perform the lookup without forcing an update
261 of the Freelance fake directory. As a result the entry may not be
264 Force an update prior to calling cm_NameI() by using
265 cm_clearLocalMountPointChange() and cm_reInitLocalMountPoints()
268 * The Freelance fake root directory buffers were not zero-filled.
269 This results in random behavior that can cause the service to
270 terminate unexpectedly.
272 * The validation check for the response from the GetVolumeStatus
273 pioctl is incorrect. The response is not simply a VolumeStatus
274 structure but also several C strings appended to it.
276 * When flushing a file, we need to commit the file length changes
277 as well as the dirty buffers. Call cm_FSync instead of buf_CleanVnode
278 which is called by cm_FSync.
280 * Prevent rx_rpc_stats global lock from being a bottleneck in the
285 * Avoid a race when updating cell vldb server lists
286 that can result in a crash.
288 * Avoid a deadlock when managing CM_SCACHESYNC_STOREDATA
289 state operations for directory objects.
291 * Add new Windows Application Event log messages for
292 VBUSY, VRESTARTING, ALL_BUSY, ALL_OFFLINE, and ALL_DOWN.
293 Include message throttling to prevent the same message
294 from being logged repeatedly within a five second window.
296 * Reduce lock contention by waiting for cm_buf_t I/O
297 operations to complete before permitting cm_SetupStoreBIOD
298 to analyze a buffer for inclusion in a BIOD.
300 * Split the cm_buf_t flags field to separate the flags
301 that are protected by the cm_buf_t mutex from those
302 protected by the buf_globalLock. This eliminates the need
303 to hold both locks everytime the flags field is accessed.
304 Both locks were not held in the past resulting in race
305 conditions that could result in deadlocks.
307 * Add "vos setaddrs" command.
309 * Rx library lock contention avoidance between rx_NewCall and
312 * Rx library races due to inconsistent use of rx_connection
313 conn_data_lock to protect the flags field.
315 * Rx library inconsistent use of RX_CALL_TQ_WAIT which could
318 * Rx library must signal transmit queue waiters when flushing.
319 Otherwise, deadlocks can occur.
321 * In cm_UpdateVolumeLocation, avoid searching for a ".readonly"
322 volume on a numeric volume name.
324 * File buffer allocations whose offsets are beyond server EOF
325 should be locally allocated and zero filled. The file server
326 should not be issued a FetchData rpc which is guaranteed to
329 * Enable integrated logon to work with Windows 7/2008 when
330 user logons are performed with a non-Domain Kerberos principal.
332 * Add Protection Error messages to aklog output.
336 * Prevent the Explorer Shell extension from crashing if
337 symlink creation failed. (126406)
339 * A Rx level NAT ping has been implemented.
340 Add NatPingInterval registry value to
341 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters
342 to permit Nat Ping to be enabled. The default value is 0 seconds.
344 * When a re-initialization is taking place, be sure to reset
345 cm_noLocalMountPoints to 0 in case someone deletes the "Freelance"
346 registry key out from underneath the service.
348 * Add krb5 error message translation to aklog, afscreds,
349 afslogon.dll, the network identity manager afs provider
352 * Mode bits aren't directly exposed by the Win32 API. We were leaving
353 them to default to 0777 when creating new files and directories.
354 This version introduces two configuration parameters;
355 'UnixModeFileDefault' and 'UnixModeDirDefault' which are DWORD
356 registry entries that are used to set the initial mode bits.
357 If the values are set to 0, then the behavior is identical to what we
360 * Minidump files are now produced with a timestamp appended
363 * An SMB request debugging monitor has been added. When activated
364 the monitor will automatically turn on trace logging if any SMB
365 request has required longer than 60 seconds to complete and will
366 then create a minidump every 60 seconds thereafter until the
371 * Restore use of DNS AFSDB and SRV records by kaserver clients.
375 * Avoid a potential Freelance deadlock during initial execution
376 of afsd_service.exe if the old ini file data has to be
379 * Three rx library corrections. (1) Idle data connection
380 processing could timeout if the send window filled and
381 took longer than the idle data timeout period for the
382 transmit window to re-open. (2) The transmit queue
383 could be emptied prematurely. A required check for the
384 queue being in use was forgotten. (3) The function that
385 is supposed to implement a wait for the transmit queue
386 to cease being busy failed to wait.
389 * Restore use of DNS AFSDB and SRV records which were
390 unintentionally disabled in 1.5.69
393 * Add a context menu to the NetIdMgr AFS Provider
396 * Prevent an empty directory Btree from being created and
397 marked as valid if cm_BPlusDirBuildTree fails.
399 * cm_BPlusEnumAlloc should not fail if the enumeration
400 contains zero entries.
402 * In cm_BPlusXXX functions, return ENOMEM if malloc() fails.
404 * Do not leak the cm_scache_t dirlock if cm_BPlusDirBuildTree
407 * fs examine should report owner and group ids as signed values.
409 * Protect buffers in smb_WriteData from simultaneous writes.
411 * Query network interface MTU values from the registry because
412 the IP Helper GetAdapterAddresses() fails to report a manually
415 * Improve performance by not dropping and reacquiring the rx_call
416 lock in rx_WriteProc* and rx_ReadProc*.
418 * When configuring the rx library, the network interface MTU
419 must be applied to both the maximum send size as well as the
420 maximum receive size as is done when rx_SetMaxMTU is called
423 There was no 1.5.67 release
426 * Convert afsauthent.dll to use the xdr_alloc and xdr_free
427 routines from afsrpc.dll in place of malloc and free.
428 This permits the two libraries to be built with different
429 C runtime libraries without crashing.
431 * Set the DOS Readonly attribute on a file/directory
432 whenever the unix mode combined with the mask 0200
433 is true. Previously there was a discrepency between
434 the mask used for testing for readonly behavior and
435 that used for setting the attribute.
437 * Disable AFSVolSync based .readonly "whole-volume callback"
438 support because the all file servers prior to 1.5.67
439 (and perhaps 1.4.12) do not properly assign a value to
440 the AFSVolSync structure in bulk status RPC responses.
442 * Improve the error output from aklog to output the value
443 from krb5 error_message() if the afs_com_err output
444 indicates an unknown value.
446 * Hold a lock on the cm_scache_t object when the smb
447 server is assigning a new clientModTime value.
449 * Permit custom build version numbers to be set
450 without modifying the src/config/NTMakefile.<platform>
453 * Add support for binary code signing with cross-signed
454 certificates and arbitrary versions of signtool.exe.
456 * Convert VBUSY and VRESTARTING to CM_ERROR_ALLBUSY and
457 do not permit them to be exposed to the smb redirector.
459 * Convert STATUS_TIMEOUT responses to STATUS_IO_TIMEOUT
460 to avoid confusion within the smb redirector.
462 * Fix the byte order assigned to port numbers associated
463 with AFSDB record lookups. They must be network byte
464 order not host byte order.
466 * Add dynamic server ranking based on RPC round trip
470 * Official support for Windows 7 and Server 2008 R2
472 * Improved Rx RTT computation following the lessons
475 * Prevent a file server bug (FetchData returning an
476 invalid length instead of zero) from causing an
477 "unexpected network error" when writing to files.
479 * Promote DNS SRV records as superior to DNS AFSDB
480 records. Support arbitrary port numbers for vldb
483 * Add "fs listacl -cmd" support.
485 * Add AFSVolSync based .readonly "whole-volume callback"
486 support. With this functionality, multiple objects from
487 a .readonly volume can have their status validated by
488 issuing a single RXAFS_FetchStatus RPC.
490 * Remove drive mapping functionality and service start/stop
493 * Remove drive mapping functionality from afs_config.exe.
495 * Adjust SMB error return codes to avoid returning
496 STATUS_TIMEOUT which results in the SMB redirector
499 * Network Identity Manager OpenAFS Provider now provides its
500 own "AFS lock" notification icon to report the status of
501 "have tokens, have no tokens, service not started, service
502 started but inaccessible". Hovering over the icon lists the
503 cells for which tokens exist (if any) and the OpenAFS version
504 number. Double-clicking executes the Network Identity Manager
507 * When merging the current status for an AFS object, ensure
508 that the volume status for that object is set to 'vl_online'.
510 * Permit cm_Analyze to request a retry even when the cm_req_t is
511 flagged CM_REQ_NORETRY if the RPC failed due to RX_CALL_DEAD.
512 The retry will force the use of a new connection.
514 * Add digital signatures to resource only dlls as required by
517 * Prevent pioctl calls from retrying indefinitely when a sharing
518 violation error occurs.
520 * Add {HKLM,HKCU}\SOFTWARE\OpenAFS\Client DWORD "ShowMountTab"
521 to restore access to drive mapping functionality in afscreds.exe
524 * Permit Rx minimum peer timeout, maximum receive window size and
525 maximum send window size to be configured via the registry.
527 * The MSI installer now sets the ARPINSTALLLOCATION as required by
530 * DNS lookups set the port numbers in network byte order within
533 * Replace use of the 16-bit compatibility API WinExec with
534 ShellExecuteEx in afs_config.exe and afscreds.exe. WinExec
535 is incompatible with Windows 7 / Server 2008 R2 UAC
539 * Short circuit background volume checks if a shutdown
540 or suspend request is received.
542 * Avoid contacting the file server in order to allocate
543 an empty buffer beyond the current length of the file.
545 * When a request for streams on a directory or mount
546 point object is received, do not offer a default stream.
547 This was affecting the saving of roaming profiles.
550 * Fix Windows 2000 compatibility. Do not call rand_s()
551 even if it is compatible with the C run time library
554 * Fix a data consistency error between the output of
555 NetWkstaGetInfo and NetServerGetInfo RPCs, specify the Lan
556 workstation group name "AFS", and report server name as
557 "AFS" instead of "\\AFS" when the caller asks for "\\AFS".
559 * Enable executables to be run from \\AFS on Windows 7.
560 Return "Name not found" instead of "File not found" when
561 a directory or file name cannot be found.
563 * Prevent cache manager from marking file server "down" when
564 the data returned in response to either RXAFS_FetchData64
565 or RXAFS_StoreData64 is invalid.
567 * Add pioctl data validation to the AFS Explorer Shell extension.
570 * After 1.5.62 afslogon.dll would no longer crash but it
571 also would not load "domain" specific configurations.
574 * An uninitialized variable was present in the symlink
575 recursion detection loop.
577 * Reverse addition of unique per file GUID during
578 Create/Open responses. Inclusion of the GUID prevents
579 Cygwin applications (and others) from accessing //afs.
581 * Treat "filename::$DATA" as a synonym for "filename".
582 This addresses the recent report of roaming profiles
583 failing to save back to the file server.
585 * When given a choice between an error from rx_Write()
586 or RXAFS_EndStoreData(), use the rx_Write() error.
587 This ensures that over quota and access denied errors
590 * If an error occurs during RXAFS_StoreData operations,
591 apply that error to all of the buffers in the BIOD.
592 This ensures that failures will not be retried if they
593 will only fail again.
595 * Do not perform a DNS lookup for a cellname if the
596 cellname prefix is _._AFS_IOCTL_._. This will avoid
597 DNS lookups when the query is for
598 _._AFS_IOCTL_._.F7E5F580200909010061TTTTNT7TT.{10E39A49-4531-4496-A08E-842D4C440D20}.
600 * Fix Freelance root.afs volume object callback processing.
601 Object synchronization and status merging bugs.
603 * Fix Explorer Shell "invalid parameter" bug introduced
606 * Log RXKAD errors to the trace log.
608 * Prevent simultaneous pioctl calls from multiple processes
609 from stepping on each other's data.
611 * Prevent simultaneous pioctl calls from crashing the
614 * Add data validation to pioctl output processing in
615 ktc_GetToken and ktc_ListTokens.
617 * Add data validation to pioctl output processing in
618 fs.exe and symlink.exe.
621 * IMPORTANT: New support for DCE RPC Services: SRVSVC and WKSSVC.
622 No longer will browsing \\AFS produce truncated share names.
624 * Registry specified server preferences did not result in
625 the CM_SERVERFLAG_PREF_SET flag being applied to the
628 * Avoid unnecessary DNS lookups of share names as cells
629 when it is known that the name cannot be a cell name.
630 Any name that does not contain a dot is skipped.
632 * When processing Dfs Referral requests, do not return an
633 error if the server is down or busy; if the volume is
634 offline; the cell vldb cannot be reached; etc.
635 These paths are still \\AFS paths and so the client
636 should not be sent to search elsewhere for resolution.
638 * CRITICAL: Prevent the cm_Daemon thread from terminating when
639 the machine enters the suspend state. IF the cm_Daemon thread
640 dies, there is nothing to execute down server checks.
642 * Prevent use of smb_StartedLock before initialization which
643 can result in a panic in the lock package.
645 * Improve error checking in afslogon.dll in order to prevent
646 NULL pointer dereferences within GetLogonDomainOptions()
647 if the Lsa operations fail.
649 * Add support to the build system to automatically update
650 a Microsoft Symbol Store.
652 * Do not access the cm_conn_t after executing the cm_Analyze
653 loops. Doing so can result in an access to memory that has
656 * CRITICAL: If a StoreData request offset is not aligned on the
657 buffer module blockSize, (offset % blockSize) bytes of dirty
658 data will not be written to the file server.
660 * CRITICAL: If a StoreData64 request is sent to a file server
661 that does not support large files (>2GB) and the client is
662 unaware that the server has no large file support, the first
663 chunksize worth of data will not be written to the file server.
664 This bug was introduced in 1.5.3. It affects all IBM AFS file
665 servers and all OpenAFS file servers older than 1.4.0.
668 * If a file server becomes inaccessible while the cache manager has
669 dirty buffers to write, the afsd_service buf_IncrSync thread can
670 attempt to use 100% of the cpu.
672 * Fix the locking that protects the cm_cell_t lists
673 (all, name, id, free).
675 * Remove cm_cell_t objects from the name and id hash tables before
676 placing them on the free list.
678 * Fix "fs newcell" which was broken in 1.5.60.
680 * Do not attempt to synchronize dirty buffers if the associated
681 volume is known to be unavailable.
683 * Log to the Windows Event Log dirty buffers that cannot be written
684 during the shutdown process.
686 * Modify behavior of a Freelance mountpoint target that does not
687 specify a cell. Instead of assuming the target volume is in the
688 Freelance.Local cell, use the workstation "Cell" specified in the
689 registry. A mountpoint target of "#root.cell." will now mean the
690 root.cell volume in the workstation cell for the current session.
691 If the workstation cell changes from "athena.mit.edu" to
692 "andrew.cmu.edu", the referenced volume will also change without
693 requiring that the mount point targets be altered.
695 * Avoid false infinite loop errors when validating the cm_cell_t
696 free list during startup.
698 * Fix two more locations where xdr_free() should be used instead of
699 free() to permit a checked built of afsd_service.exe to work with
700 release builds of afsrpc.dll.
702 * Add cm_FindServerByUuid(). Re-implement RXAFS_InitCallBackState3()
703 to permit the server Uuid to be used to lookup the server object
704 and from that determine the cell. This permits callbacks that are
705 received from alternate addresses to be processed with a known server
706 object. Previously a request from an unknown server would clear all
707 callbacks from all cells.
709 * Fix a bug that prevented optimal performance when using a non-zero
710 value for 'daemonCheckVolCBInterval'. As a reminder, when
711 "daemonCheckVolCBInterval" is set to a non-zero value, all .readonly
712 volume callbacks are automatically renewed 90 minutes before their
715 * Fix automatic ranking of vldb servers whose values are obtained from
718 * Add logging for RX CALL DEAD errors which are generated if the remote
721 * Add failover for RX CALL TIMEOUT errors when the volume is readonly
722 or the call is to a vldb server.
724 * Add registry based cell search functionality to NetIdMgr,
725 afs_config.exe, and klog.exe.
727 * afsconf_GetCellInfo() has been modified to perform gethostbyname()
728 lookups on the host names in the CellServDB instead of using the
729 specified IP addresses. This provides aklog, pts, vos, etc. the same
730 CellServDB behavior that the Windows Cache Manager uses.
732 * Completely a behind the scenes change. The snprintf() routines have
733 been completely rewritten.
735 * When updating the stat cache entry callback of a .readonly object
736 from the volume group object, update the file server reference to
737 ensure it matches the most update to date callback.
739 * Add proper support for processing callbacks from multi-homed file
740 servers. Instead of comparing servers by cm_server_t pointer,
741 compare them by UUID when the UUID is known.
743 * During a shutdown short circuit the offline volume check daemon
746 * Properly track link counts during cm_Link and cm_Unlink operations.
748 * Return the error code of RXAFS_FetchData / RXAFS_StoreData in
749 preference to an error code reported by rx_EndCall.
751 * Add "PerFileAccessCheck" registry value to permit testing against
752 experimental file servers that include per-file acl support. This
753 value is intentionally undocumented. It is not to be used by
754 production environment deployments.
756 * Log a warning to trace log if a volume group is marked as a DFS
757 File Set. The Windows OpenAFS client does not include DFS support.
759 * Fix a bug introduced in 1.5.60 that prevents the afs netidmgr
760 provider from obtaining tokens when referrals are in play.
762 * Add "fs chown" and "fs chgrp" commands to permit the owner and
763 group of objects stored in AFS to be set from Windows.
765 * Avoid performing background daemon operations when the machine is
766 going into suspend mode.
768 * Perform offline volume checks in most recently used order.
770 * Prevent crash when a data version for a cache object goes backwards.
772 * fs setquota, fs setcachesize, vos setfields, and vos create now
773 accept human readable orders of magnitude. (K, M, G)
775 * fs listquota fixed to permit large quota sizes to be displayed.
777 * rx packet resend and data packets sent counts were incorrect.
779 * Multi-thread safe library versions are now being generated and used.
780 mtafsubik.lib, mtafsutil.lib, mtafsvldb.lib, mtafsvol.lib.
782 * Microsoft SMB Redirector (mrxsmb.sys) support for ExtendedSessTimeout
783 values are now available on XP through Windows 7. Add functionality
784 to autodetect if such support is present on the machine. If so,
785 configure it if necessary and dynamically adjust the AFS Rx timeout
788 * Correct another race condition in the Rx library that could result
789 in an unexpected panic while freeing the Rx call iovq.
792 * A fix to the pioctl library to support drive substitution
793 to UNC paths. (SUBST <d:> <\\afs\cell\path>).
795 * On April 9th Microsoft released a Hot Fix for Windows Server 2003 SP2
796 that corrects a deadlock in the smb redirector and also adds new
797 functionality that permits the AFS SMB server to be given a longer
798 timeout than is normally the case. New functionality has been added
799 to configure these additional LanmanWorkstation\Parameter values.
800 (This functionality has been backported to XP SP3 and is scheduled
801 to be released on June 5th.)
803 * The BackConnectionHostNames registry value configuration was broken
804 when dynamic re-establishment of Netbios Name registrations was added.
807 * Hidden vos commands are revealed.
809 * If the "DisableLoopbackCheck" registry value is set, do not unset
810 it during the same service session.
812 * Reorganize code that prevents multiple Store operations to the same
815 * Modify IsPathInAfs test in Explorer Shell Extension and fs.exe to
816 permit broken symlinks to be treated as being in AFS.
818 * Fix vos commands that output 64-bit integer values.
820 * Cygwin Import Libraries are provided in the SDK for all OpenAFS DLLs.
821 Permits building cygwin applications against OpenAFS libraries.
823 * OpenAFS Release Notes, Administrator Guide and User Guide now installed
824 as Windows HTML Help (.CHM) files.
826 * NSIS installer does a much better job of cleaning up files left
827 over from previous installs.
829 * Fix RT#124787, a race condition between "fs flush <dir>", "fs flushvolume",
830 or "fs flushall" and on-going directory operations that can result in
831 afsd_service.exe crashing.
833 * Add support for DNS SRV records in place of AFSDB records.Â
834 _afs3-vlserver._udp.<cellname>. Priority field is used.Â
835 Weight is currently ignored.
837 * Add a method of specifying Client CellServDB information within the
838 registry that can be used to either override the CellServDB file or
839 force the use of DNS lookups for a given cell.
841 The registry schema is as follows:
843 HKLM\SOFTWARE\OpenAFS\{Client,Server}\CellServDB\[cellname]\
844 "LinkedCell" REG_SZ "[cellname]"
845 "Description" REG_SZ "[comment]"
846 "ForceDNS" DWORD {0,1}
848 HKLM\SOFTWARE\OpenAFS\{Client,Server}\CellServDB\[cellname]\[servername]\
849 "HostName" REG_SZ "[hostname]" Default: [servername]
850 "IPv4Address" REG_SZ "[address]" Used only if gethostbyname() fails.
851 "IPv6Address" REG_SZ "[address]" <future>
852 "Comment" REG_SZ "[comment]"
853 "Rank" DWORD "0..65535" Default: 0
854 "Clone" DWORD "{0,1}" <future: server only>
855 "vlserver" DWORD "7003" <future>
856 "ptserver" DWORD ... <future>
858 ForceDNS is implied non-zero if there are no [servername]
859 keys under the [cellname] key. Otherwise, ForceDNS is zero.
860 If [servername] keys are specified and none of them evaluate
861 to a valid server configuration, the return code is success.
862 This prevents failover to the CellServDB file or DNS.
864 Only one of "HostName" or "IPv4Address" is required. "HostName"
865 is optional if [servername] is the host name.
867 * Extend registry based CellServDB functionality to
868 afsconf_GetCellInfo() interface used by aklog and many
869 other command line utilities.
871 * libafsconf.dll moved from OpenAFS\Client\Program to OpenAFS\Common
872 as it is now used by both client and server components.
875 * PriorityClass of afsd_service.exe process raised to
876 "High" to match the priority of the system services
877 that are waiting for afsd_service.exe to respond.
878 Configurable using [TransarcAFSDaemon\Parameters]
879 DWORD "PriorityClass" value. (use values from Win32
882 * Change error reporting of CM_ERROR_BADSHARENAME to
883 use the correct error (NTSTATUS_BAD_NETWORK_PATH).
884 The error we were sending would cause the smb
885 redirector to drop the connection.
887 * Change the error reporting of CM_ERROR_ALLOFFLINE
888 and CM_ERROR_ALLDOWN to return NTSTATUS_PATH_NOT_FOUND.
889 Previous we would return Bad Network Path which
890 would cause the smb redirector to cancel all file
891 handles on the same "share".
893 * A debug version of afsd_service.exe can now be used
894 with a release version of afsrpc.dll (or vice versa).
895 afsrpc.dll now implements and exports xdr_free().
897 * Removed all unprotected OutputDebugString() calls as
898 those calls can block for up to 10 seconds if there
899 is contention for the globally shared memory or if
900 the debugger fails to read data in a timely manner.
902 * Visual Studio 2008, WDK 6.1 and DDK 6.1 are now
903 supported for builds. The production releases still
907 * Discovered that XP/2003 supports a variant on recvmsg
908 called WSARecvMsg. The input parameters are mostly
909 compatible with the Posix recvmsg. This will save
910 multiple memcpy() calls per received packet.
912 * Discovered that Vista/2008 supports a variant on
913 sendmsg called WSASendMsg. The input parameters
914 are mostly compatible with the Posix sendmsg. This
915 will save multiple memcpy() calls per sent packet.
917 * Exporting rx_ReadProc32, rx_WriteProc32 from afsrpc.dll
918 and utilizing rx_ReadProc32 from within the cache manager
919 as part of the FetchData operations. rx_ReadProc32 and
920 rx_WriteProc32 are optimized versions of rx_ReadProc and
921 rx_WriteProc for use when reading 32-bit integer values.
