X-Git-Url: http://git.openafs.org/?p=openafs.git;a=blobdiff_plain;f=NEWS;h=55cd568eb6f9c6111a027b17ee237ded5dea3cda;hp=503ac25d897695e0f46b9143c9037399e404a7b2;hb=aa80f892ec39e2984818090a6bb2047430836ee2;hpb=d4e8b729d8f216e9f033e95194740ff4cb566688 diff --git a/NEWS b/NEWS index 503ac25..55cd568 100644 --- a/NEWS +++ b/NEWS @@ -1,2444 +1,5443 @@ User-Visible OpenAFS Changes -OpenAFS 1.6.0 (in progress) +OpenAFS 1.8.0pre2 + + All Platforms + + * Substantial code quality improvements, largely spotted by Coverity and + clang's static analysis. + - Add new library for platform independent functions (opr). + - Remove arbitrary path name length limits. + - Convert to Heimdal's roken library for reliability. + - Avoid garbage in allocated buffers (calloc). + - Modernize signal handling in pthreaded server processes (softsig). + - Improve code comments and additional Doxygen style comments. + - Reduce compiler warnings, dead code, unused variables, and + undefined behavior. + - Fix bugs found by static code analyzer (clang-analyzer). + - Improved unit test coverage. + - Make VLDB flag definitions consistent. + - Improve use of run-time assertions and add static assertions. + - Add compiler attributes to assist static analyzers. + - Clean up include headers in the entire tree. + - Improve command-line handling library (libcmd). + - Replace hash functions with Jenkin's hash function for faster + and more evenly distributed lookups. + - Provide a red-black tree data structure to enable algorithmic speedups. + - Convert backup and salvage servers to the common logging API (libutil). + - Improve volume id data type consistency (VolumeId). + - Import APIs for kerberos-style profile configuration support. + - Add new APIs to support UserList identities. + - Add new APIs to support tabular output from command-line utilities. + - Convert vnode macros to inline-functions. + + * Improved support for non-DES encryption types: + - Convert to Heimdal's hcrypto library to support RFC 3961. + - Add extended key file format replacing rxkad.keytab, and + new key management APIs. + - Add support for extended key types to asetkey. + - Add akeyconvert to assist in upgrading to OpenAFS 1.8.x by converting an + existing rxkad.keytab file to an extended key file. + - Do not install the kaserver and related utilities by default to + discourage the use of these DES-dependent components. + - Remove obsolete klogin and klogin.krb programs. + - Add new token APIs to support new rx security classes. + + * Migrate from LWP to POSIX threads (pthreads): + - Convert the ptserver and vlserver from LWP to pthreads. + - Remove LWP version of the file server binary. + - Convert afsd, aklog, asetkey, klog.krb5, pts, udebug, and vos, from LWP + to pthreads. + + * Improvements to Rx: + - Restructure the Rx API to privatize the implementation. + - Convert rx events to a red-black tree data structure to improve + performance. + - Convert from mutexes to atomic operations for counters to reduce lock + contention. + - Provide per-opcode Rx statistics. + - Add an rx_opaque data type to support non-DES encryption types + and general code cleanup. + - Wake up the application thread after 'twind' is updated to avoid 100ms + transmit delays when the receive window transitions from closed to + open. + + * Libraries (both internal and installed) are built using libtool, including + libuafs. The resulting shared libraries for libafsrpc and libafsauthent + should be more usable than previously. + + * Improvements to the build system: + - Convert to libtool to build shared libraries. + - Clean up and improve the build system. + - Support out of tree builds. + - Add a makefile target to generate Doxygen source code documentation. + - Link the Java API for OpenAFS with libuafs.a and remove the + libjuafs.a library. + - Always build the rxperf tool. + - Fix man-page generation by make after ./regen.sh -q + - Support the SOURCE_DATE_EPOCH environment variable to improve build + reproducibility. + - Modernize language specific SWIG typemaps for libuafs Perl bindings. + + * Improvements to documentation: + - Document the new KeyFileExt file. + - Reorganized the README files. + - Improvements and fixes to documentation generation. + - Add experimental epub and mobi support + - Remove obsolete LWP information from the file server documentation. + - Update and reorganize the Quick Start Guide. + - Update the Admin Guide. + - Remove AIX, HP-UX, and IRIX information from the Quick Start Guide. + - Document the vldb and prdb (ubik) file formats. + - Add PtLog man page. + - Corrections and clarifications to man pages. + - Add ubik threading analysis doc. + + * Improvements for troublshooting, debugging, and testing: + - Log more details on volume-server-to-fileserver communication errors + when possible. + - Set thread names in pthreaded servers on platforms which support + thread names. + - Add dynroot lock tracking to cmdebug + - Fix tracking of an fstrace call site in the cache manager background + process. + - Add the afsload tool to simulate multiple cache managers for file server + load testing. + - Add run-time checks for refcount imbalances in the cache manager. + - Fix missing newlines in afsd -debug output. + + * Developer tool improvements: + - Improvements and fixes for rxgen (used to generate Rx RPC bindings). + - Add tool for man page verification of command options. + - Add tool to find Unix cache manager lock identification numbers. + - Add an option for pretty build output. + + * RPM packaging updated: + - Update the spec file to keep up with accumulated changes. + - Move the klog.krb5 man page to the openafs-krb5 sub-package. + - Prevent double-starting client on RHEL7 + - Convert rpm spec file from deprecated 'make dest' to 'make install'. + - Fix rpmbuild command line option default handling. + + * Add a new protection error code (PRNAMETOOLONG) instead of silently + truncating names which exceed the maximum name length (PR_MAXNAMELEN). + + * Add an implementation limit (50000) on the number of names/ids which can + be transmitted by unauthenticated clients to the ptserver, avoiding + excessive resource consumption from unauthenticated requests. + + * Add the -config option to vos, pts, and aklog to specify the path to the + cell configuration files. + + * Add more details in vos release -verbose output. + + * Add the cacheout -encrypt option to encrypt communication between the + cacheout client and the fileserver. + + * Add the command line options to the afsio program to enable encryption of + traffic between afsio and the fileserver (-clear, -crypt). + + * Add the vos release -force-reclone option to force recloning the volume to + be released without forcing a full volume dump being transmitted to all + remote sites. + + * Fix vos to avoid writing loopback addresses into the VLDB in + certain cases. + + * Print bos and pts error messages to standard error instead of + standard out. - All platforms + * Improve formatting of the -help output of all commands. - * vos now properly deals with matching sites when servers are - multihomed. + * Change -n to -dryrun in all backup subcommands. - * Don't stop Rx keepalives after an ackall is received, avoiding - spurious connection timeouts. (128848) + * Change the backup deletedump -port command line option to -portoffset. - * Don't retry Rx calls on channels returning busy errors and improve - Rx busy call channel error handling. (128671) + * Add user and build host in the version string returned by + rxdebug -version. - * Properly enable Rx connection hard timeouts. + All Server Platforms - * Initialize rx_multi lock before use. + * Ubik servers using pthreads are now available and are used by default - * Avoid spurious crashes when initializing in "backup" client. + * As part of improving Ubik reliability in certain edge cases, an extra + election cycle (about 60 seconds) may be needed before writes are + permitted. This is a conservative change that may be removed in + the future. - * Revert UUID support in vos. + * Remove periodic background fsync by the fileserver (ihandle fsync thread). - * pt_util fixed to properly create new databases. + * Fix potential file handle leak in the file server ihandle caching layer. - * MTU discovery now properly shut down on call reset. + * Disable the so-called "hot threads" feature in the file server. The hot + threads feature was intended as an optimization for dispatching incoming + calls to the current listener thread, but has been reported to incur a + performance penalty on modern multi-core systems. - All server platforms + * Do not permit creation of users with id of ANONYMOUSID. - * Fix ptserver supergroups support on 64 bit platforms. + * Do not save/restore host states in the fsstate.dat file for hosts which + are in the process of retrieving CPS information from the ptserver when + the fileserver is being shutdown. This fixes a bug in which the fileserver + will incorrectly block all threads following a restart. - * Demand attach salvaging doesn't use freed volume pointers. + * Add the ptserver -restrict_anonymous option to inhibit exposure of user + names from the ptserver. - * Properly hold host lock during host enumeration in fileserver. + * Do not truncate server log files by default when server processes + are started. The -transarc-logs option provides backward compatibility + with IBM AFS log handling on server startup. Log messages may be lost + in back-to- back restarts when a server is running in this mode. - * Attempt to recovery more quickly from timed out volume release - transactions. + * Reopen server logs on SIGUSR1. This may be used by third-party log + rotation tools, such as logrotate, to reopen the log file handles after + log files have been renamed. - * Auditing now properly byte order swaps IP addresses when printing. + * Fix various bugs when logging with -mrafslogs enabled. - * vos split now has improved error handling. + * Dynamically reload the kerberos realm to AFS cell mapping (krb.conf) and + exclusions for mapping kerberos principals to AFS identities (krb.excl) + configuration when the CellServDB cell configuration file is touched. + Previously, a restart of the file server was required after updating the + kerberos mapping configuration files. - * Many changes to again support Windows fileservers. + * Add a command line option (-restricted_query) to the vlserver and + volserver to restrict information queries about volumes to a specific + group of users. - * During volume removal, data removal speed improved. + * Add a command line option to the server programs to specify an alternate + fully qualified log file name (-logfile). - * Improve CPU utilization during volume attaching by DAFS. + * Add a command line option (-config) to the server programs to specify + an alternate path to the server configuration. - * In salvager check-only mode, avoid potentially fixing a vnode. + * Add a command line option to the ptserver and vlserver to specify an + alternate path to the database data files. - * Fix support for large (greater than 2gb) volume special files. + * Add a command line option to the volume server to enable encryption of + volume-server-to-volume-server-traffic (-s2scrypt). - * Salvager will not crash if multiple or bad volume link tables are - encountered. + * Increase the maximum number of LWP threads allowed for the ptserver and + vlserver from 16 to 64 (-lwp). - * Avoid erroneous full dump by remembering which sites were out of - date at the start of the release. + * Remove an unused file server command line option (-k). - * A deleted volume can now be recreated properly. + * Fix an incorrect assertion in Demand Attach File Server which could cause + the file server process to abort in certain rare conditions. - * Callbacks are again not broken during whole partition salvages. + * Deprecate the -bitmap-later configure option for non-Demand-Attach File + Servers (DAFS). - * Positional vectored IO fixed for largefile (>2GB) capable systems. + * Add -vhashsize support to non-Demand-Attach File Servers (DAFS). - * Fileserver per-client thread usage again properly enforced. + * Add support for subnet ranges in the NetInfo and NetRestrict + configuration files. - * Anonymous dropbox support improved and drawbacks documented. + * Add the GetXStats RPC to the audit log. - * Demand attach: ensure vnodes are not reallocated while in use due to - volume bitmap errors. + * Fix directory creation by bosserver when built for non-Transarc paths. - Microsoft Windows: + * Fix incomplete list of server addresses retreived by vos listaddr when the + vldb contains unreferenced multi-homed server entries. - * afs_config will not longer set the Tray Icon State in the registry - if the checkbox is not present in the dialog. (128591) + * Remove obsolete bos blockscanner and unblockscanner commands that + were only needed for the removed MR-AFS functionality. - * AFS Explorer Shell Extension now works from folder backgrounds. - Overlays for mount points and symlinks are present in the dll, but - are not registered at present by the installers. + * Remove obsolete bos salvage options that were only used by the + removed MR-AFS functionality.. - * Do not use RankServerInterval registry value as the value for - PerformanceTuningInterval. + * Remove calls to the deprecated sbrk() function. - * When the data version of a mountpoint or symlink changes, the target - string in the cm_scache_t object must be cleared. + * Add an experimental feature to database servers to support ubik reads + while write transactions are in progress, enabled at build time with the + --enable-ubik-read-while-write configure option. This feature is not + considered ready for production usage at this time. - * "fs checkservers" now includes vldb servers in the output and only - lists multi-homed servers once. A multi-homed server that has at - least one up interface is no longer considered to be down. + * Avoid filling the FileLog with "Volume x offline: not in service" when + a volume is administratively taken offline with vos offline. - * When asynchronously storing dirty data buffers to the file server - ensure that (a) the cm_scache_t object and the cm_buf_t object are - for the same File ID so that locking and signalling work properly; - and (b) if the FID no longer exists on the file server, do not - panic, just discard the buffer. + * Print an error message when bosserver is started with an unknown + command line option. - * When processing VNOVOL, VMOVED and VOFFLINE errors perform server - comparisons by UUID or address and not simply by cm_server_t - pointer. Otherwise, server failover may not succeed. + * Modify the volume updateDate when the volume is changed by a salvage. - * Do not preserve status information for cm_scache_t objects when the - issuing server is multi-homed. + * Volume usage statistics are now preserved during reclone and restore + operations by default, the behavior previously enabled by + the -preserve-vol-stats flag to the volserver. The historical behavior + can be retained via the -clear-vol-stats argument. - * Giving up all callbacks when shutting down or suspending the machine - is now significantly faster due to the use of an rx_multi - implementation. (This functionality is still off by default and - must be activated by a registry value.) + All Client Platforms - * Race conditions were possible when updating the state of the - cm_volume_t flags and when moving the volumes within the least - recently used list. + * Use rxkad_crypt by default for connections to fileservers. This matches + the existing behavior of the Windows client and has been applied by + the distribution packaging on many platforms already. - * Ensure that the lanahelper library does not perform a NCBRESET of - each lan adapter when enumerating the current network bindings. - Correcting this permits OpenAFS to work on Windows 7 when the - network adapter settings change. + * Add support for relative ACL changes with fs setacl. If a single plus (+) + or minus (-) character is appended to the rights' letters argument, the + new rights are computed relatively to the existing ones. - * Fix creation of mount points and symlinks as \\AFS\xxxx + * Remove afsd -settime and afsd -nosettime support. - * Icon tray state now conditionally set. (128591) + * Add the afsd -inumcalc option to specify the method used to calculate + inode numbers presented by AFS. - All UNIX client platforms + * Add the afsd -volume-ttl option to specify set the maximum amount of time + information retrieved from the vlserver will be cached, regardless of + callback expiry times. - * Servers now marked down when GetCapabilities returns error. + * Return EIO on internal errors instead of the misleading ENOENT. - * In-use vcache count is now properly tracked. + * Log ICMP errors received, if any, for unreachable servers. - * Check for /afs existance before starting, unless -nomount is - specified. + * Improve performance of clients with multiple PAGs for different cells. - * Avoid a potential panic when using /afs/.:mount syntax. + * Fix race condition between changing and using user tokens among cache + manager threads. - * Avoid a panic in memcache mode due to missing CellItems file. + * Fix fs sysname for users with UID 2748 and 2750 when not running + in -rmtsys mode. - * FUSE client support fixed for non-/afs mounts. + * Add Perl bindings for the user-space cache manager library (libuafs). - FreeBSD + * Fixes to the bypasscache feature. - * Fix socket termination on shutdown. + * Fix fs getcacheparms miscounts. - * Support for 7.2, 7.3, 7.4 and 8.2 included. + * Remove the obsolete Netscape plugin. - * References to vcaches are no longer leaked during root or reclaim. + Linux - * Remove support for "Giant" lock as we no longer need to use it. + * Remove Linux 2.2 and 2.4 support. - * Don't sleep with AFS GLOCK. + * Changes to avoid EIO errors with multiple processes doing intensive mmap + writing. (Drop PageReclaim AOP_WRITEPAGE_ACTIVATE.) - * Properly enable 64 bit long long support. + * Prevent fakestat data inconsistencies in certain cases (131855). - * Restore support for FreeBSD 7 (128612) + * Fix dentry leak which can cause a crash on shutdown. - * Fix locking issues at shutdown. + * Fix improper use of ENOENT and avoid incorrect use of linux negative + dentry cache. - Linux + * Improve error reporting when encountering corrupt directories. - * Support through kernel 2.6.38. + * Improve rx error handling in the Linux cache manager. - * Red Hat init script allows deferring for a new binary restart. + * Rename kpasswd to kapasswd when packaging RPMs to avoid colliding with + Kerberos kpasswd. - * Red Hat packaging now properly supports RHEL6. + * Do not use the obsolete --enable-largefile-fileservers configure option + when packaging RPMs. - * Use rx_Readv in cache bypass to improve performance. + * Use the RemainAfterExit systemd feature to avoid premature exit + when -afsdb is not given, for RPM packages. - * Properly handle 0-length replies during cache bypass operations. + * Remove Debian packaging files from the OpenAFS source tree. Debian + packaging files are currently maintained in the downstream Debian + infrastructure. - * Properly handle non-contiguous readpage cache bypass operations. + * Add the sparc_linux26 sysname. - * Do proper locking when transitioning to or from cache bypass. + * Desupport 32-bit Linux kernels on s390/s390x. - * Avoid extra runs of vcache freeing routine. (128756) + * Fix Debian/Ubuntu build regression on kernel 3.16.39. - * Perform vcache eviction via a fast path before visiting vcaches - where sleep is needed. + * Fix --enable-kernel-debug for linux 4.8+. - MacOS + * Support linux 4.10, 4.11, 4.12 - * Properly handle setpag errors. PAGs are not supported. + Solaris - * Check for unloaded kernel extensions when decoding AFS panics. + * Remove support for all Solaris and SunOS platforms prior to Solaris 8. - * Disable "get tokens at login" in prefs pane if AD authentication - plugin is configured. + * Build 64-bit binaries for Solaris x86 by default. - * aklog AuthorizationPlugin now provided. + * Use one-group PAGs on Solaris 11, which is required for PAG support + on Solaris 11 since supplemental groups must be sorted starting with + Solaris 11.1. - OpenBSD + * Update search paths for solaris cc for recent versions Solaris Studio. - * Bug fixes for issues introduced previously in 1.5 series. + * Modernize declaration of module dependences by converting from the + deprecated _depends_on symbol to ELF dependencies. - * Support through OpenBSD 4.8. + * Avoid BAD TRAP panic due to invalid opcodes on x86 with Studio 12.5. - Solaris + MacOS - * Switch to ioctl() syscall replacement for Solaris 11 since syscall - 65 is not safe. + * Stop processing upcalls once rx shutdown starts. - * Fix support for Solaris pre-10. + * Enable atomics for the darwin kernel. - * Corrected Solaris 11 startup script. + * Add a syscall to enable/disable bulkstat at run-time, which is + disabled by default. - * vcache mappings freed on shutdown to avoid panic. + * Fix path to binaries in the prefpane. + * Fix builds on MacOS 10.12 by building only the active architecture + by default. -OpenAFS 1.5.78 (2010-11-04) + FreeBSD - All platforms + * Use the native kernel module build system instead of an ad hoc + replacement build system. - * Revisions to Rx to fix performance issues. + * Remove FreeBSD packaging files from the OpenAFS source tree. FreeBSD + packaging files are currently maintained in the downstream FreeBSD Ports + Collection. - * Make fs getfid behave consistently across all platforms. (128372) + * Stay up to date with new FreeBSD releases (through 10.3). - * Properly check IDs handed to pts when creating users or groups so - useful error messages can be provided. (128343) + * Do not claim AFS_VM_RDWR_ENV - * Correct byte order handling of port in afsconf_LookupServer for SRV - records. + NetBSD - * Force a full dump when releasing to a site which was previously - marked "don't use", in case the previous clone was out of date. + * Stay up to date with new NetBSD releases (through 7.x) - All server platforms + * Update to use cprng(9) as the randomness source on NetBSD 6.99/7.x. - * Demand salvage of attached volumes now correctly track attachment - state. + * Build system updates for NetBDS 6.99.x - * Avoid a potential crash due to failure to hold a lock when attaching - a volume fails. + * Do not claim AFS_VM_RDWR_ENV - Microsoft Windows + OpenBSD - * Track SMB connections by SID rather than username. + * Stay up to date with new OpenBSD releases (through 4.7) - * Error write attempts to known-readonly volumes earlier. + * Do not claim AFS_VM_RDWR_ENV - * Validate directory buffers to avoid potential crashes. + AIX - * Handle VIO errors from bulkstatus. + * Updates for AIX support. - * Make PMTU discovery configurable and register error handlers for it. + * Fix build system for AIX exports. - All UNIX client platforms + * Add the uidpag and localuid runtime options to the aklog LAM plugin. + (These runtime options override the use of UID-based PAGs, which were + introduced to appease the CDE screensaver.) - * Use larger I/O sizes in memcache to improve performance. +OpenAFS 1.6.21 - * Avoid potential alignment issues doing I/O for pioctl calls. + All platforms - FreeBSD + * Avoid a possible 100ms transmit delay in the RX protocol when a peer's + receive window transitions from closed to open (12627) - * Avoid panicing if the listener process is not findable. + * Documentation improvements (12476 12477 12559[RT #133339]) - * Avoid deadlock issues while performing lookups. + All server platforms - Linux + * When bosserver is started with an unknown option, print an error message + and exit with a non-zero value rather than failing silently (12631) - * Handle stale file handle errors for some cache partition types. + All DB server platforms - * Avoid blocking with xvcache lock when attempting to free in-use - vcaches. + * Hold the DB lock while checking for an aborted write transaction (12516) - * Build fixes for older kernels. + All file server platforms - * Properly configure LWP to use ucontext() on platforms where it - should. + * On demand attach fileservers, don't save or restore a client's host + state if CPS ("Current Protection Subdomain") recalculation for it is + in progress, to avoid fileserver thread exhaustion (12568) - * Eliminate spurious errors from AFS system call returns. (126230) + * On demand attach fileservers, avoid flooding the log with error messages, + which could happen when the fileserver was restarted while a volume was + offline (12569) - MacOS + * Update a volume's "Last Update" time when its content is modified by + the salvager, to make the change visible in the output of "vos examine" + and to backup services (12633) - * Attempt to honor configured Kerberos defaults in Preferences Pane. + All client platforms + * Corrected the DCentries bucket counts for very large and zero length + files in the output of "fs getcacheparms -excessive" (12604 12605) -OpenAFS 1.5.77 (2010-09-08) + * Fixed a bug that prevented users with GID 2748 and 2750 from executing + the "fs sysname" command on clients running afsd with -rmtsys (12607) - All platforms + * Provide a new -inumcalc switch for afsd to allow enabling the alternative + MD5 method of inode number calculation, which was previously only + possible on Linux and through the sysctl interface (12608 12632) - * Rx path MTU detection will terminate detection in cases where the - minimum required packet size cannot be transferred. + Linux clients - * vos dryrun mode now shows effects for syncvldb single volume case. + * Support for mainline kernel 4.12 and distribution kernels with backports + from it (12624 12626) - * vos dryrun mode now shows "status after" for syncvldb and syncserv. + * Re-added the improved algorithm for freeing unused vcaches to reduce + memory consumption first introduced with the 1.6.18 release, together + with a fix for the issue leading to its removal in 1.6.18.2 (12448..12451) - All server platforms + macOS clients - * RXAFS_GetStatistics64 now returns statistics properly. + * Fixed a crash while stopping the client on macOS 10.12 "Sierra" (12602) - Microsoft Windows - * Attempt to properly identify the local system SMB connection for - token tracking. +OpenAFS 1.6.20.2 - * Remap timeout and offline errors to proper NT RPC errors. + All platforms - * Properly fail over to other replicas on bulkstat IO errors. + * Build fixes required by recent compilers or platforms (12514 12521 12534 + 12536 12538) - * Properly error delete-mode createfile if a file is set readonly. + * Allow the bos server to start successfully in the presence of those, by + accepting a now checked return value indicating that the client ThisCell + and CellServDB already exist (12522) - * Validate directory entry buffers to avoid crashing the service. + Linux clients - * Log file modes properly. + * Support for mainline kernels 4.10 and - most likely - 4.11 and + distribution kernels with backports from them (12530 12588..12590 12598) - * Log cell name when logging server information. + * Support for distribution kernels with partial backports from 4.9 (12535) + (RT #134158) - All UNIX client platforms + * In Red Hat packaging, moved the klog.krb5 manual page into the krb5 + subpackage (12511) - * cacheout program for discarding callbacks is now built. + * In Red Hat packaging, prevent systemd from double-starting the client + (12587) - * bulkstatus kernel locking is corrected to avoid a potential panic. + * Allow aklog to function on current S390/S390x (12499) - Dragonfly BSD + Solaris clients - * userspace support update + * Make process authentication groups work on Solaris 11, now using a single + group ID (12524..12527) - FreeBSD + * Fix a BAD TRAP panic on Solaris 11 clients built with Studio 12.5 (12567) - * Updated vnode locking for children returned via lookup(). + macOS clients - * Avoid file open undercount with needed calls to - FakeOpen/FakeClose(). + * Fixed the preference pane for OS X 10.11 and later (12512) - * Use vnode_pager_setsize to properly track file size during kernel - IO. +OpenAFS 1.6.20.1 - * Update system call installation. + All platforms - * Fix shutdown of Rx kernel listener to avoid potential dereference - after it's gone. + * Build fixes required by recent compilers (12482..12484) - * Avoid closing vnodes during vnode recycle. + Linux clients - * Fix bogus call to FlushVS for vnode reclaims. + * Support for mainline kernel 4.9 and distribution kernels with + backports from it (12478..12480) - Linux + * In Red Hat packaging, make systemd deal correctly with the client + when no userland processes remain after starting it (12481) + (RT #133482) - * Packaging updated for current configure options and built files. + macOS - * Cache bypass now holds reference on pages during readpage. + * Support for release 10.12 "Sierra" (12431 12432) - * s390x setgroups32 patching update. + * Avoid a crash in the Mounts tab of the OpenAFS preference pane (12447) - MacOS +OpenAFS 1.6.20 (Security Release) - * DNS resolver is reinitialized on IP address change. (126440) + All platforms + * Fix for OPENAFS-SA-2016-003: file and directory names leak due to + reuse of directory objects without zeroing the contents + (12461 12462 12463 12464 12465) -OpenAFS 1.5.76 (2010-08-16) +OpenAFS 1.6.19 All platforms - * Updates to build-time configuration. + * Documentation improvements (12304) + * Fixes for test failures (12396 12415) - * Fix XDR support in Rx to match header definition. + All DB server platforms - * vos status now shows transaction creation, not action creation. + * Avoid potentially writing to an out of date volume location or protection + database, or losing a database write, which could happen in rare cases + under special conditions during database leader election + (12339 12389) - * Rx avoids reporting loopback adapters when listing interfaces. + Solaris clients - All server platforms + * Allow the fsinfo::: DTrace provider to work with AFS files (12371) - * Demand-Attach Fileserver always built and installed (dafileserver, - davolserver, dasalvager). + Linux clients - * Return VNOVOL from fileserver when a volume is deleted. + * Don't commit more data to a file than was actually copied during writes, + which could happen on architectures with a page size > 4 KiB (12413) + * Fixed build on PPC64 with GCC 6.1 (12388) (RT #133407) + * Fixed build on x86_64 with recent GCC (12365 12366) - * Ignore duplicate tags during volume restore operation. - * Update inode array after salvage repairs volume. +OpenAFS 1.6.18.3 - * Zero a corrupted header in memory during salvage to avoid further - corruption. + Linux clients - * Fix NAMEI backend to allow low-numbered volumes to work properly. + * Support for mainline kernel 4.7 and distribution kernels with + backports from it (12348) - * ptserver does not include cell name as part of length check for - names. + Solaris clients - * Updated error messages for unblessed volumes. + * Fixed memory mapped I/O on files >= 4 GiB (12349 12350) - * vlserver avoids buffer overflow with regex pattern + Note that there is a suspicion that this might break the client + on very old Solaris releases (2.6). If it does, the breakage should + occur at build time. - * Attach-time failures now note failures as the rest of the fileserver - would. + OS X - * Server argument logging will no longer overflow stack. + * Added tooling to build a package for OS X 10.10 "Yosemite" and + 10.11 "El Capitan" (12335 12351) - * Provide fast-restart-like unsafe-nosalvage option for DAFS. - * Deal with host hash collisions in the fileserver. +OpenAFS 1.6.18.2 - Microsoft Windows + Linux clients - * Avoid crashing when interpreting a drive letter as potentially - matching a cell name. + * Support for mainline kernel 4.6 and distribution kernels with + backports from it (12332) - * Properly handle volume package errors. + * Switch back to the pre-1.6.18 algorithm for freeing unused vcaches. + While the new algorithm is still believed to be correct, it turned + out that at least on some kernels, including 4.5 and 4.6, the dentry + for the current working directory may be erroneously invalidated. + This could lead to errors like "Unable to read current working directory" + when a directory wasn't accessed for a few minutes. (12323) - * Allow page recycling from known-readonly content without ensuring - they are not dirty. + * Use a secure URL to retrieve the CellServDB in the script to create + the Red Hat source package (12330) - * 32 bit tools installer should not override client configuration. + FreeBSD - * Ensure root scache item has a valid callback when use is attempted. + * Added sysname IDs for 10.2 and 10.3 to fix the build on those platforms + (12322) - * Freelance directory changes now properly invalidate and replace the - old root object. - All UNIX client platforms +OpenAFS 1.6.18.1 - * Support disconnected reconnecting with specified UID for PAGless - platforms. + Linux clients - * Proper disconnected vnode reference tracking. + * Support for mainline kernel 4.5 and distribution kernels with + backports from it (12300..12302) - * Update server site blacklisting to not return success if nothing was - blacklisted. - * Avoid a panic during vcache contention due to CVInit vcache - racing. (127645) +OpenAFS 1.6.18 - FreeBSD + All platforms - * Update for network stack in 8.1/9.0. + * Documentation improvements (12224 11675 11613 12197) - HP-UX + * Improved diagnostics and error messages (12129 12207 12185 12211 12113 + 12215 12216) - * Bug fixes. + * Check that CellServDB entries are valid IPv4 addresses, to avoid + occasional hangs or potentially other erratic behaviour due to invalid + entries (12210) (RT #131794) - Linux + All client platforms - * 2.6.36 support + * Gracefully handle cases where a client shutdown sequence is initiated + while the client is already shutting down, rather than cause a panic + (12179) - * Disable PMTU error packet handling. + * Fixed several bugs that could cause erratic behaviour when the write + offset into a file was more than 2 GiB beyond the file's current end + on the server (12213 12214) - * flock() fixes. + All server platforms - * Debian packaging updated. + * Avoid a possible volserver crash during volume dump or restore due + to invalid ACL entries (12127) - * freezer interface updates. + * Allow recovering from a DAFS fileserver operation which allocates a + new vnode but fails to update the vnode index, rather than crashing the + server (12209) - MacOS + * Fixed a longstanding bug which could damage the volume location database + when "vos changeaddr" was run with "-oldaddr" and "-newaddr" and the + old address was present in a multi-homed entry (12089) - * Hold references to disconnected mode written vnodes properly. + FreeBSD - Solaris + * Added support for releases 10.2 and 10.3 (12232) - * Handle NFS translator module references for amd64. + Linux clients - * INODE fileserver backend support now exists for amd64. + * Support for mainline kernel 4.4 and distribution kernels with + backports from it, alas at a performance penalty (12226 12227 12228) + (RT #132677 #132819) + * Avoid using excessive amounts of kernel memory for dynamically + allocated vcaches, by improving the algorithm to free unused ones + (12256 12257) -OpenAFS 1.5.75 (2010-07-07) + * In Red Hat packaging, make the init script use "ip" if available, with + "ifconfig" as a fallback (12193) - All platforms + OS X - * Prevent rx_rpc_stats global lock from being a bottleneck. + * Basic support for release 10.11 "El Capitan" (12212) - * Path MTU discovery is now provided to allow traffic to pass networks - with sub-1500 byte MTUs and poor fragment handling. + IRIX clients - * Further reduce Rx NAT ping transmission when enabled. + * Fixed kernel module builds with optimization (12198) (RT #131261) - * Update Kerberos 5-based token handling in rxkad from upstream - Heimdal. (127554) - * Update version numbers emitted during build to reflect what is - actually being built. +OpenAFS 1.6.17 (Security Release) - * Add "-human" switch for human-readable units in fs diskfree and - listquota. (124529) + All server platforms - * vos provides reasons for locked volumes when known. + * Fix for OPENAFS-SA-2016-001: foreign users can create groups as + if they were an administrator (RT #132822) (CVE-2016-2860) - * Do not count retransmission and ping acks as non-idle for Rx - connections. + All client platforms - * Rx: provide service-specific data getter and setter routines. + * Fix for OPENAFS-SA-2016-002: information leakage from sending + uninitialized memory over the network. Multiple call sites + were vulnerable, with potential for leaking both kernel and + userland stack data (RT #132847) - * Update build-time Kerberos detection. + * Update to the GCO CellServDB update from 01 January 2016 (12188) - * Updated userspace AFS client. + Linux clients - * Beginning of a modernized test suite. + * Fix a crash when the root volume is not found and dynroot is not + in use, a regression introduced in 1.6.14.1 (12166) - * Additional documentation. + * Avoid introducing a dependency on the kernel-devel package corresponding + to the currently running system while building the srpm (12195) - * Updated documentation, notably the Administrators Guide. + * Create systemd unit files with mode 0644 instead of 0755 + (12196) (RT #132662) - * Substantial code cleanup. +OpenAFS 1.6.16 + + All platforms + + * Documentation improvements (11932 12096 12100 12112 12120) + + * Improved diagnostics and error messages (11586 11587) + + * Distribute the contributor code of conduct with the stable release (12056) All server platforms - * Update handling of vnode allocation failures. + * Create PID files in the right location when bosserver is started with + the "-pidfiles" argument and transarc paths are not being used (12086) - * DAFS: allow salvaging volumes not known to the fileserver, to allow - cleanup of data not attached to a current volume. + * Several fixes regarding volume dump creation and restore (11433 11553 + 11825 11826 12082) - * Properly handle volumes slated for destruction. + * Avoid a reported bosserver crash, and potentially others, by replacing + fixed size buffers with dynamically allocated ones in some user handling + functions (11436) (RT #130719) - * Handle volumes with many files properly. + * Obey the "-toname" parameter in "vos clone" operations (11434) - * Force core file generation in bosserver by overriding default - resource limits when possible. + * Avoid writing a loopback address into the server CellServDB - search + for a non-loopback one, and fail if none is found (12083 12105) - * Update vlclient and vldb_check. + * Rebuild the vldb free list with "vldb_check -fix" (12084) - * Avoid potentially corrupting a volume on creation if files are left - from previous failed cleanup. + * Fixed and improved the "check_sysid" utility (12090) - * Note volume changed during salvage as needed. + * Fixed and improved the "prdb_check" utility (12101..04) - * DAFS: do not assume invalid addresses are in fileserver address hash - table. + All client platforms - * Avoid tying up fileserver threads with volumes that are being taken - offline. + * Avoid a potential denial of service issue, by fixing a bug in pioctl + logic that allowed a local user to overrun a kernel buffer with a single + NUL byte (commit 2ef86372) (RT #132256) (CVE-2015-8312) - * Do not set inUse on volumes for non-DAFS other than in fileserver. + * Refuse to change multi-homed server entries with "vos changeaddr", + unless "-force" is given, to avoid corruption of those entries (12087) - * Break origin's callback on target of rename operation. + * Provide a new vos subcommand "remaddrs" for removing server entries, to + replace the slightly confusing "vos changeaddr -remove" (12092 12094) - * Avoid unneeded parent directory link updates during some rename - operations. + * Make "fs flushall" actually invalidate all cached data (11894) - * Do not open /dev/console for writing in the fileserver. + * Prevent spurious call aborts due to erroneous idle timeouts (11594) - * DAFS: avoid spurious restarts when binary restarts are configured. + * Provide a "--disable-gtx" configure switch to avoid building and + installing libgtx and its header files as well as the depending + "scout" and "afsmonitor" applications (12095) - * Avoid spurious and unneeded calls to sync(), which can slow down the - fileserver. + * Fixed building the gtx applications against newer ncurses (12125) - Microsoft Windows + * Allow pioctls to work in environments where the syscall emulation + pseudo file is created in a read-only pseudo filesystem, like in + containers under recent versions of docker (12124) - * Revised SMB QuerySecurityInfo to address issues caused by MS10-020 - (http://support.microsoft.com/kb/980232) + Linux clients - * Prevent use of the AFSCache file contents if mapped to a new - address. + * In Red Hat packaging, avoid following a symbolic link when writing + the client CellServDB, which could overwrite the server CellServDB, + by removing an existing symlink before writing the file (12081) - * Make fs newcell include behavior compatible with the non-Windows - version. + * In Red Hat packaging, avoid a conflict of openafs-debuginfo with + krb5-debuginfo by excluding our kpasswd executable from debuginfo + processing (12128) (RT #131771) - * Provide a registry option (FreelanceImportCellServDB) to pre-create - mount points in the AFS root for all cells in CellServDB. +OpenAFS 1.6.15 (Security Release) - * Fix a memory leak in the cm_FreeServerList() routine. + All client and server platforms - * Reduce privilege when reading registry CellServDB. + * Fix for OPENAFS-SA-2015-007 "Tattletale" - * Add support for RPC Pipe Service NetWkstaGetInfo levels needed for - Windows 7. + When constructing an Rx acknowledgment (ACK) packet, Andrew-derived + Rx implementations do not initialize three octets of data that are + padding in the C language structure and were inadvertently included + in the wire protocol (CVE-2015-7762). Additionally, OpenAFS Rx in + versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0 + through 1.7.32 include a variable-length padding at the end of the + ACK packet, in an attempt to detect the path MTU, but only four octets + of the additional padding are initialized (CVE-2015-7763). - * Prevent overflow when computing quota percentage in Explorer Shell. - (126846) +OpenAFS 1.6.14.1 - * Generate meaningful errors for ACL operations on freelance AFS root. + Linux clients - * Fix error handling on InlineBulkStatus RPCs. + * Support kernels up to 4.2 - * Show configuration pages for all types of MSI installations. + Due to changes to internal data structures with this kernel release, + the OpenAFS client can no longer reset the link count during path + lookups. Since volume root directories must behave like symlinks + instead of normal directories in order to satisfy Linux kernel + invariants, looking up paths containing more than 40 mount points + will fail with ELOOP on such kernels. - * Improve freemount AFS root directory handling and operations. +OpenAFS 1.6.14 - * Properly validate GetVolumeStatus pioctl responses. + All server platforms - * Commit file length changes and dirty buffers when flushing a file. + * Prior to the OpenAFS security release 1.6.13, the Volume Location + Server (vlserver) RPC VL_ListAttributesN2() supported wildcard volume + name lookups via regular expression (regex) pattern matching. This + support was completely disabled in 1.6.13 because it was judged to be + a security risk due to buffer overruns in the implementation, as well + as the possibility of denial of service attacks where certain regular + expressions could cause excessive CPU usage in some regex + implementations. + + Unfortunately, after 1.6.13 was released, it was discovered that + the native OpenAFS 'backup' system uses the VL_ListAttributesN2() + regex support to evaluate configured volume sets. If you use the + OpenAFS 'backup' system (or another backup system which relies on it, + such as Tivoli Storage Manager (TSM, aka Tivoli ADSM)), and are using + volume sets which require regular expressions for the volume name, + then those volume sets cannot be resolved by OpenAFS 1.6.13. The next + paragraph provides details on how to identify any affected volume sets. + + OpenAFS backup volume sets may be described by fileserver, partition + name, and volume name. The fileserver and partition specifications + never require regular expression support. The volume name specification + always requires regular expression support except for when specifying + _all_ volumes via two special cases: the universal wildcard ".*", or "". + For example, volume name "proj" or "*.backup" or "homevol.*" all + require regex support - even if the specification contains no wildcard + characters and/or exactly matches an existing volume name. + + As a result of this issue, OpenAFS 1.6.14 replaces the 1.6.13 changes + to VL_ListAttributesN2. 1.6.14 prevents the buffer overruns and + reenables the regex support, but restricts it to OpenAFS super-users + and -localauth only. This is sufficient to restore the OpenAFS 'backup' + system's ability to work correctly with any previously supported volume + set. The OpenAFS 'backup' commands are already documented to require + super-user authorization, so this restriction is moot for the backup + system. + + There are no other direct consumers of the VL_ListAttributesN2() regex + support in the OpenAFS tree. However, the VL_ListAttributesN2 RPC is + publicly accessible and might be used by third party tools directly or + indirectly via OpenAFS's libadmin. Any such tools that issue + VL_ListAttributesN2 RPCs must now be executed using super-user or + -localauth tokens. + + None of the other security fixes in OpenAFS 1.6.13 are known to have + any issues, and are still included unchanged in OpenAFS 1.6.14. + + If there are any questions concerning the possible impact of OpenAFS + 1.6.13 or 1.6.14 at your site, please contact your OpenAFS support + provider or the openafs-info@openafs.org mailing list for further + assistance. + +OpenAFS 1.6.13 - All UNIX client platforms + All server platforms - * Update version of files for disk cache. + * Fix for CVE-2015-3282: vos leaks stack data onto the wire in the + clear when creating vldb entries - * Do not call afs_FlushVCBs with xvcache lock held, to improve - parallelization. + * Workaround for CVE-2015-3283: bos commands can be spoofed, including + some which alter server state - * Add mariner log messages for creating and removing files. + * Disabled searching the VLDB by volume name regular expression to avoid + possible buffer overruns in the volume location server - * Don't hold xvcache lock while creating symlinks, to improve - parallelization. + All client platforms - * Provide -dynroot-sparse mode to not show all cells in CellServDB in - dynroot mode. + * Fix for CVE-2015-3284: pioctls leak kernel memory - * Avoid a potential crash in aklog in linked cell handling. + * Fix for CVE-2015-3285: kernel pioctl support for OSD command passing + can trigger a panic - * Log MTU-caused packet retransmission. + Solaris clients - * Prevent crashes caused be fs checkservers while cache is being set - up. + * Fix for CVE-2015-3286: Solaris grouplist modifications for PAGs can + panic or overwrite memory - * fs getserverprefs now has a buffer large enough for the default - CellServDB. +OpenAFS 1.6.12 - * Report server address when logging warnings. + All server platforms - * Avoid panic in GetCapabilities when cell is not known. + * Avoid database corruption if a database server is shut down and then + brought up again quickly with an altered database (11773 11774) + (RT #131997) - * Lock process name and id for advisory lock warnings when possible. + All client platforms - * Handle need for allocating additional Rx packets. + * Fixed a potential buffer overflow in aklog (11808) - * Properly handle errors from InlineBulkStatus operations. + * Avoid a bogus warning regarding the checkserver daemon, which could be + logged during startup when the cache initialization was very fast (11680) - * Fix errors returned from fcntl() on readonly files locked for write. + * Added documentation of the inaccuracy of the 'partition' field in + 'fs listquota' output for partitions larger than 2 TiB (11626) - * Flush pending changes to the server on LOCK_EX unlock. + Linux clients - * Reflect length changes as a result of callbacks even when file is - open for write. + * Support kernels up to 4.1 (11872 11873) - * Avoid hanging due to error exit when attempting to store a large - file to a non-largefile fileserver. + * Avoid spurious EIO errors when writing large chunks of data to + mmapped files (11877) - * Recover from afs_GetVolSlot errors. + OS X - FreeBSD + * Build fixes required at least on OS X 10.10 Yosemite with the latest + XCode (11859 11876 11842..11845 11863 11878 11879) - * Bugfixes for kernel VFS and network routines. +OpenAFS 1.6.11.1 - IRIX + Linux clients - * Provide makesname(). + * Support kernels up to 4.0 (11760 11761) - Linux + FreeBSD clients - * Avoid syscall probes when keyrings are present, by default. (125215) + * Fixed kernel module build on systems with an updated clang which no + longer accepts the -mno-align-long-strings as a no-op (11809) - * Remove "Big Kernel Lock" from VFS operations. +OpenAFS 1.6.11 - * Use filehandles for all Linux 2.6 versions to avoid need for matched - afsd. (127530) + All platforms - * Updated RPM packaging. + * Allow aklog to succeed creating native K5 tokens even when mapping + the K5 principal to a K4 one fails (11538) - * Fix dkms configuration provided with RPMs. + * Build fixes (11435 11636) - * Hold reference on pages during background I/O for cache bypass. + All client platforms - * Fix cache bypass handling of non-largefile fileservers. + * Avoid a potential kernel panic due to connection reference overcounts + (11645) (RT #131885) - * Protect truncate_inode_pages mappings with mutex or semaphore as - needed. + * Avoid potential corruption of files written using memory mapped I/O + when the file is larger than the cache (11656) (RT #131976) - * Fix pagevec use in cache bypass. (127505) + Linux clients - * Updates for 2.6.35 + * Support kernels at least up to 3.19 (11549 11550 11569 11570 11595 + 11658..11662 11694 11752) - MacOS + Note: By default this excludes kernels 3.17 to 3.17.2, which will leak + an inode reference when an error occurs in d_splice_alias(). The + module will build and work, but leak kernel memory, leading to + performance degradation and eventually system failure due to + memory exhaustion. Since it's impossible to detect this condition + automatically, the switch --enable-linux-d_splice_alias-extra-iput + must be passed to configure when building the module for those + kernels. The same would be necessary for any kernel with backports + of commit 908790fa3b779d37365e6b28e3aa0f6e833020c3 or commit + 95ad5c291313b66a98a44dc92b57e0b37c1dd589 but not the fix in commit + 51486b900ee92856b977eacfc5bfbe6565028070 in the linux-stable repo + (git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git) or + the corresponding changes on other branches. - * Improve launchd configuration. + * Fixed a regression introduced in OpenAFS release 1.6.10 which could + make the spurious "getcwd: cannot access parent directories" problem + return (11558 11568) (RT #131780) - * Avoid hanging on recursive cache file lock acquisition when user - notification is enabled. + * Avoid leaking memory when scanning a corrupt directory (11707) - * Fix and re-enable bulkstat mode. + OS X clients - OpenBSD + * Support OS X 10.10 "Yosemite" (11571 11572 11611) (RT #131946) - * Build updates. + Solaris clients - Solaris + * Avoid reading random data rather than correct cache content when using + ZFS as the cache file system on Solaris >= 11, and fix potential similar + problems on other platforms (11713 11714) - * Precluding unmount while AFS is busy. + FreeBSD - * Avoid deadlocking when releasing the VFS object. + * Build fix for releases >= 11.0 (11610) - * Stop network interface poller in kernel on AFS shutdown. + OpenBSD - * Avoid issues with lookups on empty directory names. (127356) + * Support release 5.4 (11700) -OpenAFS 1.5.74 (2010-04-22) +OpenAFS 1.6.10 All platforms - * Add "vos setaddrs" command. - - * Rx library lock contention avoidance between rx_NewCall and - rx_EndCall. + * Don't hide the "version" subcommand in help output (11214) - * Rx library races due to inconsistent use of rx_connection - conn_data_lock to protect the flags field. + * Documentation improvements (11126 11216 11222 11223 11225 11226) - * Rx library inconsistent use of RX_CALL_TQ_WAIT which could result in - deadlocks. + * Improved diagnostics and error messages (11154 11246 11247 11249 11181 + 11182 11183) - * Rx library must signal transmit queue waiters when flushing. + * Build system improvements (11158 11221 11224 11225 11227..11241 11282 + 11342 11350 11353 11242 11367 11392) - * afsmonitor shows busy counts now. + * Avoid potentially erratic behaviour under certain error conditions by + either avoiding or at least not ignoring them, in various places (11008 + 11010..11065 11112 11148 11196 11530) - * afsmonitor displays xstat callback statistics. + FreeBSD - * Provide expandgroups for pts mem on a supergroups server. + * Support releases 9.3 and 10.1 (11368 11369 11402 11403 11404) - * Provide supergroup option to liste nested groups during pts mem. + * Makes a disk cache more likely to work on FreeBSD, though such + configurations remain not very tested (11448) All server platforms - * Avoid volume lock contention during DAFS startup. + * Added volscan(8) (11252..11280 11387 11388) - Microsoft Windows + * Fixed a bug causing subgroups not to function correctly if their + ptdb entry had more than one continuation entry (11352) - * Avoid a race when updating cell vldb server lists that can result in - a crash. + * Logging improvements (10946 