+Since 1.3.87:
+ * Byte-range locking as described in cm_vnodeops.c has been implemented.
+
+ * When the cache manager reports ALLBUSY or ALLOFFLINE for
+ a resource we should not be returning status codes such
+ as Network Busy or Remote Host Down because these errors
+ will imply that the AFS Client Service is Busy or Down
+ and that is simply not the case. Instead we will return
+ Bad Network Path as the path is temporarily not available.
+
+ Instead of returning Sharing Paused when there is a
+ timeout error, return Timeout. Once again, the AFS Client
+ Service is not paused.
+
+ * afscreds.exe would display an Obtain Creds dialog when
+ the expired credentials reminder was triggered even
+ if there was no network path to the KDC. This is prevented
+ by adding KDC probe logic to the reminder thread.
+
+ * afscreds.exe would display expired tokens no differently
+ than unexpired ones. This would make it difficult for the
+ user to distiguish when the tokens were expired. For the
+ English build added a new resource string "(expired) that
+ is displayed instead of the expiration time.
+
+Since 1.3.86:
+ * "fs wscell" when executed in freelance mode will return the
+ name of the cell configured in the registry. The root.afs
+ volume is not loaded from this cell, but it is used for the
+ default for aklog and integrated login.
+
+ * "fs mkmount, fs rmmount, symlink make, symlink remove" will
+ no longer work on \\AFS\all when freelance is being used
+ unless the user is a member of the "AFS Client Admins" Windows
+ Security group.
+
+ * some more checks performed during persistent cache validation.
+
+Since 1.3.85:
+ * Optimize calls to cm_CheckServer from cm_Analyze. Only check
+ down servers for the current cell not all cells.
+
+ * If the scache LRU list becomes corrupted, the AFS Client Service
+ might enter an infinite loop at startup. Detect the corruption
+ and discard the cache contents in this case.
+
+ * Fixed the Explorer Shell's remove mountpoint functionality.
+
+ * Fixed a deadlock caused by the holder of cm_aclLock attempting to
+ obtain a mutex lock on a cm_scache_t object whose lock is held by
+ a thread attempting to obtain the cm_aclLock.
+
+Since 1.3.84:
+ * Really fixed DNS AFSDB queries to ensure that "csail" cannot be
+ misinterpretted as "csail.mit.edu" when the resolver
+ is configured to append ".mit.edu" to failed DNS queries.
+
+ * Added a new registry key, "LogoffPreserveTokens" (see registry.txt),
+ that can be used to force the preservation of user tokens upon logout.
+
+ * Update the NSIS install scripts to use NSIS 2.07. This release adds
+ recommended installation categories: AFS Client, AFS Administrator,
+ AFS Server, AFS Development Kit. Each category includes a different
+ default subset of the OpenAFS components.
+
+ The OpenAFS logo is now associated with the NSIS uninstall entry
+ in the Add/Remove Programs control panel.
+
+ * The user name associated with AFS tokens when obtained with
+ integrated login, the afs systray tool, or aklog will always
+ include the full Kerberos 5 user principal name regardless of
+ whether or not the cell is local to the realm.
+
+ * Eric William's IFS redirector has been checked onto the CVS head.
+ This code is experimental at the current time and is not being
+ incorporated into the 1-4 branch releases. Instructions for
+ building from sources are found in the top-level README-NT file.
+
+ * Modify integrated login so that it does not enter an infinite
+ loop if the service is not set to auto start.
+
+ * Added asetkey.exe used to set a Kerberos 5 key for use by the
+ AFS server daemons
+
+ * Added uninstall.exe to Wix installation
+
+ * More modifications to algorithms used to wake sleeping threads.
+
+Since 1.3.83:
+
+ * Changes to the algorithms used to wake threads when they are
+ put to sleep because of conflicts over buffer operations.
+
+Since 1.3.82:
+ * The OpenAFS integrated logon obtains Kerberos 5 tickets as part of
+ the process of producing AFS tokens. The tokens are stored within
+ the AFS Client Service but the Kerberos 5 tickets have been discarded.
+ New functionality has been added to temporarily copy the tickets to
+ a file ccache during the short window between the NPLogonNotify and
+ WinLogon Logon Event. The Logon Event handler starts a process as
+ user, afscpcc.exe, that copies the tickets into the default ccache.
+ The file ccache is then destroyed by the event handler.