923 * The Network Identity Manager AFS provider now reports
924 progress events. These provide a better user experience
925 with Network Identity Manager 2.0.
927 * [RT 124293] A race condition exists which permits the
928 scp field of the an smb_fid_t object to become invalid
929 after a request on the smb_fid_t has begun. Remove the
930 race by protecting all access to the scp field with the
931 smb_fid_t mx mutex and obtaining a local reference on
932 the cm_scache_t object for the length of the request.
934 * [RT 124276] If the vldb is out of sync with the contents
935 of the file servers, afsd_service will retry too many
936 times when a file server reports a volume as not being
937 present. Now if the list reported by the vldb is the
938 same as the previously seen list, then the retry is
941 * [RT 124276] Read-only volume failover was broken in
942 1.5.53 whenever accessing a volume results in VNOVOL or
945 * [RT 124276] Prior to 1.3.70 the volume server reference
946 list was not reference counted and would be prematurely
947 freed while in use. When reference counting was added
948 in 1.3.70 a bug was introduced that could result in
949 service reference list corruption.
951 * Add Windows Application Event Log warning messages for
952 "Client SMB MPX value too large" and
953 "Client SMB Buffer Size too small".
955 * Renaming of files across directory boundaries would result
956 in an invalid handle error when attempting to access the
957 files after the move.
959 * Fix the handling of Tran2 Set Path Info RPCs. Do not fail
960 when a smb file descriptor cannot be found. The whole point
961 of using a Path Info function is because an smb file
962 descriptor wasn't allocated.
964 * More edge cases in which dynamic addition of Freelance
965 root.afs entries would get the wrong FID or where the
966 root.afs directory would not be refreshed.
968 * Buffer overflow could occur if the workstation cell name was
969 longer than 64 characters. Crashes could occur in
970 afscreds.exe, afslogon.dll, and afsd_service.exe.
972 * VNOSERVICE and VOFFLINE errors were leaking and were exposed
975 * Improve consistency of the bad data version value used for
978 * Log file server uuid values as part of the cm_server object
979 when available. Dump the cm_server object list in response
982 * Optimize the performance of resetting access control lists
983 when tokens are set or removed.
985 * Fix vos.exe so that it can work with very large volume
988 * Remove symlink recursion tests and increase max symlink count
992 * Undo the "UAC manifest fix" applied to afs_config.exe.
994 * Fixed some additional race conditions in the Rx library
996 * Ensure that Freelance allocation of vnodes follow
997 the AFS convention of odd vnodes are directories
998 and everything else is an even vnode.
1000 * Add Freelance logic to mount point and symlink
1001 evaluation functions.
1003 * Enhance smb_ParseASCIIBlock() so that it can handle
1004 all of the STRING formats defined by the CIFS Technical
1007 * Validate the output of smb_ParseASCIIBlock() in all
1008 callers. Return CM_ERROR_BADSMB if the STRING field
1009 cannot be parsed. CM_ERROR_BADSMB will cause the
1010 contents of the packet to be logged.
1012 * If multiple SMB Raw Write operations were taking
1013 place at the same time, there could be data corruption
1014 because unique event objects were not generated for
1015 each Netbios receive operation.
1019 * Fix a race in rxi_WriteProc which could result
1020 in a freed or in use packet being passed to
1021 rxi_PrepareSendPacket if the call is currently
1022 in a transmit wait state. Passing a freed packet
1023 will result in a panic. Passing an in use packet
1024 might result in a call failure or perhaps data
1027 * Kerberos referrals broke the NIM AFS provider
1028 logic for automated configuration of the workstation
1029 cell with a new identity. Now if a referrals
1030 response is returned, assume the cell belongs to the
1033 * The interface to buf_CleanAsync() and
1034 buf_CleanAsyncLocked() has been changed to permit
1035 errors to be propagated to the caller.
1037 * During an enumeration of a directory, if the btree
1038 has not yet been generated, return an error.
1040 * When mapping CM_ERROR values to NTSTATUS values
1041 do not treat 0 as an error.
1043 * Avoid a cm_scache_t object reference count underflow
1044 when renaming via the SMB interface.
1046 * smb_IsMask() can be called with a non-8.3 input buffer.
1047 Separate smb_IsMask() into smb_Is8Dot3Mask() for 8.3
1048 input buffers and smb_IsMask() for non-8.3 input buffers.
1050 * Add cm_buf_t error state to the "fs memdump" output.
1052 * pioctl drive mapping checks need to take into account
1053 Global Drive Mappings and SUBST assignments.
1055 * Rename operations should not be permitted if the
1056 destination name collides with an existing name that
1057 differs only by case UNLESS the collision is the object
1058 that is being renamed.
1060 * Increase the maximum number of background daemon threads
1061 to 64. Leave the default at 4.
1063 * Set the FILE_UNICODE_ON_DISK flag when reporting the
1064 file system characteristics.
1066 * Report the maximum component name length as 255 even
1067 for Unicode as part of the file system characteristics.
1069 * Add RX debugging information to "fs memdump" output
1072 * Refcount the cm_server_t objects returned by
1075 * Fix the UAC manifest applied to afs_config.exe
1077 * rxdebug now indicates if any RX_CONN flag is set
1078 not just some of them
1080 * Change the mapping of CM_ERROR_WOULDBLOCK from
1081 NTSTATUS_LOCK_NOT_GRANTED to NTSTATUS_CANT_WAIT
1085 * Includes #GCO Public CellServDB 07 Nov 2008
1087 * Prevent separate cell entries from being created for
1088 "foobar.org" and "foobar.org." which can happen if
1089 an AFSDB record is found instead of a CellServDB
1092 * Fix a panic when checking the SMB virtual circuit list.
1093 If a VC is destroyed while the list is being checked
1094 it is possible for the next object to become invalid.
1096 * Increased logging to afsd_init.log of netbios name
1099 * Fix a DNLC panic when a UTF-16 string that cannot be
1100 converted to a utf-8 string is provided as a filename.
1102 * In the NSIS installer, delete old afslogon.dll/afscpcc.exe
1103 from %windir%\system32 and fix the WinLogon\Notify\AfsLogon
1104 location to refer directly to the new location in
1105 %programfiles%\openafs\client\program
1107 * Be more aggressive about responding to Netbios
1108 NRC_BRIDGE/NRC_NOWILD errors. Rebind the Netbios name to
1109 the LANA within the listener thread without performing a
1112 * Use the WNet Enumeration of all connected drives as a filter
1113 in the pioctl GetIoctlHandle operation. This should remove
1114 the last situations in which there was a delay when opening
1115 an Explorer Shell properties menu with the AFS Shell
1118 * Fix the parsing of CellServDB in Windows to handle linked
1119 cells as is done on Unix.
1121 * Add support for linked cells to the cache manager,
1122 netidmgr afs provider, and aklog. When two cells are
1123 linked, a volume lookup that fails in one cell is looked
1124 up in the other. This can be used for construction of
1125 test cells that override specific volumes; cell renaming;
1128 * Increase the length of cell and realm names that can
1129 be entered in the NIM AFS provider.
1131 * Actively prevent a 32-bit afsd_service.exe from
1132 executing in the WOW64 environment.
1134 * Protect against invalid IP address values in CellServDB
1139 * Fix an Rx panic caused by an attempt to double free
1140 an rx_packet when an error occurs while writing the
1143 * Fix an exception cause by a race condition when
1144 processing multiple file change notifications registered
1145 by the Explorer Shell or other applications.
1147 * Modify the Rx debug interface to use var_args and
1148 permit Rx debugging to be used on 64-bit Windows
1149 which previously had it disabled.
1153 * Automated lock hierarchy enforcement added to the
1154 osi base lock package. This permits detection of lock
1155 violations that might but often does not result in
1156 deadlocks. Enabled by default in the checked builds.
1157 May be activated in release builds via the registry
1158 value "LockOrderValidation" in the TransarcAFSDaemon
1161 When a violation is detection an assertion is thrown
1162 generating a dump file and a message indicating which
1163 locks were obtained out of order is logged to the
1164 Windows Application Event Log.
1166 * Attempt to ensure that a dump file will be generated
1167 whenever the service panics.
1169 * Removed unused lock cm_bufGetMutex
1171 * Many out of order lock acquisitions were detected
1172 using the lock order verifier and were corrected.
1174 * A race condition within the function path cm_GetSCache() ->
1175 cm_GetNewSCache() -> cm_RecycleSCache() permitted a
1176 cm_scache_t object to be issued simultaneously to two
1177 threads. This would eventually result in a panic due
1178 to the resulting undercount.
1180 * Fix interpretation of the empty string as the ioctl path
1181 to mean the current directory. "fs lsm", "symlink list",
1182 etc. now return a "not a ..." error instead of "does not
1185 * Add SMB_STRF_SRCNULTERM flag to smb_ParseStringXXX functions.
1186 to indicate that the input string is a nul terminated string.
1187 Assign ti when input strings are nul terminated instead of
1188 length counted. (from 1.5.50)
1190 * The CIFS protocol specification for handling NT_TRANSACT_CREATE
1191 does not match the observed behavor. The 'nameLength' is specified
1192 in bytes, not in characters. Fix the implementation to match
1193 the observed behavior. (1.5.50)
1195 * The cm_HaveAccessRights() attempt at deadlock avoidance by
1196 calling lock_TryRead() on the parent directory cm_scache_t rw-lock
1197 does not avoid the deadlock. Avoid the deadlock by enforcing the
1198 lock order of the lowest vnode first. Then remove the infinite
1199 loop avoidance in cm_SyncOp() that was returning an unwarranted
1200 access denied error.
1202 * File Server lock synchronization was not propertly enforced in
1203 smb_ReceiveNTCreateX() and smb_ReceiveNTTranCreate().
1205 * Another change to the short name generator. Plus and equal are
1206 not valid characters in a short name according to the
1207 RtlIsNameLegalDOS8Dot3() in kernel mode. They have been replaced
1208 with left and right brace in order to minimize the impact.
1210 * Fix a race condition that can result in a heap overwrite error if
1211 the number of known file servers or vldb servers increases during
1212 the preparation phase of a cm_CheckServers() operation.
1214 * If the SMB Authentication would fail, a LSA allocated memory
1215 buffer would be leaked.
1217 * Rewrite the cm_cell_t allocation code to permit cell vldb server
1218 lookups to fail without leaking cm_cell_t objects.
1220 * Add "fs setcrypt auth" to permit the use of rxkad authentication
1221 only mode. Not documented.
1223 * Initialize Rx mutex and lock objects once and only once as part of
1224 the DLL load process.
1226 * When reporting the Volume Name "AFS" do not include the terminating
1227 NUL in the reported length.
1229 * Refresh Volume Location information upon receipt of a VNOVOL error
1230 from the file server and avoid a race condition that prevented the
1231 updated volume location information from being destroyed immediately
1232 after it was acquired.
1234 * In response to VNOVOL and VMOVED, remove the volume id from the server's
1235 volume list so that the volume's up and down status is not affected
1236 when the machine is shutdown.
1238 * Many fixes to the Rx stack related to packet allocation and deallocation;
1239 Rx debugging; Rx packet tracking across queues; and Rx packet loss caused
1240 by overwriting the rx_call currentPacket pointer when it was already
1241 referring to a packet.
1243 * Rx Jumbograms are now off by default. To re-enable, add "RxJumbo" = "1"
1244 in the TransarcAFSDeamon/Parameters key.
1246 * "fs flush", "fs flushvolume", and "fs flushall" now destroy locally
1247 constructed directory B+ trees for flushed directory objects.
1249 * When cached pages for directory objects have been locally modified, do
1250 not permit the locally modified pages to be mixed with pages subsequently
1251 obtained from the file server. Doing so can result in directory
1254 * If Ubix errors are received in response to VL_xxx operations record
1255 the error on the server instance and permit the operation request to
1256 be retried in case another server is able to answer the query. We have
1257 seen at least one instance of a cell in which a VL server returned
1258 UNOQUORUM (possible database truncation) when the other servers were
1259 responding successfully.
1262 * Optimize the assignment of write errors to dirty
1263 buffers by applying the first error to all buffers
1264 belonging to the same object instead of trying each
1267 * Add resource version info to xstat_fs_test and xstat_cm_test
1269 * Fix a delete vs delete[] usage problem in the WiX custom
1272 * When creating a mount point, validate the volume name to
1273 make sure it exists.
1275 * When processing a mount point, pay attention to VL_BADNAME
1278 * Remove a race condition from cm_volume_t recycling that could
1279 have resulted in two threads making use of the same object at
1282 * Fix a reference count leak on smb_vc_t objects introduced in
1283 1.5.50. Permit the objects to be freed once again.
1285 * Fix the output of "fs memdump" for smb_vc_t objects that was
1288 * Add routines for debugging smb refcount errors.
1290 * When shutting down the cache manager, do not permit AFS
1291 callback requests to be processed. Doing so can result in
1292 invalid memory accesses.
1294 * Do not recycle a deleted cm_scache_t object unless the
1295 refCount is 0. Doing so can result in a deadlock and
1296 invalid memory access.
1298 * Minimize the number of RPCs sent to the file server for
1299 directory bulk status requests. Only request status for
1300 objects that we are actually reporting on and only if we
1301 do not already have status for the object and then make
1302 sure that we return as much as we can at once via the SMB
1303 interface but not so much that it exceeds the RDR timeout
1305 * Enable bos restricted operations
1307 * Fix the creation of submounts used by the afscreds and afs_config
1310 * Avoid repeated retries when attempting to obtain access rights.
1311 If the access rights were obtained successfully but do not
1312 satisfy the request, fail the request.
1314 * Fix error code reported when attempting delete a file on a
1315 readonly volume or one that is marked with the readonly DOS
1318 * Fix a short name truncation bug.
1320 * Fix a heap corruption error when reading the CellServDB file
1323 * Fix directory listings when the directory has "lookup" permission
1324 only and the directory has never been previously accessed.
1326 * Fix several tracking issues for cm_scache_t rw locks.
1328 * Ensure that all buffers used to store cell names are the
1331 * Restore Windows 2000 support (broken in 1.5.50).
1332 LOCALE_INVARIANT was introduced in XP.
1334 * Add RxUdpBufSize registry value. Default is 256K.
1336 * Avoid multiple deadlocks between cm_freelanceLock and cm_scacheLock
1338 * Do not include trailing NULs when returning file names in
1339 a directory search response.
1341 * Prevent RX from crashing the afsd_service by attempting
1342 to allocate to many buffers at once when memory is fragmented.
1344 * Avoid a deadlock when freeing cm_server_t objects
1346 * Optimize search cell file. Do not search to end of file
1347 if the cell has already been found.
1349 * Remove explorer shell extension delay on local disks.
1351 * Automatically pre-allocate 64 Rx packets per thread
1353 * Add smb lock requests and stat cache lock allocations to
1354 the output from fs memdump.
1357 * Fix Large File Support (broken in 1.5.50)
1359 * Fix "fs setacl" (broken in 1.5.50)
1361 * Fix pioctl path evaluation of drive letter
1362 mapped paths. (broken in 1.5.50)
1364 * Fix installation of VC8 Runtime library in the EXE
1365 Retail installer. (broken in 1.5.50)
1367 * Avoid a potential deadlock during Volume Location
1368 updates if all the file servers are unreachable at
1369 the time the VL update succeeds.
1371 * Ensure that rx connection object is references
1374 * Fix propagation of over quota errors during cm_FSync()
1377 Since 1.5.39 [1.5.50 released 16 July 2008]
1378 * There were no releases between 1.5.39 and 1.5.50.
1380 * FIRST RELEASE WITH UNICODE SUPPORT
1382 * Pioctl interfaces to the cache manager refactored
1383 to provide layering between the SMB specific code
1384 and the general purpose ioctl operation.
1386 * Garbage collect dead SMB virtual circuits as soon
1387 as they are no longer being referenced. This avoids
1388 problems with outstanding locks not being dropped
1389 when the virtual circuit becomes invalid.
1391 * Remove the IBM Administration Reference documentation
1392 and replace it with the OpenAFS Command Reference
1395 * Avoid calling rx_SetDeadTime and rx_SetHardDeadTime
1396 functions each time a connection is about to be used.
1397 Do not hold a lock on the rx connection object while
1398 it is being selected. This avoids a race between
1399 threads attempting to set the timeout values and
1400 removes a bottleneck that was hampering performance.
1402 * Ensure that the smb directory attribute is set
1403 for all directory objects.
1405 * Add vs2008 support to the NSIS installer scripts
1407 * Replace the VC Runtime EXE installer with the MSI
1408 installer in the NSIS installer scripts
1410 * Properly delete the VC7.1 C Runtime libraries.
1412 Since 1.5.36 [1.5.39 released 23 June 2008]
1413 * There were no 1.5.37 or 1.5.38 releases for Windows
1415 * Use Visual Studio version of vsprintf() instead of
1416 home grown version that resulted in linking conflicts
1418 * Prevent buserver, ptserver and fileserver from crashing
1419 due to non-portable strftime() format strings.
1421 * Prevent server crashes caused by rx_InitMorePackets()
1422 being called prior to allocation of all of the required
1423 synchronization objects.
1425 * Fixed a memory leak in the internal B+ tree directory.
1426 For objects with non-8.3 names, the 'longname' memory
1427 allocation would be leaked during object deletion or
1430 * Fixed a memory leak in the background daemon cm_CheckServer()
1431 routine. The memory allocated to store the server list
1434 * Obtain a missing lock around a call to cm_RemoveSCacheFromHashTable().
1436 * Correct an abstraction layer violation. cm_scache_t objects
1437 should be marked deleted in cm_Unlink() and cm_RemoveDir() and not
1438 in smb_CloseFID(). Cleanup of deleted cm_scache_t objects should be
1439 performed in cm_ReleaseSCache() when the reference count hits zero.
1441 * Prototype cm_AdjustScacheLRU() and re-implement it using osi_QAddH().
1443 * Do not reference 'smb_logp' in cm_vnodeops.c. Use 'afsd_logp'
1446 * Ensure that scache object 'nextp' pointers are set to NULL
1447 when the objects are removed from the hash table linked list.
1449 * If a dirty buffer cannot be written to the file server because
1450 of an access denied error, mark the error in the cm_buf_t
1451 structure so that it can be dealt with instead of retrying
1455 * Update CellServDB file to GCO Public 23 Apr 2008
1457 * Fix a cm_buf_t reference count leak when attempts to write
1458 dirty buffers to the file server from within cm_IncrSyncer()
1461 * Prevent udebug from crashing.
1463 * Activate RX Idle Timeouts. If the file server is busy for more
1464 then 30 seconds, attempt to failover to another server without
1465 marking the busy server down.
1467 * Another VNOVNODE issue fixed. When writing a dirty buffer
1468 to the file server, if VNOVNODE is received, mark all buffers
1469 as invalid without further attempts to contact the file server.
1471 * Improved performance on high latency links.
1474 * Fix a bug preventing the re-initialization of the Freelance
1475 root.cell contents when a change is made.
1477 * Properly return CM_ERROR_NOSUCHFILE when removing a symlink
1478 or mountpoint that does not exist.
1480 * aklog, afscreds, integrated logon, and the NIM AFS credential
1481 provider will all attempt to first acquire an afs service ticket
1482 using the service principal: afs/<cell>@<CLIENT_REALM>. This
1483 permits the proper detection of the cell realm when multiple
1484 realms are local realms for the cell.
1486 * Fix fs commands that re-use file identifiers instead of forcing
1487 a path evaluation each time. This was broken in 1.5.33 when
1488 hashes were added to the cm_fid_t structure.
1490 * Fix symlink and mountpoint removal and then recreation when
1491 applied to the fake Freelance root.afs volume.
1493 * Fix SMB change notifications for the Freelance root.afs volume
1494 when creating or removing symlinks and mount points.
1496 * Force DNS AFSDB cell name lookups to lower case if the DNS
1497 response is not all lower case.
1499 * 32-bit installers are now built with Visual Studio 2005
1501 * All vos.exe commands now support the "-noresolve" option which
1502 forces the display of IP addresses instead of DNS hostnames.
1504 * No longer hold the cm_volume_t mutex across VL_xxx RPCs. This
1505 permits operations that do not require up to date volume
1506 location data to continue while waiting for the RPC to complete.
1507 Multiple threads waiting for a volume location update on the
1508 same volume set no longer trigger multiple calls VL_xxx RPCs.
1510 * Volume server references could be marked offline and never
1511 reset to the not_busy state.
1513 * Further optimizations to cm_Analyze() retry logic for
1514 CM_ERROR_OFFLINE and CM_ERROR_ALLBUSY error handling.
1517 * Optimize the DNLC by applying Interlocked incrementing for
1518 statistics gathering and enabling greater use of read
1519 locks instead of write locks
1521 * Further optimize osi_Log operations when logging is disabled
1522 by removing the need for the function call overhead.
1524 * Add a new lock operation, Convert Read to Write, and apply
1525 it throughout the cache manager. This function provides a
1526 fast transition from a read lock to a write lock when the
1527 caller is the only reader.
1529 * Fix a timeout problem when opening files or request locks
1530 when the file in question is already write-locked by another
1533 * Fix a deadlock that can occur if "fs flushall" is executed
1534 while applications are writing to AFS.
1536 * The cache manager would re-read data from the file server
1537 after file truncation when obtaining buffers to write to the
1538 same file until the first StoreData RPC completes.
1540 * Fixes error handling in cm_NTCheckDelete()
1542 * Replaces cm_scache_t mutex with a read-write lock permitting
1543 additional parallel access.
1545 * Prevent an cm_scache_t reference undercount when evaluating
1546 symlinks containing @sys when none of the active sysnames
1547 match any of the available targets.
1549 * Prevent the leak of a cm_scache_t rwlock if associated symlink
1552 * Set RxMaxMTU registry value to 0 which is the equivalent of
1553 it not being set at all.
1555 * Reduce contention between BkgDaemon threads
1557 * Prevent CM_SCACHEFLAG_ASYNCSTORE from being reset on a write
1560 * Convert reference counts on cm_volume_t, cm_conn_t, cm_server_t
1561 objects to use the faster Interlocked operations which avoid
1562 the need to hold write locks.
1564 * Permit rxkad errors other than RXKADEXPIRED to be treated as a
1565 non-fatal error that forces a retry against another service
1568 * Fix a crash in smb_WriteData that would occur if an application
1569 opened the file as read-only and then sent a write request anyway.
1572 * Respond to VL_NOENT errors by removing cm_volume_t object and
1573 setting it to be the first object to be recycled. This is not
1574 only a more efficient use of resources but it also prevents
1575 repeated attempts to query the VLDB server for the volume from
1576 the CheckOfflineVolumes routine.
1578 * Change the defaults for RxEnablePeerStats and RxEnableProcessStats
1581 * A first cut at a cache manager statistics monitor that can be used
1582 to determine the necessary cache parameters to support the
1583 application working set.
1585 Off by default, the performance package can be activated by setting
1586 "daemonPerformanceTuningInterval" in the service Parameters key.
1587 As with the other daemon interval values the unit is in seconds.
1589 At service start and each succeeding interval the cache manager
1590 will write statistics to %TEMP%\afsd_performance.txt showing the
1591 relative usage of cm_scache_t, cm_volume_t and cm_buf_t objects.
1592 The FID statistics keep track of all FIDs seen by the cache manager
1593 during the service session whether or not they are backed by any
1594 live object in the cache.
1596 These statistics are not stored in the cache file.
1598 * Fix windows event logging broken in 1.5.33.