11153) - * Avoid a deadlock when managing CM_SCACHESYNC_STOREDATA state - operations for directory objects. + * Allow log rotation via copy and truncate (11193) - * Add new Windows Application Event log messages for VBUSY, - VRESTARTING, ALL_BUSY, ALL_OFFLINE, and ALL_DOWN. + * Avoid a server crash during startup only observed on a single platform + and when using a 3rd party library under certain circumstances, which is + a collateral effect of the security improvements introduced in OpenAFS + release 1.6.5 (11075) (RT #131852) - * Reduce lock contention by waiting for cm_buf_t I/O operations. + All client platforms - * Split the cm_buf_t flags field to separate the flags that are - protected by the cm_buf_t mutex from those protected by the - buf_globalLock. + * Raised the free space reported for /afs to the maximum possible value of + just under 2 TiB - the old value was 9 GiB on most platforms (10984) - * In cm_UpdateVolumeLocation, avoid searching for a ".readonly" volume - on a numeric volume name. + * Reduced the amount of stack space used (11162 11163 11203 11164..11167 + 11338 11339 11364..11366 11381) - * File buffer allocations whose offsets are beyond server EOF should - be locally allocated and zero filled. The file server should not be - issued a FetchData rpc which is guaranteed to fail. + * Sped up a periodic client task which could be problematically slow + on systems with a large number of PAGs and files in use (11307) - * Enable integrated logon to work with Windows 7/2008 when user logons - are performed with a non-Domain Kerberos principal. + * Fixed failure of the up command with large ACLs (11111) - * Add Protection Error messages to aklog output. + * Avoid a potential crash of aklog (11218) - All UNIX client platforms + * Avoid potential crashes of scout and xstat_fs_test (11155) - * Provide a FUSE-interfacing userspace afs client. + Linux clients - * Updates to libuafs userspace cache manager. + * Support kernels up to 3.16 (11308 11309) - * Probe servers using GetCapabilities instead of GetTime, thus - requiring fewer RPCs. + * Fixed a regression introduced in OpenAFS release 1.6.6 that made + checking for existing write locks incorrectly fail on readonly volumes + (11361) - * Fix DNS SRV record handling for cell lookup. + * Fixed a regression introduced in OpenAFS release 1.6.8 that could + cause VFS cache inconsistencies when a previously-accessed directory + entry was removed and recreated with the same name but pointing to a + different file on another client (11358) - FreeBSD + * Use the right path to depmod in Red Hat packaging to avoid dependency + calculation incorrectly failing unless a link /sbin -> /usr/sbin is + present on the system performing it (11171) (RT #131860) - * Fix sleep/wakeup routines. + * Do not ignore kernel module build errors (11205) - * Update for 8.0 release. +OpenAFS 1.6.9 - Linux + All server platforms - * Handle high memory addresses correctly. + * Fix for OPENAFS-SA-2014-002 - MacOS +OpenAFS 1.6.8 - * Make 32 bit AFS syscalls work again. + All platforms - * Work around finder "Duplicate" failure (caused by setting modes on - symlinks). + * Documentation improvements (10751 10875 10931 10897 10883 10954 10955) - * Disable bulkstat again (will be re-enabled at or before .75). + * Improved diagnostics and error messages (10756 10814 10949) - * Provide symlink type hints during readdir. + * Fixed a bug in RX that could make errors during packet reception go + unnoticed. (10733) + * Fixed a bug that made "vos size -dump" display the wrong size for + large volumes. (10933) (RT #131819) -OpenAFS 1.5.73 (2010-03-24) + All server platforms - All platforms + * Change the default fileserver sync behavior from "delayed" to "onclose". + This means that explicit syncing only happens when a volume is detached. + (10809) - * NAT keepalive support at Rx level. + * Added the -offline-timeout and -offline-shutdown-timeout options to the + fileserver, to implement interrupting clients accessing volumes we are + trying to take offline. (6266 10799) - * Corrected SRV record support for cell name canonicalization. + All client platforms - All server platforms + * When a client is shut down, it will give up its callbacks. The Windows + client has been doing this since 2007. Note that older fileservers + (1.3.50 to 1.4.5 and 1.5.0 to 1.5.27) had a bug in the implementation of + the relevant RPC that could cause crashes or other undefined behavior + when this happens. (6272 8840 10855) - * Fix volume callback notification to not notify unaffected clients. - (126497) + * Restored the pre-1.6 behavior of "vos e" being an alias for "vos examine". + (10886) - * Allow root directory recreation by salvager. (94658) + * Avoid flooding logs with warnings about byte-range locks, by throttling + them per file. Also, make the messages more useful by including the + FID. (10836..10839) - * Numerous DAFS fixes. + * Avoid a possible panic during shutdown while tracing. (10932) - * Improvements to callback table overflow handling. (126451) + Linux clients - * bosserver now shuts down cleanly on SIGTERM. + * Fixed a bug that could cause the "getcwd: cannot access parent + directories" problem (10804 10984) - Microsoft Windows + * Avoid a delay when accessing uncached data in AFS in a confined + context under SELinux. (10598) - * Prevent the Explorer Shell extension from crashing if symlink - creation failed. (126406) + * Red Hat packaging improvements (10600 10767 10807) - * A Rx level NAT ping has been implemented. A registry value enables. +OpenAFS 1.6.7 - * Adds krb5 error message translation to aklog, afscreds, - afslogon.dll, the network identity manager afs provider and - translate_et. + All server platforms - * Default mode bit settings for file and directory creation are now - provided, and can be configured. + * Fix for OPENAFS-SA-2014-001 - * An SMB request trace facility is provided and can be enabled for - debugging. + * Fix for a potential DOS attack against RX servers - All UNIX client platforms +OpenAFS 1.6.6 - * Rx idle deadtime does not stop file writes. + All platforms - * Disconnected AFS no longer has a race condition during remove ops. + * As of this release, OpenAFS no longer ships uncompressed source tarballs. + Tarballs are still shipped with both compression formats, gzip and bzip2. + (10131) - * Fakestat avoids a condition which could cause it to block on network - activity. + * Documentation improvements (10136 10314 10601) - * Several fixes to handle interruptions in vos operations. (33360, - 125535) + * Improved diagnostics and error messages (9412 10085 10274) - * Allow more sysnames in a sysname list. + * Avoid redefining "assert" in our public header files, which could + cause failures when building some applications using them. (10096) - * Attempt to enforce timeouts on AFSDB lookups. + * Fixes for parallel builds (10005 10309 10337) - AIX + * Added a -s switch to afscp (not installed by default) to help simulate + a slow client. (9416 9417) - * Clean up properly on mount failure. + * Added a -probe switch to vlclient test program (not installed by default) + to ping all vlservers in a cell in parallel. (9570) - * Add entry to /etc/vfs to allow umount to work. + All server platforms + * The fileserver now ignores any vice partitions with a NeverAttach flag + file present in the root directory. (RT #130561) (9470 9471) - Linux + * Restrict forcing CPS ("Current Protection Subdomain") recalculation in + the fileserver to administrators. Also fixed a bug that could cause this + operation to be incomplete. (9485 9487) - * Several issues to deal with older kernels. + * Allow non-DAFS fileservers to attach unusable volumes, restoring pre-1.6 + behaviour. (RT #131505) (9499) - * Avoid leaking the global lock in the /proc cellservdb code. + * Restored the pre-1.6 behaviour when running vos examine for a volume + currently in a transaction, showing the volume as busy again rather than + offline. (9685 9915 9916) - * Keyring destruction now cleans up all tokens. + * Reduced the minimum time a bos salvage takes from 5 seconds to 1. (9476) - * Keyring quotas are not enforced against root. + * Fixed buserver to not segfault when started with the -servers option. + (RT #131706) (10166) - MacOS + * Salvager fixes, addressing a wide variety of possible problems from + unnecessary salvaging to aborts (9282 9283 9457 9458 9459 9461 9462 9480 + 9481 10165 10167) - * Some FSEvents hinting for authentication events now done. (23781) + * Fixed a bug that could cause saved state information to be discarded + when restarting a large or busy fileserver, which negatively impacted + performance. (9683) - * Update uninstaller. (125634) + * Fixed a bug that could have caused undefined behaviour in the vlserver + in rare cases when a fileserver registered its addresses in the VLDB. + (9429) - * Rewrite afssettings and fstab code to avoid licensing issue with - APSL. + * Added the -preserve-vol-stats switch to volserver, allowing it to keep + the access statistics across volume restore and reclone operations + instead of resetting them. (9477) - * Growl client for user monitoring of AFS events included. + * Inserted an exponential delay between retries when bosserver attempts to + restart a server process. (9571 10199) - * Properly support insert-only dropboxes. + * Improved vldb_check (not installed by default) to cope with broken + vlentry names and volids, and provide more output to aid debugging. + (10268) - * Add bulkstat support. + * Releasing a volume after adding a new RO site no longer touches any of + the existing RO sites, if the RW data hasn't changed since the last + release. (10174) - * Include support for moving in Finder across mount points. + * Make the copyDate field for RO clones have the same meaning as for + remote RO volumes. Previously, the copyDate field for clones was updated + every time we released. (9451) - * Preferences Pane includes support for Kerberos 5 ticket renewal. + * Fixed potentially undefined behaviour in ptserver when too many pts + ids are allocated. (10124) + * Note that the server side NAT pings feature present in the prereleases + was removed before the final release, since no positive feedback + was provided during prerelease testing. (9420 10135) -OpenAFS 1.5.72 (2010-02-15) + Linux servers - All platforms + * Start bosserver with -nofork in the systemd unit file, to allow systemd + to track its state (10093) - * Provide internationalization support in com_err. + All client platforms - * Fix array length checking to avoid crashes when checking for a - volume type based on name in vos. + * No longer track file locks on read-only volumes. Write locks can't + succeed, read locks always will. Avoids log messages about this kind + of lock. (8910) - All server platforms + * Added the "fs flushall" subcommand, which makes the client discard all + cached data. This was previously available on Windows only. (9065 9388 + 9389 9390) - * Provide backward compatible "-f" flag to salvager for force mode. + * Fixed a bug that could make the client incorrectly believe its cache + is up to date. This change could negatively impact AFS <-> DFS + translators, should those still be running anywhere. (8898) - Microsoft Windows + * Several changes to avoid panicing in certain error conditions. + (9131 9287 10354 10355 10356 10357) (partially addressing RT #131747) - * Restore use of DNS AFSDB and SRV records by kaserver clients. + * Added the -rxmaxfrags switch to afsd, allowing to limit the number + of UDP fragments sent or received per RX packet. (9430) - All UNIX client platforms + * Build fixes for aklog on several platforms (RT #131716) (9917 10107 10275) - * Fix client cache file truncation to not lose chunks when truncating - a large file. + * Require that the AFS mountpoint specified in the cacheinfo file is + an absolute path. Relative paths result in a client that basically + works but is not fully functional. (10253) - * Ensure a cache writeback hook is installed in the client (bug from - 1.5.71). + * Fixed a bug that could cause one of the afsd threads to enter an infinite + loop (10431 .. 10436) - * Avoid spurious free memory warnings during clean shutdown. + Linux clients - * Fakestat mode avoids AFSDB lookups. + * Support Linux kernels up to 3.13 (10241) - * "fs storebehind" now correctly reports errors on readonly volumes. + * Fixed a bug that made readv/writev calls in AFS space fail with Linux + kernels where generic_file_aio_read exists but those operations have + not been switched to using aio_read/aio_write. This was a regression + introduced with release 1.6.3 and affected at least RHEL 5.9 kernels. + (10248) - * Additional documentation for "fs getcacheparms" + * Fixed a similar bug making core dumps fail in AFS space, affecting + a much wider range of kernels including the most recent ones. + (RT #131729) (10254) - * Forced new uuid generation with "fs uuid -generate" now works - enforced permission correctly. + * Enhanced the keyring code to make PAGs work correctly on kernels with a + distribution specific change to the Linux keyring code. This affected at + least SLES 11 SP3 kernels. (10252) - MacOS + * Fixed a bug that could make failures during PAG instantiation go + unnoticed. (10255) - * Add optimized Rx event handler in kernel. + * Fixed a bug that made compilation fail for Linux kernels without + keyring support. This affected at least the SLE 10 SDK and an + OEM version of SLES 11 SP1. (10325) - * Installer now allows installing an older version. + * Fixed build for kernels with user namespace support enabled. Likely + to be required for Ubuntu 14.04 and eventually other distributions. + (10456 10457 10458 10518 10472) - * Panic decoder can now deal with MacOS 10.5 again. + * Support RHEL 6.5 kernels, and possibly others with changes backported + from recent mainline kernels that touch getname/putname, by no longer + using those functions. Previously, the client could cause a kernel + panic when syscall auditing was enabled. (10578) - * MacOS ._ files are now correctly not looked up as cellnames. + * Make tmpfs usable as the cache filesystem again. This had been broken + since kernel 3.1 (9950 10193) - Linux + * When starting the client fails, clean up the backing device information + created in sysfs, to avoid error messages during a subsequent start + and possible system instability later on (10454) - * To deal with SELinux file labeling, try cache accesses with current - credentials in event of failure. + * Update Red Hat packaging to support Fedora >= 20, RHEL >= 7 and + ELrepo kernels (10597 10619 10622 10703 10704) - * Rx XDR encoding bug on i386 Linux is fixed (bug introduced in - 1.5.71). + OS X Clients - IRIX + * Support OS X 10.9 "Mavericks" (10519 10541 10542 10543 10548 10549) - * Code compilation fixes. + AIX clients - OpenBSD + * Fixed a bug that caused the 1.6 AIX client to never receive any RX + packets in the kernel. (RT #131725) - * Update for OpenBSD 4.6. + FUSE client + * Support Solaris 11 (9454 9455) -OpenAFS 1.5.69 (2010-01-19) + * Allow other users to access filesystems mounted by root. (9452) - All platforms + FreeBSD - * Configuration of BOSserver no longer defaults to weekly restarts - enabled. + * Build tvolser and dvolser on this platform (10122) + * Several fixes to catch up with newer releases (10374 .. 10381) - * Provide BOS restricted mode by default. + NetBSD - * Add support for "vos endtrans" command. + * Build tsalvaged, tvolser and dvolser on this platform (10121) + * Fixed build on NetBSD 5 and newer. (10138) - * Default to providing full output from vos listvol. +OpenAFS 1.6.5 - * Correct additional-address tracking in the fileserver. +All platforms - * Improve Rx performance by not unnecessarily dropping and reacquiring - call locks in read and write processes. + * Fixes for OpenAFS-SA-2013-0003 and OpenAFS-SA-2013-0004 - * Avoid crashes when monitoring volserver transactions across - potential transaction garbage collection. +OpenAFS 1.6.4 - * Numerous warning fixes. +All platforms - All server platforms + * Obey the jumbo/nojumbo settings for ubik servers (the DB servers) + too. In previous releases, those servers may have used jumbograms + even if they were not configured to do so. This change corrects + the actual behaviour, and will improve performance and reliability + for sites where jumbograms are problematic. It could cause a decrease + in performance for sites where jumbograms work, but those can turn + them back on manually. - * Avoid saving fileserver state in demand attach fileserver when - panicing. + * Dozens of fixes for common coding problems like use after free, + use of possibly uninitialised memory, reading or writing past the + end of arrays and potential NULL pointer derefences. Spotted by + code analysis tools or human inspection. - * Demand attach fileserver allows other callers to schedule salvages. + * Documentation improvements. - * Demand attach "bos salvage" now works correctly with restricted - mode. + * Fixes and improvements to the diagnostic or log messages printed by + vos, the fileserver and others. - Microsoft Windows: + * Build fixes, making parallel builds more reliable with certain + configuration options and helping various platforms including + recent releases of IRIX, Solaris and several flavours of Linux. - * Numerous changes to the client-internal btree directory handling to - prevent errors. + * Avoid sending a small amount of data over the wire unencrypted + under certain conditions, and emit the correct error message in + this case. - * fs examine reports owner and group ids as signed values (PTS groups - are negative). +All server platforms - * Preclude corruption due to races writing to smb buffers. + * Avoid generating duplicate IDs for readonly and backup volumes, + which could happen under certain conditions. - * Allow MTU settings in registry to be used. + * Allow the fileserver to return volume data like quota or free space, + which is available publicly elsewhere, without the additional access + check for read permissions on a volume's root directory the fileserver + performed before. - * Apply MTU to both send and receive sizes. + * The fileserver now emits a log message when it ran out of memory for + callbacks. - All UNIX client platforms + * Avoid several potential fileserver problems, including memory + corruption and segmentation faults, due to client bookkeeping. - * Avoid double-freeing Rx call structure if reading a response from - the file server results in a short read. + * Avoid known cases of silent data corruption due to background syncs + on the fileserver, especially during Copy on Write. - * Handle negative lengths in FetchStatus results correctly. + * Make the fileserver sync behaviour runtime configurable. Up to 1.4.5, + we had synchronous syncs which were safe but really slow. Since 1.4.5, + we've had asynchronous syncs which are much faster but believed to + be the cause of rare data corruption issues, and while all known cases + of these happening are believed to be fixed in the 1.6.3 release, doubts + remain. This change allows choosing between those, and in addition allows + to turn syncs by the fileserver off altogether, thus relying on the vice + partition's backend filesystem and the operating system, or to just + execute them when a volume is detached. The default behaviour is + unchanged from releases since 1.4.5, but it's highly recommended to + consider the additional options this change provides. Future OpenAFS + releases will default to "-sync=none". - * Properly clean up allocated memory at shutdown. + * For dbservers, avoid a situation where misinterpreting transient + network errors causes long-term issues with achieving ubik quorum. - * Default to AFSDB compiled into the cache manager. +All UNIX client platforms - * Avoid inadvertant disclosure of stat() information to clients not so - entitled. + * Improvements to the detection of an aklog-specific krb5 configuration + file, for the purposes of turning on "weak crypto" for aklog. - * Correct a bug with AFSDB lookups introduced with SRV record support. + * Fixed a regression introduced in release 1.6.2 which caused the + supposedly persistent disk cache to be discarded upon client start. + (RT #131655) - MacOS +Linux clients - * Install kernel panic processing tool in /Library/OpenAFS/Tools. + * Support Linux kernels up to 3.10 - * Include debugging symbols for kernel extension in additional package. + * Fixed two bugs making it impossible to unmount a disk cache filesystem + after it has been used by the client. (RT #131613) - * Support "Application Firewall" users. + * Fixed a bug that could cause an oops with kernels 3.6 and later - * Avoid ._cellname AFSDB lookups. +OpenBSD - * Compile preferences pane as a universal binary. + * Improved support for OpenBSD 4.9 to 5.3 - Linux +OpenAFS 1.6.3 - * Use splice to speed up storing files. + This release number had to be skipped for technical reasons. - * When using memcache, avoid duplicating work in readpages. +OpenAFS 1.6.2.1 - * Use dget_parent to safely find an inode's parent. + Linux clients - * Disable access time updates in our superblock. + * Support Linux kernels up to 3.8. - * Avoid crashing doing writeback if no credentials were stashed at - file open. + * Make the init script cope with the output of ifconfig on recent Fedora. - * Simplify keyring support. +OpenAFS 1.6.2 - * Properly clean up vcache in event of failed mount. + All platforms - FreeBSD + * Fix buffer overflows in fileserver and ptserver. - * Update for current FreeBSD 8. + * Abort an rx connection when given an unknown service (Gerrit 7593). - Solaris + * "idle dead" behavior improvements. - * Abstractly manipulate groups as now required. + * Documentation updates. - * Abstractly access time instead of using lbolt directly. + All server platforms + * Fix rare file corruption during background sync (Gerrit 8796). -OpenAFS 1.5.68 (2009-12-08) + * Fix corrupting clients' metadata cache during certain errors (Gerrit + 6957). - All platforms + * Avoid saying a volume doesn't exist when accessed as the volume is + going offline (Gerrit 7488). - * aklog now attempts to convert non-AFS errors to human-readable - strings. + * Fix fileservers to properly report >2 TiB partitions. - * Make stack not executable when compiling assembler source with GCC. + * Fix stale volume info from vos examine on non-DAFS filservers. - * Numerous source warning cleanups and code reorganization. + * Fix possible volume corruption with vos convertROtoRW. - All server platforms + * Fix bosserver to preserve all command-line options over restart. - * Compute midnight for volume statistics calculation from local time. + * Fix bosserver to properly kill hung processes during shutdown. - * Salvager now orphans duplicate special inodes when running to allow - recovery in event of a problem, instead of simply ignoring the - issue. + All UNIX client platforms - * Support to ensure a server panic attempt leaves a core and thus - restarts in a timely manner, rather than potentially hanging. Use - panic to attempt cleanup before leaving a core when possible. + * Fixes for memcache, especially on Solaris. - * Volume sync data reported during bulkstatus is now set correctly. + * Increase the size of the DNS resolver answer buffer to allow sites + with a long response list to use SRV and AFSDB records. - * Provide better tuning for fileserver file descriptor caching. + * Fix a crash when a server appears to run out of addresses (Gerrit + 7487). - * Allow more than 128 threads in fileserver by modifying host - structure in-use tracking. + * Fix cache corruption when reading from a file another client is + simultaneously writing to (Gerrit 7994). - * Avoid crashes getting volume server status during transaction - cleanup. + * Improve handling of disk cache disk errors. - * Improved logging of offline volume conditions. + Linux - * Correct volume statistics when cloning a volume. + * fix DKMS configuration for DKMS 2.2. - * Avoid referencing host structures in the fileserver which are marked - for deletion. + * Avoid generating inode number 0 with md5 inodes (Gerrit 7276). - * Demand attach fileserver corrections to avoid coring during an - aborted startup. + * Fix a crash when reading /proc/fs/openafs/unixusers (Gerrit 7914). - * host array bounds checking corrections to avoid buffer overflow. + * Make PAG-less access use the real UID of the calling process + instead of the effective UID, when determining what credentials to + use (Gerrit 7931). - * Handle special inodes correctly when promoting an inode fileserver - readonly volume to read-write. + * Fix possible abuse of fs mkmount. + Prior to 1.6.2, users could crash a client by nesting volume mounts. - Microsoft Windows + * Fix fileserver memory corruption on RHEL 6 + Prior to 1.6.2, fileservers on RHEL 6 may crash under heavy load. - * Set the DOS Readonly attribute on a file/directory whenever the unix - mode combined with the mask 0200 is true. Previously there was a - discrepency between the mask used for testing for readonly behavior - and that used for setting the attribute. + * Fix client page cache corruption on Linux + When multiple clients read and write to a file, the reading client + may see first page (4096 bytes) of a file as nulls. - * Disable AFSVolSync based .readonly "whole-volume callback" support - because the all file servers prior to 1.5.67 (and perhaps 1.4.12) do - not properly assign a value to the AFSVolSync structure in bulk - status RPC responses. + * Support Linux kernels up to 3.7. - * Improve the error output from aklog to output the value from krb5 - error_message() if the afs_com_err output indicates an unknown - value. + * Support newer glibc versions. - * Convert VBUSY and VRESTARTING to CM_ERROR_ALLBUSY and do not permit - them to be exposed to the smb redirector. + * Improve client systemd unit file. - * Convert STATUS_TIMEOUT responses to STATUS_IO_TIMEOUT to avoid - confusion within the smb redirector. + * Update Red Hat packaging. - * Fix the byte order assigned to port numbers associated with AFSDB - record lookups. They must be network byte order not host byte - order. + OS X - * Add dynamic server ranking based on RPC round trip time - measurements. + * Fix crashes on shutdown. - All UNIX client platforms + * Prevent unloading the module before shutdown completes. - * Additional shutdown-time memory leaks removed. + * Security improvement for the OpenAFS preference pane. - * Improved logging of resource contention. + Solaris - * Provide dumping for Rx debug packet tracking support in source. + * Support newer versions of the Sun Studio compiler software. - * Update afscp test client to build, and provide an unlock client. + * Support compiling on newer versions of Solaris 11 and Solaris 10. - * Client buffers for directory parsing can now be allocated beyond the - fixed set formerly provided. - * Work around race condition when manipulating read-only volume - callbacks. +OpenAFS 1.6.0 (2011-08-15) - * Bugfixes to get PAG value pioctl. + All platforms - * Bugfixes to SRV