+
+ * During synchronization operations on stat cache entries, if threads
+ are forced to sleep it was possible that the threads would not be
+ woken under heavy load.
+
+ * Enforce the delete on close flag specified by the NTCreateX()
+ operation.
+
+ * A race condition in the rx library was fixed that resulted in
+ a deadlock in rx_NewCall when the RX_CONN_MAKECALL_WAITING flag
+ was cleared when threads were still waiting to use the
+ connection. Also, fixed a potential case in which the
+ connection could be destroyed while threads were waiting to use it.
+
+ * The DNLC freelist has been seen to become corrupted with still
+ active entries being stored on the freelist. Changes were made
+ to perform a better job of cleaning entries before placing them
+ onto the freelist; marking them with the correct magic value when
+ purging the list; and allowing the list to be purged on startup
+ if the cache validation fails.
+
+ * Windows Crash Reporting does not get triggered for afsd_service.exe
+ because it provides its own top level exception handler. This patch
+ places an explicit call to ReportCrash() on platforms which support
+ it. (XP and above.)
+
+ If you configure Crash Reporting via AD Policy to capture crash
+ reports within the domain, then you will receive this output.
+
+ * Generate MiniDumps independent of the Windows Crash Reporting.
+
+ (a) If an exception occurs,a minidump will be generated at the path
+ %TEMP%\afsd.dmp. The type of minidump defaults to Normal but
+ can be set to any other type via use of the
+ registry.
+
+ [HKLM\SOFTWARE\OpenAFS\Client] MiniDumpType (DWORD)
+
+ (b) MiniDumps can be generated at any time using the "fs minidump"
+ command. This allows you to generate a minidump without
+ stopping the process or even requiring the use of a debugger
+ on the system.
+
+ * an RX connection which reports bad ticket now treats it the same way
+ the expired ticket is treated. The ticket is removed from the
+ connection and a new anonymous connection is established.
+
+ * fs memdump now requires that the caller be in the AFS Client Admins
+ group
+
+ * additional debugging information is provided in cm_Analyze when the
+ error code is ignored.
+
+ * Fix a regression introduced into the pioctl() client code which
+ will cause a crash in winlogon.exe, explorer.exe and fs.exe if
+ MIT KFW is not installed. (1.3.82a)
+
+ * Remove AFS Gateway option from OpenAFS Control Panel (1.3.82a)
+
+Since 1.3.81:
+ * Fix a race condition in cm_EndCallbackGrantingCall() that
+ could leave 'nrevp' pointing to freed memory. In the process,
+ optimize the processing to ensure that the applications monitoring
+ the status of the stat cache entry are only notified at most
+ once.
+
+ * Conditionalize access to the Explorer Shell AFS->Mount Point
+ ->Remove menu item. Disable the item if the selected item(s)
+ are not mount points.
+
+ * Activate AFS RPC (RX) Free Packet Queues stored in Thread
+ Local Storage. This eliminates thread contention on the
+ global RX free packet queue. This should improve performance
+ on multi-CPU systems.
+
+ * Fix the IP address filtering code to properly load/unload
+ the IPHelper DLL so that Windows XP/2003 and beyond systems
+ do not have to manually probe the registry.
+
+ * CleanupACLEnt() was not being called consistently with
+ the cm_scache_t object referred to by the back pointer
+ mutex locked. This could in very rare conditions lead to
+ an invalid memory access.
+
+ * Added a script command to the msi installer "afs_replace"
+ which can be used to replace one version of OpenAFS with
+ another without requiring an uninstall and reinstall if
+ the installed msi is no longer in its original location.
+
+ * Apparently the problem with multi-domain forests with cross-
+ realm trusts to non-Windows realms was not entirely solved.
+ The authentication to the AFS SMB service failed because
+ the wrong name was being used. Using ASU as an example,
+ the authentication was being performed with the name
+ "QAAD\user" (an account in the forest root) and not
+ "user@ASU.EDU (the MIT Kerberos principal used to login with)
+
+ The solution was to add an additional dependency on KFW
+ in order or to be able to easily obtain the client principal
+ name stored in the MSLSA ccache TGT. This information is
+ used in two locations:
+
+ - the pioctl() function
+
+ - a new WinLogon Event Handler for the "logon" event.
+
+ The pioctl function will now be able to use the correct
+ name when calling WNetAddConnection2() and the "logon"
+ event handler will now be able to call WNetAddConnection2().