1600 * Eliminate multiple calls to syscfg_GetIFInfo() which is used to
1601 populate the IP address list for WhoAreYou/TellMeAboutYourself RPCs
1602 as well as when computing the server preference list.
1604 * When merging status after a StoreData operation prevent data
1605 buffers from being discarded that we would prefer to keep.
1606 (Bug introduced in 1.5.33.)
1608 * Modify installers the set RxMaxMTU to 0.
1610 * In the AFS Configuration Panel on the Advanced->Miscellaneous
1611 dialog, the Background Daemons and Service Threads fields were
1614 * Increase default number of Background Daemons to 4.
1616 * Remove cm_volume_t reference from the cm_scache_t object. Permit
1617 cm_volume_t objects to be recycled.
1619 * Windows Error Reporting has shown a number of previously unseen
1620 stack corruption errors in the Explorer Shell extension. The
1621 minidump appeared to indicate the problem was in ParseAcl().
1622 Reviewing the function it appears that numerous things could go
1623 wrong if invalid input was provided. Added error checking and
1624 data validation. Hopefully this will address the problem.
1626 * Windows Error Reporting has shown crashes in aklog as a result
1627 of krb5_cc_get_default() failures not being handled. They are
1631 * The Rx library used a 32-bit type for sockets which was
1632 truncating the socket value on 64-bit Windows. This
1633 was not an issue in general but became an issue when
1634 Rx "hot thread" support was enabled.
1636 * Enable "Rx hot thread" support which ensures that while
1637 a received message is being processed that a new thread
1638 is allocated to receive the next message to arrive.
1640 * Increased parallel access to smb_rctLock protected
1641 resources. Reduce the number of times that the
1642 lock is dropped and re-obtained.
1644 * Increased parallel access to cm_scache_t and cm_buf_t
1645 resources by replacing the previous global write lock
1646 protected reference counting mechanism with one built
1647 upon the use of InterlockedIncrement and InterlockedDecrement.
1649 * Implement a hash for cm_fid_t to reduce comparison costs
1650 and inline the cm_FidCmp() function.
1652 * Redefine the BUF_HASH and BUF_FILEHASH in terms of the cm_fid_t
1653 hash which has a better distribution
1655 * Modify cm_ConsiderPrefetch to evaluate the amount of data in
1656 the most recent read request instead of the next chunkSize.
1657 cm_chunkSize can be dozens or hundreds of buffers. As a result
1658 too much time is spent performing the evaluation.
1660 * Fix the usage of cm_scache_t bufCreateLock. The purpose of this
1661 lock is to prevent the creation of new buffers while a truncation
1662 is being performed. All references to bufCreateLock have been
1663 removed except in two places:
1664 i. a write-lock surrounding the function that calls buf_Truncate()
1665 ii. a read-lock within buf_GetNewLocked() that actually allocates
1668 * Modify the CM_CONFIG_DATA_MAGIC value to include a
1669 CM_CONFIG_DATA_VERSION number which value be used to force the
1670 replacement of the cache file contents when incompatible changes
1671 are made between releases.
1673 * CM_SCACHESYNC_ASYNCSTORE should not be ordered by
1674 cm_SyncOpCheckContinue
1676 * Avoid calls to multi_Rx if nconns == 0
1678 * Modify smb_WriteData to perform background writes based upon the
1679 crossing of 'smb_AsyncStoreSize' boundaries instead of cm_chunkSize
1680 boundaries. This will slow down writes from the SMB interface but
1681 will avoid the risk of the CIFS client disconnecting from the AFS
1682 client SMB server. The default value for 'smb_AsyncStoreSize'
1685 * SMB AsyncStore functionality is on by default but can be
1686 disabled using the registry value:
1688 HKLM\SOFTWARE\OpenAFS\Client DWORD "EnableSMBAsyncStore"
1690 smb_AsyncStoreSize can be adjusted with
1692 HKLM\SOFTWARE\OpenAFS\Client DWORD "SMBAsyncStoreSize"
1694 The value must be a multiple of the buffer block size
1695 and cannot be larger than the chunk size.
1697 * Do not leak a read lock on the bufCreateLock
1699 * Do not forget to call cm_SyncOpDone if cm_SyncOp succeeded
1702 * In MergeStatus, only remove clean buffers from the hash table.
1704 * Avoid the need to update the data version number on each buffer
1705 associated with a scache when MergeStatus is called after a
1706 StoreData by maintaining a range of valid data versions as part
1707 of the cm_scache_t object.
1709 * Profiling shows large numbers of blocked calls in cm_HoldSCache
1710 from cm_HaveAccess... We can safely avoid the call so do so.
1712 * Add "ForceAnonVLDB" service parameters registry value. Default
1713 is 0. Set to 1 to force the use of anonymous connections to
1714 the VLDB servers. This is useful when using krb5 tokens and the
1715 VLDB servers have not been updated.
1718 * Do not attempt to search for a cell name that matches one
1719 of the special share names "svrsvc", "wkssvc", "ipc$"
1721 * Issue permission denied warnings from afscreds if attempts
1722 to modify the startup shortcut or registry values fail.
1723 This happens under Vista UAC.
1725 * Do not return BAD_NETWORK_ERROR in response to attempts
1726 to create directories or files in the Freelance root.afs
1727 volume. Instead return ACCESS_DENIED.
1729 BAD_NETWORK_ERROR was being sent because the Freelance cell
1730 has no vldb servers. Short circuit the error by testing for
1731 freelance in CreateFile and MakeDir
1733 * Treat srvsvc, wkssvc and ipc$ as pseudo files. Permit them
1734 to be opened and closed without actually existing. For now
1735 we treat them as equivalent to ioctls but this should
1738 * Fix RAP processing to not reject names that exist in the
1739 root.afs volume for GetInfo queries.
1741 * In afscreds, use GetUserNameEx to obtain the username instead
1742 of searching the registry. Try UserPrincipalName first and
1743 fallback to SamCompatible.
1745 * Stop linking to rpcns4.dll which is no longer supported on
1746 Vista and 2008. TaAfsAdmSvr is going to have to be
1749 * When processing dfs referral requests, if the sharename is
1750 a partial match and therefore will not be added automatically
1751 to the share list, make sure that we return an error.
1753 * Avoid a crash when logging VNOVOL errors returned from
1754 cm_CheckOfflineVolume.
1756 * When trace logging is disabled, do not permit osi_LogSaveString
1757 to perform the string copying. By disabling the string
1758 copies, throughput of the service more than doubles.
1760 * when checking offline volumes, update the cell vlserver info
1761 if required and don't perform a check if there are no servers
1764 * Add volumes in the vl_unknown state to the list of objects to be
1765 checked as offline or retried when an allbusy error is received
1768 * Add support for configuring rx_ExtraPackets
1770 * All calls to buf_Get() must be protected by a read lock on the
1771 cm_scache_t bufCreateLock
1773 * When a MergeStatus results in the invalidation of buffers, do
1774 not remove buffers from the hash tables that have active references.
1776 * Upon receiving a VNOVNODE error from a file server, be sure to
1777 invalidate any file locks. This prevents on-going attempts to
1778 extend the locks and will cause subsequent attempts to access
1779 the file to receive a invalid handle error.
1781 * Prevent smb_ReceiveTran2SearchDir from adding terminating NULs
1782 to directory entry names.
1784 * No longer discard tokens when RXKADBADTICKET error is received.
1785 Instead return STATUS_NO_KERB_KEY error.
1788 * Add "cmdebug <host> -cellservdb" option and client service
1789 implementation permits querying the vldb server for each
1790 cell known to the cache manager. The output is in a form
1791 that permits it to be used as a CellServDB file.
1793 * Add Symlinks->Show option to the AFS Explorer Shell Context
1796 * Prevent buffer overrun in the cmd parser used by command
1797 line tools such as fs, vos, pts, etc.
1799 * The path ioctl operations have several issues:
1801 (1) the specified path for "fs examine, whereis, whichcell,
1802 flush" and so always has the follow symlinks and mount
1803 points semantics. This makes it impossible to determine
1804 what the FID of a symlink or mount point is.
1806 (2) "fs examine" out is not the result of a single pioctl
1807 operation but is actually the combined output of half
1808 a dozen operations. Path evaluation is an expensive
1809 operation. It would be faster if the caller could
1810 evaluate the FID first and then perform all of the
1811 rest of the operations by specifying the FID instead
1814 (3) fs output reports all objects as files. By adding a
1815 GetFileType pioctl more informative output can be provided
1816 that indicates what type of object the path evaluates to.
1818 (4) the Windows fs command includes a number of commands that
1819 do nothing but exist only because the Unix cache manager
1822 A new extendible data structure cm_ioctl_query_opts_t has been
1823 added which can be optionally specified with pioctls that do not
1824 already require input data. The first two fields of this structure
1825 are 'literal' and 'fid'. The literal field is used to indicate
1826 whether the last component of the path should be evaluated following
1827 symlinks and mount points.
1829 The fid field permits a fid to be specified.
1831 * A new GetFileType pioctl has been added. The type of objects are
1834 * A new "-literal" option is available for "fs examine, flush, whereis,
1837 * Unimplemented fs commands have been removed.
1839 * There are circumstances where a volume object is being accessed and
1840 the volume is marked indicating that the volume location information
1841 is out of date but where it is also pointless and perhaps dangerous
1842 to block waiting for the rpc to complete. One example is when
1843 processing the cmdebug requests. If we know that we are not going
1844 to use the volume object to contact a server, then we can now set
1845 the CM_GETVOL_FLAG_NO_RESET flag.
1847 * when moving up in the directory tree we search the recorded fid list
1848 to find a matching fid that we have already crossed. we must also
1849 reset the fid count based upon what we discover.
1851 * Cell names are published as share names. As a result they are searched
1852 for as part of the Dfs Referral evaluation. If share "foo" can not be
1853 reached, the CIFS client will fallback to searching for "fo" as well.
1855 Since the freelance client automatically adds a symlink for prefixes
1856 of the cell name, this results in both "foo" and "fo" being added to
1857 the freelance root.afs volume. This patch prevents that negative side
1860 * when tracking Kerberos credential cache names be sure to include
1861 the cache type prefix.
1863 * Microsoft has assigned OpenAFS a network type value
1865 * The algorithms that were used to produce a Netbios name were broken.
1866 The name that was produced when the hostname was too long was in fact
1867 longer than the maximum permitted netbios name.
1869 Also, the "NetbiosName" value was not used as a suffix when the loopback
1870 adapter was not installed. The hardcoded string "AFS" was used instead.
1872 * avoid another deadlock during server probes initiated by the ipaddr
1873 change daemon thread.
1875 * prevent the afs client service from crashing when fs newcell is
1878 * In the NSIS installer, move afslogon.dll, afscpcc.exe and afs_cpa.cpl
1879 to \Program Files\OpenAFS\Client\Program in order to get them out
1880 of the %windir% tree
1882 * EDQUOT == WSAEDQUOT. Define it in the right places so that in the
1883 end STATUS_OUT_OF_QUOTA can be returned to the application.
1885 * Modify the search order for determining the location of CellServDB
1886 and other client configuration files.
1888 1. AFSCONF environment variable
1890 3. NEW - use All Users\AppData\OpenAFS\Client only if CellServDB exists
1891 4. use Program Files\OpenAFS\Client
1893 * More Vista Power Management tweaks
1895 * Close a socket handle leak in the kauth routines
1897 * Don't hold a cm_volume_t mutex across RPCs
1899 * Convert downTimes to use clock time instead of relative times.
1900 This permits correct comparisons with expiration times.
1902 * Update the Wix installer to properly install the prerequisites
1903 for translate_et.exe
1905 * Do not translate pioctl paths as they are not converted by the
1908 * Implement multi_rx probes for checking whether servers are up
1909 or down. Turns probes into a constant time activity instead
1910 of one dependent upon the number of known servers.
1912 * Treat VNOVOL errors the same as VOFFLINE. Do not force an
1913 update of the volume location data and retry. VNOVOL means
1914 that the volume could not be attached. It doesn't mean that
1915 the volume is not on this server.
1917 * Modify the Explorer Shell AFS Context menu Symlink->Add to
1918 not attempt to validate the target path. There is no reliable
1921 * Improve performance of \\afs\<cell><mount-type><volume>\
1922 access by eliminating extraneous attempts to search the
1923 CellServDB file and DNS AFSDB records. Share names
1924 containing '%' or '#' are not valid cell names.
1926 * Return STATUS_RANGE_NOT_LOCKED if the application attempts
1927 to unlock a range that is not currently locked.
1929 * Enable the 32-bit tools to read the 64-bit registry keys
1930 when executing in the WOW64 environment.
1934 * Fix buffer refcount leak introduced in 1.5.29
1936 * Prevent the NIM AFS Provider from crashing when configured to use
1937 Kerberos v4 for token acquisition in situations where no Kerberos v4
1938 support is available. For example, 64-bit KFW or sites that delete
1939 the Kerberos v4 DLL.
1941 * In afsd_init.log, support logging cache sizes greater than 2GB.
1943 * The volume status output of "fs examine" was being determined based
1944 upon the wrong error value. Instead of using the pioctl() return
1945 code, the errno value must be used.
1947 * Prevent invalid pts auto-registration attempts by aklog and the
1948 NIM afs provider when Kerberos referrals are in use. (krb5 1.6+)
1950 * Add synchronization protection to all of the SMB Listener State
1951 variables. This prevents race conditions when the addition or
1952 loss of a network adapter takes place.
1954 * On Vista, there is a race condition between the restart of the
1955 afs client service and the network adapters. Ensure that the
1956 afs client service can handle switching between loopback and
1957 non-loopback modes of operation.
1959 * Fix FollowBackupPath to work with mount points that are not
1960 explicitly read/write.
1962 * Fix a deadlock that has been observed on Vista while resuming
1963 after at least four hours of sleep.
1965 * Add new HKLM registry configuration options that can be used
1966 to provide configuration hints to the NIM AFS Provider when
1967 creating new identities. See release notes for details on
1968 HKLM\SOFTWARE\OpenAFS\Client\Realms\.
1971 * Speed up write buffer operations by holding a global read-lock
1972 instead of a write-lock when updating the buffer data version
1973 number. The data version is protect by the associated stat
1976 * Speed up read buffer operations by removing out of date buffers
1977 from the buffer hash tables.
1979 * Protect against a null pointer dereference in afslogon.dll
1980 if QueryAdHomePathFromSid() fails.
1982 * Remove a race condition while accessing private freelance data
1985 * Update the buffer data versions when Freelance directory data
1988 * Complete the implementation of smb_ReceiveTran2GetDFSReferral().
1991 * Return EAS_NOT_SUPPORTED in response to EA read/store/query
1992 instead of returning zero length.
1994 * Return ERROR_RETRY when a server sends VBUSY.
1996 * Return PATH_NOT_COVERED instead of BADSHARENAME for DfsLinks when
1997 a volstat plug-in is in use.
1999 * Enhance the volstat interface to support Dfs path mappings.
2001 * Fix "symlink list" to do the right thing for Dfs links
2003 * Fix callback expiration that was broken in 1.5.27.
2005 * Fix a crash at shutdown caused by the lack of synchronization
2006 within the daemon threads (cm_Daemon, cm_BkgDaemon, cm_IPAddrDaemon)
2008 * Hold the cm_server_t mutex while walking or modifying the
2009 cm_server_vols_t list in order to avoid a race condition.
2011 * Ensure that the cm_server_t refCount is safely modified.
2013 * The pthread library implementations of pthread_cond_wait
2014 and pthread_cond_timedwait were failing to return with
2015 the mutex held when error conditions occurred. This could
2016 result in race conditions wherever they are used. One case
2017 in which problems were seen was the Rx event_handler().
2019 * Prevent cm_GetBuffer() from locking all buffers associated with
2020 a stat cache object before deciding if the current buffer is up
2023 * Fix cm_BkgPrefetch to actually ensure that there is a cm_buf_t
2024 object for each offset that we will attempt to reserve.
2026 * Reduce the default number of background daemon threads used to
2027 prefetch or store to one in order to prevent two or more threads
2028 from stepping on each other.
2030 * Reduce the default chunk size to 256KB in order to prevent read
2031 timeouts on low bandwidth connections.
2033 * Fix a race condition that could result in threads becoming stranded
2034 when synchronizing multiple requests on the same stat cache object.
2037 * The GiveUpAllCallBacks functionality that was added in 1.5.21
2038 has been disabled. It has been disabled because it turns out
2039 that the RPC is improperly implemented in all file servers
2040 previous to 1.4.6. The RPC is executed without the proper
2041 locks being held resulting in data corruption and eventual file
2042 server failure. The functionality will be re-enabled in a
2045 * a couple of .readonly Volume Callback optimizations were
2047 - Apply most recent volume callback to all stat cache objects
2048 in the volume. This avoids premature callback expirations
2049 and unnecessary FetchStatus calls.
2050 - Add option to permit attempts to renew .readonly Volume
2051 Callbacks on a periodic basis to avoid invalidation of stat
2052 cache data. [Requires daemonCheckVolCBInterval be set to
2053 non-zero number of seconds. 1800 (30 minutes) is suggested.]
2055 * Adds support for 64-bit data version values. Previous releases
2056 only supported 32-bit values. Larger values sent by the file server
2057 would result in rollover.
2059 * aklog and asetkey no longer generate an exception if Kerberos for
2060 Windows is not installed.
2062 * If the LSA authentication functions report a temporary out of memory
2063 condition, fail the current authentication and do not cause the AFS
2064 client service to terminate unexpectedly.
2066 * When the AFS client service is shutting down, prevent the daemon check
2067 thread from executing additional checks which might attempt to access
2068 discarded locks or unmapped memory.
2070 * Correct a double free condition in the NIM AFS credentials provider.
2072 * Add "FollowBackupPath" service parameter registry value.
2073 This provides equivalent functionality to the UNIX afsd -backuptree
2074 option. When set to a non-zero value, normal mount points originating
2075 in a .backup volume will prefer a .backup volume.
2078 * Fix NSIS uninstall from the .MSI installer.
2080 * Add Stack Frame logging for AMD64
2082 * Add support for EWOULDBLOCK to cm_Analyze. If the file
2083 server returns EWOULDBLOCK, retry the request every two
2084 seconds for up to the RDRtimeout.
2086 * Reorganize the order of the includes to ensure that EWOULDBLOCK
2087 is not assigned the same value as EIO.
2089 * Update CellServDB to GCO Public 25 Oct 2007
2091 * Add additional validation and error handling code after
2092 each call to getSlot(). If an invalid slot is returned,
2093 return NONODE. If the invalid slot is returned when
2094 extracting a data node, invalidate the tree.
2096 * Modify compareKeys() to always perform a case-insensitive
2097 comparison and only perform a case sensistive comparison
2098 if the case-insensitive one matches. This ensures the
2099 ordering is consistently reported.
2101 * Add lock assertions to ensure that all calls are being
2102 performed with the correct locks being held. There have been
2103 some crash reports that provide stack data that does not appear
2104 to be possible unless there is a race. However, there are no
2105 obvious locations where the race is taking place and the test
2106 suite indicates that all of the correct locks are being held.
2107 We shall see what happens in the field.
2109 * For consistency replace all calls to findKey in which the range i
2110 s (1,numentries) with calls to getSlot().
2112 * Optimize the depth search loop by testing the slot value in the
2113 for statement instead of forcing the loop to be broken later.
2115 * Reorganize the locking for cm_BeginDirOp and cm_EndDirOp.
2116 There are a number of locations where locks are obtained, dropped,
2117 and reobtained. This reorganization attempts to accomplish several
2120 (1) be optimistic for the most common case so it will be fast
2122 (2) add consistency checks after each location where locks are
2123 dropped and re-obtained. If we lose a race in cm_BeginDirOp
2124 and the bplus tree is out of date, retry until we get to a
2125 consistent state that we can use.
2127 (3) Ensure that all operations take place with the correct locks.
2129 * One of the issues that has become a serious problem since the
2130 addition of the local directory updates is that although cm_SyncOp
2131 synchronizes operations, it does not preserve the order of requests.
2132 This has always been a problem in that it has been possible for a
2133 request to fail to complete due to its worker thread's bad luck.
2134 When a request takes longer than the Windows SMB Redirector's timeout,
2135 the SMB Redirector tears down the SMB virtual circuit.
2137 When using the local directory updates it is really important that
2138 the directory update operations complete in the order that they were
2139 sent to the file server. If they don't, then the local directory state
2140 and the file server state will not match and the local directory state
2141 must be discarded which in turn forces a new read of the entire
2142 directory contents over the network.
2144 This patch adds a new cm_scache_waiter_t object that is used to store
2145 the current thread, buffer, and syncop flags within a waiters queue
2146 on each cm_scache_t object. If a thread is forced to sleep in
2147 cm_SyncOp, upon waking it will check to see if there are any other
2148 threads waiting that are attempting to perform a similar task ahead
2149 of it in the queue. If yes, the thread goes back to sleep. If not,
2150 it goes ahead and enters the cm_SyncOp conflict resolution block.
2152 This patch has the additional side effect of reducing the number of
2153 competing threads that must obtain the cm_scache_t mutex and process
2154 the cm_SyncOp conflict resolution block. As a result, the overall CPU
2155 utilization of the service and the clock time associated with processing
2156 requests will be reduced.
2158 * assert that the cm_scache_t mutex is held when calling
2159 buf_ForceDataVersion().
2161 * rename findNode to leafNode in bplus_Lookup
2163 * replace all OutputDebugString calls with osi_LogX calls
2165 * modify bestMatch to special case the return values for leaf nodes.
2166 If an entry is above or below the values available in the leaf node
2167 return BTLOWER or BTUPPER instead of BTERROR.
2169 * In insert and delete operations check for BTLOWER/BTUPPER and isleaf,
2170 if true convert to either slot 0 or Max and perform the insertion.
2171 This produces easier to read code when performing lookups.
2173 * modify lock_AssertXXX macros to call osi_assertx() and provide a
2174 descriptive message.
2176 * the difference between osi_assert() and osi_assertx() is whether or not
2177 a description is specified as part of the call. When no message is
2178 specified afsd_notifier() is called with a NULL msgp parameter. This
2179 results in a null pointer dereference during the EventLog() call.
2181 As a result, none of the information describing the assertion is written
2184 This commit sets a default message for use when no other message is
2185 provided and it replaces all calls to osi_assert with osi_assertx and
2188 * Migrate B+ tree search key into thread local storage
2191 * Fix an uninitialized variable in lana_IsLoopback() which
2192 could result in a random determination that a loopback
2193 adapter is not a loopback adapter. This would result in
2194 a computed Netbios service name of %MACHINE%-AFS instead
2195 of AFS. This is a serious problem if the value computed
2196 by the AFS Client Service and the client process pioctl
2197 calls produce different results as it will result in a
2198 communication failure.
2200 * Fix a crash in the B+ Tree code that results when a file
2201 rename only results in a change of case.
2203 * Fix the pioctl path parsing. The previous algorithm
2204 broke the current directory of the client into two parts,
2205 the TIDpath which represented the device root and the
2206 relative path. The problem is that this is not sufficient
2207 from proper processing of symlinks and mount points.
2209 What is required is that the last component of the path
2210 must not have the symlink or mount point be evaluated
2211 whereas symlink and mount point evaluation must be performed
2212 for the rest of the relative path. Therefore, the path is
2213 now split into three parts: TIDpath, intermediate path,
2216 "fs examine" now reports the data of the symlink or mount
2217 point object instead of the target and "symlink list" and
2218 "symlink remove" now works. The "Explorer Shell Extension"
2219 menu now is displayed for symlink objects.