record support. + * Substantial Rx updates to correct erroneous behavior. - Linux + * vos now properly deals with matching sites when servers are + multihomed. - * Path MTU tracking code cleanup. + * Don't stop Rx keepalives after an ackall is received, avoiding + spurious connection timeouts. (128848) - * Avoid an oops due to racing with vcache recycling thread. + * Don't retry Rx calls on channels returning busy errors and improve + Rx busy call channel error handling. (128671) - * Changes to keyring PAG handling: for sufficiently new kernels, use - only keyring-based PAGs, and disable group PAGs entirely. + * Properly enable Rx connection hard timeouts. - * Updates to the kernel page cache interface: writing pages will now - not spuriously leak page locks, and will avoid requiring duplicate - work. + * Rx NAT pings are not enabled until peer has answered. - * Credential references are now tracked using native atomic counters. + * Initialize rx_multi lock before use. - * Kernel mutex/semaphore lock ordering fix to avoid deadlocks. + * Avoid spurious crashes when initializing in "backup" client. - * Manipulate disk cache with credentials used to initialize it, to - avoid security issues. + * Revert UUID support in vos. - MacOS + * pt_util fixed to properly create new databases. - * Fix fstrace message catalog location. + * MTU discovery now properly shut down on call reset. - * Fix kernel fstrace logging. + * Avoid leaking references to hosts during callback break multi-Rx + operations. (129376) + * xstat tools now cope with differing timeval structures between + endpoints. -OpenAFS 1.5.66 (2009-10-25) + * Numerous fixes to command argument parsing. - All platforms + * Documentation updates. - * Avoid calling exit() in library code. + All server platforms - * Add rx window size and peer timeout tuning APIs. + * A file descriptor leak which could result in corrupted files in the + fileserver was fixed. An IMMEDIATE upgrade from previous 1.5 release + fileservers is recommended. - * Correct rx peer timeout handling to disallow 0ms timeouts. + * Fix ptserver supergroups support on 64 bit platforms. - * Correct calculation of rx RTT by disregarding retransmitted packets. + * Demand attach salvaging doesn't use freed volume pointers. - * vos manpages updated to reflect changes in recent versions. + * Properly hold host lock during host enumeration in fileserver. - * GNU-style long options (e.g. --cell) are now supported in all - commands. + * Attempt to recovery more quickly from timed out volume release + transactions. - * fs listacl can now print a command to recreate the current ACL. + * Auditing now properly byte order swaps IP addresses when printing. - All server platforms + * vos split now has improved error handling. - * Fix a race on transaction objects in the volserver which can cause a - crash. + * Many changes to again support Windows fileservers. - * Avoid destroying and setting to NULL the callback connection when it - could still be being used. + * During volume removal, data removal speed improved. - * Correct unlink handling in salvager. + * Improve CPU utilization during volume attaching by DAFS. - * Improve error messages due to I/O errors in the volserver. + * In salvager check-only mode, avoid potentially fixing a vnode. - * Correct an issue which caused converted RO to RW volumes on namei - fileservers to not come online immediately. + * Fix support for large (greater than 2gb) volume special files. - Microsoft Windows + * Salvager will not crash if multiple or bad volume link tables are + encountered. - * Official support for Windows 7 and Server 2008 R2. + * Avoid erroneous full dump by remembering which sites were out of + date at the start of the release. - * Prevent a file server bug (FetchData returning an invalid length - instead of zero) from causing an "unexpected network error" when - writing to files. + * A deleted volume can now be recreated properly. - * Promote DNS SRV records as superior to DNS AFSDB records. Support - arbitrary port numbers for vldb servers. + * Callbacks are again not broken during whole partition salvages. - * Add AFSVolSync based .readonly "whole-volume callback" support. - With this functionality, multiple objects from a .readonly volume - can have their status validated by issuing a single - RXAFS_FetchStatus RPC. + * Positional vectored IO fixed for largefile (>2GB) capable systems. - * Remove drive mapping functionality and service start/stop from - afscreds.exe. + * Fileserver per-client thread usage again properly enforced. - * Remove drive mapping functionality from afs_config.exe. + * Anonymous dropbox support improved and drawbacks documented. - * Use {HKLM,HKCU}\SOFTWARE\OpenAFS\Client DWORD "ShowMountTab" to - restore access to drive mapping functionality in afscreds.exe and - afs_config.exe. + * Demand attach: ensure vnodes are not reallocated while in use due to + volume bitmap errors. - * Adjust SMB error return codes to avoid returning STATUS_TIMEOUT - which results in the SMB redirector disconnecting. + * Properly support large volume numbers (larger than 2147483647). - * Network Identity Manager OpenAFS Provider now provides its own "AFS - lock" notification icon to report the status of "have tokens, have - no tokens, service not started, service started but inaccessible". - Hovering over the icon lists the cells for which tokens exist (if - any) and the OpenAFS version number. Double-clicking executes the - Network Identity Manager default action. + * Allow salvager to be run manually again when DAFS is being + used. (129458) - * Prevent pioctl calls from retrying indefinitely when a sharing - violation error occurs. + * Avoid leaking references to hosts during callback break multi-Rx + operations. (129376) - All UNIX client platforms + * Demand attach: unlink fileserver state file on standalone salvage. - * Correct a condition which could discard the error from initializing - a fetch request. + * Salvager tries harder to detect linktable issues. + + * Demand attach: don't attach volumes with special status set. + + * Avoid crashing on host table exhaustion. Instead, defer clients. + + Microsoft Windows + + * afs_config will not longer set the Tray Icon State in the registry + if the checkbox is not present in the dialog. (128591) + + * AFS Explorer Shell Extension now works from folder backgrounds. + Overlays for mount points and symlinks are present in the dll, but + are not registered at present by the installers. + + * Do not use RankServerInterval registry value as the value for + PerformanceTuningInterval. + + * When the data version of a mountpoint or symlink changes, the target + string in the cm_scache_t object must be cleared. + + * "fs checkservers" now includes vldb servers in the output and only + lists multi-homed servers once. A multi-homed server that has at + least one up interface is no longer considered to be down. + + * When asynchronously storing dirty data buffers to the file server + ensure that (a) the cm_scache_t object and the cm_buf_t object are + for the same File ID so that locking and signalling work properly; + and (b) if the FID no longer exists on the file server, do not + panic, just discard the buffer. + + * When processing VNOVOL, VMOVED and VOFFLINE errors perform server + comparisons by UUID or address and not simply by cm_server_t + pointer. Otherwise, server failover may not succeed. + + * Do not preserve status information for cm_scache_t objects when the + issuing server is multi-homed. + + * Giving up all callbacks when shutting down or suspending the machine + is now significantly faster due to the use of an rx_multi + implementation. (This functionality is still off by default and + must be activated by a registry value.) + + * Race conditions were possible when updating the state of the + cm_volume_t flags and when moving the volumes within the least + recently used list. + + * Ensure that the lanahelper library does not perform a NCBRESET of + each lan adapter when enumerating the current network bindings. + Correcting this permits OpenAFS to work on Windows 7 when the + network adapter settings change. + + * Fix creation of mount points and symlinks as \\AFS\xxxx + + * Icon tray state now conditionally set. (128591) + + * Properly create new cell mount points in freelance mode. + + * Avoid recursive offline volume checks. + + * Fix caching of non-existent volumes. The test to trigger an + immediate CM_ERROR_NOSUCHVOLUME in cm_UpdateVolumeLocation() was + backwards. + + * Prevent the background daemon from checking the status of + non-existent volumes. cm_CheckOfflineVolumes() should skip volume + groups with the CM_VOLUMEFLAG_NOEXIST flag set. + + * The afskfw library should return an error immediately if the + krb5_32.dll library cannot be loaded. Affects afslogon.dll and + afscreds.exe. + + * No longer depend on leashw32.dll in afskfw library. + + * NPLogonNotify must provide the user password in all calls to + KFW_AFS_get_cred(). It cannot count on a credential cache being + preserved between calls. Permits tokens to be acquired for all + cells listed in the TheseCells registry value for a domain. + + * Improve the trace logging from NPLogonNotify(). + + * Avoid a race when writing the cm_scache_t mountPointString + when acquiring mount point or symlink target data via + cm_GetData(). The race could result in bogus target + data being cached. + + * Permit the use of des-cbc-md5 and des-cbc-md4 enctypes + as DES keys in asetkey.exe. + + * aklog supports dotted Kerberos v5 principal names. + + * afskfw library always attempts afs/cell@USER-REALM + + * afskfw library must test return code from krb5_cc_start_seq_get() or + will trigger a null pointer exception when using Heimdal. + + * Lock protected fields must be 32-bit in order to avoid memory + overwrite races. + + * Add support for NTFS symlinks. + + * Handle file search requests for virtual syscall ioctl file. + + * Process SyncOps properly to enforce ordered operations. + + * Avoid recursing during NewServer operations. + + * Correct lock acquisition order during SMB locking. + + * Add shutdown message to event log. + + * Check offline volume status by policy rather than on each daemon + thread run. + + * Return error on directory object not found instead of crashing. + + * Improve error message output. + + * afslogin.dll can start afsd_service if it's not starting or started. + + * Optimize away release lock RPCs for deleted files. + + * Background Daemon will not perform operations on deleted files. + + * Resort recently used directories to the top of the LRU if the + directory is larger than the stat cache. + + * Resort deleted objects to the bottom of the LRU. + + * Use interlocked operations for state and queue fields to allow safe + bit set and clear on multiprocessor systems. + + All UNIX client platforms + + * Servers now marked down when GetCapabilities returns error. + + * In-use vcache count is now properly tracked. + + * Check for /afs existance before starting, unless -nomount is + specified. + + * Avoid a potential panic when using /afs/.:mount syntax. + + * Avoid a panic in memcache mode due to missing CellItems file. + + * FUSE client support fixed for non-/afs mounts. + + * Avoid a potential deadlock (which times out) when we need to + allocate more callback returns and must flush some already in use. + + * Deal with libcom_err conflicts with other packages using it + (e.g. krb5) (128640) + + * Fall back to afs3-vlserver SRV record values when afs3-ptserver SRV + record is not available. + + * Avoid holding unneeded locks when probing server capabilties. + + * Do not attempt page flushes for directories. + + * Rx connection reference counting is enabled. + + * An Rx connection reference count leak is fixed in bulkstat. + + * Handle unparsable directory objects. + + * Handle Kerberos cred cache errors in aklog. + + AIX + + * Fix PAG usage to track by PAG identifier, not group list. + + FreeBSD + + * Fix socket termination on shutdown. + + * Support for 7.2, 7.3, 7.4 and 8.2 included. + + * References to vcaches are no longer leaked during root or reclaim. + + * Remove support for "Giant" lock as we no longer need to use it. + + * Don't sleep with AFS GLOCK. + + * Properly enable 64 bit long long support. + + * Restore support for FreeBSD 7 (128612) + + * Fix locking issues at shutdown and avoid panic at shutdown due to + vcache flushing. + + * Support for virtual network stacks. + + * New RC script, updated packaging. + + IRIX + + * Properly create new vnodes to avoid crashing in the client. + + Linux + + * Support through kernel 2.6.39. Treat Linux 3.0 as Linux 2.6 for + sysname purposes. + + * Use rx_Readv in cache bypass to improve performance. + + * Properly handle 0-length replies during cache bypass operations. + + * Properly handle non-contiguous readpage cache bypass operations. + + * Do proper locking when transitioning to or from cache bypass. + + * Avoid extra runs of vcache freeing routine. (128756) + + * Perform vcache eviction via a fast path before visiting vcaches + where sleep is needed. + + * setpag() errors are now properly reported. + + * Avoid attempting to free stat cache entries when we are below + user-specified number of entries in use. + + * Properly track user-specified number of stat cache entries to use as + a desired usage target. + + * Don't read pages beyond EOF in the cache. (128452) + + * Various corrections and improvements to Red Hat packaging, including + modifying the init script to allow deferring for a new binary + restart and properly supporting RHEL6. + + * Fix lockup in 2.6.38 due to erroneous kernel feature configure test. + + * Improve RPM building tools. + + * Attempt to properly handle SELinux in packaging. + + * Init script properly returns status as exit code. + + * RPM packaging fixes (executable libraries, no postinstall message) + + * Kill i386 from RPM packaging. + + MacOS + + * MacOS 10.7 support. + + * Properly handle setpag errors. PAGs are not supported. + + * Check for unloaded kernel extensions when decoding AFS panics. + + * Disable "get tokens at login" in prefs pane if AD authentication + plugin is configured. + + * aklog AuthorizationPlugin now provided. + + * Preferences Pane behavior fixed for 1.6 series (version detection is + used to select default behavior). + + * A potential kernel panic during bulkstat operations is + fixed. (128511) + + * 64-bit MacOS kernel performance is greatly improved. (128934) + + * Properly shut down AFS, closing the Rx socket in the upcall handler + to avoid attempting to process data after we can no longer do so. + + * Rework logic for bulk status operations to avoid a potential hang. + + * Avoid panic when doing FSEvent synthesis. + + * Fix bug when using non-dynroot. + + * Update Kerberos support in PreferencesPane. + + NetBSD + + * Updates for platform support. + + OpenBSD + + * Bug fixes for issues introduced previously in 1.5 series. + + * Support through OpenBSD 4.8. + + Solaris + + * Switch to ioctl() syscall replacement for Solaris 11 since syscall + 65 is not safe. + + * Fix support for Solaris pre-10. + + * Corrected Solaris 11 startup script. + + * vcache mappings freed on shutdown to avoid panic. + + * Properly report errors for AFS system call callers. + + * Don't leave dangling function references if kernel extension fails + to load. + + * Try harder to avoid deadlocks on file-larger-than-cache operations. + + * Avoid panic on shutdown when mount failed. + + +OpenAFS 1.6.0pre2 + + All systems: Minor bugfixes. + + ADDITIONAL CHANGES IN 1.6.0PRE2 + + All platforms: + + - Documentation updates. + + - Don't stop Rx keepalives after an ackall is received, avoiding + spurious connection timeouts. (128848) + + - Don't retry Rx calls on channels returning busy errors. (128671) + + - vos will not die with a double free error at command completion. + + - Properly enable Rx connection hard timeouts. + + - Initialize rx_multi lock before use. + + - Avoid spurious crashes when initializing in "backup" client. + + All unix platforms: + + - Check for /afs existance before starting, unless -nomount is specified. + + - Avoid a potential panic when using /afs/.:mount syntax. + + - Avoid a panic in memcache mode due to missing CellItems file. + + All server platforms: + + - Attempt to recovery more quickly from timed out volume release + transactions. + + - Auditing now properly byte order swaps IP addresses when printing. + + - vos split now has improved error handling. + + - Many changes to again support Windows fileservers. + + - During volume removal, data removal speed improved. + + - Improve CPU utilization during volume attaching by DAFS. + + - In salvager check-only mode, avoid potentially fixing a vnode. + + - Fix support for large (greater than 2gb) volume special files. + + - Salvager will not crash if multiple or bad volume link tables + are encountered. + + - Avoid erroneous full dump by remembering which sites were out of date + at the start of the release. + + FreeBSD: + + - Remove support for "Giant" lock as we no longer need to use it. + + - Don't sleep with AFS GLOCK. + + - Properly enable 64 bit long long support. + + - Restore support for FreeBSD 7 (128612) + + - Fix locking issues at shutdown. + + Linux: + + - support through kernel 2.6.38. + + - RedHat packaging now properly supports RHEL6. + + - Use rx_Readv in cache bypass to improve performance. + + - Properly handle 0-length replies during cache bypass operations. + + - Properly handle non-contiguous readpage cache bypass operations. + + - Do proper locking when transitioning to or from cache bypass. + + - Avoid extra runs of vcache freeing routine. (128756) + + MacOS: + + - Check for unloaded kernel extensions when decoding AFS panics. + + - Properly handle setpag errors. PAGs are not supported. + + - Disable "get tokens at login" in prefs pane if AD authentication + plugin is configured. + + OpenBSD: + + - support through OpenBSD 4.8. + + Solaris: + + - Fix support for Solaris pre-10. + + Windows: + + - afs_config will not longer set the Tray Icon State + in the registry if the checkbox is not present in + the dialog. (128591) + + - AFS Explorer Shell Extension now works from folder + backgrounds. Overlays for mount points and symlinks + are present in the dll, but are not registered at present + by the installers. + + - Do not use RankServerInterval registry value as the value for + PerformanceTuningInterval. + + - When the data version of a mountpoint or symlink changes, + the target string in the cm_scache_t object must be cleared. + + - "fs checkservers" now includes vldb servers in the output + and only lists multi-homed servers once. A multi-homed + server that has at least one up interface is no longer + considered to be down. + + - When asynchronously storing dirty data buffers to the + file server ensure that (a) the cm_scache_t object and + the cm_buf_t object are for the same File ID so that + locking and signalling work properly; and (b) if the + FID no longer exists on the file server, do not panic, + just discard the buffer. + + - When processing VNOVOL, VMOVED and VOFFLINE errors perform + server comparisons by UUID or address and not simply by + cm_server_t pointer. Otherwise, server failover may not + succeed. + + - Do not preserve status information for cm_scache_t objects + when the issuing server is multi-homed. + + - Giving up all callbacks when shutting down or suspending + the machine is now significantly faster due to the use + of an rx_multi implementation. (This functionality is + still off by default and must be activated by a registry + value.) + + - Race conditions were possible when updating the state + of the cm_volume_t flags and when moving the volumes + within the least recently used list. + + - Ensure that the lanahelper library does not perform a + NCBRESET of each lan adapter when enumerating the + current network bindings. Correcting this permits OpenAFS + to work on Windows 7 when the network adapter settings + change. + + - Fix creation of mount points and symlinks as \\AFS\xxxx + + PREVIOUS CHANGES: + + All platforms: + + - vos now properly deals with matching sites when servers are multihomed. + + All Unix platforms: + + - Servers now marked down when GetCapabilities returns error. + + - In-use vcache count is now properly tracked. + + All server platforms: + + - Fix ptserver supergroups support on 64 bit platforms. + + - Demand attach salvaging doesn't use freed volume pointers. + + - Properly hold host lock during host enumeration in fileserver. + + FreeBSD: + + - Fix socket termination on shutdown. + + - Support for 7.2, 7.3, 7.4 and 8.2 included. + + - References to vcaches are no longer leaked during root or reclaim. + + Linux: + + - Define llseek handler to avoid ESPIPE error in 2.6.37. + + - Mount interface replaces get_sb (new for 2.6.37, not yet required). + + - RedHat init script allows deferring for a new binary restart. + + - DEFINE_MUTEX replaces DECLARE_MUTEX for 2.6.37. + + MacOS: + + - Correct return value from setpag syscall. + + OpenBSD: + + - Bug fixes for issues introduced previously in 1.5 series. + + Solaris: + + - Switch to ioctl() syscall replacement for Solaris 11 since syscall 65 + is not safe. + + +OpenAFS 1.5.78 (2010-11-04) + + All platforms + + * Revisions to Rx to fix performance issues. + + * Make fs getfid behave consistently across all platforms. (128372) + + * Properly check IDs handed to pts when creating users or groups so + useful error messages can be provided. (128343) + + * Correct byte order handling of port in afsconf_LookupServer for SRV + records. + + * Force a full dump when releasing to a site which was previously + marked "don't use", in case the previous clone was out of date. + + All server platforms + + * Demand salvage of attached volumes now correctly track attachment + state. + + * Avoid a potential crash due to failure to hold a lock when attaching + a volume fails. + + Microsoft Windows + + * Track SMB connections by SID rather than username. + + * Error write attempts to known-readonly volumes earlier. + + * Validate directory buffers to avoid potential crashes. + + * Handle VIO errors from bulkstatus. + + * Make PMTU discovery configurable and register error handlers for it. + + All UNIX client platforms + + * Use larger I/O sizes in memcache to improve performance. + + * Avoid potential alignment issues doing I/O for pioctl calls. + + FreeBSD + + * Avoid panicing if the listener process is not findable. + + * Avoid deadlock issues while performing lookups. + + Linux + + * Handle stale file handle errors for some cache partition types. + + * Avoid blocking with xvcache lock when attempting to free in-use + vcaches. + + * Build fixes for older kernels. + + * Properly configure LWP to use ucontext() on platforms where it + should. + + * Eliminate spurious errors from AFS system call returns. (126230) + + MacOS + + * Attempt to honor configured Kerberos defaults in Preferences Pane. + + +OpenAFS 1.5.77 (2010-09-08) + + All platforms + + * Rx path MTU detection will terminate detection in cases where the + minimum required packet size cannot be transferred. + + * vos dryrun mode now shows effects for syncvldb single volume case. + + * vos dryrun mode now shows "status after" for syncvldb and syncserv. + + All server platforms + + * RXAFS_GetStatistics64 now returns statistics properly. + + Microsoft Windows + + * Attempt to properly identify the local system SMB connection for + token tracking. + + * Remap timeout and offline errors to proper NT RPC errors. + + * Properly fail over to other replicas on bulkstat IO errors. + + * Properly error delete-mode createfile if a file is set readonly. + + * Validate directory entry buffers to avoid crashing the service. + + * Log file modes properly. + + * Log cell name when logging server information. + + All UNIX client platforms + + * cacheout program for discarding callbacks is now built. + + * bulkstatus kernel locking is corrected to avoid a potential panic. + + Dragonfly BSD + + * userspace support update + + FreeBSD + + * Updated vnode locking for children returned via lookup(). + + * Avoid file open undercount with needed calls to + FakeOpen/FakeClose(). + + * Use vnode_pager_setsize to properly track file size during kernel + IO. + + * Update system call installation. + + * Fix shutdown of Rx kernel listener to avoid potential dereference + after it's gone. + + * Avoid closing vnodes during vnode recycle. + + * Fix bogus call to FlushVS for vnode reclaims. + + Linux + + * Packaging updated for current configure options and built files. + + * Cache bypass now holds reference on pages during readpage. + + * s390x setgroups32 patching update. + + MacOS + + * DNS resolver is reinitialized on IP address change. (126440) + + +OpenAFS 1.5.76 (2010-08-16) + + All platforms + + * Updates to build-time configuration. + + * Fix XDR support in Rx to match header definition. + + * vos status now shows transaction creation, not action creation. + + * Rx avoids reporting loopback adapters when listing interfaces. + + All server platforms + + * Demand-Attach Fileserver always built and installed (dafileserver, + davolserver, dasalvager). + + * Return VNOVOL from fileserver when a volume is deleted. + + * Ignore duplicate tags during volume restore operation. + + * Update inode array after salvage repairs volume. + + * Zero a corrupted header in memory during salvage to avoid further + corruption. + + * Fix NAMEI backend to allow low-numbered volumes to work properly. + + * ptserver does not include cell name as part of length check for + names. + + * Updated error messages for unblessed volumes. + + * vlserver avoids buffer overflow with regex pattern + + * Attach-time failures now note failures as the rest of the fileserver + would. + + * Server argument logging will no longer overflow stack. + + * Provide fast-restart-like unsafe-nosalvage option for DAFS. + + * Deal with host hash collisions in the fileserver. + + Microsoft Windows + + * Avoid crashing when interpreting a drive letter as potentially + matching a cell name. + + * Properly handle volume package errors. + + * Allow page recycling from known-readonly content without ensuring + they are not dirty. + + * 32 bit tools installer should not override client configuration. + + * Ensure root scache item has a valid callback when use is attempted. + + * Freelance directory changes now properly invalidate and replace the + old root object. + + All UNIX client platforms + + * Support disconnected reconnecting with specified UID for PAGless + platforms. + + * Proper disconnected vnode reference tracking. + + * Update server site blacklisting to not return success if nothing was + blacklisted. + + * Avoid a panic during vcache contention due to CVInit vcache + racing. (127645) + + FreeBSD + + * Update for network stack in 8.1/9.0. + + HP-UX + + * Bug fixes. + + Linux + + * 2.6.36 support + + * Disable PMTU error packet handling. + + * flock() fixes. + + * Debian packaging updated. + + * freezer interface updates. + + MacOS + + * Hold references to disconnected mode written