+ The hope is that the "logon" event handler will be called
+ before the profile is loaded but I have not guarrantee
+ that will happen.
+
+Since 1.3.80:
+ * Fixed a locking error in cm_TryBulkStat() which had the
+ potential of deadlocking the system for the length of time
+ it takes to perform a bulk status fetch operation.
+
+ * Replaced time conversion code (UnixTime <-> FILETIME) to
+ be completely arithmetic instead of relying on a bizarre
+ algorithm involving a variety of C RTL time functions.
+ This has the side effect that UnixTime and FILETIME which
+ are both stored in UTC are interpretted as UTC throughout
+ the year. Windows will apply the same localization to AFS
+ as it does to NTFS. Applications which rely on the ability
+ to sync files between the two file systems will no longer
+ see the timestamps of files in AFS change an hour relative
+ to the files stored in NTFS or Windows based backup devices.
+
+ * Fixed a invalid memory access under a bizarre circumstance.
+ Windows will allow a physical mass media device to be
+ installed via Plug N Play to the system and will assign it
+ the lowest available drive letter. This is true even if the
+ drive letter is currently assigned in the user session to
+ a network device via NET USE (or its equivalent.) When this
+ happens, queries sent to the CIFS server will contain invalid
+ data. This invalid data was not being caught by the AFS
+ Client Service and was resulting in a crash when Freelance
+ mode was in use.
+
+ * Fixed a reference count error when registering callbacks
+ on a stat cache object if the callback was already registered
+
+ * Add a case to cm_Analyze() in order to handle the case where
+ cm_GetConnByMServers() returns CM_ERROR_NOSUCHVOLUME because
+ the server list for the volume is empty. In this case, force
+ an update of the volume info and retry.
+
+ * Insert a missing cm_EndCallbackGrantingCall() which could
+ result in threads waiting for a callback to complete to never
+ be woken up.
+
+ * In the persistent cache, there is a maximum number of volume
+ entries. Allow volume entries to be reused if the maximum
+ number have been allocated and their reference count is zero.
+
+ * If we already have a dead virtual connection object, don't
+ ignore the fact that additional dead vc objects must be taken
+ care of.
+
+ * Removed a deadlock condition introduced in the summer of 2004.
+ Do not hold mx locks around calls to RX functions including
+ rx_NewCall(). That is what reference counts on the rx_connection
+ object are for.
+
+ * Fixed an initialization error in afslogon.dll which could
+ result in random behavior including a failure to terminate
+ the NPLogon function. (1.3.80b)
+
+ * Fixed an error preventing the use of SMB authentication
+ on Windows 2000. (1.3.80a)
+
Since 1.3.77:
+ * Updated CellServDB to Public CellServDB 16 Mar 2005
+
+ * Fixed DNS AFSDB queries to ensure that "csail" cannot be
+ misinterpretted as "csail.mit.edu" when the resolver
+ is configured to append ".mit.edu" to failed DNS queries.
+
+ * Fixed another case in which the client would replace connections
+ to the host when it was not necessary. In this case the
+ situation would occur if cryptall was on and the connections
+ were unauthenticated due to lack of an appropriate token.
+
+ * OpenAFS for Windows has failed to work at sites which are
+ utilizing a cross-realm trust between an MIT/Heimdal realm
+ and a multi-domain Windows forest when the workstation being
+ accessed is not located in the root domain. This is caused
+ by a bug in the workstation which was triggered after the
+ introduction of Windows 2003 Server. When the bug is triggered,
+ the workstation attempts to authenticate users to afsd_service.exe
+ by contacting the Domain Controller instead of using the
+ LSA loopback authentication mechanism.
+
+ One of the reasons this bug occurs is because the workstation
+ does not have a reliable way of knowing that the service whose
+ netbios name is "AFS" is located on the workstation. This will
+ be fixed starting in Longhorn Beta 1 by Microsoft. The
+ "BackConnectionHostNames" registry value will be used to
+ indicate that the authentications to that service name should
+ be performed using the loopback authentication mechanism.
+
+ In the meantime, when Logon Caching is enabled, we can force
+ afsd_service.exe to authenticate using the logon cache before
+ contacting the Domain Controller. This will work with both
+ password and smart card based logons.
+
* The allDown logic in cm_ConnByMServers() was wrong. The allDown
flag should not be cleared if a volume's server reference is
marked as "offline". In the case where all of the volume's