2221 * More informative symlink.exe error messages.
2223 * When the cmd.exe "del" command is used to remove a symlink,
2224 not only was the link object removed, but the stat cache
2225 object for the target was marked deleted. This resulted
2226 in cache corruption which would require the destruction
2227 of the cache to correct.
2229 * Add undocumented registry value, "OfflineReadOnlyIsValid"
2230 which results in cached contents from read only volumes
2231 to be treated as valid when there is no callback registered
2232 and all servers are down or all instances are offline.
2234 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters
2236 * Add documented registry value, "AcceptDottedPrincipalNames"
2237 which is used to permit the acquisition of AFS tokens
2238 using Kerberos v5 principal names which include a dot in
2239 the first component.
2241 {HKLM\HKCU}\Software\OpenAFS\Client
2243 * "fs uuid" does not require "AFS Client Administrator" group
2244 membership to display the current UUID value.
2247 * Update NSIS installer to version 2.30
2249 * Update Wix installer to version 2.0.5325
2251 * 64-bit KFW support:
2252 - Network Identity Manager plug-in
2254 - 64-bit krb5 enable afscreds.exe, afs server manager,
2257 * Enable B+ tree Directory Search by default.
2259 * NIM plug-in is now compatible with FILE: ccaches
2261 * Install instloop.exe into Client/Programs/ even though
2262 it isn't required. Permit it to be used by organizations
2263 that clone Windows systems.
2265 * On a suspend, only drop callbacks for servers that
2266 are online. If the server is offline, maintain the callback
2267 until the server is once again available.
2269 * Prevent against acquisition of a directory write lock when
2270 there are no updates to be performed. This was resulting
2271 in a write-lock leak which later on would lead to a deadlock.
2273 * Add configurable file pre-fetch mode. For files that match
2274 the specified file extensions, pre-fetch the entire file into
2277 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAfsDaemon\Parameters
2278 (MULTI_SZ) PrefetchExecutableExtensions
2280 * Fix the client_osi large integer support so that return values
2281 can be properly assigned to large integer variables.
2283 * Do not hold cm_scache_t mutex across cm_GetCell() calls
2284 since cm_GetCell() can block in a RPC.
2286 * Add short file name support to B+ tree searches.
2288 * Resolve a conflict between the desire to notify file servers
2289 that the client workstation is suspending and the desire to
2290 permit objects with valid callbacks when the client suspends
2291 to continue to use those objects from the cache if the client
2292 resumes without network connectivity.
2294 * Fix stack variables to ensure that all buffers storing paths
2295 can handle AFSPATHMAX (1024) characters. Paths of 256 characters
2296 would cause a stack overflow condition.
2298 * On Vista, force afs_config.exe to run with the highest privileges
2299 available to the end user. For a user in the Administrators
2300 group running under UAC, this will cause afs_config.exe to be
2301 be run with full Administrators privileges after the user
2302 approves the privilege escalation.
2304 * More VNOVNODE handling issues. If a dirty buffer cannot be
2305 written due to VNOVNODE, clear the buffer and ignore the error.
2306 If a cm_scache_t object has been marked deleted due to a VNOVNODE
2307 error, the next time the smb_fid_t object that references it is
2308 used return either NOSUCHFILE or NOSUCHPATH and close the
2309 smb_fid_t object. Subsequent attempts to use the smb_fid_t will
2310 result in an invalid handle error.
2312 * For Vista, set the RequestExecutionLevel of the NSIS installer
2315 * For the build environment, support the generation of manifests
2316 when using the CL1310 (VS .NET 2003) compiler/linker.
2318 * There was a bug in OutputDebugHexString() which could overflow
2319 a stack buffer resulting in unexpected process termination
2320 of afsd_service.exe if the input Security Token contained
2321 many bytes equivalent to the '%' char.
2323 * Add directory lookup statistics to "fs memdump" output.
2327 * Windows uses case-insensitive file name pattern matching
2328 but AFS is a case sensitive file system. The AFS3 directory
2329 format is block based, uses network byte order and
2330 includes a hash table for fast case sensitive lookups.
2331 This causes several problems for the Windows AFS client.
2332 (1) Traversing the directory blocks is cpu expensive
2333 (2) A hash table miss does not indicate that the desired
2334 entry does not exist.
2335 (3) Determining whether a non-ambiguous inexact match or
2336 the entry does not exist requires a linear traversal
2337 of the entire directory.
2338 These issues often result in 100% CPU utilization.
2340 These issues are addressed by building a modified B+ tree for
2341 each directory and then using the B+ tree for searches.
2343 This feature is disabled by default. To enable it set
2344 the "BPlusTrees" registry value to 0x01 in the AFS Client
2345 Service Parameters key.
2347 * Correct a null pointer dereference in the symlink recursion
2348 detection code. (Introduced in 1.5.22)
2350 * Add the Network Identity Manager AFS Provider to AMD64
2355 * A new registry value, "BlockSize", can now be used to adjust
2356 the size of the internal buffers used to store file data.
2357 The default is 4KB. When set, the values 1..1024 specify
2358 multiples of 4KB. Values > 1024 specify actual block sizes
2359 and must be multiples of 4KB. The actual block size in KB
2360 can not be larger than the chunk size which defaults to 1MB.
2362 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAfsDaemon\Parameters
2365 * pts.exe and ptserver.exe built with -DSUPERGROUPS
2367 * Service Manager shutdown hints have been added. The hint
2368 specifies that it may take the AFS client service up to two
2369 minutes to shutdown.
2371 * Fix the recursion detection feature introduced in 1.5.22.
2372 The previous implementation broke the evaluation of paths
2373 using ../path or ./path. It also broke the evaluation of
2374 symlinks to absolute paths. For example, /afs/cell/path.
2376 * Fix an uninitialized variable in cm_MakeDir that could result
2377 in crash if the requested directory could not be created.
2379 * Fix a the VolumeStatusNotification log messages to save
2380 the input string in the circular log buffer so garbarge
2381 won't be output to afsd.log when the log is dumped.
2384 * Increase the SMB Maximum Path length to 260 characters
2385 from 256 as that is what CIFS supports.
2387 * On 64-bit Windows, use a unique description string for
2388 the 32-bit AFS Shell Extension.
2392 * In the AFS Admin Library, replaced all of the
2393 Ubik_Call(XXX_RPC,...) calls with Ubik_XXX_RPC(...). This
2394 allows parameter checking and proper type conversions to be
2395 performed. This is crucial when passing parameters that are
2396 64-bit wide on systems in which 'long' is a 32-bit value.
2397 Otherwise, the parameter list on the stack is interpretted
2398 incorrectly and the function not only doesn't succeed but it
2399 might corrupt memory and if lucky crash the application.
2401 The only program that we care about that uses this library
2402 is the AFS Server Manager. Now it doesn't crash.
2404 * Fixed smb directory searches for non-wildcard names. The
2405 optimized function should not have set the bulk in progress
2406 flag. This would adversely affect later directory searches
2407 that required a bulk search.
2409 * Detect infinite recursions (up to 512 stat cache objects
2410 in a chain.) If an infinite recursion is detected, return
2411 an error to stop the CIFS client from querying us forever.
2413 * Executables executed out of AFS name space can have their
2414 pages swapped out by Windows. Those pages will be reloaded
2415 when they are required. However, if the cache manager no
2416 longer has a callback and all of the file servers with
2417 the volume data are down, then the application will crash
2418 due to the inability to read the required page.
2420 We now track the down time of each server. If the callback
2421 expires after the server that issued it went down and all
2422 servers are down, we delay the expiration to permit the data
2423 in the cache to be continue to be used by Windows or an
2426 * The Windows AFS client has always had very poor performance
2427 with regards to directory management. In the case of
2428 directory updates caused by create, rename,and delete operations,
2429 the AFS cache manager will now perform local directory updates
2430 when possible in order to avoid re-reading the directory from
2431 the file server. This will be done in whenever both of the
2432 following conditions are true:
2434 - the data version on the directory increased by one as a
2435 result of the operation
2437 - all of the directory buffers necessary to make the change
2438 are present in the cache
2440 * The error message in the AFS Control Panel describing the
2441 need to be a Windows Administrator has been replaced with
2442 a message describing the need to be in the AFS Admins Group.
2444 * If the vldb server list is empty when attempting to evaluate
2445 a cell mountpoint it was possible for a crash to occur. This
2446 can only happen if there is an existing mount point and the
2447 is a failure attempting to load the server list from the
2448 CellServDB file or via AFSDB queries.
2450 * dirty buffers only have their dirty bytes stored to the file
2451 server instead of the entire chunksize
2453 * the default chunksize has been increased from 128KB to 1MB
2458 * changed the enum values for cm_serverRef_t state info to use a
2459 private name space to avoid collisions (srv_)
2461 * added a srv_deleted state for cm_serverRef_t objects. This
2462 state is set when cm_FreeServerList() is called with the
2463 CM_FREESERVERLIST_DELETE flag set. cm_FreeServerList() may
2464 not always delete the cm_serverRef_t from the list if it is
2465 still in use by another thread. the srv_deleted state means
2466 the object's contents are no longer valid and it must be
2467 skipped. It will be deleted the next time the object is
2468 freed and the refcount hits zero.
2470 * the srv_deleted state is also used when a file server reports
2471 either VNOVOL or VMOVED instead of marking the cm_serverRef_t
2472 as offline. This is done to prevent additional usage of the
2473 stale vldb data while waiting for the update volume request
2476 * added a state field to the cm_volume_t object (enum volstate
2477 vl_ name space) that maintains the state of the volume based
2478 upon the states of all of the cm_serverRef_t and cm_server_t
2481 * modified cm_UpdateVolume() to set the state of the cm_volume_t
2482 RW, RO, and BK to either vl_alldown or vl_online. There can't
2483 be any other states because cm_UpdateVolume() destroys any
2484 previous knowledge we might have had regarding busy or offline
2487 * modified cm_UpdateVolume() to update the volume name in the
2488 cm_volume_t to the volume base name if the previous value was
2491 * modified cm_FollowMountPoint() to check to see if the volume
2492 name is a volume ID and if so call cm_GetVolumeByID instead
2493 of cm_GetVolumeByName. This ensures that volume IDs are always
2494 looked up as numeric values. There is no longer a need to
2495 maintain a separate cm_volume_t containing the string representation
2498 * Added a flags parameter to cm_GetVolumeByName() and cm_GetVolumeByID().
2499 The first flag is a "CREATE" flag which is set by all existing
2500 calls. The flag is not set by calls to cm_GetVolumeByID() from
2501 the server probe code when volume status is being updated. We
2502 do not want the server probe operation to result in additional
2503 turnover in the cached volume data. The second flag is NO_LRU_UPDATE
2504 which is set when the server probe code updates the volume status.
2505 This flag will be used to prevent the server probe operation from
2506 changing the order of the least recently used queue.
2508 * Modified cm_GetVolumeByName to ensure that only one cm_volume_t is
2509 allocated for a given set of normal, readonly, and backup volumes
2510 regardless of whether or not the volume is accessed via name or
2511 ID number. The cm_volume_t namep field is always the base name
2514 * Added a new volume state, vl_unknown. This state is used as
2515 the initial state for all cm_volume_t when the cache manager starts,
2516 for each cm_volume_t at creation, and for each cm_volume_t when
2517 recycling. The cache manager does not know the state of all
2518 volumes in the world, only those that are in the cache and for
2519 which it has queried the VLDB and hosting file servers.
2521 * modified cm_GetVolumeByName() to initialize the state of a
2522 volume to vl_unknown. The actual state will be set when a
2523 cm_VolumeUpdate() call completes successfully.
2525 * changed name of scache hash table variables to avoid ambiguity
2526 when adding hash tables for volumes
2528 * fix a buffer overrun in sys\pioctl_nt.c pioctl().
2530 * modified cm_UpdateVolume() to handle the case in which there is
2531 no RW volume but there is are RO volumes for a given base name.
2532 This is done by querying for the ".readonly" volume name if the
2533 base name does not exist in the VLDB. We never query for the
2534 .backup name because under the current usage model a .backup
2535 volume may only exist on the server that the read-write volume
2536 is located. If there is no RW volume, there can be no .backup.
2538 * Added four hash tables for cm_volume_t objects to improve the
2539 search time of cm_GetVolumeByID(), cm_GetVolumeByName() and
2540 cm_ForceUpdateVolume(). One each for Name, RWID, ROID, and
2541 BKID. Three ID hash tables are necessary as long as it is
2542 desireable to maintain a single cm_volume_t containing all
2543 of the related RW, RO, and BK volume data. Having the RW and
2544 RO volume data in the same object is necessary for the
2545 implementation of cm_GetROVolumeID() which returns either the
2546 RO or RW ID depending upon the existence of RO volume instances.
2548 * Added a volume LRU queue so that volume reuse becomes fairer.
2549 This does not replace the all Volumes list which is used when
2550 it is desireable to walk a list of all the volumes whose order
2551 is not going to change out from underneath you which makes it
2552 safe to drop the cm_volumeLock.
2554 * handles volume hash table updates where volume name to
2555 volume ID number changes. The volume name remains
2556 constant in the cm_volume_t. if a vos rename is performed,
2557 the name of the volume will change and the volume IDs will be
2558 updated. Subsequent access to the old volume ID will create a
2559 new cm_volume_t with the new name.
2561 * Added a daemon thread operation to query the state of volumes
2562 listed as busy or offline. cm_CheckBusyVolumes() calls
2563 RXAFS_GetVolumeStatus() for each volume ID that is marked vl_busy
2564 or vl_offline. If the volume is now online, the status on the
2565 volume is updated. The default period is 600 seconds. This can
2566 be configured with the BusyVolumeCheckInterval registry value.
2568 * Added prototype for smb_IoctlPrepareRead() which was missing a
2569 return type in the function definition.
2571 * Added volume id lists to the cm_server_t. These lists are
2572 allocated in blocks of ~32 IDs. When a cm_PingServer()
2573 detects a change in server state, the state of the cm_volume_t
2576 * Added volID to the cm_serverRef_t object. volID is used
2577 to identify the volume for which the object is a referral.
2578 cm_FreeServerList() uses the volID to remove the volume
2579 from the cm_server_t.
2581 * In cm_Analyze, when VNOVOL or VMOVED are received,
2582 call cm_ForceVolumeUpdate() to force a refresh of the volume
2585 * Added cm_VolumeStatusNotification() which is used at the moment
2586 to log volume status changes to the trace log. It will also
2587 be used as the access point to the File System Filter driver
2588 notification engine.
2590 * Added an all cm_scache_t list to cm_data. This replaces the use
2591 of the stat cache LRU queue when we need to enumerate all
2592 entries. The LRU list order is not static and when using it to
2593 enumerate all entries it can result in items being missed or
2594 items being processed more than once.
2596 * Modified cm_Analyze(). Instead of reseting the busy or offline
2597 state of a volume and forcing a retry of the operation
2598 cm_Analyze will defer to the background daemon thread that will
2599 update the state once every 600 seconds.
2601 * Added the automatic generation of a Freelance ".root" read-write
2602 mountpoint that refers to the root.afs volume of the workstation
2603 cellname at the time the mountpoint is created.
2605 * re-write cm_Analyze to make better use of the known volume
2606 status. VL_Server queries cannot result in CM_ERROR_ALLOFFLINE
2609 * renamed cm_CheckBusyVolumes to cm_CheckOfflineVolumes.
2610 busy volumes will be reset to srv_non_busy by the function
2611 but there is no mechanism for querying the busy state other
2612 than by attempting to access the resource.
2614 * cm_Analyze will query the state of an offline volume before
2615 deciding whether or not to retry when all volume instances
2618 * the algorithm used after an IP address list change detection
2619 has been modified. we now check the state of the VLDB servers,
2620 then reset the rx connections, and finally check the state of
2621 the file servers. Previously we flushed the rx connections
2622 and then checked the servers in whatever random order they
2623 were first discovered.
2625 * fix the volume status reported by "fs examine"
2627 * various improvements to the AFS Network Identity Manager Provider.
2628 - Don't access freed objects after the window has been destroyed.
2629 - Write back the AFS cell list in the identity configuration
2630 even when its empty.
2631 - Disable all use of the provider when AFS is disabled for a
2632 particular identity.
2634 * Fix cm_cell_t leak. When evaluating a mountpoint that uses an
2635 alias instead of the full cellname, double check the full cell
2636 name and see if we have a matching cell before allocating a new
2639 * Dump more data with "fs memdump". All volumes and scaches and
2642 * Reverse the order of the all cells list. This ensures that
2643 the workstation cell is always first in the list.
2645 * If we recognize the server from which a callback revoke was
2646 received, then we can ensure that we only invalidate the status
2647 information for cm_scache_t objects belonging to that cell.
2649 * When building for amd64, use APPVER 5.02 as we do not support
2650 64-bit Windows 2000 and explicitly state the machine type in
2653 * no longer treat VMWare network adapters as equivalent to a
2654 loopback adapter. For some unknown reason, publishing the "AFS"
2655 netbios name on them frequently results in a name collision
2658 * Use read locks whenever possible instead of write locks when
2659 walking the allCellsp list. This permits better use of multiple
2662 * In 1.5.20 a bug was introduced by the fake status when PRSFS_READ
2663 is not present on the directory optimization. It would report
2664 mount points and directory objects for which there was no
2665 status information as a zero length file. Instead we can use
2666 the vnode number of the object to determine if it should be
2667 considered to be a directory or a file. If it is odd it is a
2668 directory; even it is a file.
2670 * Give Back Callbacks to the file servers in response to suspend
2671 and shutdown power management events. Only give up callbacks
2672 to UP servers and do so with a very short RX dead timeout.
2675 * Fix a race condition in the SMB FID cleanup code that could
2676 result in a stat cache mutex never being released.
2678 * Fix the graphics files that are installed as part of the
2679 IBM Administrators Guide.
2681 * Change the behavior of pioctl path parsing to not follow
2682 symlinks or mount points during evaluation. This results in
2683 the FID being the symlink or mount point and not the object
2684 they point to. This is consistent with the behavior of the
2687 * Enable AFSDB record lookup for command line tools such as
2690 * CellServDB update 2007-07-05
2692 * Added a Volume Status Plug-in Interface that permits third parties
2693 to receive notifications when the volume state changes occur.
2695 * Ensure that all writes to the afsd_alloc.log file use CR-LF.
2697 * Prevent the afsprocmgmt.dll from being unloaded while the
2698 background thread it starts is running.
2700 * Avoid a race condition when closing smb_fid_t objects.
2703 * fix install path of IBM Quick Start Guide when installed by
2706 * fix the client so that it can write into directories with
2707 only 'li' permissions.
2709 * fix installation of 32-bit Shell Extension for 64-bit systems.
2710 Install it under its own HKCR keys.
2712 * modify the wix installer to remove and upgrade install packages
2713 with the same version number.
2715 * when flushing volume location data every two hours or in
2716 response to "fs checkvolumes", also flush the mount point
2717 links in order to force their re-evaluation.
2719 * aklog was copying an uninitialized buffer as part of the
2720 foreign cell automatic pts registration
2722 * when obtaining directory listings, check for read permission
2723 on the directory. If read permission does not exist, fake the
2724 status information for the directory entries. This improves
2725 performance, prevents the client from pounding the file server,
2726 and prevents leakage of cached status information.
2728 * "fs getcacheparms" output was incorrect.
2730 * NetIdMgr AFS Provider should only automatically add token
2731 acquisition for cell foo.com if the realm of the cell matches
2732 the realm of the identity.
2734 * Fix a null pointer dereference in cm_MergeStatus()
2738 * network identity manager provider:
2740 - Correct for the fact that pr_CreateUser tampers with the
2741 contents of the username input buffer.
2743 - Take into account that the krb4 credential data structure
2744 does not have separate realm fields for the user and service.
2745 When krb524 is used with a cross-realm ticket, the realm
2746 describes the service not the user.
2748 * Many integrated logon changes:
2750 - Fix eventlog reporting. Do not attempt to log an event
2751 if the event source registration fails. Use DebugEvent0
2752 instead of DebugEvent when there are no parameters.
2754 - Modify the LOOKUPKEYCHAIN macro to recognize ERROR_MORE_DATA
2757 - Fix the reading of Domain specific configuration for
2758 LogonScript and TheseCells. Previously the dwSize value was
2759 being overwritten so that subsequent RegQueryValueEx call
2762 - Fix a memory leak in the TheseCells reading code.
2764 - Add support for Domain specific "Realm" specification. The
2765 realm is the realm to be appended to the username. When
2766 logging in as a domain or to the local machine, the specified
2767 "Domain" name is not going to be a valid realm name.
2769 - Construct a proper principal name based upon the domain
2770 specified realm for use in obtaining tokens with KFW.
2772 - If the domain specified "TheseCells" list includes the
2773 default cell, do not obtain tokens twice.
2775 * An unprotected call to the Kerberos v5 function,
2776 krb5_free_context(), can result in an invalid memory access
2777 exception if the contents of the krb5 profile, krb5.ini, cannot
2778 be parsed correctly. The error is located within the afskfw
2779 library which is used by afscreds.exe, afssvrmgr.exe, and
2780 afslogon.dll. When the error is triggered within afslogon.dll
2781 a blue screen condition can occur when the winlogon.exe system
2782 process terminates unexpectedly.
2786 * Do not stop the afs client service with an assert
2787 if the cell name cannot be determined when responding
2788 to a "fs whereis" command.
2790 * Integrated Logon (afslogon.dll). No longer attempt
2791 to preserve Kerberos 5 tickets for the logon session
2792 as that job is now supported by KFW 3.1 and above.
2794 * The Network Identity Manager plug-in will attempt to
2795 remove expired service tickets from the cache.
2799 * CellServDB update - GCO Public CellServDB 09 Mar 2007
2801 * AFS Server Manager and AFS Account Manager data cache
2802 moved from HKCU\Software\TransarcCorporation to
2803 HKCU\Software\OpenAFS to prevent crashes due to data
2806 * Reduce the default UP server probe time from 10 minutes
2807 to 5 minutes to match UNIX. This will not solve the NAT
2808 port mapping timeout issue because most NATs default to
2809 a value less that 5 minutes and this value ensures that
2810 the afs client server will start probes 5 minutes after
2811 the last probe set ended. The probe period for any one
2812 server is therefore longer than 5 minutes. The more
2813 servers in the list the longer the time between probes.
2815 * Before marking a server as down in cm_Analyze, retry the
2816 request using a new rx connection to the server. If the
2817 cache manager is behind a NAT, it is possible that the
2818 response from the server is being sent to the original
2819 address:port from which the rx connection was established.
2820 This will appear to the cache manager as the server being
2821 down when in fact it is not. Forcing the use of a new rx
2822 connection will result in the server responding to the
2823 most recent address:port assigned to the client by the NAT.
2825 If the server is in fact down, it will simply take a little
2826 longer to notice it.
2830 * Removing a directory that contained entries was failing with
2831 the wrong error code being returned to the CIFS client.
2835 * rxdebug exponential back-off. don't take down a server that
2836 is already struggling to respond.
2838 * Network Identity Manager plug-in registers help on the Help
2839 menu if it is supported by NIM. (KFW 3.2 and above)
2841 * Plug-n-play networking did not always work after coming back
2842 from a Windows Suspend. The AFS client service failed to
2843 re-compute the LAN adapter to bind to and instead attempted
2844 to bind to all LAN adapters. This would polute the public
2845 network with the name "AFS" which could lead to conflicts
2848 * Build installers using Microsoft Hotfixes provided at
2849 http://tinyurl.com/243svk for Visual Studio C RunTime Library
2850 Daylight Savings Time issues.
2852 * "fs checkserver" does not require admin privileges unless
2853 the probe interval is being changed.