vnodes properly. + + Solaris + + * Handle NFS translator module references for amd64. + + * INODE fileserver backend support now exists for amd64. + + +OpenAFS 1.5.75 (2010-07-07) + + All platforms + + * Prevent rx_rpc_stats global lock from being a bottleneck. + + * Path MTU discovery is now provided to allow traffic to pass networks + with sub-1500 byte MTUs and poor fragment handling. + + * Further reduce Rx NAT ping transmission when enabled. + + * Update Kerberos 5-based token handling in rxkad from upstream + Heimdal. (127554) + + * Update version numbers emitted during build to reflect what is + actually being built. + + * Add "-human" switch for human-readable units in fs diskfree and + listquota. (124529) + + * vos provides reasons for locked volumes when known. + + * Do not count retransmission and ping acks as non-idle for Rx + connections. + + * Rx: provide service-specific data getter and setter routines. + + * Update build-time Kerberos detection. + + * Updated userspace AFS client. + + * Beginning of a modernized test suite. + + * Additional documentation. + + * Updated documentation, notably the Administrators Guide. + + * Substantial code cleanup. + + All server platforms + + * Update handling of vnode allocation failures. + + * DAFS: allow salvaging volumes not known to the fileserver, to allow + cleanup of data not attached to a current volume. + + * Properly handle volumes slated for destruction. + + * Handle volumes with many files properly. + + * Force core file generation in bosserver by overriding default + resource limits when possible. + + * Update vlclient and vldb_check. + + * Avoid potentially corrupting a volume on creation if files are left + from previous failed cleanup. + + * Note volume changed during salvage as needed. + + * DAFS: do not assume invalid addresses are in fileserver address hash + table. + + * Avoid tying up fileserver threads with volumes that are being taken + offline. + + * Do not set inUse on volumes for non-DAFS other than in fileserver. + + * Break origin's callback on target of rename operation. + + * Avoid unneeded parent directory link updates during some rename + operations. + + * Do not open /dev/console for writing in the fileserver. + + * DAFS: avoid spurious restarts when binary restarts are configured. + + * Avoid spurious and unneeded calls to sync(), which can slow down the + fileserver. + + Microsoft Windows + + * Revised SMB QuerySecurityInfo to address issues caused by MS10-020 + (http://support.microsoft.com/kb/980232) + + * Prevent use of the AFSCache file contents if mapped to a new + address. + + * Make fs newcell include behavior compatible with the non-Windows + version. + + * Provide a registry option (FreelanceImportCellServDB) to pre-create + mount points in the AFS root for all cells in CellServDB. + + * Fix a memory leak in the cm_FreeServerList() routine. + + * Reduce privilege when reading registry CellServDB. + + * Add support for RPC Pipe Service NetWkstaGetInfo levels needed for + Windows 7. + + * Prevent overflow when computing quota percentage in Explorer Shell. + (126846) + + * Generate meaningful errors for ACL operations on freelance AFS root. + + * Fix error handling on InlineBulkStatus RPCs. + + * Show configuration pages for all types of MSI installations. + + * Improve freemount AFS root directory handling and operations. + + * Properly validate GetVolumeStatus pioctl responses. + + * Commit file length changes and dirty buffers when flushing a file. + + All UNIX client platforms + + * Update version of files for disk cache. + + * Do not call afs_FlushVCBs with xvcache lock held, to improve + parallelization. + + * Add mariner log messages for creating and removing files. + + * Don't hold xvcache lock while creating symlinks, to improve + parallelization. + + * Provide -dynroot-sparse mode to not show all cells in CellServDB in + dynroot mode. + + * Avoid a potential crash in aklog in linked cell handling. + + * Log MTU-caused packet retransmission. + + * Prevent crashes caused be fs checkservers while cache is being set + up. + + * fs getserverprefs now has a buffer large enough for the default + CellServDB. + + * Report server address when logging warnings. + + * Avoid panic in GetCapabilities when cell is not known. + + * Lock process name and id for advisory lock warnings when possible. + + * Handle need for allocating additional Rx packets. + + * Properly handle errors from InlineBulkStatus operations. + + * Fix errors returned from fcntl() on readonly files locked for write. + + * Flush pending changes to the server on LOCK_EX unlock. + + * Reflect length changes as a result of callbacks even when file is + open for write. + + * Avoid hanging due to error exit when attempting to store a large + file to a non-largefile fileserver. + + * Recover from afs_GetVolSlot errors. + + FreeBSD + + * Bugfixes for kernel VFS and network routines. + + IRIX + + * Provide makesname(). + + Linux + + * Avoid syscall probes when keyrings are present, by default. (125215) + + * Remove "Big Kernel Lock" from VFS operations. + + * Use filehandles for all Linux 2.6 versions to avoid need for matched + afsd. (127530) + + * Updated RPM packaging. + + * Fix dkms configuration provided with RPMs. + + * Hold reference on pages during background I/O for cache bypass. + + * Fix cache bypass handling of non-largefile fileservers. + + * Protect truncate_inode_pages mappings with mutex or semaphore as + needed. + + * Fix pagevec use in cache bypass. (127505) + + * Updates for 2.6.35 + + MacOS + + * Improve launchd configuration. + + * Avoid hanging on recursive cache file lock acquisition when user + notification is enabled. + + * Fix and re-enable bulkstat mode. + + OpenBSD + + * Build updates. + + Solaris + + * Precluding unmount while AFS is busy. + + * Avoid deadlocking when releasing the VFS object. + + * Stop network interface poller in kernel on AFS shutdown. + + * Avoid issues with lookups on empty directory names. (127356) + + +OpenAFS 1.5.74 (2010-04-22) + + All platforms + + * Add "vos setaddrs" command. + + * Rx library lock contention avoidance between rx_NewCall and + rx_EndCall. + + * Rx library races due to inconsistent use of rx_connection + conn_data_lock to protect the flags field. + + * Rx library inconsistent use of RX_CALL_TQ_WAIT which could result in + deadlocks. + + * Rx library must signal transmit queue waiters when flushing. + + * afsmonitor shows busy counts now. + + * afsmonitor displays xstat callback statistics. + + * Provide expandgroups for pts mem on a supergroups server. + + * Provide supergroup option to liste nested groups during pts mem. + + All server platforms + + * Avoid volume lock contention during DAFS startup. + + Microsoft Windows + + * Avoid a race when updating cell vldb server lists that can result in + a crash. + + * Avoid a deadlock when managing CM_SCACHESYNC_STOREDATA state + operations for directory objects. + + * Add new Windows Application Event log messages for VBUSY, + VRESTARTING, ALL_BUSY, ALL_OFFLINE, and ALL_DOWN. + + * Reduce lock contention by waiting for cm_buf_t I/O operations. + + * Split the cm_buf_t flags field to separate the flags that are + protected by the cm_buf_t mutex from those protected by the + buf_globalLock. + + * In cm_UpdateVolumeLocation, avoid searching for a ".readonly" volume + on a numeric volume name. + + * File buffer allocations whose offsets are beyond server EOF should + be locally allocated and zero filled. The file server should not be + issued a FetchData rpc which is guaranteed to fail. + + * Enable integrated logon to work with Windows 7/2008 when user logons + are performed with a non-Domain Kerberos principal. + + * Add Protection Error messages to aklog output. + + All UNIX client platforms + + * Provide a FUSE-interfacing userspace afs client. + + * Updates to libuafs userspace cache manager. + + * Probe servers using GetCapabilities instead of GetTime, thus + requiring fewer RPCs. + + * Fix DNS SRV record handling for cell lookup. + + FreeBSD + + * Fix sleep/wakeup routines. + + * Update for 8.0 release. + + Linux + + * Handle high memory addresses correctly. + + MacOS + + * Make 32 bit AFS syscalls work again. + + * Work around finder "Duplicate" failure (caused by setting modes on + symlinks). + + * Disable bulkstat again (will be re-enabled at or before .75). + + * Provide symlink type hints during readdir. + + +OpenAFS 1.5.73 (2010-03-24) + + All systems: Minor bugfixes. New features. + + * New functionality: + + All systems: + + - NAT keepalive support at Rx level. + + * Bugfixes: + + All systems: + + - Corrected server IP address output in vos syncvldb verbose mode. + + - Corrected server IP address output for last "yes" host in udebug. + + - Corrected SRV record support for canonicalizing cell names. + + All UNIX clients: + + - Fixed a potential race in Disconnected AFS "remove" support. + + - Fix a potential blocking condition in fakestat mode. + + - Avoid some errors and stack overflow reports when vos is interrupted. + (33360,125535) + + - Clean up several minor memory leaks. + + - If a large file is stored to a non-largefile fileserver, avoid + a potential deadlock. + + - Increase maximum number of sysnames to 32. + + - Readd fs mariner "storing" message, missing since AFS 3.3. + + - Attempt timeouts on AFSDB lookups in userspace. + + - Avoid interrupting writes due to an idle deadtime timeout. + + All server platforms: + + - Properly notify only affected hosts for volume callbacks. (126497) + + - Allow volumes with trashed root directory to be recovered. (94658) + + - Hold lock in file and volservers when traversing partition list. + + - Use finer-grained locking in DAFS: volume, instead of partition locks. + + - Schedule all DAFS salvages via FSSYNC. + + - Avoid stale ptserver credential caching issue on keyfile update. + + - Improve callback table overflow handling. (126451) + + - Preclude deadlocks on when attempting to save DAFS state. + + - Avoid races deleting hosts. (126454) + + - Improve salvage speed for DAFS (124488) + + - The bosserver now handles SIGTERM. + + Microsoft Windows + + - Prevent the Explorer Shell extension from crashing if symlink + creation failed. (126406) + + - A Rx level NAT ping has been implemented. A registry value enables. + + - Adds krb5 error message translation to aklog, afscreds, + afslogon.dll, the network identity manager afs provider and + translate_et. + + - Default mode bit settings for file and directory creation are now + provided, and can be configured. + + - An SMB request trace facility is provided and can be enabled for + debugging. + + AIX: + + - Clean up properly on mount failure. + + - Add entry to /etc/vfs to allow umount to work. + + FreeBSD: + + - Additional work to support FreeBSD 8-current. + + IRIX: + + - Fix build issues with library order. + + Linux: + + - Fix s390 support conflict with executable stack patches. + + - Don't count root's AFS session keyrings against quota. + + - Correct dkms support in RPM config file. + + - Keyring destructor now properly cleans up all tokens. + + - Build again on old 2.6 kernels. + + - Avoid GLOCK leak when updating CellServDB in-core. + + - Fix byte-range lock handling. + + - Attempt to deal with bdi issues. (126514) + + MacOS: + + - Some FSEvents hinting for authentication events now done. (23781) + + - Update uninstaller. (125634) + + - Rewrite afssettings and fstab code to avoid licensing issue with APSL. + + - Growl client for user monitoring of AFS events included. + + - Properly support insert-only dropboxes. + + - Add bulkstat support. + + - Include support for moving in Finder across mount points. + + - Preferences Pane includes support for Kerberos 5 ticket renewal. + + OpenBSD: + + - Some support for OpenBSD 4.7. + + +OpenAFS 1.5.72 (2010-02-15) + + All platforms + + * Provide internationalization support in com_err. + + * Fix array length checking to avoid crashes when checking for a + volume type based on name in vos. + + All server platforms + + * Provide backward compatible "-f" flag to salvager for force mode. + + Microsoft Windows + + * Restore use of DNS AFSDB and SRV records by kaserver clients. + + All UNIX client platforms + + * Fix client cache file truncation to not lose chunks when truncating + a large file. + + * Ensure a cache writeback hook is installed in the client (bug from + 1.5.71). + + * Avoid spurious free memory warnings during clean shutdown. + + * Fakestat mode avoids AFSDB lookups. + + * "fs storebehind" now correctly reports errors on readonly volumes. + + * Additional documentation for "fs getcacheparms" + + * Forced new uuid generation with "fs uuid -generate" now works + enforced permission correctly. + + MacOS + + * Add optimized Rx event handler in kernel. + + * Installer now allows installing an older version. + + * Panic decoder can now deal with MacOS 10.5 again. + + * MacOS ._ files are now correctly not looked up as cellnames. + + Linux + + * To deal with SELinux file labeling, try cache accesses with current + credentials in event of failure. + + * Rx XDR encoding bug on i386 Linux is fixed (bug introduced in + 1.5.71). + + IRIX + + * Code compilation fixes. + + OpenBSD + + * Update for OpenBSD 4.6. + + +OpenAFS 1.5.69 (2010-01-19) + + All platforms + + * Configuration of BOSserver no longer defaults to weekly restarts + enabled. + + * Provide BOS restricted mode by default. + + * Add support for "vos endtrans" command. + + * Default to providing full output from vos listvol. + + * Correct additional-address tracking in the fileserver. + + * Improve Rx performance by not unnecessarily dropping and reacquiring + call locks in read and write processes. + + * Avoid crashes when monitoring volserver transactions across + potential transaction garbage collection. + + * Numerous warning fixes. + + All server platforms + + * Avoid saving fileserver state in demand attach fileserver when + panicing. + + * Demand attach fileserver allows other callers to schedule salvages. + + * Demand attach "bos salvage" now works correctly with restricted + mode. + + Microsoft Windows: + + * Numerous changes to the client-internal btree directory handling to + prevent errors. + + * fs examine reports owner and group ids as signed values (PTS groups + are negative). + + * Preclude corruption due to races writing to smb buffers. + + * Allow MTU settings in registry to be used. + + * Apply MTU to both send and receive sizes. + + All UNIX client platforms + + * Avoid double-freeing Rx call structure if reading a response from + the file server results in a short read. + + * Handle negative lengths in FetchStatus results correctly. + + * Properly clean up allocated memory at shutdown. + + * Default to AFSDB compiled into the cache manager. + + * Avoid inadvertant disclosure of stat() information to clients not so + entitled. + + * Correct a bug with AFSDB lookups introduced with SRV record support. + + MacOS + + * Install kernel panic processing tool in /Library/OpenAFS/Tools. + + * Include debugging symbols for kernel extension in additional package. + + * Support "Application Firewall" users. + + * Avoid ._cellname AFSDB lookups. + + * Compile preferences pane as a universal binary. + + Linux + + * Use splice to speed up storing files. + + * When using memcache, avoid duplicating work in readpages. + + * Use dget_parent to safely find an inode's parent. + + * Disable access time updates in our superblock. + + * Avoid crashing doing writeback if no credentials were stashed at + file open. + + * Simplify keyring support. + + * Properly clean up vcache in event of failed mount. + + FreeBSD + + * Update for current FreeBSD 8. + + Solaris + + * Abstractly manipulate groups as now required. + + * Abstractly access time instead of using lbolt directly. + + +OpenAFS 1.5.68 (2009-12-08) + + All platforms + + * aklog now attempts to convert non-AFS errors to human-readable + strings. + + * Make stack not executable when compiling assembler source with GCC. + + * Numerous source warning cleanups and code reorganization. + + All server platforms + + * Compute midnight for volume statistics calculation from local time. + + * Salvager now orphans duplicate special inodes when running to allow + recovery in event of a problem, instead of simply ignoring the + issue. + + * Support to ensure a server panic attempt leaves a core and thus + restarts in a timely manner, rather than potentially hanging. Use + panic to attempt cleanup before leaving a core when possible. + + * Volume sync data reported during bulkstatus is now set correctly. + + * Provide better tuning for fileserver file descriptor caching. + + * Allow more than 128 threads in fileserver by modifying host + structure in-use tracking. + + * Avoid crashes getting volume server status during transaction + cleanup. + + * Improved logging of offline volume conditions. + + * Correct volume statistics when cloning a volume. + + * Avoid referencing host structures in the fileserver which are marked + for deletion. + + * Demand attach fileserver corrections to avoid coring during an + aborted startup. + + * host array bounds checking corrections to avoid buffer overflow. + + * Handle special inodes correctly when promoting an inode fileserver + readonly volume to read-write. + + Microsoft Windows + + * Set the DOS Readonly attribute on a file/directory whenever the unix + mode combined with the mask 0200 is true. Previously there was a + discrepency between the mask used for testing for readonly behavior + and that used for setting the attribute. + + * Disable AFSVolSync based .readonly "whole-volume callback" support + because the all file servers prior to 1.5.67 (and perhaps 1.4.12) do + not properly assign a value to the AFSVolSync structure in bulk + status RPC responses. + + * Improve the error output from aklog to output the value from krb5 + error_message() if the afs_com_err output indicates an unknown + value. + + * Convert VBUSY and VRESTARTING to CM_ERROR_ALLBUSY and do not permit + them to be exposed to the smb redirector. + + * Convert STATUS_TIMEOUT responses to STATUS_IO_TIMEOUT to avoid + confusion within the smb redirector. + + * Fix the byte order assigned to port numbers associated with AFSDB + record lookups. They must be network byte order not host byte + order. + + * Add dynamic server ranking based on RPC round trip time + measurements. + + All UNIX client platforms + + * Additional shutdown-time memory leaks removed. + + * Improved logging of resource contention. + + * Provide dumping for Rx debug packet tracking support in source. + + * Update afscp test client to build, and provide an unlock client. + + * Client buffers for directory parsing can now be allocated beyond the + fixed set formerly provided. + + * Work around race condition when manipulating read-only volume + callbacks. + + * Bugfixes to get PAG value pioctl. + + * Bugfixes to SRV record support. + + Linux + + * Path MTU tracking code cleanup. + + * Avoid an oops due to racing with vcache recycling thread. + + * Changes to keyring PAG handling: for sufficiently new kernels, use + only keyring-based PAGs, and disable group PAGs entirely. + + * Updates to the kernel page cache interface: writing pages will now + not spuriously leak page locks, and will avoid requiring duplicate + work. + + * Credential references are now tracked using native atomic counters. + + * Kernel mutex/semaphore lock ordering fix to avoid deadlocks. + + * Manipulate disk cache with credentials used to initialize it, to + avoid security issues. + + MacOS + + * Fix fstrace message catalog location. + + * Fix kernel fstrace logging. + + +OpenAFS 1.5.66 (2009-10-25) + + All platforms + + * Avoid calling exit() in library code. + + * Add rx window size and peer timeout tuning APIs. + + * Correct rx peer timeout handling to disallow 0ms timeouts. + + * Correct calculation of rx RTT by disregarding retransmitted packets. + + * vos manpages updated to reflect changes in recent versions. + + * GNU-style long options (e.g. --cell) are now supported in all + commands. + + * fs listacl can now print a command to recreate the current ACL. + + All server platforms + + * Fix a race on transaction objects in the volserver which can cause a + crash. + + * Avoid destroying and setting to NULL the callback connection when it + could still be being used. + + * Correct unlink handling in salvager. + + * Improve error messages due to I/O errors in the volserver. + + * Correct an issue which caused converted RO to RW volumes on namei + fileservers to not come online immediately. + + Microsoft Windows + + * Official support for Windows 7 and Server 2008 R2. + + * Prevent a file server bug (FetchData returning an invalid length + instead of zero) from causing an "unexpected network error" when + writing to files. + + * Promote DNS SRV records as superior to DNS AFSDB records. Support + arbitrary port numbers for vldb servers. + + * Add AFSVolSync based .readonly "whole-volume callback" support. + With this functionality, multiple objects from a .readonly volume + can have their status validated by issuing a single + RXAFS_FetchStatus RPC. + + * Remove drive mapping functionality and service start/stop from + afscreds.exe. + + * Remove drive mapping functionality from afs_config.exe. + + * Use {HKLM,HKCU}\SOFTWARE\OpenAFS\Client DWORD "ShowMountTab" to + restore access to drive mapping functionality in afscreds.exe and + afs_config.exe. + + * Adjust SMB error return codes to avoid returning STATUS_TIMEOUT + which results in the SMB redirector disconnecting. + + * Network Identity Manager OpenAFS Provider now provides its own "AFS + lock" notification icon to report the status of "have tokens, have + no tokens, service not started, service started but inaccessible". + Hovering over the icon lists the cells for which tokens exist (if + any) and the OpenAFS version number. Double-clicking executes the + Network Identity Manager default action. + + * Prevent pioctl calls from retrying indefinitely when a sharing + violation error occurs. + + All UNIX client platforms + + * Correct a condition which could discard the error from initializing + a fetch request. + + * Avoid using invalid references to afs_Conn connection structures, + and thus potentially producing invalid data when a retry is needed. + + * SRV records are now supported for discovering AFS servers. + + Linux + + * Correct writepage behavior. + + * Fix error code handling in the writepage code. + + * Avoid leaking page locks, which could potentially hang a machine. + + MacOS X + + * Preferences Pane improvements. + + HP-UX + + * Avoiding attempting to handle critical signals in servers, so that + core file handling works correctly. + + +OpenAFS 1.5.65 (2009-10-06) + + All platforms + + * Code compilation warning fixes, to enable better finding and + tracking bugs. + + * Provide configure-time switch to enable code warning compilation. + + All server platforms + + * Demand-attach fileserver now makes volume LRU list operations + exclusive operations to avoid races during adding to the list. + + * Fileservers now avoid potential "negative length" fetches. + + * A leak in host tracking objects in the fileserver has been fixed. + + * Salvager now unlinks all files by full path, to deal with the change + to not chdir for core file tracking. + + * Salvager avoids asserting if the volume header is unreadable. + + * Demand-attach fileserver puts back volume references from fssync + handlers when done. + + Microsoft Windows + + * Improved service response to suspend and shutdown event + notifications. + + * Avoid a bug in the file server that can result in an invalid length + being returned as part of a fetch data response if the client + attempts to read beyond the length of the file. + + * Do not publish a default stream object for directories and mount + point objects. This was impacting the ability of some Windows XP + systems to save roaming profiles. + + All UNIX client platforms + + * A bug which could cause erroneous handling of lengths on data reads + has been fixed. + + * A bug where erroneous length returns from the fileserver could + result in a false error has been fixed. + + Linux + + * Background page copies are now supported for enhanced disk cache + read performance. + + * Blocking readahead is supported in readpages() to reduce overhead. + + * Use readpage() instead of read() to access cache data to avail disk + cache users of the kernel backing cache for improved performance. + + * Minimize credential handling for improved performance. + + MacOS X + + * Preferences Pane cleanup. + + Solaris + + * Provide a fs_pathconf method with sensible defaults. + + * Provide a _PC_FILESIZEBITS method to fix some NFS translator + consumers. + + +OpenAFS 1.5.64 (2009-09-22) + + All server platforms + + * The demand attach fileserver now puts back volume references gotten + via the fssync interface. + + * The demand attach fileserver had a structure reference error, which + has been correected. + + Microsoft Windows + + * Restores Windows 2000 compatibility. + + * Fixes a data consistency error between the output of NetWkstaGetInfo + and NetServerGetInfo RPCs, specify the Lan workstation group name + "AFS", and report server name as "AFS" instead of "\\AFS" when the + caller asks for "\\AFS". + + * Enables executables to be run from \\AFS on Windows 7. Returns + "Name not found" instead of "File not found" when a directory or + file name cannot be found. This avoids loader errors when system + dlls cannot be located in the executable directory. + + * Prevents cache manager from marking the file server "down" when the + data returned in response to either RXAFS_FetchData64 or + RXAFS_StoreData64 is invalid. + + * Adds pioctl data validation to the AFS Explorer Shell extension. + + All UNIX client platforms + + * A bug which could cause a kernel panic in 1.5.63 has been corrected. + This would manifest as a GetDCache panic or oops. + + Linux + + * aklog -setpag works again with recent kernels when keyring is in + use. + + MacOS + + * When Fast User Switch is in use, AFS login is now handled correctly + by the integration tool included with the preferences pane. + + * Several packaging bugs have been corrected. + + +OpenAFS 1.5.63 (2009-09-11) + + All platforms + + * The restorevol command is now documented and installed as a user + command. + + * The uss command now properly translates vldb entries to its expected + format when handling them in all cases. + + * Documentation now refers to Kerberos instead of kaserver. + + All server platforms + + * bosserver now handles BosConfig.new when restarting, allowing + configuration to be replaced at restart time rather than with bos + delete and bos create. Documentation is updated to reflect this. + + * The demand attach fileservice not longer potentially hangs trying to + terminate demand-salvages which have already exited. + + * The demand attach fileservice has been modified to avoid spurious + 'SYNC_putRes: write failed' warnings when some protocol messages + cannot be acknowledged due to the sender terminating the connection. + + * In