2857 * A reference leak was discovered in the mountpoint traversal
2858 functionality which resulted in cm_volume_t objects not becoming
2859 eligible for re-use. This will trigger a panic condition when
2860 more than the maximum number of volumes is accessed.
2862 * Fixed the success test for the "fs memdump" operation. Success
2863 is now reported as such. Added cm_volume_t object information
2866 * A data corruption error has been fixed. Write requests
2867 queued for background processing were not retried upon failure.
2868 This leads to inconsistencies between the contents of the file
2869 in the local cache and the contents of the file on the file
2872 The implemented fix is to re-queue any request that has failed
2873 due to timeout, volume busy, volume offline, server busy, or
2874 server offline. Requests are not processed while all servers
2875 for a volume are inaccessible. When servers become accessible
2876 the background request will be retried.
2878 In addition, if a background write fails, do not mark the buffers
2879 as clean. Failure to preserve the dirty flag prevents the buffers
2880 from being written to the file server in the future.
2882 This fix does not address the possibility that the credentials
2883 necessary to perform a write request might expire between the
2884 time the request is queued and when the request can be processed
2885 due to server accessibility.
2887 * The Freelance volume does not support per user ACLs. The
2888 cm_HaveAccessRights function did not handle this special case.
2889 Requests for privileges greater than read|lookup would result
2890 in afsd_service.exe entering an infinite loop. ISOBuster is
2891 known to cause this behavior.
2893 * When deleting files, the SMB Server would attempt to obtain
2894 the access permissions for the parent directory instead of
2895 for the file itself. This would result in an incorrect
2896 assessment of whether or not the file can be deleted.
2898 * The Network Identity Manager AFS plug-in has had its string
2899 tables updated for consistency with the language used by NIM.
2900 All credentials are referred to as credentials instead of tokens.
2901 Drop-down combo boxes now in fact drop down.
2903 * The AFS Salvager was not properly being built on Windows.
2904 This is relevant only if the AFS servers are in use.
2906 * The default signal handlers for the AFS servers incorrectly
2907 processed SIGQUIT. Instead of stopping the server, an
2908 exception was raised.
2910 * Fix another volume refcount leak. This one was triggered by
2911 an inability to contact the vlservers in order to update the
2914 * Fix checklist control used by the drive mappings tabs in
2915 afscreds.exe and afs_control.exe.
2917 * Improve output of "fs memdump" related to buffer management.
2919 * Fix refcount leak of cm_buf_t objects when prefetching buffers
2920 already in the process of being fetched.
2922 * Improve cache performance by computing the buffer hash table
2923 size based upon the number of buffers so that the average
2924 number of entries in a bucket is seven.
2926 * Improve cache performance of read/write data by locally
2927 updating the dataVersion of all buffers associated with the
2928 file on each StoreData or StoreStatus operation provided that
2929 the dataVersion was incremented by one and the dataVersion of
2930 the buffer matched the original dataVersion of the cached
2931 status information for the file.
2933 * When recycling cm_scache_t objects, make sure that we
2934 clear all of the previous fields. It is no longer the
2935 case that we can assume that the stat cache object is being
2936 obtained only after a successful FetchStatus call.
2937 InlineBulkStatus will allocate stat cache objects for which
2938 the no status information is available.
2940 * When a file is being opened with the OPEN_ALWAYS disposition,
2941 do not require write permissions when the file already exists
2942 unless of course the file is being opened requesting write
2945 * When a file has been opened for read-only access, if the
2946 application requests an exclusive lock, obtain a read-lock
2947 instead of a write-lock. The purpose of the exclusive lock
2948 in this situation is to prevent changes to the file and the
2949 full file read lock will provide this guarrantee.
2954 * Enforce Unix Mode Write bit to prevent file deletion of read only
2957 * The CIFS READ and LIST permissions use the same value 0x0001.
2958 When a directory is being accessed, check for PRSFS_LOOKUP
2959 instead of PRSFS_READ.
2963 * Fix computations of short names of mount points. They were
2964 broken as part of the directory search optimization. (1.5.13a)
2966 * When all buffers are in use, periodically sleep the threads
2967 waiting for a buffer to become free while the global buffer
2968 lock is not being held in order to permit those threads that
2969 can free buffers to do so.
2971 * Power Management improvements. Maintain a global flag that
2972 specifies whether or not the service is in a suspend state.
2973 Do not panic if Netbios() returns NRC_BRIDGE meaning that the
2974 lana is no longer valid. Instead, stop the listener threads
2975 and if all listener threads are stopped, reset the lana_list.
2976 Allow the cm_Daemon() thread to periodically check the state
2977 of the smb listeners. If they are all stopped and the service
2978 is not suspended, attempt to restart them. If there are no valid
2979 lanas, return to the stopped state.
2981 * CreateX and NTCreateX use cm_CheckNTOpen() to test whether or not
2982 the user is permitted to obtain read or write locks. This function
2983 would obtain the lock and then drop it returning whether or not
2984 the lock could be obtained. If the lock was in fact required,
2985 CreateX/NTCreateX would then obtain it with cm_Lock(). The problem
2986 of course being that this pattern results in three RPCs to the
2987 file server (lock, unlock, lock). This is reduced to one RPC by
2988 implementing cm_CheckNTOpenDone() which frees the allocated byte
2989 range lock from cm_CheckNTOpen() after the cm_Lock() call is
2992 * Optimize the SMB FindFirst processing for the case in which there
2993 are no wildcards. If a cm_Lookup succeeds, generate a response
2994 from the stat cache entry we have a callback for. Its cheaper
2995 than walking each buffer of directory data associated with the
2996 directory stat cache entry when we have thousands of directory
2999 * Increase the SMB Ioctl MaxData size to support larger token sizes
3001 * Disable autorun of the AFS Server Wizard when the AFS Server is
3004 * Add AFS Server service dependencies on tcpip and PNP_TDI
3006 * Remove the AFS Server Configuration Tool shortcut
3008 * Add Freelance mode awareness to AFS Server Configuration Tool
3012 * Unlike previous versions of the OS, Vista performs a shutdown on
3013 the Microsoft Loopback adapter just like it would on a real adapter.
3014 This causes the smb_Listener threads to trigger a panic during a
3015 suspend/hibernate power event.
3017 The fix is to unbind from the network adapters in response to a
3018 suspend/hibernate power event and then rebind to the adapters
3019 when a resume power event is received. Note that the resume events
3020 are not reliably delivered so it is possible the afs service will
3021 not be accessible. However, this is the best we can do.
3023 * don't allow environment variables we set in afslogon.dll to be
3024 inherited by child processes
3026 * force an rx connection reset if VICECONNBAD or VICETOKENDEAD are
3029 * The old dirty buffer synchronization algorithm had a buf_IncrSyncer
3030 thread walking the all buffer list periodically searching for dirty
3031 buffers to write to the file server. This had several negative
3032 results. The algorithm ate up ever increasing amounts of CPU time
3033 even when AFS is idle as the size of the cache increases. Also,
3034 buffers were written to the file server in an order based upon the
3035 original buffer allocation which has nothing to do with the order
3036 in which the buffers became dirty.
3038 The new algorithm maintains a dirty buffer list. Items are added
3039 when the buffer is originally marked dirty. A buffer is only
3040 removed from the list by the buf_IncrSyncer when the buffer is no
3041 longer dirty. If the list is empty the thread goes back to sleep
3042 immediately without additional processing requirements.
3046 * Enable renaming of directories from the Explorer Shell when
3047 Offline Folders is enabled
3049 * An error is reported in response to the SMB ReceiveCoreFlush
3050 request when an error has not occurred.
3054 * optimize dirty buffer flushes in response to suspend operations
3055 do not flush if only loopback adapter is installed
3056 do no retry dirty buffer writes
3058 * do not reset netbios when performing loopback checks. doing
3059 so will break the existing lana bind
3061 * remove a deadlock in smb3.c QPathInfo
3065 * Add NetIDMgr AFS Plug-in
3067 * "Show Tray Icon" checkbox removed from afs_config.exe
3069 * Disable DNS Registrations for the Loopback Adapter and make sure
3070 that Netbios is turned on.
3072 * A reference count leak on stat cache objects was fixed
3074 * For debugging, tread ids of writers are now tracked on locks
3076 * Corrected an incorrect lock that was being held but not
3077 freed in a rare error case
3079 * Changed trace log end of line to CR-LF so it can be read
3082 * modify the buffer synchronization thread to write all dirty
3083 buffers and sleep only when there is no work to be done
3085 * improve behavior of cache manager when large numbers of
3086 temporary files are being created by multiple clients within
3089 * do not permit dirty buffers that belong to deleted files
3090 to be written to the file server. its a waste of bandwidth
3092 * do not leak stat cache references when the file server
3095 * afscreds: do not permit an attempt to obtain tokens if the
3096 afs service could not be started. this was causing stack
3097 overflows on Vista after resuming from a suspend
3101 * better handling of dot directory
3103 * fs sq and fs mkm now behave as on UNIX
3105 * add license to installers
3107 * Return Invalid Parameter error for unknown InfoLevels in
3108 SMB Tran2 Search Directory.
3110 * Correctly use WSAStartup and WSACleanup within the RX library
3112 * Check that afsd_service.exe is running before performing
3115 * Force AFS Shell Extension to load resource DLL using
3116 afs_shl_ext.dll as a base name.
3118 * (Wix) install afs_shl_ext_XXXX.dll and afs_creds_XXXX.dll in
3119 OpenAFS\Client\Program
3121 * Fix SMB_SET_FILE_END_OF_FILE_LENGTH
3123 * Do not panic if the maximum number of volume entries are in use
3124 and one of them can be recycled.
3128 * Fix the code that reads the backconnnectionhostnames value
3129 so that there is not an uninitialized variable
3133 * integrated logon could cause winlogin.exe to blue screen windows
3134 if it was called with a domain that does not exist on the machine.
3135 this is possible during a sysprep.
3137 * corrections to cm_buf_t handling to ensure that buffers are
3138 removed from queues before they are freed and that holds are
3139 obtained on the next buffer in a chain before releasing the
3142 * do not generate MessageBox dialogs on network errors. they
3143 cause more trouble then they are worth.
3145 * move GlobalAutoMapper into a separate thread so that it does
3146 not prevent service startup if the WNetAddConnection2 call
3149 * restrict hard dead and connection timeouts to the CIFS Session
3150 Timeout value. This is being done to try to prevent virtual
3151 circuits from being destroyed prematurely.
3153 * Fix the code that writes the backconnectionhostnames value
3154 to ensure that the data buffer is written with the correct
3157 (there were no windows specific changes between 1.5.4 and 1.5.5)
3161 * Corrections to the Integrated Logon functionality that permits
3162 Kerberos 5 TGTs to be communicated into the user session. The
3163 transfer is now more secure and succeeds when the user does not
3164 have read permission to the %SystemRoot%\TEMP directory.
3166 * NSIS installer updated to version 2.18
3168 * WiX installer updated to version 2.0.4221.0
3170 * Updates to the IFS functionality for 64-bit correctness and
3171 permit compilation. The IFS functionality works for pioctl()
3172 operations but not much else at this point.
3174 * A major re-write of the OpenAFS implementation of the CIFS Tran2
3175 query and set functions.
3177 * Ignore the Windows CIFS client session timeout entirely. Timeout
3178 only after the AFS Hard Dead Timeout period expires.
3182 * move headers, libraries, and samples from OpenAFS\Client to
3185 * remove the auto-registration of AFS IDs for foreign cells
3186 from integrated logon. this permits afslogon.dll to avoid
3187 initializing the RX library. afslogon.dll is a network
3188 provider library and as such it is loaded into all applications
3189 which perform a CreateProcessAsUser call. Initializing the
3190 RX library spawns background threads to listen for inbound
3191 packets. When the network provider is unloaded from the
3192 process, the RX library does not cleanup the threads. If they
3193 continue to execute after the library is unloaded, the process
3196 * implement inline bulk status calls. this will significantly
3197 improve the performance of directory listings.
3199 * prevent a crash when evaluating mountpoints to volumes that do not
3202 * new command: fs uuid [-generate]
3203 displays the current uuid and allows a new one to be generated
3204 on the fly without restarting the afs client service.
3206 * fix the 64-bit installers to properly document the install
3209 * move help files to the proper location so they can be located by
3210 the system tray tool and the control panel.
3212 * "over quota" and "disk full" errors were not being reported to the
3215 * largefile support has been added. Files greater than 31-bits can no
3216 longer be written to file servers which do not support large files.
3217 When file servers support large files, files up to 64-bits can be
3220 * cm_SyncOp could return with the input buffer unlocked upon error
3221 which would result in a panic condition. This bug was introduced
3224 * vlserver failover when freelance mode did not work. This prevented
3225 the root.afs volume from being loaded if the first vlserver could
3230 * A bug in the CIFS Standard Info response packet caused directories
3231 to appear as standard files. This prevented Microsoft Vista from
3232 being able to walk the AFS directory tree.
3234 * Mount points must be reported as directories in response to
3235 Query Path Info operations.
3237 * A deadlock was detected when performing "fs flushall" if the
3238 file server reports VNOVNODE. The scp->createBufferLock is
3239 already held by the current thread and there is no mechanism
3240 to propagate the knowledge. Therefore, an alternate mechanism
3241 for clearing the cache must be developed. A new function
3242 cm_RecycleSCache(scp,flags) has been extracted from
3243 cm_GetNewSCache(). This function performs the task of recycling
3244 an cm_scache_t object. When called from cm_GetNewSCache() with
3245 no flags the expectation is that there are no associated buffers
3246 that are queued to be read or written. When called from
3247 cm_Analyze() with the CM_SCACHE_RECYCLEFLAG_DESTROY_BUFFERS
3248 flag, any queued buffers will be de-queued and marked as if
3249 the operations were performed so the data can be discarded.
3251 * CM_ERROR codes were logged as "unknown" by cm_Analyze.
3253 * In response to VNOVNODE, the parent is only discarded if the current
3254 cm_scache_t is not a directory.
3256 * In the Ioctl FlushFile and FlushVolume functions, there were no
3257 checks to protect against flushing the Freelance SCache entries.
3259 * In FlushFile, the wrong cm_scache_t object was being released.
3261 * In cm_GetNewSCache, do not allow Freelance SCache entries to be
3262 recycled. Choose a new entry if cm_RecycleSCache fails.
3264 * Speed up the performance of the cache manager by not
3265 holding the smb_fid_t mutex across calls to cm_SyncOp
3268 * Ensure that all smb_fid_t flag references are protected.
3270 * Remove a deadlock between smb_fid_t mutex and
3271 smb_rctLock introduced in 1.4.1.
3273 * Fix aklog AFSID lookup to use not send the realm
3274 name when the realm is the local realm for the
3275 cell. The PT Server doesn't strip the realm
3276 name when it is the local realm.
3278 * Treat "\\afs\*." as an alias for "\\afs\all"
3280 * Dynamically adjust the priority of server threads
3281 based upon the age of the CIFS request that is
3282 being processed. The priority is bumped one level
3283 for every 15 seconds of processing time.
3285 * The original openafs contribution mis-used the
3286 cm_GetCallback function. This function should only
3287 be called as a side effect of a call to
3288 cm_SyncOp(CM_SCACHESYNC_NEEDCALLBACK). The way it
3289 was being called results in a FetchStatus RPC being
3290 performed even when the client already has a valid
3291 callback and does so in a manner that destroys the
3292 synchronization of the threads that are calling
3293 cm_SyncOp. If nothing else this results in a
3294 significant performance penalty.
3296 * More changes to cleanup of smb_vc_t objects in
3297 order to prevent race conditions.
3299 * Reduce the amount of Power Management event logging
3302 * If the client detects that the IP address has
3303 changed, force the use of new RX connections. This
3304 enables the file server to recognize that the client
3307 * Remove a race condition and deadlock associated
3308 with cleanup of smb_vc_t objects.
3310 * Fix the ANSI filename support. One function that
3311 required it was missing the translations.
3313 Changes not present in 1.4.1 and since 1.5.0: 1.5.1 released
3316 * Add a DllMain() function to afspthread.dll. Perform
3317 cleanup of thread local storage, rx queues, critical
3318 sections, event handles, etc. This was implemented
3319 to avoid crashes in afspthread.dll when applications
3320 which load/unload the dll attempt to terminate.
3322 * Lock request behavior has been altered. As of this
3323 release a locally allocated lock will be used whenever
3324 the volume is RO or the requesting user's permissions
3325 are 'rl'. This will allow end users to execute programs
3326 from RW volumes when they do not have the 'k' privilege.
3328 Note that a recent discovery indicates that the 'k' bit
3329 is only supposed to control the ability to obtain read
3330 locks. Write locks are to be controlled by the 'w' and
3333 * Code has been added to enable the cache manager to be
3334 able to obtain the AFSID of the authenticated user.
3335 This is required to be able to determine when "Insert"
3336 privileges should apply. AFS considers a file to be
3337 a new file whenever the owner's AFSID matches the
3338 AFSID of the user. The current implementation relies
3339 on the name specified during the SetToken call to be
3340 correct. This will be replaced in the future with a
3341 new RPC that allows the AFSID of the authenticated
3342 user to be obtained.
3344 * A 32-bit-tools installer for use on 64-bit systems
3345 is now available. These tools are for use with 32-bit
3346 versions of Kerberos for Windows or JPSoftware's 4NT.
3348 Since 1.4.1 rc10: 1.4.1 final released (9 April 2006)
3350 * Remove the use of the "active_vcp" variable. This variable
3351 no longer serves any useful purpose and was the cause of
3352 race conditions that produced under counts of the smb_vc_t
3355 * Change default minidump output to include data segments
3357 * restore access to cm_IoctlGetVolumeStatus and
3358 cm_IoctlSetVolumeStatus calls for AFS pioctl operations.
3359 Still need to figure out why they are being called
3360 for SMB/CIFS IOCTL operations instead of Trans2GetFileInfo.
3362 Changes not present in 1.4.1: 1.5.0 released (16 Feb 2006)
3364 * Update build system to include the "sys_name" in the
3367 * optimize the number of calls to obtain the smb_user_t for a
3368 smb virtual circuit.
3370 * add logging of server addresses, status and capabilities when
3373 * prevent multiple threads from pinging the same server simultaneously.
3374 instead, threads block and then use the result of the ping that was
3375 already taking place.
3377 * Add registry values to allow the defaults for daemon checks to be altered
3378 at startup. Log values to afsd_init.log.
3380 daemonCheckDownInterval
3381 daemonCheckUpInterval
3382 daemonCheckVolInterval
3383 daemonCheckCBInterval
3384 daemonCheckLockInterval
3385 daemonCheckTokenInterval
3387 * Add EventLog messages for transitions in fs crypt state.
3389 * Byte range locking (when locks will be obtained from the
3390 is still under discussion)
3392 * 64-bit Windows operating systems now supported
3393 (XP SP2 64-bit, 2003 SP1 64-bit, 2003 R2 64-bit)
3394 This is a native 64-bit implementation of OpenAFS for Windows.
3395 There is currently no 64-bit version of KFW and therefore
3396 there is no (easy) method for obtaining AFS credentials.
3397 32-bit KFW 3.0 can be used with 32-bit OAFW libraries
3398 to obtain AFS tokens but there is not for the feint of
3401 * A faster implementation of the fcrypt algorithms improves
3404 * The afsd_service.exe now supplies Event Log Message Text.
3405 The event log no longer generates warning text due to lack
3406 of message configuration.
3408 * When afs servers are unreachable and network stack returns
3409 a WSAEHOSTUNREACHABLE error, the AFS client will immediately
3410 mark the attempted server as being down. This allows for
3411 very fast response to the calling application. This change
3412 has a pronounced improvement when the Windows Explorer is
3413 used on disconnected mobile computers.
3415 * Added DebugOutputString debugging of the RX library
3417 Since 1.4.1 rc9: 1.4.1 rc10 released (10 March 2006)
3419 * Fix the rx-lwp implementation to randomly generate rx call
3420 identifiers which are supposed to be unique at a given point
3421 in time. This affects some of the command line tools used
3422 for debugging but not the AFS Client Service itself which
3423 uses the rx-pthreads implementation.
3425 * xstats_fs_test.exe and xstats_cm_test.exe are now built for
3426 Windows although they are not distributed
3428 * don't generate an exception when logging unexpected SMB packets
3430 * the data structures used by cm_IoctlGetVolumeStatus and
3431 cm_IoctlSetVolumeStatus are not compatible with the CIFS
3432 Get/Set File Information calls so don't bother executing them.
3436 * Fix data written to registry as part of BackConnectionHostnames
3439 * Fix initialization bug when allocating cm_server_t objects that
3440 would cause servers to appear to be down after each allocation
3441 or renewal. Server would appear up after the next check servers
3446 * Windows will return WSAECONNRESET to the next receive packet
3447 operation on a socket if an ICMP packet is received in response
3448 to a packet that was sent and could not be delivered because
3449 the port was unreachable. We have to treat this as
3450 WSAEWOULDBLOCK so that we can retry the select() check and
3451 not mark the connection as bad.
3453 Since 1.4.1 rc6: 1.4.1 rc7 released (14 Feb 2006)
3455 * The client manager maintains a least recently used list of
3456 all the ACLs. If an ACL is already the most recently used
3457 do not bother to remove it from the list and place it on the
3460 * As part of the process of adding a new server, set the
3461 server is down flag and then perform a ping. If the server
3462 is up, the flag will be reset. If the server is down, the
3463 client will not timeout unnecessarily while attempting to
3466 * If a Mountpoint String is the empty string, return PATH NOT
3469 * Modify behavior of the Network Provider to avoid querying the
3470 profile location if integrated logon is known to be disabled.
3472 * Correct behavior of 'LogoffPreserveTokens'. When set, tokens
3473 will always be preserved regardless of whether or not integrated
3474 logon was used to obtain tokens. When unset, tokens will be
3475 destroyed regardless of whether integrated logon was used to
3476 obtain the tokens unless the profile is stored in AFS.
3478 * Disable LogoffTransferToken functionality. The SMB V3 Logoff
3479 message is being delivered even when the user is not logging
3480 off of the computer.
3482 * Fix a deadlock condition introduced in rc6.
3484 * Cell names are case-insensitive. Since the founding of OpenAFS
3485 there has been a bug that treated "cell", "Cell", and "CELL" as
3486 different cells. This would result in what appeared to be
3487 random disappearance of user tokens or a failure to authenticate
3488 even when tokens were listed by the "tokens" command.
3490 Since 1.4.1 rc5: 1.4.1 rc6 released (2 Feb 2006)
3492 * Additional auditing of the smb code revealed that smb ioctl
3493 operations were failing to free smb_fid_t objects
3495 * The File Identifiers assigned to smb_fid_t objects could be
3496 given the value 65535 which is 0xFFFF which is also the
3497 INVALID_HANDLE value. Both 0 and 65535 are now treated as
3500 * Audited all assignments to fields and ensured that they are
3501 protected by obtaining the relevant mutex object.
3503 * Re-wrote the VNOVNODE handling to avoid a potential deadlock
3504 if both the current cm_scache_t object and its parent are
3505 both returning VNOVNODE.
3507 * Removed all the logic associated with the 'dead_vcp' variable
3508 which must have been added for debugging because its used
3509 was never thread safe and it truly served no purpose.
3511 Since 1.4.1 rc4: 1.4.1 rc5 released (25 Jan 2006)
3513 * Re-enabled LogoffTokenTransfer and LogoffTokenTransferTimeout
3514 registry settings. Default is ON and 120 seconds. If set to
3515 OFF, tokens will not be destroyed.
3517 * Fixed a number of race conditions and reference count problems
3518 associated with global queues.
3520 * Added a method to detect abandoned smb virtual circuits so their
3521 associated file handles, locks, user tokens, and smb session
3522 resources can be released.
3524 * Added a mechanism to allow user tokens to be preserved
3525 during integrated login and be freed after logoff.
3527 * Check access permissions to the file before the file is
3530 * More improvements to the handling of SMB Virtual Circuits
3531 when SMB sessions are closed.
3533 * Correct a race condition introduced in rc4 that could result
3534 in a crash of afsd_service.exe.
3536 Since 1.4.1 rc3: 1.4.1 rc4 released (11 Jan 2006)
3538 * Properly handle pre-mature SMB session closures.
3539 File handles, tree connections, and user sessions are now
3540 freed when the virtual circuit is closed.
3542 * smb_username_t and smb_user_t objects are now properly reference
3543 counted and freed as appropriate.
3545 * disable to use of AFS file locks. byte range locking is still
3546 implemented but all locks are managed locally. This prevents
3547 multiple processes from editing the same file on the same
3548 machine but it does prevent multiple processes on separate
3549 machines from modifying the file.
3551 Since 1.4.1 rc2: 1.4.1 RC3 released (4 Jan 2006)
3553 * A fix to "fs setserverprefs -vlserver". Multiple calls with
3554 the same server parameter would result in a panic condition
3555 if the server had not already been contacted by the AFS
3558 * Better warnings are written to the afsd.log file when
3559 the Windows RPC Protocols are not properly configured as
3560 is often the case on Windows 2000.
3562 * fix the procmgmt library to restore C RTL signal handlers when
3563 it is being detached from the process prior to process termination.
3565 Since 1.4.1 rc1: 1.4.1 RC2 released (30 Nov 2005)
3567 * close a lock leak in the rx library that could be triggered while
3570 * prevent removal of drive mappings in response to afscreds.exe -M
3572 * add logic to process VNOVNODE in cm_Analyze. Force re-evaluation of symlink
3573 strings and flush the stat cache entry.
3575 * prevent server objects from being freed if user preferences are set.
3577 * Update WIX support to 2.0.2419.0
3579 * Release all locks on the server at service shutdown.
3581 * A down server should be marked up as long as it responds to the client.
3582 It doesn't matter if the server returned an error as long as the error
3583 is something other than VRESTARTING. If there is such an error, all
3584 connections on that server should be marked for replacement.
3586 * Change the check "up" servers period from once per hour to once every
3587 ten minutes. This matches the behavior of the Unix cache manager.
3589 Post 1.4.0 revisions: 1.4.1 RC1 released (21 Oct 2005)
3590 * Byte Range Locking support has been added. Architectural documentation
3591 is located within src/WINNT/afsd/cm_vnodeops.c. Best efforts are
3592 made to enforce Windows mandatory locking model using locally managed
3593 byte range locks with full file locks obtained from the file server.
3594 Read-only volumes provide the user with an implied locking privilege.
3595 Read-write volumes require that a user be granted the locking privilege
3596 in order for a lock to be obtained. As most Windows applications use
3597 Shared file access modes, they require the ability to obtain locks in
3598 order to access files.
3600 * Implement error translation functions to convert Universal Error Codes
3601 output by modern servers to local errno and winsock error values.
3602 This fixes the error message problems using pioctl() calls from fs.exe
3603 and the AFS Shell Extension.
3605 Since 1.4.0 rc8: 1.4.0 final tagged (20 Oct 2005); released (31 Oct 2005)
3606 * Allow the AFS Client Service to set the firewall configuration by
3607 retrying until after Windows determines the boot period is over.
3609 * Do not attempt to configure the firewall on Windows 2000, XP pre-SP2,
3612 * Detect IP address changes from within the AFS Client Service for the
3613 purpose of checking down servers sooner
3615 * If the file server or vldb server report RXKADUNKNOWNKEY, return
3616 SEC_E_NO_KERB_KEY to Windows. This provides an indication to the
3617 user that there is a Kerberos key problem. Previously the user would
3618 receive no feedback when there was something wrong.
3620 * Fix the large integer library support to properly handle values greater
3623 Since 1.4.0 rc7: 1.4.0 rc8 released (15 Oct 2005)
3624 * Updated CellServDB
3626 * Fixed file name pattern matching. Question marks can match nothing
3627 if found at the end of a component.
3629 Since 1.4.0 rc6: 1.4.0 rc7 released (8 Oct 2005)
3630 * Kerberos 5 ticket lifetimes should adhere to KFW Leash lifetimes
3632 * The MSI installer now has a new Product ID for each build. This
3633 is to allow for automated upgrades. The Upgrade ID is remaining
3636 * Volumes that were cached and then subsequently were salvaged,
3637 moved or otherwise taken temporarily offline (as opposed to being
3638 busy) would become unreachable. A distinction is now made between
3639 a volume being offline and a server being down.
3641 Since 1.4.0 rc5: 1.4.0 rc6 released (2 Oct 2005)
3643 * Fixed several AFS Shell Extension issues:
3644 - Checking Server Status would only work if a specific cell was
3646 - If servers were down, the Server Down dialog would write to
3647 invalid memory and cause explorer.exe to crash
3648 - Default Push Buttons were not specified for many dialogs
3649 - The extension would be unloaded by the Explorer Shell and
3650 never be reloaded under some circumstances.
3652 * Fixed the AFS System Tray menu to disappear if another Window
3653 was selected before a menu item was selected
3655 * Added volume owner and group information to "fs examine" output
3657 * Added fs and registry support for enabling/disabling/clearing
3658 rx statistics gathering.
3660 Since 1.4.0 rc4: 1.4.0 rc5 released (25 Sep 2005)
3662 * New Product Code GUIDs issues for 1.4 and 1.5 branches. Separate
3663 GUIDs for each platform.
3665 * Documentation directory structure and default installation rules
3668 * New OpenAFS for Windows HTML Release Notes installed
3669 as part of the documentation set.
3671 * Add thread id to rx debugging messages
3673 * When all servers are offline, return a bad network path error
3674 immediately. This is necessary to allow Explorer to do the
3675 right thing and not hang. The background daemon thread will
3676 check the down servers every 30 seconds to see if they are
3679 Since 1.4.0 rc3: 1.4.0 rc4 released (14 Sep 2005)
3681 * The AFSCache file has been modified to store both the
3682 serial number of the volume on which the file resides
3683 and the SID of the local machine. If either change,
3684 a new UUID is generated.
3686 * add "fs flushall" command that forces all data buffers
3689 Since 1.4.0 rc2: 1.4.0 rc3 released (4 Sep 2005)
3691 * add support for '/' instead of '\' in pioctl() calls
3693 * Apply AFS Client Admins group protect to AFS Shell Extension
3695 * Add support for \\afs\<name> to most AFS Shell Extension
3696 commands except the symlink methods.
3698 * when installing the Microsoft Loopback Adapter, enable
3699 MS Client for Networks and prevent an install failure
3700 by not calling CoInitialize twice in the same thread.
3702 * reload cell vldb values from the CellServDB every two
3703 hours in case it changes
3705 * When updating cell information from DNS, be sure to set
3708 * Add support to allow use of \\AFS\<foo> where <foo> is
3709 either a mount point or symlink. As <foo> is normally
3710 treated as a share name, we transform it into \\AFS\all\<foo>
3713 * Init 'code' to prevent false errors when integrated logon
3714 is disabled and the service is not running
3716 Since 1.4.0 rc1: 1.4.0 rc2 released (28 Aug 2005)
3718 * Removed trace log messages that were hampering performance.
3720 * Fixed a deadlock that was being triggered by editing Word
3721 documents stored within AFS with WinWord 2003.
3723 * Bit 3 of the TraceOption registry value is now used to set the
3724 default for "fs trace" in the non-Debug builds. The new default
3725 is off for release builds and on for debug builds.
3727 * Bit 2 of the TraceOption registry value can be used to turn on
3728 real-time output of debug log entries to the Windows Debug
3729 Output monitor interface. This data can be viewed with tools
3730 such as Sysinternal's DbgView.
3732 Since 1.3.87: 1.4.0 rc1 released (17 Aug 2005)
3733 * When the cache manager reports ALLBUSY or ALLOFFLINE for
3734 a resource we should not be returning status codes such
3735 as Network Busy or Remote Host Down because these errors
3736 will imply that the AFS Client Service is Busy or Down
3737 and that is simply not the case. Instead we will return
3738 Bad Network Path as the path is temporarily not available.
3740 Instead of returning Sharing Paused when there is a
3741 timeout error, return Timeout. Once again, the AFS Client
3742 Service is not paused.
3744 * afscreds.exe would display an Obtain Creds dialog when
3745 the expired credentials reminder was triggered even
3746 if there was no network path to the KDC. This is prevented
3747 by adding KDC probe logic to the reminder thread.
3749 * afscreds.exe would display expired tokens no differently
3750 than unexpired ones. This would make it difficult for the
3751 user to distiguish when the tokens were expired. For the
3752 English build added a new resource string "(expired) that
3753 is displayed instead of the expiration time.
3756 * "fs wscell" when executed in freelance mode will return the
3757 name of the cell configured in the registry. The root.afs
3758 volume is not loaded from this cell, but it is used for the
3759 default for aklog and integrated login.
3761 * "fs mkmount, fs rmmount, symlink make, symlink remove" will
3762 no longer work on \\AFS\all when freelance is being used
3763 unless the user is a member of the "AFS Client Admins" Windows
3766 * some more checks performed during persistent cache validation.
3769 * Optimize calls to cm_CheckServer from cm_Analyze. Only check
3770 down servers for the current cell not all cells.
3772 * If the scache LRU list becomes corrupted, the AFS Client Service
3773 might enter an infinite loop at startup. Detect the corruption
3774 and discard the cache contents in this case.
3776 * Fixed the Explorer Shell's remove mountpoint functionality.
3778 * Fixed a deadlock caused by the holder of cm_aclLock attempting to
3779 obtain a mutex lock on a cm_scache_t object whose lock is held by
3780 a thread attempting to obtain the cm_aclLock.
3783 * Really fixed DNS AFSDB queries to ensure that "csail" cannot be
3784 misinterpretted as "csail.mit.edu" when the resolver
3785 is configured to append ".mit.edu" to failed DNS queries.
3787 * Added a new registry key, "LogoffPreserveTokens" (see registry.txt),
3788 that can be used to force the preservation of user tokens upon logout.
3790 * Update the NSIS install scripts to use NSIS 2.07. This release adds
3791 recommended installation categories: AFS Client, AFS Administrator,
3792 AFS Server, AFS Development Kit. Each category includes a different
3793 default subset of the OpenAFS components.
3795 The OpenAFS logo is now associated with the NSIS uninstall entry
3796 in the Add/Remove Programs control panel.
3798 * The user name associated with AFS tokens when obtained with
3799 integrated login, the afs systray tool, or aklog will always
3800 include the full Kerberos 5 user principal name regardless of
3801 whether or not the cell is local to the realm.
3803 * Modify integrated login so that it does not enter an infinite
3804 loop if the service is not set to auto start.
3806 * Added asetkey.exe used to set a Kerberos 5 key for use by the
3809 * Added uninstall.exe to Wix installation
3811 * More modifications to algorithms used to wake sleeping threads.
3815 * Changes to the algorithms used to wake threads when they are
3816 put to sleep because of conflicts over buffer operations.
3819 * The OpenAFS integrated logon obtains Kerberos 5 tickets as part of
3820 the process of producing AFS tokens. The tokens are stored within
3821 the AFS Client Service but the Kerberos 5 tickets have been discarded.
3822 New functionality has been added to temporarily copy the tickets to
3823 a file ccache during the short window between the NPLogonNotify and
3824 WinLogon Logon Event. The Logon Event handler starts a process as
3825 user, afscpcc.exe, that copies the tickets into the default ccache.
3826 The file ccache is then destroyed by the event handler.
3828 * During synchronization operations on stat cache entries, if threads
3829 are forced to sleep it was possible that the threads would not be
3830 woken under heavy load.
3832 * Enforce the delete on close flag specified by the NTCreateX()
3835 * A race condition in the rx library was fixed that resulted in
3836 a deadlock in rx_NewCall when the RX_CONN_MAKECALL_WAITING flag
3837 was cleared when threads were still waiting to use the
3838 connection. Also, fixed a potential case in which the
3839 connection could be destroyed while threads were waiting to use it.
3841 * The DNLC freelist has been seen to become corrupted with still
3842 active entries being stored on the freelist. Changes were made
3843 to perform a better job of cleaning entries before placing them
3844 onto the freelist; marking them with the correct magic value when
3845 purging the list; and allowing the list to be purged on startup
3846 if the cache validation fails.
3848 * Windows Crash Reporting does not get triggered for afsd_service.exe
3849 because it provides its own top level exception handler. This patch
3850 places an explicit call to ReportCrash() on platforms which support
3853 If you configure Crash Reporting via AD Policy to capture crash
3854 reports within the domain, then you will receive this output.
3856 * Generate MiniDumps independent of the Windows Crash Reporting.
3858 (a) If an exception occurs,a minidump will be generated at the path
3859 %TEMP%\afsd.dmp. The type of minidump defaults to Normal but
3860 can be set to any other type via use of the
3863 [HKLM\SOFTWARE\OpenAFS\Client] MiniDumpType (DWORD)
3865 (b) MiniDumps can be generated at any time using the "fs minidump"
3866 command. This allows you to generate a minidump without
3867 stopping the process or even requiring the use of a debugger
3870 * an RX connection which reports bad ticket now treats it the same way
3871 the expired ticket is treated. The ticket is removed from the
3872 connection and a new anonymous connection is established.
3874 * fs memdump now requires that the caller be in the AFS Client Admins
3877 * additional debugging information is provided in cm_Analyze when the
3878 error code is ignored.
3880 * Fix a regression introduced into the pioctl() client code which
3881 will cause a crash in winlogon.exe, explorer.exe and fs.exe if
3882 MIT KFW is not installed. (1.3.82a)
3884 * Remove AFS Gateway option from OpenAFS Control Panel (1.3.82a)
3887 * Fix a race condition in cm_EndCallbackGrantingCall() that
3888 could leave 'nrevp' pointing to freed memory. In the process,
3889 optimize the processing to ensure that the applications monitoring
3890 the status of the stat cache entry are only notified at most
3893 * Conditionalize access to the Explorer Shell AFS->Mount Point
3894 ->Remove menu item. Disable the item if the selected item(s)
3895 are not mount points.
3897 * Activate AFS RPC (RX) Free Packet Queues stored in Thread
3898 Local Storage. This eliminates thread contention on the
3899 global RX free packet queue. This should improve performance
3900 on multi-CPU systems.
3902 * Fix the IP address filtering code to properly load/unload
3903 the IPHelper DLL so that Windows XP/2003 and beyond systems
3904 do not have to manually probe the registry.
3906 * CleanupACLEnt() was not being called consistently with
3907 the cm_scache_t object referred to by the back pointer
3908 mutex locked. This could in very rare conditions lead to
3909 an invalid memory access.
3911 * Added a script command to the msi installer "afs_replace"
3912 which can be used to replace one version of OpenAFS with
3913 another without requiring an uninstall and reinstall if
3914 the installed msi is no longer in its original location.
3916 * Apparently the problem with multi-domain forests with cross-
3917 realm trusts to non-Windows realms was not entirely solved.
3918 The authentication to the AFS SMB service failed because
3919 the wrong name was being used. Using ASU as an example,
3920 the authentication was being performed with the name
3921 "QAAD\user" (an account in the forest root) and not
3922 "user@ASU.EDU (the MIT Kerberos principal used to login with)
3924 The solution was to add an additional dependency on KFW
3925 in order or to be able to easily obtain the client principal
3926 name stored in the MSLSA ccache TGT. This information is
3927 used in two locations:
3929 - the pioctl() function
3931 - a new WinLogon Event Handler for the "logon" event.
3933 The pioctl function will now be able to use the correct
3934 name when calling WNetAddConnection2() and the "logon"
3935 event handler will now be able to call WNetAddConnection2().
3936 The hope is that the "logon" event handler will be called
3937 before the profile is loaded but I have not guarrantee
3941 * Fixed a locking error in cm_TryBulkStat() which had the
3942 potential of deadlocking the system for the length of time
3943 it takes to perform a bulk status fetch operation.
3945 * Replaced time conversion code (UnixTime <-> FILETIME) to
3946 be completely arithmetic instead of relying on a bizarre
3947 algorithm involving a variety of C RTL time functions.
3948 This has the side effect that UnixTime and FILETIME which
3949 are both stored in UTC are interpretted as UTC throughout
3950 the year. Windows will apply the same localization to AFS
3951 as it does to NTFS. Applications which rely on the ability
3952 to sync files between the two file systems will no longer
3953 see the timestamps of files in AFS change an hour relative
3954 to the files stored in NTFS or Windows based backup devices.
3956 * Fixed a invalid memory access under a bizarre circumstance.
3957 Windows will allow a physical mass media device to be
3958 installed via Plug N Play to the system and will assign it
3959 the lowest available drive letter. This is true even if the
3960 drive letter is currently assigned in the user session to
3961 a network device via NET USE (or its equivalent.) When this
3962 happens, queries sent to the CIFS server will contain invalid
3963 data. This invalid data was not being caught by the AFS
3964 Client Service and was resulting in a crash when Freelance
3967 * Fixed a reference count error when registering callbacks
3968 on a stat cache object if the callback was already registered
3970 * Add a case to cm_Analyze() in order to handle the case where
3971 cm_GetConnByMServers() returns CM_ERROR_NOSUCHVOLUME because
3972 the server list for the volume is empty. In this case, force
3973 an update of the volume info and retry.
3975 * Insert a missing cm_EndCallbackGrantingCall() which could
3976 result in threads waiting for a callback to complete to never
3979 * In the persistent cache, there is a maximum number of volume
3980 entries. Allow volume entries to be reused if the maximum
3981 number have been allocated and their reference count is zero.
3983 * If we already have a dead virtual connection object, don't
3984 ignore the fact that additional dead vc objects must be taken
3987 * Removed a deadlock condition introduced in the summer of 2004.
3988 Do not hold mx locks around calls to RX functions including
3989 rx_NewCall(). That is what reference counts on the rx_connection
3992 * Fixed an initialization error in afslogon.dll which could
3993 result in random behavior including a failure to terminate
3994 the NPLogon function. (1.3.80b)
3996 * Fixed an error preventing the use of SMB authentication
3997 on Windows 2000. (1.3.80a)
4000 * Updated CellServDB to Public CellServDB 16 Mar 2005
4002 * Fixed DNS AFSDB queries to ensure that "csail" cannot be
4003 misinterpretted as "csail.mit.edu" when the resolver
4004 is configured to append ".mit.edu" to failed DNS queries.
4006 * Fixed another case in which the client would replace connections
4007 to the host when it was not necessary. In this case the
4008 situation would occur if cryptall was on and the connections
4009 were unauthenticated due to lack of an appropriate token.
4011 * OpenAFS for Windows has failed to work at sites which are
4012 utilizing a cross-realm trust between an MIT/Heimdal realm
4013 and a multi-domain Windows forest when the workstation being
4014 accessed is not located in the root domain. This is caused
4015 by a bug in the workstation which was triggered after the
4016 introduction of Windows 2003 Server. When the bug is triggered,
4017 the workstation attempts to authenticate users to afsd_service.exe
4018 by contacting the Domain Controller instead of using the
4019 LSA loopback authentication mechanism.
4021 One of the reasons this bug occurs is because the workstation
4022 does not have a reliable way of knowing that the service whose
4023 netbios name is "AFS" is located on the workstation. This will
4024 be fixed starting in Longhorn Beta 1 by Microsoft. The
4025 "BackConnectionHostNames" registry value will be used to
4026 indicate that the authentications to that service name should
4027 be performed using the loopback authentication mechanism.
4029 In the meantime, when Logon Caching is enabled, we can force
4030 afsd_service.exe to authenticate using the logon cache before
4031 contacting the Domain Controller. This will work with both
4032 password and smart card based logons.
4034 * The allDown logic in cm_ConnByMServers() was wrong. The allDown
4035 flag should not be cleared if a volume's server reference is
4036 marked as "offline". In the case where all of the volume's
4037 servers are either "down" or the volumes are "offline", we want
4038 cm_Analyze() to process the condition as CM_ERROR_ALLOFFLINE
4039 instead of as CM_ERROR_TIMEDOUT. In fact, CM_ERROR_TIMEDOUT
4040 should never occur in practice.
4042 In the case of CM_ERROR_ALLOFFLINE, cm_Analyze() will sleep for
4043 5 seconds, clear the server down and volume busy flags, and
4044 then force an update from the VLDB. This allows the client to
4045 update the location of a volume if the reason for it being
4046 marked offline is because it is being moved. Calls to
4047 cm_ConnByMServers() will be retried either until success or
4048 the RDRtimeout period is reached.
4050 * Correct the Power Management code behavior in response to
4051 Standby, Suspend, and Shutdown events. Instead of flushing the
4052 buffers associated with the mounted SMB submounts, simply write
4053 all buffers which are marked dirty.
4055 * Added support for "TheseCells" to afslogon.dll. "TheseCells"
4056 provides a list of cells other than the default cell for which
4057 tokens should be obtained using the default Kerberos principal.
4058 This functionality is logon domain specific and is only available
4059 when using KFW for authentication.
4061 * Fixed FindNext Invalid Handle error caused by over agressive
4062 attempts at garbage collecting dirSearch entries when the
4063 dirSearch ID wraps from the maximum value to 1.
4065 * Add support for registry defined server preferences for VLDB and
4066 File servers. See registry.txt for details.
4068 * Increased default cache size to 96MB and default number of cache
4071 * Fixed refCount leaks related to directory lookups and pioctl calls.
4073 * Callbacks revoked during a race condition with an attempt to
4074 obtain the same callback no longer result in an inaccessible
4077 * New command line tool:
4079 afsdacl : Set or reset the DACL to allow starting or stopping
4080 the afsd service by any ordinary user.
4082 Usage : afsdacl [-set | -reset] [-show]
4083 -set : Sets the DACL
4084 -reset : Reset the DACL
4085 -show : Show current DACL (SDSF)
4087 * IP addresses are no longer queried once at startup. Instead IP
4088 addresses are obtained as needed. Loopback adapter addresses are
4089 no longer published to the server.
4091 * Pay attention to the MIT KFW registry configuration for automatic
4092 importation of MSLSA credentials. (SOFTWARE\MIT\Leash32,MsLsaImport)
4094 * Fix (once again) case-sensitive comparisons which was apparently
4097 * Activate support for vos listvol -format
4099 * Population of the "AFS Client Admins" group failed on non-English
4100 versions of Windows because the name of the "Administrators" group
4101 is localized. Now we lookup the name of the group by using the
4102 Administrators Group Alias Relative ID.
4104 * Multiple cell token acquisition within afscreds.exe was broken in the
4105 case of Kerberos 5 cross realm authentication. Instead of contacting
4106 the KDC associated with the cell's realm, afscreds would obtain a
4107 token from the KDC of the user's realm. This would result in
4108 "invalid kvno errors" while authenticating to the AFS servers.