the event of failure to contact the vlserver or ptserver, the + fileserver will not exit and trigger a forced salvage. It will + continue to try in the background to contact the needed services. + + * The salvager can now repair certain cases of a damamged vnode index. + + * The accessDate metadata for a volume is now updated correctly. + + Microsoft Windows + + * CRITICAL: Some applications for example those based on Cygwin were + unable to access data stored in the AFS name space. Explorer Shell + also experienced inconsistent behavior. This is fixed. + + * CRITICAL: Multiple AFS pioctl requests issued nearly simultaneously + by applications could result in pioctl responses being received by + the wrong requester. This in turn could result in application + crashes. symlink.exe, fs.exe, afslogon.dll, afscreds.exe, and the + netidmgr afscred.dll plugin were all affected. + + * Some XP machines running 1.5.62 had trouble saving roaming profile + data. This is fixed. + + * Integrated Logon (afslogon.dll) did not function with domain + specific configurations. + + * Ensure that access denied and over quota errors experienced while + storing data to the file server do not result in on-going retry + attempts. + + All UNIX client platforms + + * Except on Solaris and AIX, the compiler may now be overriden at + configure time by setting the CC environment variable. + + * afsd now properly deals with large cache partitions. + + FreeBSD + + * Build shared libafsauthent and libafsrpc. + + Linux + + * Kernel module DKMS support now installs an unstripped module to + allow debugging information to be collected. + + MacOS + + * Preferences pane properly updates token information. + + MacOS 10.6 + + * klog will now properly handle passwords of 8 or fewer characters + with an AFS string to key on hosts able to run 64 bit binaries. + + * A panic at AFS shutdown due to "NO PCB" on a udp_lock has been + addressed. + + * The panic decoder script included in the source now properly handles + 32 and 64 bit panics. + + NetBSD + + * Avoid defining AFS_KERBEROS_ENV globally as it creates a circular + dependency. + + * Build shared libafsauthent and libafsrpc. + + OpenBSD + + * Build shared libafsauthent and libafsrpc. + + +OpenAFS 1.5.62 (2009-08-28) + + All platforms + + * Numerous invisible changes to improve code maintainability, + portability and enhanceability. + + Microsoft Windows + + * CRITICAL: Fixes two errors that can result in data loss when storing + data to the file server. + 1. Failure to Store Portions of Unaligned Writes + 2. Failure to Store Data to File Servers Lacking Large File Support + Read the announcement for more details: + http://www.openafs.org/pipermail/openafs-announce/2009/000305.html + + * CRITICAL: The cache manager daemon thread could terminate when the + machine enters suspend mode. This daemon thread performs the + background check of down servers, offline volumes, callback + expirations, etc. + + * CRITICAL: Integrated Logon (afslogon.dll) was terminating + unexpectedly. Error checking has been improved and NULL pointer + dereferences after Lsa API calls fail have been eliminated. + + * For the first time, the OpenAFS SMB Server supports the DCE RPC + services SRVSVC and WKSSVC. Browsing \\AFS with the Explorer Shell + or NET VIEW will now be faster and provide additional functionality. + No longer will cell names longer than 12 characters be truncated. + + * Improvements to DFS Referral request processing have been + implemented. + + * Unnecessary DNS lookups of share names are avoided improving + performance. + + All UNIX client platforms + + * Non-Kerberos PAM modules work correctly again. + + MacOS X + + * MacOS 10.6 (Snowleopard) is now supported, both 32 and 64 bit mode. + + * Updates to the AFSCommander preferences pane. + + * Installer now permits cell names with dashes. + + +OpenAFS 1.5.61 (2009-08-06) + + All platforms + + * Correct another race condition in the Rx library that could result + in an unexpected panic while freeing the Rx call iovq. + + * rx packet resend and data packets sent counts were incorrect. + + * fs setquota, fs setcachesize, vos setfields, and vos create now + accept human readable orders of magnitude. (K, M, G) + + * fs listquota fixed to permit large quota sizes to be displayed. + + * Correct documentation of bosserver permissions requirements. + + * Modify vlserver to avoid potentially corrupting the database through + volume id reuse. + + * Generalized support for fast Rx timeout due to network + down/unreachable. + + All server platforms + + * Allow audit logs to be sent via sys5 IPC message queues instead of + logged directly. + + Microsoft Windows + + * If a file server becomes inaccessible while the cache manager has + dirty buffers to write, the afsd_service buf_IncrSync thread can + attempt to use 100% of the cpu. + + * Fix "fs newcell" which was broken in 1.5.60. + + * Do not attempt to synchronize dirty buffers if the associated volume + is known to be unavailable. + + * Modify behavior of a Freelance mountpoint target that does not + specify a cell. Instead of assuming the target volume is in the + Freelance.Local cell, use the workstation "Cell" specified in the + registry. A mountpoint target of "#root.cell." will now mean the + root.cell volume in the workstation cell for the current session. + If the workstation cell changes from "athena.mit.edu" to + "andrew.cmu.edu", the referenced volume will also change without + requiring that the mount point targets be altered. + + * Add cm_FindServerByUuid(). Re-implement RXAFS_InitCallBackState3() + to permit the server Uuid to be used to lookup the server object and + from that determine the cell. This permits callbacks that are + received from alternate addresses to be processed with a known + server object. Previously a request from an unknown server would + clear all callbacks from all cells. + + * Fix a bug that prevented optimal performance when using a non-zero + value for 'daemonCheckVolCBInterval'. As a reminder, when + "daemonCheckVolCBInterval" is set to a non-zero value, all .readonly + volume callbacks are automatically renewed 90 minutes before their + expiration. + + * Fix automatic ranking of vldb servers whose values are obtained from + the CellServDB file. + + * Add failover for RX CALL TIMEOUT errors when the volume is readonly + or the call is to a vldb server. + + * Add registry based cell search functionality to NetIdMgr, + afs_config.exe, and klog.exe. + + * afsconf_GetCellInfo() has been modified to perform gethostbyname() + lookups on the host names in the CellServDB instead of using the + specified IP addresses. This provides aklog, pts, vos, etc. the + same CellServDB behavior that the Windows Cache Manager uses. + + * When updating the stat cache entry callback of a .readonly object + from the volume group object, update the file server reference to + ensure it matches the most update to date callback. + + * Add proper support for processing callbacks from multi-homed file + servers. Instead of comparing servers by cm_server_t pointer, + compare them by UUID when the UUID is known. + + * During a shutdown short circuit the offline volume check daemon + functionality. + + * Return the error code of RXAFS_FetchData / RXAFS_StoreData in + preference to an error code reported by rx_EndCall. + + * Add "PerFileAccessCheck" registry value to permit testing against + experimental file servers that include per-file acl support. This + value is intentionally undocumented. It is not to be used by + production environment deployments. + + * Fix a bug introduced in 1.5.60 that prevents the afs netidmgr + provider from obtaining tokens when referrals are in play. + + * Add "fs chown" and "fs chgrp" commands to permit the owner and group + of objects stored in AFS to be set from Windows. + + * Avoid performing background daemon operations when the machine is + going into suspend mode. + + * Perform offline volume checks in most recently used order. + + * Prevent crash when a data version for a cache object goes backwards. + + * Multi-thread safe library versions are now being generated and used. + mtafsubik.lib, mtafsutil.lib, mtafsvldb.lib, mtafsvol.lib. + + * Microsoft SMB Redirector (mrxsmb.sys) support for + ExtendedSessTimeout values are now available on XP through Windows + 7. Add functionality to autodetect if such support is present on + the machine. If so, configure it if necessary and dynamically + adjust the AFS Rx timeout values accordingly. + + All UNIX client platforms + + * Fix out-of-tree source builds. + + MacOS + + * GUI installer now asks for local cell information. + + * AFS Commander preferences pane is now installed by default. + + Solaris + + * Avoid kernel panics due to null pointer dereferences in the network + interface poller kernel thread. + + +OpenAFS 1.5.60 (2009-05-31) + + All platforms + + * Retry volserver transaction creation on failure. + + * Allow building HTML and PDF documentation from included XML copies + of User Guide, Admin Guide and Quick Start Guide for Unix. + + * Documentation updates and additional documentation. + + * Add -encrypt support to pts client. + + * Convert MR-AFS fs commands to OSD commands. + + All server platforms + + * Updated background sync process in fileserver to avoid a race which + could result in a volume being taken offline. + + Microsoft Windows + + * On April 9th Microsoft released a Hot Fix for Windows Server 2003 + SP2 that corrects a deadlock in the smb redirector and also adds new + functionality that permits the AFS SMB server to be given a longer + timeout than is normally the case. New functionality has been added + to configure these additional LanmanWorkstation\Parameter values. + (This functionality has been backported to XP SP3 and is scheduled + to be released on June 5th.) + + * Fix RT#124787, a race condition between "fs flush ", "fs + flushvolume", or "fs flushall" and on-going directory operations + that can result in afsd_service.exe crashing. + + * Release Notes, User and Administrator guides are now shipped as + indexed Windows HtmlHelp Files. (.chm). Shortcuts are provided from + the Start Menu. + + * A method of specifying Client CellServDB information within the + registry has been added that can be used to either override the + CellServDB file or force the use of DNS lookups for a given cell. + See the release notes for details. + + * The pioctl interface now properly handles drive letter substitution + to UNC paths. (SUBST <\\afs\cell\path>) + + * The BackConnectionHostNames registry value configuration was broken + when dynamic re-establishment of Netbios Name registrations was + added. This release restores the functionality. + + * All hidden vos.exe commands are now revealed. + + * Attempts to store the same dirty file chunk from multiple threads + are now prevented. + + * The IsPathInAfs test in Explorer Shell Extension and fs.exe now + permits broken symlinks to be treated as being in AFS. + + * vos.exe commands that output 64-bit integer values once again do so. + This was broken in 1.5.59. + + * Cygwin Import Libraries are provided in the SDK for all OpenAFS + DLLs. This permits building cygwin applications against OpenAFS + libraries. + + * NSIS installer does a much better job of cleaning up files left over + from previous installs. + + * libafsconf.dll moved from Client\Program to Common directory as is + is now used by all modules for CellServDB processing. + + All UNIX client platforms + + * Write back changes on last store for memcache to avoid discarding + changes. + + * Abstract disk cache support to allow for path, fh, inode based + caches with no need for messy ifdef structures each time a new type + is added. + + DragonflyBSD + + * Support as a userland port. + + FreeBSD + + * Corrected structure definition for userspace cache manager to allow + builds to complete. + + Linux + + * Corrected client locking support. + + * Updated patch to stop deadlocking in the kernel during mmap. + + * Avoid oops when setting up groups for PAGs to match keyrings. + + * Use Linux fh-based cache in cases where possible by default. + + MacOS 10.3: + + * Corrected structure definition for userspace cache manager to allow + builds to complete. + + OpenBSD + + * Support for OpenBSD 4.5. + + Solaris + + * Corrected support for server-side vos split interface. + + +OpenAFS 1.5.59 (2009-04-06) + + Microsoft Windows + + * Increased service priority class to "High" to match the priority of + system components that are dependent upon the a timely response. + + * SMB error responses avoid returning errors that could confuse the + Microsoft SMB redirector into disconnecting the connection to \\AFS. + + All UNIX client platforms (except MacOS X 10.4 and 10.5) + + * OpenAFS 1.5.59 contains fixes for the client issues addressed by the + security advisories OPENAFS-SA-2009-001 and OPENAFS-SA-2009-002. + + Linux platforms + + * Support for prerelease Linux 2.6.30 kernels. + + +OpenAFS 1.5.58 (2009-03-30) + + All platforms + + * Code cleanup and prototyping. + + * Avoid unnecessary blocking in Rx periodic cleanup code. + + All server platforms + + * Fileserver CopyOnWrite routine optimized for performance. + + * Make fileserver callback dumps 64 bit safe. + + * Fix byte order issues with fileserver host hashing. + + * Fix buffer size issues with butc. + + * Fix several Ubik recovery issues. + + * Avoid leaking file references in the fileserver. + + * Fix a race in DAFS while closing vnodes, and another offlining + volumes. + + * volserver interfaces for volume splitting client. + + Microsoft Windows + + * [RT 124293] A race condition exists which can result in a crash. + + * [RT 124276] If the vldb is out of sync with the contents of the file + servers, afsd_service will retry too many times when a file server + reports a volume as not being present. Now if the list reported by + the vldb is the same as the previously seen list, then the retry is + aborted. + + * [RT 124276] Read-only volume failover was broken in 1.5.53 whenever + accessing a volume results in VNOVOL or VMOVED. + + * [RT 124276] Prior to 1.3.70 the volume server reference list was not + reference counted and would be prematurely freed while in use. When + reference counting was added in 1.3.70 a bug was introduced that + could result in service reference list corruption. + + * Add Windows Application Event Log warning messages for "Client SMB + MPX value too large" and "Client SMB Buffer Size too small". + + * Renaming of files across directory boundaries would result in an + invalid handle error when attempting to access the files after the + move. + + * Fix the handling of Tran2 Set Path Info RPCs. Do not fail when a + smb file descriptor cannot be found. The whole point of using a + Path Info function is because an smb file descriptor wasn't + allocated. + + * More edge cases in which dynamic addition of Freelance root.afs + entries would get the wrong FID or where the root.afs directory + would not be refreshed. + + * Buffer overflow could occur if the workstation cell name was longer + than 64 characters. Crashes could occur in afscreds.exe, + afslogon.dll, and afsd_service.exe. + + * VNOSERVICE and VOFFLINE errors were leaking and were exposed to the + smb client. + + * Log file server uuid values as part of the cm_server object when + available. Dump the cm_server object list in response to "fs + memdump". + + * Optimize the performance of resetting access control lists when + tokens are set or removed. + + * Remove symlink recursion tests and increase max symlink count to 64 + from 16. + + * Windows specific Rx performance improvements. + + * Support for Network Identity Manager 2.0 + + All UNIX client platforms + + * Avoid issues with freeing resources at shutdown. + + * Numerous fixes to disconnected AFS. + + * Disconnected AFS fixes for replaying changes without double-freeing. + + * Attempt to use krb524 principal conversion in aklog if available. + + AIX + + * Kerberos configuration at build time corrected. + + Linux + + * Default to dynamic allocation of AFS kernel cache entries to allow + growth for inotify()-pinned entries. (beagle, famd, etc) + + * Change client truncation routines to avoid locking issues. + + * IA64 port clients fixed on Linux 2.6. + + * RPMs now install fstrace message catalog. + + * Support through kernel 2.6.29 tested. + + * Fix locking issues on CellServDB file in /proc. + + OpenBSD + + * Support OpenBSD 4.4 + + +OpenAFS 1.5.57 (2009-01-23) + + All platforms + + * Conditional compilation of rxdebug support is now possible. + + * Documentation updates. + + * Further race connditions in Rx have been corrected. + + All server platforms + + * Salvager no longer attempts to recreate headers in the wrong + partition. + + * Volumes are properly marked in use on creation and subsequently on + examination with vos. + + Microsoft Windows + + * Undo the "UAC manifest fix" applied to afs_config.exe. + + * Ensure that Freelance allocation of vnodes follow the AFS convention + of odd vnodes are directories and everything else is an even vnode. + + * Add Freelance logic to mount point and symlink evaluation functions. + + * Enhance smb_ParseASCIIBlock() so that it can handle all of the + STRING formats defined by the CIFS Technical Report 1.0. + + * Validate the output of smb_ParseASCIIBlock() in all callers. Return + CM_ERROR_BADSMB if the STRING field cannot be parsed. + CM_ERROR_BADSMB will cause the contents of the packet to be logged. + + * If multiple SMB Raw Write operations were taking place at the same + time, there could be data corruption because unique event objects + were not generated for each Netbios receive operation. + + All UNIX client platforms + + * Userspace AFS library can now deal with large files when supported + by the platform. + + * Numerous updates to disconnected AFS support, including changes to + allow reconnection to work in more circumstances. + + FreeBSD + + * FreeBSD unstrategy code has been updated. + + Linux + + * A race during file truncation has been corrected. + + * System call probing routines have been updated. + + * 2.6.29 is now supported. + + MacOS + + * 10.3 support has been corrected. + + OpenBSD + + * Initial OpenBSD 4.4 support. + + Solaris + + * Updates to allow compiling on newer OpenSolaris are now included. + + +OpenAFS 1.5.56 (2008-12-30) + + All platforms + + * libuafs (userspace cache manager) updated to correct several errors. + + * Additional rx debugging support is available as a conditional + compile. + + * A race condition in Rx leading to a panic has been corrected. + + * Rx idle time tracking has been corrected. + + * ubik clone server support has been corrected. + + All server platforms + + * Salvager no longer leaves cores in vice partitions. + + * The vol-dump tool now supports dumps larger than 2gb where possible. + + * Operations on multiple files now report all FIDs in the audit log. + + * butc XBSA support now works correctly on amd64. + + Microsoft Windows + + * The NetIDMgr AFS Provider automated configuration logic was broken + by the introduction of Kerberos referrals. If the realm of the + identity cannot be determined, the workstation cell is now assumed + to belong to the newly created identity. + + * Avoid a reference count under flow during rename operations. + + * Avoid a crash caused by treating an arbitrary length directory + search mask as an 8.3 mask. + + * Prevent rename operations if a case insensitive match for the target + name already exists and does not refer to the object being renamed. + + * Increase the maximum number of background daemons to 64. + + * Fix the UAC manifest applied to afs_config.exe + + All UNIX client platforms + + * Updates to disconnected AFS support. + + FreeBSD + + * FreeBSD 7.1 is now supported. + + * amd64 FreeBSD is now supported. + + Linux + + * Generic fh (exportfs API) cache type is now available. + + * Avoid some oopses due to backing_dev_info inode fields not being + filled. + + * 2.6.28 is now supported. + + MacOS + + * 10.3 support has been corrected. + + Solaris + + * Large partition support has been corrected. + + * Filesystem-agnostic cache is now available on Solaris 10 and 11. + + +OpenAFS 1.5.55 (2009-11-10) + + All platforms + + * Salvager avoids leaving core files in vice partitions. + + * NFS translator fixes. + + * Unresponsive server handling fixes. + + * A volserver race which could result in duplicate transactions is + fixed. + + Microsoft Windows + + * Fixes a panic caused by corruption of the SMB virtual circuit list. + (race condition) + + * Fixes a panic caused by receipt of a UTF-16 string that cannot be + converted to UTF-8. + + * Implements a more aggressive recovery algorithm for Netbios errors + that result in loss of communication to the AFS SMB server. + + * Improve pioctl response time when testing whether or not a PATH is + in AFS. + + * Adds support for linked cells. + + * Increases the length of the cell and realm names that can be input + into the Network Identity Manage AFS provider configuration dialog. + + All UNIX client platforms + + * Disconnected AFS avoids infinite recursion during rmdir. + + Linux + + * Support for 2.6.28 (not complete for NFS translator modules). + + * Support for using exportfs API for filesystem-agnostic cache. + + * Disable backing store readahead. + + * Avoid deadlocks when writing back mmapped files larger than the + cache. + + * Avoid Oops when doing PAG garbage collection. + + +OpenAFS 1.5.54 (2008-10-08) + + All platforms + + * Updates for new Tivoli X/Open API finding. + + * A double-free is corrected in Rx. + + All server platforms + + * Ubik cleans up file descriptor cache correctly when doing recovery. + + * Enhanced vldb error checker included. + + Microsoft Windows + + * Prevent a crash that could occur when multiple file / directory + change notifications are processed simultaneously. + + MacOS + + * AFS claims more free space so Finder will attempt file copies. + + Linux + + * Avoid spurious ENOENT when calling gwtcwd() on a volume root. + + * Avoid spurious ENOTDIR during fakestat. + + +OpenAFS 1.5.53 (2008-09-26) + + All platforms + + * rx avoids many packet leaks. + + * rx jumbogram disabling now works (and is the default). + + All server platforms + + * Demand Attach fileserver tries to avoid issues tracking offline + status of volumes. + + Microsoft Windows + + * Many potential deadlock conditions due to out of order lock + acquisitions have been corrected. + + * A race condition resulting in an undercount on the cm_scache_t + reference counts has been corrected. + + * An empty string when sent as an ioctl path is now properly + interpreted as meaning the current directory. This affects "fs + lsm", "symlink list", etc. + + * Fix smb string parsing differences where the smb protocol + documentation does not match the actual Windows implementation. + + * Random access denied errors fixed. + + * A file server lock synchronization issue was corrected in SMB + NTCreateX and NTTranCreate operations. This bug prevented properly + operation when loading roaming profiles. + + * Fix a heap overwrite error during server probe operations if a new + server is added while a probe operation is in progress. + + * Fix an LSA memory leak that was the result of an LSA error. + + * Do not leak cm_cell_t objects if the VLDB server lookup fails. + + * Only initialize rx mutex/lock objects once. + + * Do not nul terminate the AFS volume name when reported to Windows. + + * Improve VNOVOL error handling. Prevent updated vl information from + being destroyed immediately after it was acquired. This bug + prevented proper fail over when volumes are moved or removed from a + server. + + * Remove volume id from the server volume list in response to VMOVED + and VNOVOL errors. + + * "fs flushXXX" commands now destroy locally built B+ directory trees. + + * Prevent mixture of locally modified directory pages and file server + directory pages. + + * Fail over to alternate vl servers if a ubik error is returned. + + All UNIX client platforms + + * Disconnected AFS now supports read-write mode. + + * volserver now builds correctly. + + AIX + + * AIX 6 is now supported. + + FreeBSD + + * FreeBSD 7 is now supported. + + Linux + + * cache bypass is now supported. + + * 2.6.x kmod compilation now uses kernel compile options always. + + * Support through 2.6.27. + + MacOS + + * Show more space free so Finder doesn't get confused. + + Solaris 10 + + * Default to namei rather than inode. + + +OpenAFS 1.5.52 (2008-08-18) + + All platforms + + * Initialize volume updateDate at volume creation. + + * Avoid potential corruption of directories during salvage. + + * Check for out of memory condition during allocation of additional Rx + packets. + + Microsoft Windows + + * Restore support for Windows 2000 (broken in 1.5.50). + + * Perform additional validation on volume names in mount points during + creation and evaluation. + + * Fix several deadlocks, races, and reference count issues. + + * Further optimize SMB Directory Search processing and minimize the + number of InlineBulkStatus RPCs sent to the file server. + + * Enable "bos restricted" operations. + + * Fix the create of submounts used by the AFSCreds and afs_config + drive mapping tabs. + + * Fix a short name truncation bug. (1.5.50) + + * Fix the error code reported when attempting to delete a file on a + readonly volume or one that is marked with the readonly DOS + attribute. + + * Fix a heap corruption error when reading the CellServDB file + location. + + * Add the "RxUdpBufSize" registry value. The new default is 256KB. + + * Do not include trailing NULs in the directory search output. + (1.5.50) + + * Pre-allocate 64 Rx Packet buffers per thread in order to improve + performance. + + * For debugging: add smb lock requests and stat cache lock allocations + to the output from "fs memdump". + + NetBSD + + * Workaround broken sigwait() to allow fileserver to shut down + correctly pre NetBSD 5.0. + + Solaris 10 + + * Default to namei fileserver; Allow inode fileserver at configure + time by override. + + NFS translator + + * Try harder to avoid kernel panics for malformed requests. + + +OpenAFS 1.5.51 (2008-07-29) + + All platforms + + * salvager tries harder to arrange for clients to get VBUSY while + salvaging single volumes. + + * salvager avoids certain corruption when salvaging directories. + + * Rx connection clones disabled. + + Microsoft Windows + + * The 32-bit EXE 1.5.50 installer failed to properly install the C + Runtime library. When used as an upgrade OpenAFS would continue to + work but when used as a new installation, OpenAFS binaries would + fail to load. + + * Fixes the "fs" and "symlink" commands to properly parse Unicode path + prefixes during the pioctl remote procedure call. This bug would + result in file not found errors for files and directories that + clearly exist. (Bug introduced in 1.5.50) + + * Large File support is disabled. (Bug introduced in 1.5.50) + + * Removes the possibility of a deadlock during volume location update + operation if all of the reported file servers are unreachable at the + time of the update. + + * Ensures that reference counts are properly incremented/decremented + on Rx connection objects used for volume location RPCs. + + * Over Quota errors during cm_FSync() calls would lead to an infinite + loop as the error was never propagated to the caller. + + All UNIX client platforms + + * Bugfixes to disconnected AFS support in the cache manager. + + +OpenAFS 1.5.50 (2008-07-16) + + All platforms + + * volserver puts recloned volumes back online before returning the + volume to the fileserver, avoiding spurious VNOVOL errors. + + * Updated TSM X/Open API support available. + + * Demand Attach fileserver will not crash due to accesses during + volume cloning. + + * Substantial documentation updates. + + * Demand Attach fileserver state tracking and analyzer tool + improvements. + + * UAFS userspace cachemanager updates. + + * Corrected support for anti-meltdown protection in the client. + + Microsoft Windows + + * UNICODE Character Set Support. + + * Pioctl interfaces to the cache manager have been refactored to + provide layering between the SMB specific code and the general + purpose ioctl operation. + + * Garbage collect dead SMB virtual circuits as soon as they are no + longer being referenced. This avoids problems with outstanding + locks not being dropped when the virtual circuit becomes invalid. + + * Remove the IBM Administration Reference documentation and replace it + with the OpenAFS Command Reference Manual. + + * Avoid calling rx_SetDeadTime and rx_SetHardDeadTime functions each + time a connection is about to be used. Do not hold a lock on the rx + connection object while it is being selected. This avoids a race + between threads attempting to set the timeout values and removes a + bottleneck that was hampering performance. + + * Ensure that the smb directory attribute is set for all directory + objects. + + * Replace the VC Runtime EXE installer with the MSI installer in the + NSIS installer scripts. + + Solaris + + * Support for updates to OpenSolaris. + + Linux + + * Correct dentry revalidation for cross-directory renames. + + * Updated rpm packaging materials for 1.5 release series and 2.4 + kernels. + + * Corrected syscall table probing. + + * NFS translator updates for current kernels. + + +OpenAFS 1.5.39 (2008-06-24) + + All platforms - * Avoid using invalid references to afs_Conn connection structures, - and thus potentially producing invalid data when a retry is needed. + * Updates for Demand Attach fileserver. - * SRV records are now supported for discovering AFS servers. + Microsoft Windows - Linux + * Fix two memory leaks. - * Correct writepage behavior. + * Fix one missing lock. - * Fix error code handling in the writepage code. + * Handle access denied errors when writing dirty buffers. - * Avoid leaking page locks, which could potentially hang a machine. + * Fix two errors that would cause the *experimental* AFS Servers + to crash. - MacOS X - * Preferences Pane improvements. +OpenAFS 1.5.38 (2008-05-24) - HP-UX + All platforms - * Avoiding attempting to handle critical signals in servers, so that - core file handling works correctly. + * Add read-only disconnected support. -OpenAFS 1.5.65 (2009-10-06) +OpenAFS 1.5.37 (2008-05-21) All platforms - * Code compilation warning fixes, to enable better finding and - tracking bugs. + * Includes a number of optimizations for testing. - * Provide configure-time switch to enable code warning compilation. - All server platforms +OpenAFS 1.5.36 (2008-05-09) - * Demand-attach fileserver now makes volume LRU list operations - exclusive operations to avoid races during adding to the list. + All platforms - * Fileservers now avoid potential "negative length" fetches. + * Rx optimizations now attempt to deal with high latency WANs. - * A leak in host tracking objects in the fileserver has been fixed. + * Client will not wait infinitely for a server which is not providing + data. Additional servers will be polled without marking the server + which is not providing data down. - * Salvager now unlinks all files by full path, to deal with the change - to not chdir for core file tracking. + * vos move will not erroneously unlock locked vldb entries on failure. - * Salvager avoids asserting if the volume header is unreadable. + All server platforms - * Demand-attach fileserver puts back volume references from fssync - handlers when done. + * Fileserver avoids a potential infinite loop when a client + relinquishes an address. - Microsoft Windows + * Fileserver large setting now configures more threads. - * Improved service response to suspend and shutdown event - notifications. + * Fileserver properly registers uuids of new clients. - * Avoid a bug in the file server that can result in an invalid length - being returned as part of a fetch data response if the client - attempts to read beyond the length of the file. + * Ubik servers do not improperly hide updates from clients. - * Do not publish a default stream object for directories and mount - point objects. This was impacting the ability of some Windows XP - systems to save roaming profiles. + * Fileservers reserve enough file descriptors such that each thread + can cache one to avoid spurious errors. - All UNIX client platforms + Microsoft Windows - * A bug which could cause erroneous handling of lengths on data reads - has been fixed. + * Fix a cm_buf_t reference count leak when attempts to write dirty + buffers to the file server from within cm_IncrSyncer() fail. - * A bug where erroneous length returns from the fileserver could - result in a false error has been fixed. + * Prevent udebug from crashing. - Linux + * Another VNOVNODE issue fixed. When writing a dirty buffer to the + file server, if VNOVNODE is received, mark all buffers as invalid + without further attempts to contact the file server. - * Background page copies are now supported for enhanced disk cache - read performance. - * Blocking readahead is supported in readpages() to reduce overhead. +OpenAFS 1.4.12 - * Use readpage() instead of read() to access cache data to avail disk - cache users of the kernel backing cache for improved performance. + All client systems: Major bugfixes. + File servers: Major bugfixes. - * Minimize credential handling for improved performance. + * New functionality: - MacOS X + All systems: - * Preferences Pane cleanup. + - Provide portable (pioctl) method for discovering what PAG a user is + in. Required to support userspace PAG information collection on AIX + 5.1, and knowing whether Linux uses one group, two group, or only + keyring based PAGs. (124709) - Solaris + * Bugfixes: - * Provide a fs_pathconf method with sensible defaults. + All systems: - * Provide a _PC_FILESIZEBITS method to fix some NFS translator - consumers. + - Fixes to avoid issues cleaning up deleted hosts in the fileserver (126454) + - Fixes to avoid dropping writes due to server idle timeouts. -OpenAFS 1.5.64 (2009-09-22) + - Don't miss cache chunks of large files while truncating. - All server platforms + - Avoid null pointer dereference for unexpected volume names in volume + utilities. - * The demand attach fileserver now puts back volume references gotten - via the fssync interface. + - Don't mark connections waiting for additional packet window availability + idle. - * The demand attach fileserver had a structure reference error, which - has been correected. + - Kerberos 5 utilities (klog.krb5, aklog) enable weak encryption support. - Microsoft Windows + - Avoid a double-free of an Rx call structure during a client fetch error. - * Restores Windows 2000 compatibility. + - Avoid losing hosts during address changes. (125215) - * Fixes a data consistency error between the output of NetWkstaGetInfo - and NetServerGetInfo RPCs, specify the Lan workstation group name - "AFS", and report server name as "AFS" instead of "\\AFS" when the - caller asks for "\\AFS". + - Clients shouldn't trust Fetchdata replies for the size of returned data. - * Enables executables to be run from \\AFS on Windows 7. Returns - "Name not found" instead of "File not found" when a directory or - file name cannot be found. This avoids loader errors when system - dlls cannot be located in the executable directory. + - fileserver will not hang when attempting to cleanup and dump core. - * Prevents cache manager from marking the file server "down" when the - data returned in response to either RXAFS_FetchData64 or - RXAFS_StoreData64 is invalid. + - salvager will not leave core files in random directories. - * Adds pioctl data validation to the AFS Explorer Shell extension. + - avoid letting retransmit timer get to 0 seconds. - All UNIX client platforms + - in event of dbserver contact failure, shut fileserver down cleanly. - * A bug which could cause a kernel panic in 1.5.63 has been corrected. - This would manifest as a GetDCache panic or oops. + - handle large partitions during check for needed disk space at + client start. - Linux + - time out Rx connections if network unreachable error received. - * aklog -setpag works again with recent kernels when keyring is in - use. + - avoid dereferencing NULL pointer freeing Rx packets in receive. (125110) - MacOS + - mark stack not executable in LWP. (125491) - * When Fast User Switch is in use, AFS login is now handled correctly - by the integration tool included with the preferences pane. + - return a correct VolumeSync structure from Bulkstat RPCs in fileserver. - * Several packaging bugs have been corrected. + - client attempts to better free memory at shutdown. + - clear rx call queue safely. (125110) -OpenAFS 1.5.63 (2009-09-11) + - retry VLserver registration on failure in fileserver. - All platforms + - update accessdate for volumes on access in fileserver. - * The restorevol command is now documented and installed as a user - command. + - additional safety checks on vlserver operations to avoid + database corruption. - * The uss command now properly translates vldb entries to its expected - format when handling them in all cases. + - make ktc_curpag available on all builds. (125155) - * Documentation now refers to Kerberos instead of kaserver. + FreeBSD: - All server platforms + - Build fixes. - * bosserver now handles BosConfig.new when restarting, allowing - configuration to be replaced at restart time rather than with bos - delete and bos create. Documentation is updated to reflect this. + Linux: - * The demand attach fileservice not longer potentially hangs trying to - terminate demand-salvages which have already exited. + - Handle kernel changes through 2.6.33. - * The demand attach fileservice has been modified to avoid spurious - 'SYNC_putRes: write failed' warnings when some protocol messages - cannot be acknowledged due to the sender terminating the connection. + - Fix oops in clear_inode due to missed locking. (125589) - * In the event of failure to contact the vlserver or ptserver, the - fileserver will not exit and trigger a forced salvage. It will - continue to try in the background to contact the needed services. + - Better handle /afs mount failures. - * The salvager can now repair certain cases of a damamged vnode index. + - Clean up after failures creating our kernel kmem cache. - * The accessDate metadata for a volume is now updated correctly. + - Work around memory management issues with some kernels when configuring + the buffer cache/bdi (126514) - Microsoft Windows + - Rename compile_et to afs_compile_et to avoid RPM conflicts. - * CRITICAL: Some applications for example those based on Cygwin were - unable to access data stored in the AFS name space. Explorer Shell - also experienced inconsistent behavior. This is fixed. + - Handle whole-file locks properly. (126561) - * CRITICAL: Multiple AFS pioctl requests issued nearly simultaneously - by applications could result in pioctl responses being received by - the wrong requester. This in turn could result in application - crashes. symlink.exe, fs.exe, afslogon.dll, afscreds.exe, and the - netidmgr afscred.dll plugin were all affected. + - Deal with kernel autoconf header renaming. - * Some XP machines running 1.5.62 had trouble saving roaming profile - data. This is fixed. + - Handle SELinux cache backing file labels better to avoid potential oops. + (92944,125544) - * Integrated Logon (afslogon.dll) did not function with domain - specific configurations. + MacOS: - * Ensure that access denied and over quota errors experienced while - storing data to the file server do not result in on-going retry - attempts. + - klog now works correctly on 64 bit machines. - All UNIX client platforms + - launchd now used to launch AFS at boot. - * Except on Solaris and AIX, the compiler may now be overriden at - configure time by setting the CC environment variable. + - Preferences pane included for 10.4 and later. - * afsd now properly deals with large cache partitions. + - Older versions can now be installed from packages. - FreeBSD + - Finder does not trigger bogus AFSDB lookups in /afs in dynroot mode. - * Build shared libafsauthent and libafsrpc. + - Include package with debug kernel module symbols. - Linux + OpenBSD: - * Kernel module DKMS support now installs an unstripped module to - allow debugging information to be collected. + - Build fixes. - MacOS + - Support for x86_64. - * Preferences pane properly updates token information. + Solaris: - MacOS 10.6 + - Handle ZFS caches usefully. (125365) - * klog will now properly handle passwords of 8 or fewer characters - with an AFS string to key on hosts able to run 64 bit binaries. + - Implement additional pathconf support. - * A panic at AFS shutdown due to "NO PCB" on a udp_lock has been - addressed. +OpenAFS 1.4.11 - * The panic decoder script included in the source now properly handles - 32 and 64 bit panics. + Linux client systems: Major bugfixes. + All client systems: Minor bugfixes. + File servers: Major bugfixes. - NetBSD + * New functionality: - * Avoid defining AFS_KERBEROS_ENV globally as it creates a circular - dependency. + All systems: - * Build shared libafsauthent and libafsrpc. + - Provide portable (pioctl) method for discovering what PAG a user is + in. Required to support userspace PAG information collection on AIX + 5.1, and knowing whether Linux uses one group, two group, or only + keyring based PAGs. (124709) - OpenBSD + * Bugfixes: - * Build shared libafsauthent and libafsrpc. + All systems: + - Fix bosserver to invoke salvager with "-force" instead of ambiguous + "-f". (124916) -OpenAFS 1.5.62 (2009-08-28) + - Cleanup for ptserver argument parsing to allow debug mode to work. (124893) - All platforms + - Sanity checking for ptserver log levels. (124894) - * Numerous invisible changes to improve code maintainability, - portability and enhanceability. + - Fix for uninitialized memory dereference in klog.krb5. - Microsoft Windows + - Fix an overflow in the cellconfig code used by client and server. (124891) - * CRITICAL: Fixes two errors that can result in data loss when storing - data to the file server. - 1. Failure to Store Portions of Unaligned Writes - 2. Failure to Store Data to File Servers Lacking Large File Support - Read the announcement for more details: - http://www.openafs.org/pipermail/openafs-announce/2009/000305.html + - Fix an erroneous vos verbose mode format string. - * CRITICAL: The cache manager daemon thread could terminate when the - machine enters suspend mode. This daemon thread performs the - background check of down servers, offline volumes, callback - expirations, etc. + - Avoid losing writes on mmap()ed files when cache is memcache. (124671) - * CRITICAL: Integrated Logon (afslogon.dll) was terminating - unexpectedly. Error checking has been improved and NULL pointer - dereferences after Lsa API calls fail have been eliminated. + - Provide an afsd switch to allow override of the maximum MTU. (124880) - * For the first time, the OpenAFS SMB Server supports the DCE RPC - services SRVSVC and WKSSVC. Browsing \\AFS with the Explorer Shell - or NET VIEW will now be faster and provide additional functionality. - No longer will cell names longer than 12 characters be truncated. + - Provide support for encrypt mode in pts. - * Improvements to DFS Referral request processing have been - implemented. + - Fix race in background sync code which could cause volumes to go offline. + (124359) - * Unnecessary DNS lookups of share names are avoided improving - performance. + - Fix fileserver to avoid a null pointer dereference in client identity + lookup routines. (125020) - All UNIX client platforms + - Improve handling of moves of volumes from 1.5 series fileservers. (18349) - * Non-Kerberos PAM modules work correctly again. + FreeBSD: - MacOS X + - UKERNEL build fix. (124681) - * MacOS 10.6 (Snowleopard) is now supported, both 32 and 64 bit mode. + Linux: - * Updates to the AFSCommander preferences pane. + - Allow syscall probing to be disabled by switch to configure at build time. - * Installer now permits cell names with dashes. + - Fix bug in anti-recursion protection for mmap clients. (124627) + - Avoid a panic caused by changing credentials during VFS operations. (124737) -OpenAFS 1.5.61 (2009-08-06) + - Avoid need for rcu subsystem when unavailable. (124986) - All platforms + - Improve keyring PAG setup code. (125001) - * Correct another race condition in the Rx library that could result - in an unexpected panic while freeing the Rx call iovq. + - Avoid possible ext3 cache truncation issues. (124942) - * rx packet resend and data packets sent counts were incorrect. + MacOS: - * fs setquota, fs setcachesize, vos setfields, and vos create now - accept human readable orders of magnitude. (K, M, G) + - MacOS 10.3 UKERNEL build fix. (124681) - * fs listquota fixed to permit large quota sizes to be displayed. + OpenBSD: - * Correct documentation of bosserver permissions requirements. + - Update support for 4.5 (124719) - * Modify vlserver to avoid potentially corrupting the database through - volume id reuse. + OpenSolaris: - * Generalized support for fast Rx timeout due to network - down/unreachable. + - Updates for newer OpenSolaris kernels. (124116, 124924) - All server platforms +OpenAFS 1.4.10 - * Allow audit logs to be sent via sys5 IPC message queues instead of - logged directly. + All client systems: Security fixes. + File servers: Major bugfixes. + All systems: Minor bugfixes. - Microsoft Windows + * Security fixes: - * If a file server becomes inaccessible while the cache manager has - dirty buffers to write, the afsd_service buf_IncrSync thread can - attempt to use 100% of the cpu. + All client systems: - * Fix "fs newcell" which was broken in 1.5.60. + - Avoid a potential kernel memory overrun if more items than requested are + returned from an InlineBulk or BulkStatus message. (124579) - * Do not attempt to synchronize dirty buffers if the associated volume - is known to be unavailable. + Linux client systems: - * Modify behavior of a Freelance mountpoint target that does not - specify a cell. Instead of assuming the target volume is in the - Freelance.Local cell, use the workstation "Cell" specified in the - registry. A mountpoint target of "#root.cell." will now mean the - root.cell volume in the workstation cell for the current session. - If the workstation cell changes from "athena.mit.edu" to - "andrew.cmu.edu", the referenced volume will also change without - requiring that the mount point targets be altered. + - Avoid converting negative errors into invalid kernel memory pointers. (124580) - * Add cm_FindServerByUuid(). Re-implement RXAFS_InitCallBackState3() - to permit the server Uuid to be used to lookup the server object and - from that determine the cell. This permits callbacks that are - received from alternate addresses to be processed with a known - server object. Previously a request from an unknown server would - clear all callbacks from all cells. + * Bugfixes: - * Fix a bug that prevented optimal performance when using a non-zero - value for 'daemonCheckVolCBInterval'. As a reminder, when - "daemonCheckVolCBInterval" is set to a non-zero value, all .readonly - volume callbacks are automatically renewed 90 minutes before their - expiration. + AIX: - * Fix automatic ranking of vldb servers whose values are obtained from - the CellServDB file. + - Don't build aklog NAS module when krb5 is not available. (124522) - * Add failover for RX CALL TIMEOUT errors when the volume is readonly - or the call is to a vldb server. + FreeBSD: - * Add registry based cell search functionality to NetIdMgr, - afs_config.exe, and klog.exe. + - Additional fixes and support. (124107, 123917) - * afsconf_GetCellInfo() has been modified to perform gethostbyname() - lookups on the host names in the CellServDB instead of using the - specified IP addresses. This provides aklog, pts, vos, etc. the - same CellServDB behavior that the Windows Cache Manager uses. + Linux: - * When updating the stat cache entry callback of a .readonly object - from the volume group object, update the file server reference to - ensure it matches the most update to date callback. + - Support 2.6.28. (123580) - * Add proper support for processing callbacks from multi-homed file - servers. Instead of comparing servers by cm_server_t pointer, - compare them by UUID when the UUID is known. + - Support 2.6.29. (124115) - * During a shutdown short circuit the offline volume check daemon - functionality. + - Attempt to support 2.6.30 (124560) - * Return the error code of RXAFS_FetchData / RXAFS_StoreData in - preference to an error code reported by rx_EndCall. + - Avoid race during truncation. (124094) - * Add "PerFileAccessCheck" registry value to permit testing against - experimental file servers that include per-file acl support. This - value is intentionally undocumented. It is not to be used by - production environment deployments. + - Dynamic vcache allocation support, to deal with inotify vcache pinning. (124334) - * Fix a bug introduced in 1.5.60 that prevents the afs netidmgr - provider from obtaining tokens when referrals are in play. + - Correct use of truncate_inode_pages to vmtruncate for locking issues. (124128) - * Add "fs chown" and "fs chgrp" commands to permit the owner and group - of objects stored in AFS to be set from Windows. + - Update RPM configuration. (123650, 102673, 124272) - * Avoid performing background daemon operations when the machine is - going into suspend mode. + - Update kernel feature detection. (124507, 123604) - * Perform offline volume checks in most recently used order. + - Do appropriate locking for CellServDB in /proc. (124407) - * Prevent crash when a data version for a cache object goes backwards. + MacOS: - * Multi-thread safe library versions are now being generated and used. - mtafsubik.lib, mtafsutil.lib, mtafsvldb.lib, mtafsvol.lib. + - Fix MacOS 10.3 support. - * Microsoft SMB Redirector (mrxsmb.sys) support for - ExtendedSessTimeout values are now available on XP through Windows - 7. Add functionality to autodetect if such support is present on - the machine. If so, configure it if necessary and dynamically - adjust the AFS Rx timeout values accordingly. + - Add candidate Darwin 10 support. - All UNIX client platforms + NetBSD: - * Fix out-of-tree source builds. + - Corrected NetBSD version tests. (123647) - MacOS + OpenBSD: - * GUI installer now asks for local cell information. + - Update support for 4.4 (124541) - * AFS Commander preferences pane is now installed by default. + Solaris: - Solaris + - Support cache filesystems which do not allow open by inode number, enabled by + default on Solaris 9 and later. (123677) - * Avoid kernel panics due to null pointer dereferences in the network - interface poller kernel thread. + - Improve error code return quality. (124426) + - Allow large partitions on Solaris servers. -OpenAFS 1.5.60 (2009-05-31) + All client systems: - All platforms + - Avoid improper error messages about key version when krb5 is in use. (124220) - * Retry volserver transaction creation on failure. + - Avoid attempting to free kernel memory which was already freed. (124531) - * Allow building HTML and PDF documentation from included XML copies - of User Guide, Admin Guide and Quick Start Guide for Unix. + - Properly count offline volumes in vos client. (124333) - * Documentation updates and additional documentation. + All server systems: - * Add -encrypt support to pts client. + - Avoid 64 bit time issues in callback dump files. (124451) - * Convert MR-AFS fs commands to OSD commands. + - Support more than one local Kerberos realm; Usernames are assumed to be the + same across realms. - All server platforms + - Ubik recovery is corrected to avoid spurious errors. (123723) - * Updated background sync process in fileserver to avoid a race which - could result in a volume being taken offline. + - Do proper host address hashing for little endian machines in fileserver. (124447) - Microsoft Windows + - Update backup utility to properly compute header needs in the backup buffer. + (124425) - * On April 9th Microsoft released a Hot Fix for Windows Server 2003 - SP2 that corrects a deadlock in the smb redirector and also adds new - functionality that permits the AFS SMB server to be given a longer - timeout than is normally the case. New functionality has been added - to configure these additional LanmanWorkstation\Parameter values. - (This functionality has been backported to XP SP3 and is scheduled - to be released on June 5th.) + - Avoid blocking during Rx unused connection reaping. - * Fix RT#124787, a race condition between "fs flush ", "fs - flushvolume", or "fs flushall" and on-going directory operations - that can result in afsd_service.exe crashing. + - Avoid leaking file handles in the fileserver when closing a volume. (124359) - * Release Notes, User and Administrator guides are now shipped as - indexed Windows HtmlHelp Files. (.chm). Shortcuts are provided from - the Start Menu. + - Fix bosserver corefile naming to be y2k-safe. (124340) - * A method of specifying Client CellServDB information within the - registry has been added that can be used to either override the - CellServDB file or force the use of DNS lookups for a given cell. - See the release notes for details. + - Avoid potential infinite loop in deleted host handling in the fileserver. - * The pioctl interface now properly handles drive letter substitution - to UNC paths. (SUBST <\\afs\cell\path>) + - Support large volume dumps in vol-dump. (123984) - * The BackConnectionHostNames registry value configuration was broken - when dynamic re-establishment of Netbios Name registrations was - added. This release restores the functionality. + - Build butc XBSA support on 64 bit systems. - * All hidden vos.exe commands are now revealed. + All systems: - * Attempts to store the same dirty file chunk from multiple threads - are now prevented. + - Properly track Rx connection idleness for timeouts. - * The IsPathInAfs test in Explorer Shell Extension and fs.exe now - permits broken symlinks to be treated as being in AFS. + - Additional documentation. (124472) - * vos.exe commands that output 64-bit integer values once again