4109 Unauthenticated access would work. The symptoms would vary based upon
4110 whether or not the VLDB servers had been contacted using unauthenticated
4111 connections prior to the user obtaining tokens.
4113 * The list of ACL entries was becoming corrupted. It appears as if
4114 an ACL when it expires was not being appropriately cleaned up. In
4115 fact, it was left in the list of ACLs associated with the scache
4118 * Changed the default @sys name list to "x86_win32 i386_w2k i386_nt40"
4119 for 32-bit x86 systems. The default for itanium will be "ia64_win64"
4120 and "amd64_win64" for amd 64-bit processors.
4122 * When executing executables, Windows provides a mechanisms by which
4123 the normal search for DLLs can be bypassed. If a file foo.exe is
4124 being executed and there exists a file or directory "foo.exe.local"
4125 (the contents are ignored if a file), then Windows will search for
4126 DLLs first in the "foo.exe.local" directory and second in the
4127 directory in which the "foo.exe" file is located.
4129 Previous releases of OAFW would improperly return
4130 STATUS_NOT_A_DIRECTORY instead of the expected
4131 STATUS_OBJECT_PATH_NOT_FOUND. This would cause the Windows SMB client
4132 to terminate the search for the DLL causing the execution of the
4133 application to fail.
4135 * Rework the reference counting of smb_vc_t objects. The references
4136 stored in the waiting locks were not counted. This could result in
4137 an assertion if the reference count drops to zero.
4139 * "fs wscell" returns "Freelance.Local.Root" for the workstation cell
4140 when running in freelance mode.
4142 * Added support for persistent caching of file contents, stat entries,
4143 volume data, cell data, and name lookup data. When the registry
4144 value, "NonPersistentCaching", is not defined or set to 0 the file
4145 specified by "CachePath" becomes a persistent cache file. The
4146 size of the cache file is computed at run time. It has a maximum
4147 size of approximately 1.2GB. The contents of the file will be
4148 validated according to the rules specified by the "ValidateCache"
4151 * Added support for UUIDs. UUIDs are kept for as long as the
4152 cache file is intact.
4154 * Added cmdebug.exe and support cache manager debugging callback
4155 interfaces in afsd_service.exe.
4157 Usage: cmdebug -servers <server machine> [-port <IP port>] [-long]
4158 [-addrs] [-cache] [-help]
4159 Where: -long print all info
4160 -addrs print only host interfaces
4161 -cache print only cache configuration
4163 * Symlinks to \\AFS\[all\]... will now be treated the same as
4164 symlinks to /afs/.... However, please use /afs/... as otherwise
4165 the symlinks won't work on Unix.
4167 * Correct a problem with local CellID allocation for cells whose
4168 server list is obtained via DNS instead of a CellServDB file. If
4169 the DNS information expires the CellID assigned to the entry will
4170 be changed. This causes all of the cm_scache_t objects which refer
4171 to the old cellID number to become useless. Attempts to access
4172 files or directories with cm_scache_t objects using the old cellID
4173 will fail since the server list cannot be obtained.
4175 * Correct deadlock condition in cm_EndCallbackGrantingCall which can
4176 be triggered if the volume referenced by the cm_scache_t object is
4179 * The AFS Service needs to respond to SERVICE_ACCEPT_SHUTDOWN messages
4180 in addition to SERVICE_ACCEPT_STOP.
4182 * Move RPC shutdown until after the SMB and RX shutdown procedures
4183 complete. Block until RPC shutdown is complete.
4185 * Modify afslogon.dll (integrated logon) to wait for service if its
4186 state is START_PENDING. If the timeout period occurs, reset to
4187 the retry interval and not the sleep interval.
4189 * When renewing the server list for a cell obtained via DNS AFSDB
4190 records, the cm_cell_t entry must be removed from the list of all
4191 cells. Otherwise, the list of cells will be corrupted.
4193 * In the dcache and scache modules, use the cm_scache_t dataVersion
4194 instead of the cm_fakeDirVersion.
4196 * Synchronize fs.c with the unix version.
4198 * The variable used to determine whether a file or virtual memory
4199 mapped cache is used was not properly initialized to a default
4200 value. If the registry setting "NonPersistentCaching" was not
4201 set, the choice would be random. Properly initialized to be
4204 * The memory mapped view was never unmapped before closing the file
4205 at service shutdown. This is now properly cleaned up.
4207 * Default location of Cache file is now %TEMP%\AFSCache
4211 * A bug affecting new installations of 1.3.75/76 would result in
4212 the creating of incorrect mountpoints in the freelance root.afs
4213 volume for the default cell.
4215 If "fs \\afs\all\<cellname>" lists a volume name of "root" instead
4216 of "root.cell", you have been affected by the bug. To correct the
4217 problem, execute the following commands:
4219 fs rmmount \\afs\all\<cellname>
4220 fs rmmount \\afs\all\.<cellname>
4222 fs mkmount \\afs\all\<cellname> root.cell <cellname>
4223 fs mkmount \\afs\all\.<cellname> root.cell <cellname> -rw
4227 * A bug has been fixed in the auto-generation of Freelance root.afs
4228 symlinks which produced random entries in the \\AFS\all directory.
4230 * Support has been added for multi-homed servers
4233 * Added a new registry value, "StoreAnsiFilenames", which can be used
4234 to force the use of ANSI character sets instead of OEM Code Pages.
4235 This feature is useful when users require the ability to create
4236 filenames with 8-bit characters and need to access the files from
4237 both Latin-1 based Unix systems as well as from Windows.
4239 Activation of this feature will prevent access to files stored with
4240 8-bit OEM characters.
4242 * Shutdown all SMB threads in a synchronized manner when stopping the
4245 * There is currently a maximum cache size of 1.3GB. The limit is imposed
4246 by the largest contiguous block of unused memory within the 2GB process
4247 space which can be assigned to the memory mapped file. Unfortunately,
4248 when the executable digital signature verification code is activated
4249 Windows sees fit to further segment the process memory which in turn
4250 reduces the size of the maximum cache file to less then 800MB. If
4251 larger cache sizes are desired, a new registry value should be set:
4253 HKLM\SOFTWARE\OpenAFS\Client (DWORD) "VerifyServiceSignature" = 0x0
4255 Setting this value will disable the runtime verification of digital
4256 signatures on afsd_service.exe and the afs dlls which it loads. It
4257 will not disable the the version number check on those same files.
4258 The signature verification is not a security messure and is only meant
4259 to enhance the ability to afsd_service.exe to detect potential
4260 destablizing mixtures of DLLs from incompatible distributions.
4262 Added code to auto-disable the signature verification check if
4263 the desired cache size is greater then 700MB.
4265 * Windows' WinTrustVerify(WIN_SPUB_ACTION_PUBLISHED_SOFTWARE) is
4266 used to verify the validity of the afsd_service.exe binary
4267 as well as each of the AFS DLLs loaded by the service. Not only
4268 must the digital signature be valid but the signatures of the
4269 DLL must be signed by the same entity as the service.
4271 * Implement new functions: cm_freelanceMountPointExists and
4272 cm_freelanceSymlinkExists. Use them along with other validity
4273 checks in cm_freelanceAddMount and cm_freelanceAddSymlink to
4274 ensure that name collisions do not occur and that empty strings
4275 are not valid file names.
4277 A symlink may not have a name which would resolve to a valid
4278 cell name. Doing so would prevent access to the cell.
4280 * Add missing cm_HoldSCacheNoLock call to Freelance mount point
4281 re-initialization code. The reference counts of the fake root.afs
4282 volume scache object(s) would become invalid when the mount point
4283 or symlink lists were altered.
4285 * Add registry entries to provide mappings from the afsdsbmt.ini
4286 to the new locations for applications which count on the use
4287 of the old Profile file APIs. These apps are likely to fail
4288 if the user does not have administrator privileges and the
4289 registry is locked down.
4291 * The afs_config.exe submounts dialog had two errors.
4292 First, attempts to remove entries failed because the registry
4293 key was being opened without KEY_WRITE privileges.
4294 Second, when editing a submount entry, changing the name
4295 would add a new key and leave the original one in place.
4296 Now the original submount will be removed if its name is
4299 * In recent months there have been several incidents in which
4300 users have experienced problems starting or accessing
4301 afsd_service.exe and after significant effort has been spent
4302 it has turned out that they have two versions of AFS on the
4303 machine or an inconsistent set of DLLs.
4305 Code has now been added to afsd_service.exe which will walk
4306 the list of modules loaded by afsd_service.exe and validate
4307 that the version of the AFS DLLs matches the version of the
4308 afsd_service.exe executable. If they do not match the service
4311 * When Freelance mode is enabled and there is no registry
4312 key HKLM\SOFTWARE\OpenAFS\Client\Freelance, afsd_service.exe
4313 will attempt to import the afs_freelance.ini file contents.
4314 If the file does not exist, it was creating a dummy file
4315 with a r/o and r/w entry for the default cell and then
4316 importing those values.
4318 This process has been changed. The temporary file is no
4319 longer created. Also, both the OpenAFS Client install
4320 directory as well as %WINDIR% are checked for previous
4321 afs_freelance.ini files.
4323 * Added support for VL_GetEntryByNameN(). Still need to add
4324 support for VL_GetEntryByNameU() for multi-homed support.
4326 * Fix a deadlock situation in afscreds.exe when canceling an
4327 auto-generated Obtain Tokens dialog
4330 * Fix the locking of objects during Directory Searches in the
4331 SMB/CIFS server. The failure to properly lock the reference
4332 counts was resulting in the premature freeing of smb_dirSearch_t
4333 objects while they were still in use by the SMB/CIFS client.
4334 This does not solve the "Invalid Handle" problem.
4336 * Fix Find Cell By Name pioctl call to return a valid cell
4337 name for the Freelance fake root.afs volume.
4338 "Freelance.Local.Root".
4340 * Fix the Explorer Shell Extension Symlinks->Add operation.
4341 The dialog template was missing and the link destination
4342 string was too short.
4344 * Add support for symlinks to Freelance root.afs volume
4345 Stored at HKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks
4346 <number> = "<linkname>:<relative-path>."
4347 Use symlink.exe to create, list, or remove
4349 * Remove the fallback to the use of KFW's KRB4 library when obtaining
4350 tokens. We never obtain KRB4 tickets.
4352 * Fix AFS Client Configuration Control Panel to support new SysName
4355 * Fix a bug in afsd_service.exe which could result in the SysName
4356 not being read from the registry.
4359 * Add code to block the issuance of AFS tokens by aklog.exe or
4360 afscreds.exe when the Kerberos 5 principal name contains a dot.
4362 * Modify the IsAdmin() function to always treat the local SYSTEM
4363 account as an AFS client administrator. Affects fs.exe and
4366 * Modify the internal handling of Quota Exceeded errors
4368 * Upgrade all reference count fields in the Windows cache manager
4369 and the osi library to use unsigned long instead of signed short.
4370 A similar fix has been applied to the afs rpc (rx) library.
4372 * fix the Windows cache manager to prevent it from replacing the
4373 rx_connection object associated with the cm_conn_t object on each
4374 and every operation if "fs crypt" was set. This explains the
4375 dramatic performance difference when crypt is used vs clear.
4376 The problem: 'cryptall', a boolean flag indicating whether or not
4377 "fs crypt" is set, was being compared to the rx_connection
4378 cryptlevel which is either rxkad_clear:0 or rxkad_crypt:2.
4379 1 != 2 and therefore the rx_connection was always destroyed
4380 and replaced on each and every operation.
4382 Lock the cm_conn_t object around every call to RXAFS_xxxx functions.
4383 It is not safe for the cm_conn_t object to not be locked because
4384 rx_DestroyConnection might be called from another thread if:
4385 - the user's tokens have changed or expired
4386 - the crypt mode has changed
4388 This fix appears to have also taken care of the problems associated
4389 with Overlapped Writes resulting in Delayed Write errors.
4391 * fix NSIS installer's AdminGroup.exe to properly create and
4392 remove groups when given -create or -remove. The string comparison
4395 * fs sysname now accepts a list of sysname values
4397 * added a new registry value HKLM\SOFTWARE\OpenAFS\Client "IoctlDebug"
4398 DWORD which when set to a non-zero value will cause error message
4399 text to be output to stderr from the pioctl() routine. Useful in
4400 debugging failures of fs.exe, tokens.exe, etc.
4402 * added a test to the power management code to only perform a
4403 flush operation if there is at least one network adapter which
4404 is not a loopback adapter.
4406 * Fix bug in loading of registry value HKLM\SOFTWARE\OpenAFS\Client
4407 "EnableKFW". This value will not be read if the key
4408 HKCU\SOFTWARE\OpenAFS\Client exists; even if the "EnableKFW"
4409 value under that key does not.
4411 * provide mechanisms to force the use of krb524d for Kerberos 5
4412 ticket to AFS token conversion. For afslogon.dll and afscreds.exe
4413 there is a new registry value "Use524" and for aklog.exe a new
4414 command line parameter "-m".
4416 * Fix the pattern matching algorithm to properly match patterns
4419 * smb_ReceiveCoreRename() was factored to produce smb_Rename()
4420 which is used by both the original function and the new
4421 smb_ReceiveNTRename(). smb_ReceiveNTRename() supports the
4422 creation of HardLinks in addition to Renaming. smb_Link()
4423 is a new function which creates HardLinks via cm_Link().
4424 cm_Link() is a new vnodeops function which creates links
4427 smb_ReceiveNTRename() does not support the File Copy and
4428 Move Cluster Information operations described in its interface.
4429 ReceiveNTRename is under documented in CIFS-TR-1p00_FINAL.pdf.
4431 * When opening files via symlinks, we should follow the symlinks
4432 until we reach the actual file stat cache entry. The stat cache
4433 entry of the file should then be stored in the FID instead of
4434 stat scache entry of the symlink.
4436 * return bad operation errors for all unimplemented functions
4437 even if we do not know the functions exist.
4439 * Log bad packets and unknown operation packets to the trace log
4441 * Map CM_ERROR_BADOP to STATUS_NOT_SUPPORTED instead of
4444 * Update list of known CIFS operations to include all those listed
4445 in CIFS-TR-1p00_FINAL.pdf.
4447 * Modify the handling of HKLM\SOFTWARE\OpenAFS\Client\Submounts
4448 to support the REG_EXPAND_SZ type.
4451 * A new Windows authorization group "AFS Client Admins" is now
4452 created and populated with the members of the "Administrators"
4453 group. The group is used to determine which accounts on the
4454 machine may be used to modify the AFS Client Configuration via
4455 the UI and command line tools. afs_config.exe, fs.exe,
4457 * Modify the WinLogon Logoff Event Handler to query NT4 domain
4458 controllers for the remote profile path if Active Directory
4459 services are not available.
4461 * Fix aklog.exe to not add the AFS ID to the username
4463 * PTS registration of new users to foreign cells has been added to
4466 * The cm_Daemon thread is used to perform checks for
4467 down servers, up servers, volumes, callback expirations,
4468 lock maintenance and token expiration. Due to a gaff in
4469 larger integer division the thread never performed any
4470 work. Instead the current time computation would always
4471 be less then the trigger times. This had an adverse affect
4472 on the client's ability to maintain communication with servers,
4473 keep volumes up to date, and flush user tokens and acls
4474 when they have expired. This was broken when the 1.3 branch
4475 was modified to support VC7 which no longer included
4478 * An initialization problem with the Freelance code was
4479 detected while fixing the callbackRequest. The cm_rootSCachep
4480 object is obtained during afsd_InitDaemons() but the callback
4481 information is incomplete. The callback information will not
4482 be obtained until cm_MergeStatus is called from within
4483 cm_GetCallback. Unfortunately, cm_SyncOp did not properly
4484 test for the conditions under which the callback information
4487 * Reports have been filed indicating that callbacks were
4488 being lost. An examination of the code indicated that the
4489 cm_server_t objects were not being properly reference
4490 counted by the cm_scache_t and cm_callbackRequest_t objects.
4491 In particular, the cm_server_t objects may have been freed
4492 from beneath the cm_conn_t objects.
4494 All of the reference counting is now done via the functions:
4499 this improves the ability to track the referrals.
4501 Each cm_BeginCallbackGranting Call now allocates a reference
4502 to the cm_server_t. The cm_EndCallbackGrantingCall either
4503 frees the reference or transfers it to the cm_scache_t
4504 cbServerp field. These are then appropriately tracked
4505 through the cm_Analyze call.
4507 * Ensure that the dnlc hash table is the same size as the
4508 dir name hash table (as per original author's note).
4509 Increase the dnlc CM_AFSNCNAMESIZE to a multiple of 8
4510 for compatibility with 64-bit systems.
4512 * fix smb_ApplyV3DirListPatches to properly apply the hidden
4513 attribute to dotfiles when the infoLevel < 0x101 and
4514 cm_SyncOp has failed.
4516 * Fix the Freelance registry initialization code. There
4517 was a possibility that some systems could end up with
4518 garbage in the registry during a clean install.
4521 * file and directory names beginning with "." will now be given the
4522 hidden attribute when the volume access is anonymous. this matches
4523 the behavior when the volume access is via an authenticated user.
4525 * Added a change monitor to the HKLM\SOFTWARE\OpenAFS\Client\Freelance
4526 key. When a change occurs mark the root.afs data as invalid and
4527 for it to be reloaded on the next access. This allows administrators
4528 to modify the mount point list without restarting the service.
4530 The freelance client used to provide a fake modification time for
4531 the root.afs volume data and its mount points of 7/09/2001 14:24 EDT.
4532 Added code to extract the last modification time of the Freelance
4533 registry key and use that instead. The time now represents the
4534 most recent mount point change.
4536 * PTS registration of new users to foreign cells has been added to
4539 * Additional Cache Control and Credential Manager options have been
4540 added to the WiX installer. See deployment guide for details.
4542 * The CachePath setting is now optionally a REG_EXPAND_SZ type
4544 * The WiX installer has been upgraded. Version 2.0.1927.1 is now
4547 * The loopback installation code may have had a problem updating the
4548 %ETC%\HOSTS file which could have resulted in a premature failure.
4549 Work around code has been added for the case where the file cannot
4552 * The default max chunksize was increased from 15 (32K) to 17 (128K)
4553 because Windows sends 64K blocks when using overlapped writes.
4555 * The default number of server threads was increased from 4 to 25 to
4556 better handle overlapped writes.
4558 * The "AfscredsShortcutParams" registry value was not being properly
4559 loaded by afscreds.exe. Therefore, the default value was always being
4560 used instead of the value set by the installer.
4562 * Windows XP provides downgrade attack detection to prevent an attacker
4563 from being able to force the use of NTLM simply by disrupting
4564 communication with the KDC. This attack cannot exist between the
4565 Windows CIFS client and the AFS Client Service. Therefore, when a
4566 downgrade has been detected the afs pioctl library will force the
4567 establishment of a new CIFS connection using NTLM.
4569 * A locking error was discovered surrounding all references to volume
4570 server lists within the cm_cell.c source file.
4572 * The logged into Windows username was incorrect on Terminal Server
4575 * A new registry value "NonPersistentCaching" was added to the service
4576 parameters key. When set to a non-zero value, the afs cache is stored
4577 in the Windows paging file. There are two limitations to choosing
4579 1. when persistent caching is implemented it won't work with
4580 this flag set since there will be nothing to persist.
4581 2. with this flag set the initial paging allocation cannot be
4582 changed while the service is running
4584 * An initialization bug was discovered in aklog.exe which affected users
4585 who have a domain name for their afs servers which could not be mapped
4589 * afs_config.exe now validates cell names against DNS in addition
4590 to the CellServDB file.
4592 * In order to allow the freelance client to connect to a volume with ID
4593 equal to 1 on the default cell we changed the fake root.afs volume ID
4594 once again. This time we choose 0xFFFFFFFF. In addition, we change
4595 the cell ID of the fake root.afs volume from 1 to 0xFFFFFFFF as well.
4596 It will now be impossible for a volume ID to match that of another
4597 cell unless the client is connected to 0xFFFFFFFD cells. That should
4598 be enough room for growth.
4600 * Fix "fs mkmount" command to work with UNC paths and when
4601 started from non-AFS drives. It is now possible to create a mount
4602 point in the freelance fake root.afs volume with the command
4604 fs mkmount \\AFS\all\<directory-name> <volume-name> <cellname>
4608 fs mkmount \\AFS\all\openafs.org root.cell openafs.org
4609 fs mkmount \\AFS\all\.openafs.org root.cell openafs.org -rw
4611 * The algorithm used to re-attempt access to the servers associated with
4612 a volume has been altered to properly address the case in which all
4613 servers have been marked down. The previous algorithm did not reset
4614 the server's down flags so the servers were never actually retried.
4615 This caused a problem with active volumes if the network connectivity
4616 was lost as could be the case with a network cable removal, wireless
4617 drop, or laptop hibernation. With the fix volume access is restored
4618 almost instantenously when network connectivity becomes available.
4620 * Support for SMB/CIFS browsing has been added to the AFS Client Service
4621 SMB server. It is now possible to use "NET VIEW \\AFS" to obtain a
4622 listing of AFS submounts and freelance mount points. Support for
4623 NETSHAREENUM, NETSHAREGETINFO, NETSERVERENUM2, NETSERVERGETINFO
4624 significantly enhances the behavior of AFS volumes within the Explorer
4625 Shell. For instance, "AFS" now shows up as server in the Explorer
4626 with each submount or freelance mount point visible as a share.
4627 The right click menu in each folder now works with full functionality
4628 on a consistent basis.
4630 * The network provider can be configured to have different behavior
4631 depending on the domain that the user logs into. These settings are
4632 only relevant when using integrated login. A domain refers to an
4633 Active Directory (AD) domain, a trusted Kerberos (non-AD) realm or the
4634 local machine (i.e. local account logins). The domain name that is
4635 used for selecting the domain would be the domain that is passed into
4636 the NPLogonNotify function of the network provider. (see registry.txt
4639 * Added a new registry value [HKCU\SOFTWARE\OpenAFS\Client]
4640 "Authentication Cell" which may be used to specify a default
4641 authentication cell for afscreds.exe which is different from
4642 the default cell for the AFS Client Service daemon.
4644 * Added a Logoff WinLogon Event Notification function to afslogon.dll.
4645 afslogon.dll moved to %WINDIR%\System32\.
4646 New registry entries added to register the dll for Winlogon events.
4648 The logoff event will now force a call to ktc_ForgetAllTokens()
4649 using the context of the user being logged off as long as the
4650 user's profile is not loaded from within AFS. If the profile
4651 was loaded from AFS we can't release the tokens since the Logoff
4652 event is triggered prior to the profile being written back to
4653 the its source location. This is now performed in an XP SP2
4656 * Windows XP SP2 Internet Connection Firewall interoperability
4659 * The %WINDIR%\afsdsbmt.ini contains four sections:
4660 Submounts, Drive Mappings, Active Maps and CSC Policies.
4661 The Submounts and CSC policies are now stored in the registry under
4662 [HKLM\SOFTWARE\OpenAFS\Client\Submounts]
4663 [HKLM\SOFTWARE\OpenAFS\Client\CSCPolicy]
4664 The Drive Mappings and Active Maps are stored in the registry under
4665 [HKCU\SOFTWARE\OpenAFS\Client\Mappings]
4666 [HKCU\SOFTWARE\OpenAFS\Client\Active Maps]
4668 There is no automatic migration of this data as it would be impossible
4669 to consistently migrate data to user profiles which may not be active
4670 when the machine is updated.
4672 * The %WINDIR%\afs_freelance.ini contains lists of mountpoints for the
4673 fake root.afs volume. For the same reasons as for the cellservdb file,
4674 this information should not be in %WINDIR%. This information is now
4675 kept under the registry key
4676 [HKLM\SOFTWARE\OpenAFS\Client\Freelance]
4678 The data from the afs_freelance.ini file will be automatically
4679 migrated to the registry on first execution of afsd_service.exe
4681 * Keeping the CellServDB file in the location %WINDIR%\afsdcell.ini is
4682 troublesome for several reasons. One, it is confusing for those who
4683 expect the file to be named "CellServDB" instead of "afsdcell.ini".
4684 Two, this file is not a Windows Profile formatted file. Three,
4685 applications should not be reading or writing to %WINDIR%. It causes
4686 problems for Windows Terminal Server.
4688 The new location of CellServDB will be the OpenAFS Client install
4689 directory which is by default C:\Program Files\OpenAFS\Client and can
4690 be determined by querying the registry for
4691 [HKLM\SOFTWARE\TransarcCorporation\AFS Client\CurrentVersion]PathName
4693 The existing afsdcell.ini will be migrated by the NSIS installer.
4694 The Wix installer must still be updated to do the same.
4696 * Change NSIS installer to use DNS by default; to remove Integrated Logon
4697 High Security mode; and to add Terminal Services compatibility registry
4698 entries to allow the OpenAFS tools to find the afsdcell.ini and other
4699 configuration files in %WINDIR%.
4701 * Add support for authenticated SMB connections. This will remove
4702 the need for high security mode in most situations. Both NTLM
4703 and Extended Security (GSS SPNEGO) modes are supported. Effectively,
4704 only NTLM can be used even though Kerberos is now supported. The
4705 reason is that it is not possible to construct a service principal
4706 which is unique to each individual machine.
4708 SMB Extended Auth does not work on XP SP2 unless one of two registry
4709 modifications are made:
4711 (1) To disable the check for matching host names on loopback connections
4712 set this key. This does not require a reboot:
4714 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
4715 "DisableLoopbackCheck"=dword:00000001
4717 (2) To add the AFS SMB/CIFS service name to an approved list. This
4718 does require a reboot:
4720 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
4721 "BackConnectionHostNames"=multi-sz "AFS" "MACHINE-AFS"
4723 afsd_service.exe will automatically add the current Netbios Name
4724 to the BackConnectionHostNames list and then temporarily disable
4725 the loopback check for one cycle of startup/shutdown of the service.
4726 We assume most folks do not start/stop without a reboot so this
4727 will be adequate in most cases.
4729 * Fix security hole in afslogon.dll which allowed passwords to be
4730 sent in clear text to the KDC in a misformed principal name.
4732 * Fix cm_GetCell() to properly handle expired dns entries
4735 * If Freelance mode is active and the afs_freelance.ini
4736 file does not exist, do not create an empty file.
4737 Instead create a file containing ro and rw mountpoints
4738 to the default cell using the standard conventions.
4740 * Modify the Freelance support to handle the ability
4741 to create rw mount points in the fake root.afs volume.
4743 * Changed the RPC mechanism used for token setting from
4744 named pipes to local. Use of named pipes can be restored
4745 by setting the environment variable AFS_RPC_PROTSEQ to
4748 Named pipes were required when a Windows 9x system was
4749 using a NT system in gateway mode which is incompatible
4750 with our use of local loopback adapters.
4752 * In afscreds.exe, if a username of the form user@REALM is
4753 specified and no password is specified, do not perform a
4754 kinit operation. Only perform the aklog functionality.
4756 * Add a new registry value which allows the number of processors
4757 on which afsd_service.exe executes to be restricted. Valid
4758 values are 1..numOfProcessors
4760 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAfsDaemon\Parameters
4764 * A second MSI based installer option is now available.
4766 * Fixed Kerberos 5 kinit functionality in afscreds.exe to properly
4767 request tickets for user/instance@REALM instead of just user@REALM
4769 * Modify the Power Management Notify routine to wait for the Hard Dead
4770 timeout period instead of a fixed 19 seconds. With the longer timeout
4771 periods Hibernation and Standby could never succeed when network
4772 connectivity is not available.
4774 * The following fs.exe commands are now restricted to Administrator:
4775 - checkservers with a non-zero timer value
4778 - sysname with a new sysname list
4787 setting the default sysname for a machine should be done via the
4788 registry and not via "fs sysname".
4790 * NSIS installer adds options to install Debugging Symbols
4791 and the Microsoft Loopback Adapter; the user is now also
4792 given the ability to select the afscreds.exe startup options.
4794 * Build system modified to generate symbols for FREE (aka RELEASE)
4795 builds as well as CHECKED (aka DEBUG) builds
4797 * Sites which have a volume ID of 0x20000001 assigned to their
4798 root.cell volumes have been experiencing problems with accessing
4799 the root.cell volume of their cell when Freelance mode has been
4800 active. This was because 0x20000001 was assigned to the fake
4801 root.afs volume created by freelance. The fake volume id is
4802 now set to 0x00000001 to prevent conflicts.
4804 * The timeout logic in the AFS Client Service has been wrong
4805 for sometime. It is based on two different assumptions.
4806 First, the SMB client timeout is a fix value as was the case
4807 with OS/2 Lan Manager. This assumption is incorrect. The
4808 SMB timeout in Windows is a dynamic value computed based upon
4809 a fixed minimum timeout to which is added time based upon the
4810 size of the request and the performance characteristics of
4811 the connection. Second, it is the responsibility of the
4812 SMB Server to enforce the timeout requirements of the client.
4813 This is untrue. The SMB Server cannot be expected to know
4814 the requirements of the client. More importantly, if the
4815 SMB server uses the SMB client timeout as a value to restrict
4816 its behavior as an RX client, the performance characteristics
4817 of the local SMB session would be used to prematurely terminate
4818 WAN connections with significantly different performance
4821 The timeout logic has therefore been modified in the following
4823 . the Lan Manager Workstation (SMB) Session Timeout is used only
4824 as a basis for configuring the Connection Dead Timeout
4825 and Hard Dead Timeout values. The Connection Dead Timeout
4826 must be at least 15 seconds longer than the SMB Timeout
4827 and the Hard Dead Timeout must be at least double the
4828 Connection Dead Timeout.
4829 . New registry entries have been added to allow the Connection
4830 Dead Timeout and Hard Dead Timeout values independent of the
4831 Lan Manager Workstation Session Timeout
4832 . The test to enforce the SMB Client Timeout has been removed.
4834 One of the side-effects of removing the enforcement of the SMB
4835 Client Timeout is that regardless of whether or not the SMB client
4836 is available to receive the response (and how would the SMB server
4837 know) the RX protocol response can be used to update the AFS
4838 Client Service state for ready access by future SMB client
4841 This should be the end of the "Server paused or restarting messages"
4843 * Add support for arbitrary UNC paths to the pioctl() support.
4844 This enables the fs commands as well as the AFS Shell Extension
4845 to work correctly when UNC paths are being used.
4847 * Fix afscreds.exe (by updating afskfw.lib) to search for cells via
4848 DNS if the cell configuration cannot be determined via CellServDB
4850 * Add debug info to test whether CM_BUF_WAITING or CM_SCACHE_WAITING
4851 are ever set more than once at a time
4853 * Fix the management of lists of cm_cell_t structures when using
4854 DNS to lookup cell information. The previous code would fail to
4855 reuse the same cellID for a cell if DNS was used more than once
4856 for a given cell name. When the ttl expired, a single cm_cell_t
4857 could be inserted into the cm_allCellsp list more than once
4858 producing a loop. In addition, the vlServerp list belonging to
4859 the cell was not freed resulting in improper refCounting of the
4862 * Add DNS support to cm_IoctlNewCell() which previous only examined
4865 * Add cm_FreeServer() function and call it from cm_FreeServerList()
4866 to properly garbage collect cm_server_t objects
4868 * Add numVCs variable to smb.c to track the number of smb_vc_t
4869 objects created and use it to initialize the vcID field which
4870 previously was set to 0 in all objects resulting in FindByID
4873 * Fixed DNS lookups to work consistently throughout the OpenAFS
4874 product instead of just from within the afsd_service.exe
4876 * Added a runtime check to ensure that AFS Client Service SMB
4877 Server is accepting connections before attempting to mount
4880 * Read IP addresses for volume servers out of the CellServDB
4881 file if gethostbyname() on the hostname fails.
4883 * Fix getcellconfig() to populate both the Hostnames as well
4884 as IP addresses when loading cell data via DNS
4886 * Increase the Connection Dead Time to 50 from 20 seconds
4887 Increase the Hard Dead Time to 120 from 40 seconds
4888 (matches the Unix values)
4890 * Fixed an assertion validating the number of allocated NCBs
4892 * Fixed the build environment to consistently build for
4893 Windows 2000 and above. (APPVER = 5.0)
4895 * Fixed rx_debug to properly validate the receipt in incoming
4896 data with select() and recvfrom(). Do not copy data out of
4897 the socket buffer unless success is indicated.
4900 * afsd_service.exe will now display a message box to the
4901 desktop when it terminates due to an IP Address Change.
4903 * installer no longer deletes AFS Server configuration data
4906 * installer generates a warning dialog if the RPC service
4907 is not properly configured
4909 * installer compressed with lzma instead of bzip2
4911 * afsd_service.exe shutdown crash solved once and for all
4913 * reference counting of smb_vc_t data structures improved
4915 * name space collision of smb_fid_t event objects corrected
4917 * the output of "fs memdump" is now written to
4918 %WINDIR%\TEMP\afsd_alloc.log
4920 * the file TaAfsApp_1033.dll is now properly installed allowing
4921 the User Manager to start
4923 * a new algorithm is used for computing filename pattern matches
4925 * afscreds.exe now accepts user names containing instance
4928 * Fix the Directory Name Lookup Cache to be case-sensitive.
4929 This is crucial in environments in which a Windows client
4930 is accessing a directory with more than one filename that
4931 differs only by case. If the directory contains "FOO"
4932 and "Foo". You want "DEL Foo" to delete the correct one.
4933 We still have a problem in that "DEL foo" will delete a
4934 random filename. This will be addressed in a future release.
4936 * Fix afscreds.exe -M option (renewMaps) to work when High
4937 Security mode is off. Also, remember to disable the ActiveMap
4938 flag in afsdsbmt.ini when a drive mapping is removed.
4940 * Updates to NSIS installer script. AFS Server configuration
4941 data will not be destroyed on un-install or re-install.
4942 Use a better compression algorithm.
4944 * afslogon.dll now uses KFW to obtain tokens when available
4946 * afslogon.dll when given an all uppercase username will
4947 attempt to authenticate with both the uppercase name
4948 and an all lowercase variation
4950 * DST modification removed. The fix appears to make things
4951 worse after a reboot of the machine.
4953 * fs.exe: added "cscpolicy" which is used to
4954 change client side caching policy for AFS shares
4956 Usage: fs cscpolicy [-share <AFS share>] [-manual] [-programs]
4957 [-documents] [-disable] [-help]
4959 * Several uninitialized variables have been initialized
4961 * It is now possible to obtain tokens using cross realm
4962 Kerberos within afscreds.exe:
4964 user: jaltman@ATHENA.MIT.EDU
4966 Will obtain a cross realm ticket for jaltman/DEMENTIA.ORG@ATHENA.MIT.EDU
4967 will will in turn be used to obtain afs@DEMENTIA.ORG.
4968 The resulting token will be stored with the display name
4969 jaltman@ATHENA.MIT.EDU@dementia.org
4971 * aklog.exe has been added to the client
4973 Usage: aklog [-d] [[-cell | -c] cell [-k krb_realm]]
4974 [[-p | -path] pathname]
4978 -d gives debugging information.
4979 krb_realm is the kerberos realm of a cell.
4980 pathname is the name of a directory to which you wish to authenticate.
4981 -noprdb means don't try to determine AFS ID.
4982 -5 or -4 selects whether to use Kerberos V or Kerberos IV.
4983 (default is Kerberos V)
4984 No commandline arguments means authenticate to the local cell.
4987 * All of the resource files have been restructured to adhere to
4988 a set of rules IBM implemented for loading string resources.
4989 These rules had either been forgotten or were not discovered
4990 by folks working on the OpenAFS sources. The end result was
4991 memory corruption. This is primary item which was preventing
4992 the AFS Server from working.
4994 * Increased the size of the maximum ticket size stored in a token
4995 from 344 bytes to 12,000. Increased the buffers used to convey
4996 messages between the pioctl() caller and the SMB Server from
4997 1000 bytes to 12,512. The code appeared to have been writing
4998 above the top of the stack by quite a few number of bytes.
4999 (The increased ticket size is necessary for the next item.)
5001 * When obtaining AFS Tokens via KFW, krb524 is no longer required.
5002 Instead the raw Kerberos 5 ticket is used in its entirety. This
5003 is extremely important as it allows us to use pure Kerberos 5 KDCs
5004 as the source of the AFS authentication. The use of up to 12,000 byte
5005 tickets will allow tickets produced by all versions of Microsoft
5006 Active Directory to be used.
5007 - create a user account.
5008 - designate it DES only
5010 - specify its UPN to be "afs@realm"
5011 - assign a SPN of "afs/cellname" to the UPN with setspn.exe
5013 * Do not enforce the funky 8dot3 pattern matching rule that the first "."
5014 is special when using long file names. (you must use "*.*" and not "*")
5015 Instead only enforce it when performing 8dot3 searches.
5017 * Fixed the DST problem with creation times being set one hour ahead
5019 * Fixed the problem when using \\afs\cell-alias. For example,
5020 \\afs\uncc instead of \\afs\uncc.edu. Do not a new cell struct
5021 for the alias name; instead simply expand the name. One of the
5022 symptoms of this problem was a loss of acquired tokens.
5024 * Fixed the AFS Shell Extension. The Symbolic Link menu was empty
5025 of strings. (Only English strings provided.)
5027 * Fixed the installer to properly replace in use files.
5029 * Fixed the build system to cleanup generated component version files
5031 * The release build compiled with MSVC 6.0 compiler to avoid the
5032 afsd_service.exe shutdown crash. This does not solve the problem
5033 but simply avoids it for the time being.
5037 * fix afslogon.dll to not corrupt memory when High Security mode
5040 * fix afsd_service.exe to not attempt to restore the stack when
5041 an exception occurs. (not safe in multi-threaded programs)
5043 * fix uninstaller to properly remove the CRT and MFC DLLs
5045 * remove a Message Box from afscreds.exe when getcellconfig()
5046 fails on a kerberos realm which is not a cell
5048 The following is a list of changes to the OpenAFS for Window client
5051 * "fs setserverprefs" will leave afsd service deadlocked
5053 * "vos listaddrs" will core dump
5055 * installer sets the appropriate keys to support Integrated Logon
5057 * installer disables the "Find Lana by Name" functionality as it
5058 was causing headaches for many users
5060 * fix the intermittent crash of the power management thread when
5061 shutting down the AFS Client Service
5063 * optimizes the obtain drive mount list functionality which is
5064 executed every time the mount tab in afscreds.exe and afs_config.exe
5065 are refreshed. (this happens a lot)
5067 * fix the service shutdown logic. add the STOP_PENDING state
5068 and do not accept additional service events after we declare
5071 The following is a list of changes to the OpenAFS for Window client
5074 * flexelint was run against the source tree and hundreds (perhaps
5075 thousands) of corrections were applied to ensure prototypes
5076 were in use; types were used consistently; variables were
5077 initialized; unused variables were removed; etc.
5079 * A wide variety of instrumentation was added including the
5080 ability to produce a stack trace from within afsd_service.exe
5083 * Dynamic configuration of the RDRtimeout value based upon the
5084 LanMan Workstation Session Timeout
5086 * The mount root no longer needs to be called "/afs". This
5087 is now set by a registry value "MountRoot" within the key
5088 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters
5090 * The cell list is now only read out of afsdcell.ini when the
5091 file changes instead of each time a cell is resolved.
5093 * Thread synchronization was added to cm_server.c and ktc_nt.c
5095 * All calls to GlobalAlloc()/GlobalFree() were replaced with
5096 calloc()/free(). The Global functions were needed on Windows 3.x
5097 but have caused a variety of problems on the Win32 platforms.
5098 Avoiding them is highly recommended by several Microsoft
5099 Knowledgebase articles
5101 * Support for Symbolic Links added to the AFS Shell Extension
5103 * Added a registry value "OverlayEnabled" to determine if
5104 Shell Extension Overlays should be enabled.
5105 HKLM\SYSTEM\CurrentControlSet\Services\TransarcAFSDaemon\Parameters
5107 * New Build system to support VC6, VC.NET, VC.NET2003 compilers and
5108 separate trees for checked and free builds. Build system supports
5109 a custom directory src\WINNT\extra which can be used as a grafting
5110 location of organization specific additions to the build tree.
5112 * New installer built using NSIS 2.0.
5114 * Named all kernel objects in order to allow them to be monitored
5115 with tools such as SysInternals' ProcExp.exe.
5117 * Introduced new EventLog framework for AFSD
5119 * Introduced Power Management interface to AFSD for Standby and
5120 Hibernate modes to allow cache to be flushed prior to network
5123 * Utilize Win32 DNSQuery API instead of internal routines. This
5124 allows DNS SRV queries to be sent to all current domain name
5125 servers. Not just one specified in an INI file. DNS is now
5128 * "NetbiosName" registry value may be used to specify a fixed
5129 Netbios Name such as "AFS" to be used instead of "HOSTNAME-AFS"
5130 when the loopback adapter is in use. If you need to use the
5131 old notation with a loopback adapter installed specify a registry
5134 "NetbiosName" REG_EXPAND_SZ = "%COMPUTERNAME%-AFS"
5136 * Refactor all modules which depend on LAN Adapter and NetbiosName
5137 determination in a new library: lanahelper.lib. This allows for
5138 consistent behavior throughout the product.
5140 * Move the afsd.log and afsd_init.log files to the directory specified
5141 by the "TEMP" environment variable. This is usually %WINDIR%\TEMP
5142 for services. Added the Date to the log entries.
5144 * New registry value "RxMaxMTU" used to limit the size of the RX
5145 packets sent by the AFS Client Service to the Server. In order
5146 to enable OpenAFS to work across the Cisco IPSec VPN the packet
5147 size must be restricted to 1264 or smaller. The latest NSIS
5148 installer sets a value of 1260 by default.
5150 * New registry value "RxNoJumbo" to disable the use of Jumbo Rx
5151 packets. This is not needed in order to work across the Cisco
5152 VPN but might be needed for other network environments. This
5153 value is not set by the NSIS installer.
5155 * New registry value "HideDotFiles" is used to apply the Hidden
5156 attribute to files whose names begin with a '.'. This value
5157 is set by the NSIS installer.
5159 * New registry value "MaxMpxRequests" allows the maximum number
5160 of multiplexed sessions to be configured at run time. This
5161 value is not set by the NSIS installer. The default value is
5164 * New registry value "MaxVCPerServer" allows the maxmimum number
5165 of VCs per server to be configured at run time. This value is
5166 not set by the NSIS installer. The default value is 100.
5168 * New registry value "AllSubmount" allows the "all" submount to
5169 be disabled by setting its value to 0x00.
5171 * Allow cells names to be valid mount points
5172 \\<netbiosName>\<cellname>
5174 * Store the active state of drive mappings in order for afscreds.exe
5175 to restore them upon startup
5177 * Add exception handling to generate a Stack Trace to the afsd_init.log
5178 file if one happens to occur.
5180 * Add lots of logging to help detect the cause of invalid SMB packets
5182 * Enable Kerberos for Windows to be used to obtain AFS Tokens via
5183 conversion of Kerberos 5 "afs" service tickets. Supports auto-
5184 renewal of expiring tokens as long as afscreds.exe is running.
5186 * New afscreds.exe command line options:
5188 -M = renew drive maps
5189 -N = ip address change detection
5192 * New registry value "EnableKFW" in {HKCU,HKLM}SOFTWARE\OpenAFS\Client
5193 determines whether or not MIT Kerberos for Windows should be used
5194 to obtain tokens via Kerberos 5 tickets.
5196 * New registry value "AfscredsShortcutParams" in
5197 {HKCU,HKLM}SOFTWARE\OpenAFS\Client
5198 determines the command line parameters to be specified when "fixing"
5199 the AFS Shortcut in the user's startup folder.
5201 * The "ShowTrayIcon" registry value has been moved from
5202 HKLM\Software\TransarcCorporation\AFS Client\AfsCreds to
5203 {HKCU,HKLM}SOFTWARE\OpenAFS\Client
5205 * The <cell name> registry values used to store the token expiration
5206 reminders have been moved from
5207 HKLM\Software\TransarcCorporation\AFS Client\AfsCreds to
5208 {HKCU,HKLM}SOFTWARE\OpenAFS\Client\Reminders
5210 * Obtain the Logon User Name from the Explorer key when available
5212 * new text document doc\txt\winnotes\registry.txt lists all registry
5213 values used by OpenAFS (excluding the AFS Server)
5215 * BUG: rx_securityClass objects were not properly reference
5216 counted and were never freed.
5218 * BUG: reduce the number of conditions under which CM_ERROR_TIMEOUT
5219 would be generated. The existence of a server does not imply
5220 that it is not down. If all of the servers for a cell are down
5221 return CM_ERROR_NOSUCHVOLUME instead. This prevents the Explorer
5224 * BUG: the directory name lookup cache failed to free the entries
5225 in the cache when the name cache entries cycled. The entries
5226 in the cache would become dereferenced without being freed.
5228 * BUG: fs setserverprefs could be executed without Administrator
5231 * BUG: the number of allocated NCB objects (100) exceeded the number
5232 which could actually be waited upon by the kernel (64). Any objects
5233 which were utilized above the limit could never have event completions
5236 * BUG: smb_username_t objects were not being reference counted and
5237 were not properly freed.
5239 * BUG: smb_tid_t objects could under unusual circumstances be freed
5240 before they were no longer referenced.
5242 * BUG: smb_fid_t object pointer were frequently used even when
5243 their value could be NULL. They were not properly released and
5244 therefore they were never freed.
5246 * BUG: smb_packet_t data structures were not completely initialized
5249 * BUG: when Rx produces a CM_ERROR_NOIPC error do not return "Access
5250 Denied" because that causes the Explorer Shell to try again until
5251 access is obtained. Instead return "Remote Resources" which allows
5252 the shell to move on and treat the error as transient.
5254 * BUG: when initializing the NCBreturns structure, separate Event objects
5255 were created for each NCB although a single Event object was supposed
5256 to be shared by all.
5258 * BUG: smb_dirSearch_t objects were not being properly referenced counted
5261 * BUG: smb_tran2Packet_t objects were not being properly referenced
5264 * BUG: directory path creation did not handle the case of multiple
5265 directories requiring creation in one attempt
5267 * BUG: SMB requests which required an Extended Response were ignored.
5268 This prevented some files from being written to AFS volumes.
5270 * BUG: character strings were being freed even after they were
5271 inserted into in use data structures
5273 * BUG: inconsistent usernames were used when High Security mode was
5274 enabled. (there is still much to do in this area)
5276 * BUG: pioctl() calls which require out of band RPC operations were
5277 susceptible to race conditions when performed by multiple processes
5279 * BUG: memory allocation and deallocation crossed instances of the
5280 C Runtime Library producing memory leakage and corruption in
5281 afscreds and the client configurator.