do so. - This was broken in 1.5.59. + - Avoid a race which may result in an in-use Rx packet being freed. (123799) - * Cygwin Import Libraries are provided in the SDK for all OpenAFS - DLLs. This permits building cygwin applications against OpenAFS - libraries. +OpenAFS 1.4.9 - * NSIS installer does a much better job of cleaning up files left over - from previous installs. + All client systems: Security fixes. - * libafsconf.dll moved from Client\Program to Common directory as is - is now used by all modules for CellServDB processing. + * Security fixes: - All UNIX client platforms + All client systems: - * Write back changes on last store for memcache to avoid discarding - changes. + - Avoid a potential kernel memory overrun if more items than requested are + returned from an InlineBulk or BulkStatus message. (124579) - * Abstract disk cache support to allow for path, fh, inode based - caches with no need for messy ifdef structures each time a new type - is added. + Linux client systems: - DragonflyBSD + - Avoid converting negative errors into invalid kernel memory pointers. (124580) - * Support as a userland port. +OpenAFS 1.4.8 - FreeBSD + File servers: Major bugfixes. + All systems: Minor bugfixes. - * Corrected structure definition for userspace cache manager to allow - builds to complete. + * Bugfixes: - Linux + AIX: - * Corrected client locking support. + - AIX 6.1 is now supported. - * Updated patch to stop deadlocking in the kernel during mmap. + - Unpin kernel memory references after free. (99456) - * Avoid oops when setting up groups for PAGs to match keyrings. + FreeBSD: - * Use Linux fh-based cache in cases where possible by default. + - FreeBSD 7 is now supported. - MacOS 10.3: + Linux: - * Corrected structure definition for userspace cache manager to allow - builds to complete. + - Avoid deadlock when writing back pages in an mmap()ed file larger than + the cache. (120491) - OpenBSD + - Update process tree walking for PAG garbage collection to avoid oopses. + (116603) - * Support for OpenBSD 4.5. + - fakestat mode now correctly avoids spurious ENOTDIR errors. - Solaris + - Use kernel build system for all platforms. - * Corrected support for server-side vos split interface. + - Remove openafs directory from proc in correct order. (112910) + - Handle renames across directories correctly in the linux dcache. (74672) -OpenAFS 1.5.59 (2009-04-06) + - Probe syscall table when possible. (105457) - Microsoft Windows + - Mount point parsing is now updated to handle only well-formed mount + points rather than similarly-formed symlinks. (113558, 100836) - * Increased service priority class to "High" to match the priority of - system components that are dependent upon the a timely response. + - ucontext-style LWP is now anbled for glibc versions newer than 2.3. - * SMB error responses avoid returning errors that could confuse the - Microsoft SMB redirector into disconnecting the connection to \\AFS. + MacOS: - All UNIX client platforms (except MacOS X 10.4 and 10.5) + - Update available space shown. (112910) - * OpenAFS 1.5.59 contains fixes for the client issues addressed by the - security advisories OPENAFS-SA-2009-001 and OPENAFS-SA-2009-002. + NetBSD: - Linux platforms + - Work around broken SIGWAIT. (111404) - * Support for prerelease Linux 2.6.30 kernels. + Solaris: + - Solaris 10 now defaults to namei fileservers. -OpenAFS 1.5.58 (2009-03-30) + - NFS translator issues fixed. - All platforms + - Changes to address Solaris updates. (105495) - * Code cleanup and prototyping. + All client systems: - * Avoid unnecessary blocking in Rx periodic cleanup code. + - udebug correctly displays the last "yes" host. - All server platforms + - Allow more vldb lookups to be cached in the client. - * Fileserver CopyOnWrite routine optimized for performance. + - Fix aklog to not be excessively verbose when not requested. - * Make fileserver callback dumps 64 bit safe. + - Add support for timing out accesses which are not completing in a timely + manner. - * Fix byte order issues with fileserver host hashing. + - Properly flag backup volumes being added to the vldb by vos syncvldb. - * Fix buffer size issues with butc. + All server systems: - * Fix several Ubik recovery issues. + - fileserver "large" setting now implies 128 threads instead of 12. - * Avoid leaking file references in the fileserver. + - fileserver check for duplicate uuids is now applied correctly. - * Fix a race in DAFS while closing vnodes, and another offlining - volumes. + - Newer xbsa APIs are supported for TSM integration in butc. - * volserver interfaces for volume splitting client. + - salvager avoids corrupting length of directory objects. (111585, 107767) - Microsoft Windows + - volserver avoids a race during volume release so a volume will not + appear to be offline. (107258) - * [RT 124293] A race condition exists which can result in a crash. + - Add support for returning errors when accesses are not completing + in a timely manner. - * [RT 124276] If the vldb is out of sync with the contents of the file - servers, afsd_service will retry too many times when a file server - reports a volume as not being present. Now if the list reported by - the vldb is the same as the previously seen list, then the retry is - aborted. + - Avoid potential race in the volserver when creating transactions. (121263) - * [RT 124276] Read-only volume failover was broken in 1.5.53 whenever - accessing a volume results in VNOVOL or VMOVED. + - Return sensible error when a release or restore exhausts server + resources. (121040) - * [RT 124276] Prior to 1.3.70 the volume server reference list was not - reference counted and would be prematurely freed while in use. When - reference counting was added in 1.3.70 a bug was introduced that - could result in service reference list corruption. + - volserver now returns EXDEV if a new replica would duplicate one which + already existed elsewhere on the server. - * Add Windows Application Event Log warning messages for "Client SMB - MPX value too large" and "Client SMB Buffer Size too small". + - Disable jumbograms by default. - * Renaming of files across directory boundaries would result in an - invalid handle error when attempting to access the files after the - move. + - volserver updates a volume's updateDate on volume creation. (110943) - * Fix the handling of Tran2 Set Path Info RPCs. Do not fail when a - smb file descriptor cannot be found. The whole point of using a - Path Info function is because an smb file descriptor wasn't - allocated. + - Partitions over 2tb are now supported. (88811) - * More edge cases in which dynamic addition of Freelance root.afs - entries would get the wrong FID or where the root.afs directory - would not be refreshed. + All systems: - * Buffer overflow could occur if the workstation cell name was longer - than 64 characters. Crashes could occur in afscreds.exe, - afslogon.dll, and afsd_service.exe. + - Re-enable Rx client keepalives. (20727) - * VNOSERVICE and VOFFLINE errors were leaking and were exposed to the - smb client. + - Support autoconf 2.62. (118058) - * Log file server uuid values as part of the cm_server object when - available. Dump the cm_server object list in response to "fs - memdump". + - Update Rx to avoid leaking packets. - * Optimize the performance of resetting access control lists when - tokens are set or removed. + - vos supports the -noresolve options to avoid issues with 127.0.0.1 being + named in /etc/hosts. - * Remove symlink recursion tests and increase max symlink count to 64 - from 16. + - Additional documentation. (104110) - * Windows specific Rx performance improvements. +OpenAFS 1.4.7 - * Support for Network Identity Manager 2.0 + File servers: Major bugfixes. + All systems: Minor bugfixes. - All UNIX client platforms + * Bugfixes: - * Avoid issues with freeing resources at shutdown. + AIX: - * Numerous fixes to disconnected AFS. + - Kerberos as included in AIX has missing symbols. AFS krb5 tools now + deal correctly. - * Disconnected AFS fixes for replaying changes without double-freeing. + - AIX LAM aklog plugin can now be used CDE screenlocker. - * Attempt to use krb524 principal conversion in aklog if available. + - Add support for getting the current PAG in pagsh and PAM. - AIX + - Avoid sending a terminal hangup to STREAMS in aklog. - * Kerberos configuration at build time corrected. + - Fix afsdb support in the client. - Linux + Linux: - * Default to dynamic allocation of AFS kernel cache entries to allow - growth for inotify()-pinned entries. (beagle, famd, etc) + - Kernels through 2.6.25 are now supported. (77370,88000,83716,83890,80463) - * Change client truncation routines to avoid locking issues. + - Client now only hashes dirty inodes. (78544) - * IA64 port clients fixed on Linux 2.6. + - Fix to avoid returning invalid mount point data when -fakestat-all is in use. + (93898) - * RPMs now install fstrace message catalog. + - RPM build system updates. (93616) - * Support through kernel 2.6.29 tested. + - Restored write-on-close-or-fsync semantics when possible. (17509) - * Fix locking issues on CellServDB file in /proc. + - Enabled support for flock() on files in AFS. (53457) - OpenBSD + - ARM Linux now supported. - * Support OpenBSD 4.4 + - Kernel keyring support updated. + - Fix client-displayed timestamp ordering by zeroing nanosecond field. -OpenAFS 1.5.57 (2009-01-23) + MacOS: - All platforms + - Boot time init script now uses afs.conf to store config options. (81825) - * Conditional compilation of rxdebug support is now possible. + - Avoid kernel panic due to excessive lock tracking when removing files. - * Documentation updates. + - Avoid leaking kernel memory when trying to read() a directory. - * Further race connditions in Rx have been corrected. + Solaris: - All server platforms + - Avoid potential kernel panic if the root vnode of AFS changes. - * Salvager no longer attempts to recreate headers in the wrong - partition. + - Avoid potential kernel panic when shutting down if contracts are in use. - * Volumes are properly marked in use on creation and subsequently on - examination with vos. + - Avoid potential delays when creating new PAGs if the system clock + has gone backwards. - Microsoft Windows + All client systems: - * Undo the "UAC manifest fix" applied to afs_config.exe. + - At client shutdown, try harder to clean up in-use resources. (74479) - * Ensure that Freelance allocation of vnodes follow the AFS convention - of odd vnodes are directories and everything else is an even vnode. + - When fakestat is in use, enable optimization for Gnome Nautilus lookups. - * Add Freelance logic to mount point and symlink evaluation functions. + - Properly hold lock when updating disk cache metadata to avoid + kernel panic. (59136) - * Enhance smb_ParseASCIIBlock() so that it can handle all of the - STRING formats defined by the CIFS Technical Report 1.0. + - Avoid wrapping to the start of a file when attempting to write a large file + to a pre-largefile fileserver. (73720) - * Validate the output of smb_ParseASCIIBlock() in all callers. Return - CM_ERROR_BADSMB if the STRING field cannot be parsed. - CM_ERROR_BADSMB will cause the contents of the packet to be logged. + All server systems: - * If multiple SMB Raw Write operations were taking place at the same - time, there could be data corruption because unique event objects - were not generated for each Netbios receive operation. + - Fixed to avoid truncating ubik databases during recovery. (77183) - All UNIX client platforms + - fileserver issue with internal file cache filling has been fixed. (87977) - * Userspace AFS library can now deal with large files when supported - by the platform. + - fileserver thread quota enforcement now done in all cases. (87416) - * Numerous updates to disconnected AFS support, including changes to - allow reconnection to work in more circumstances. + - fileserver avoids potential network-related deadlock when breaking + callbacks. - FreeBSD + - fileserver avoids crash due to race of resource creation and user requests + at startup. - * FreeBSD unstrategy code has been updated. + - fileserver avoids crash when reinitializing Ubik connections. - Linux + - volserver fixed to avoid leaving orphaned files during restore. (46937) - * A race during file truncation has been corrected. + - volserver now supports convertROtoRW for inode fileservers. - * System call probing routines have been updated. + - Support disabling kerberos 4 style username protection in servers. (75101) - * 2.6.29 is now supported. + All systems: - MacOS + - Fix to butc to avoid crash due to threaded library variant. - * 10.3 support has been corrected. + - Fix to avoid network retransmission issues if the system clock goes + backwards. - OpenBSD + - vos syncvldb and syncserver now support a dryrun (do nothing) mode. - * Initial OpenBSD 4.4 support. + - vos addsite now supports adding a site where a replica is already + available. - Solaris + - vos clone now supports creating properly-named readonly and backup clones. - * Updates to allow compiling on newer OpenSolaris are now included. + - vos restore now allows an older copy of a volume at an alternate site to + not be removed. + - cmdebug now supports dumping a client's CellServDB. -OpenAFS 1.5.56 (2008-12-30) + - cmdebug now supports showing human-readable expiration times. - All platforms + - aklog now handles Kerberos referrals. - * libuafs (userspace cache manager) updated to correct several errors. + - Additional documentation now included. (89288,89289,86677) - * Additional rx debugging support is available as a conditional - compile. +OpenAFS 1.4.6 - * A race condition in Rx leading to a panic has been corrected. + All systems: Major bugfixes. - * Rx idle time tracking has been corrected. + * Bugfixes: - * ubik clone server support has been corrected. + All systems: - All server platforms + - fileserver host tracking code had a missing lock on a host structure; + that lock has been added. - * Salvager no longer leaves cores in vice partitions. + - fileserver handling for clients which are giving up callbacks did not + hold a lock, making it unsafe and allowing clients to potentially + crash the server by racing. - * The vol-dump tool now supports dumps larger than 2gb where possible. + - fileserver will now leave a corefile when it is doing a shutdown due + to error conditions. - * Operations on multiple files now report all FIDs in the audit log. + - fileserver again allows ufs as a valid filesystem type (regression in 1.4.5). - * butc XBSA support now works correctly on amd64. + - cbd handler for fileserver status data has an interpretation error which + could cause crashes corrected. - Microsoft Windows + - fileserver accurately tracks number of callbacks on a given file. - * The NetIDMgr AFS Provider automated configuration logic was broken - by the introduction of Kerberos referrals. If the realm of the - identity cannot be determined, the workstation cell is now assumed - to belong to the newly created identity. +OpenAFS 1.4.5 - * Avoid a reference count under flow during rename operations. + All systems: Minor bugfixes. + New systems: MacOS 10.5. + + All systems: - * Avoid a crash caused by treating an arbitrary length directory - search mask as an 8.3 mask. + - fileserver address tracking is improved to avoid potentially merging + unrelated hosts. - * Prevent rename operations if a case insensitive match for the target - name already exists and does not refer to the object being renamed. + - Documentation updates. - * Increase the maximum number of background daemons to 64. + - namei fileserver now does fsync()s in background batches for performance + improvements. - * Fix the UAC manifest applied to afs_config.exe + - Kerberos ticket support corrected in bundled Kerberos 4 utilities on 64 + bit platforms. - All UNIX client platforms + - fileserver includes limited per-host thread quota support to avoid + resource starvation. - * Updates to disconnected AFS support. + - fileserver deals with more damaged volumes without asserting. - FreeBSD + - vos validates dumpfiles before attempting restores. - * FreeBSD 7.1 is now supported. + - vos clone will no longer potentially delete the parent volume. - * amd64 FreeBSD is now supported. + - Client no longer permits empty UUID to be created. - Linux + - fs uuid command for checking, regenerating UUID added. - * Generic fh (exportfs API) cache type is now available. + - Updates for gcc 4.2. - * Avoid some oopses due to backing_dev_info inode fields not being - filled. + - fileserver treats w (write) permission as granting read lock permission + in addition to write. - * 2.6.28 is now supported. + AIX: - MacOS + - Bundled NAS Kerberos is now supported. (5.x) - * 10.3 support has been corrected. + - LAM aklog module is provided. (5.x) - Solaris + - Associate cache files with correct filesystem to avoid snapshots when + performing maintenance on local filesystems. - * Large partition support has been corrected. + Irix: - * Filesystem-agnostic cache is now available on Solaris 10 and 11. + - Makefile updates. + Linux: -OpenAFS 1.5.55 (2009-11-10) + - Kernels throigh 2.6.23 are known to work. - All platforms + - Updates to syscall table probing. - * Salvager avoids leaving core files in vice partitions. + - Bug fix in keyring PAG support to avoid oops. - * NFS translator fixes. + - updated sample RPM configuration. - * Unresponsive server handling fixes. + - sparc32 lwp support updated. - * A volserver race which could result in duplicate transactions is - fixed. + - Avoid potential oops in symlink support in certain older kernels. - Microsoft Windows + - Avoid potential deadlock during vmalloc. - * Fixes a panic caused by corruption of the SMB virtual circuit list. - (race condition) + - Corrected locking while interacting with kernel task list. - * Fixes a panic caused by receipt of a UTF-16 string that cannot be - converted to UTF-8. + MacOS: - * Implements a more aggressive recovery algorithm for Netbios errors - that result in loss of communication to the AFS SMB server. + - Several panics fixed, including remove_fsref. (10.4 and later) - * Improve pioctl response time when testing whether or not a PATH is - in AFS. + - IP address changes now tracked. - * Adds support for linked cells. + - Corrected support for dropboxes (li access without r) with cp and Finder. - * Increases the length of the cell and realm names that can be input - into the Network Identity Manage AFS provider configuration dialog. + - fstrace and ancillary files now included. - All UNIX client platforms + - man pages are now installed in the default MANPATH. - * Disconnected AFS avoids infinite recursion during rmdir. + - Servers will be timed out quickly if there is no route available. - Linux + - Temporary files from remove-while-busy now cleaned up correctly. - * Support for 2.6.28 (not complete for NFS translator modules). + Solaris: - * Support for using exportfs API for filesystem-agnostic cache. + - Updates to accomodate kernel interface changes. (10u4 and later) - * Disable backing store readahead. + - knfs and NFS translator support updated. - * Avoid deadlocks when writing back mmapped files larger than the - cache. + - Changes to accomodate version 5.4 xbsa library. - * Avoid Oops when doing PAG garbage collection. + - Updates for new SunStudio defaults. +OpenAFS 1.4.2 -OpenAFS 1.5.54 (2008-10-08) + All systems: Major bugfixes. - All platforms + * Bugfixes: - * Updates for new Tivoli X/Open API finding. + All systems: - * A double-free is corrected in Rx. + * A bug in the namei volserver which could erroneously make a replicated or + moved volume go offline has been fixed. - All server platforms + * Volume package users (fileserver, volserver, salvager) avoid using lockf to + avoid leaking byte range locks on volume internal files. - * Ubik cleans up file descriptor cache correctly when doing recovery. + MacOS 10.4: - * Enhanced vldb error checker included. + * A bug where the client kernel module could free stack memory (which caused + issues with 64 bit Intel most commonly) has been fixed. - Microsoft Windows + Linux: - * Prevent a crash that could occur when multiple file / directory - change notifications are processed simultaneously. + * A missing kernel feature test has been fixed. - MacOS + * group based PAG support is still enabled when possible. - * AFS claims more free space so Finder will attempt file copies. + * ia32 syscall table support for amd64 has build fixes for modern kernels. - Linux + Solaris: - * Avoid spurious ENOENT when calling gwtcwd() on a volume root. + * fopen() is not safe for use with more than 255 file descriptors open; + Emulate it in the afsconf package so afsconf can be used in the fileserver. - * Avoid spurious ENOTDIR during fakestat. + Windows: + * DNS registration is disabled for the loopback adapter, and we make sure + Netbios is turned on. -OpenAFS 1.5.53 (2008-09-26) + Since 1.4.1: - All platforms + All platforms: + * Remove use of ubik_Call in the source code so prototypes are used. - * rx avoids many packet leaks. + * Avoid synchrony in call from the fileserver to the ptserver. - * rx jumbogram disabling now works (and is the default). + * Fix a bug in the backup suite when restoring. - All server platforms + * fileserver and volserver now log for error conditions which may cause + exiting. - * Demand Attach fileserver tries to avoid issues tracking offline - status of volumes. + * rx avoids a stack overrun when more packets are needed. - Microsoft Windows + * volserver avoids holding a lock too long when purging volumes. - * Many potential deadlock conditions due to out of order lock - acquisitions have been corrected. + * volserver lock initialization fixes - * A race condition resulting in an undercount on the cm_scache_t - reference counts has been corrected. + * volserver volume nuke fixes to avoid leaving files behind - * An empty string when sent as an ioctl path is now properly - interpreted as meaning the current directory. This affects "fs - lsm", "symlink list", etc. + * fileserver avoids error when authenticating ptserver requests - * Fix smb string parsing differences where the smb protocol - documentation does not match the actual Windows implementation. + * fileserver no longer crashes when GetCPS fails - * Random access denied errors fixed. + * salvager enhancements to deal better with corrupt volumes for namei - * A file server lock synchronization issue was corrected in SMB - NTCreateX and NTTranCreate operations. This bug prevented properly - operation when loading roaming profiles. + Unix: - * Fix a heap overwrite error during server probe operations if a new - server is added while a probe operation is in progress. + * aklog deals with KDCs which give "generic" replies to principals not + existing. - * Fix an LSA memory leak that was the result of an LSA error. + * Fix bug in cache parameter autotuning - * Do not leak cm_cell_t objects if the VLDB server lookup fails. + RedHat: - * Only initialize rx mutex/lock objects once. + * packaging fixes - * Do not nul terminate the AFS volume name when reported to Windows. + Linux: - * Improve VNOVOL error handling. Prevent updated vl information from - being destroyed immediately after it was acquired. This bug - prevented proper fail over when volumes are moved or removed from a - server. + * amd64 pthread library family updates. - * Remove volume id from the server volume list in response to VMOVED - and VNOVOL errors. + * autoconf fixes for kernel feature testing - * "fs flushXXX" commands now destroy locally built B+ directory trees. + * keyring PAG support now only enabled if needed features are present + and other updates - * Prevent mixture of locally modified directory pages and file server - directory pages. + * inline a version of BUG() so we get better oopses - * Fail over to alternate vl servers if a ubik error is returned. + AIX: - All UNIX client platforms + * tsm is updated to work with the new AIX 5 interface. - * Disconnected AFS now supports read-write mode. + MacOS: - * volserver now builds correctly. + * Cross compile fixes - AIX + * Packaging improvements - * AIX 6 is now supported. + * Large file support fixed (Thanks to Chaskiel Grundman) - FreeBSD + * Fixes for Leopard seed. - * FreeBSD 7 is now supported. + * Installer image updates - Linux + Windows: - * cache bypass is now supported. + * Removes race conditions and a deadlock introduced in 1.4.1 - * 2.6.x kmod compilation now uses kernel compile options always. + * Fixes ANSI filename option. - * Support through 2.6.27. + * Establishes new connections to file servers when + IP address configuration changes are detected. - MacOS + * Improved CIFS compatibility - * Show more space free so Finder doesn't get confused. + * Cache Manager optimizations - Solaris 10 + * Fixes vlserver failover when mounting 'root.afs' + (Freelance mode disabled) - * Default to namei rather than inode. + * Installs help files in the correct location for use by afscreds.exe + and afs control panel. + * Improve reporting of "over quota" and "disk full" errors. -OpenAFS 1.5.52 (2008-08-18) + * Prevent crash when evaluating mount points to volumes that do + not exist - All platforms + * Removes auto-registration of AFS ID in foreign ptservers from + Integrated Logon DLL. This prevents crashes if the DLL is loaded + and unloaded prior to termination of the process. - * Initialize volume updateDate at volume creation. + * SDK moved to \Program Files\OpenAFS\SDK - * Avoid potential corruption of directories during salvage. + * NSIS and WiX Installer Frameworks update to the latest versions - * Check for out of memory condition during allocation of additional Rx - packets. + * Improvements to the Kerberos Logon Integration - Microsoft Windows + * Prevents exception in Integrated Logon DLL during SysPrep - * Restore support for Windows 2000 (broken in 1.5.50). + * Prevents displays of MessageBox dialogs in response to Network Adapter + errors - * Perform additional validation on volume names in mount points during - creation and evaluation. + * Hard Dead and Connection Timeout values restricted to the CIFS Session + Timeout value. - * Fix several deadlocks, races, and reference count issues. + * Correct writing of BackConnectionsHostNames registry value. - * Further optimize SMB Directory Search processing and minimize the - number of InlineBulkStatus RPCs sent to the file server. + * Properly recycles Volume entries - * Enable "bos restricted" operations. + * The AFS Explorer Shell Extension always finds its resource library. - * Fix the create of submounts used by the AFSCreds and afs_config - drive mapping tabs. + * The export list for AFSAUTHENT.DLL has been corrected. (The AFS + plugin for NetIDMgr will no longer use 100% of CPU.) - * Fix a short name truncation bug. (1.5.50) + * Renaming files on Microsoft Vista Build 5536 works. - * Fix the error code reported when attempting to delete a file on a - readonly volume or one that is marked with the readonly DOS - attribute. + * Better handling of "." directory in fs commands - * Fix a heap corruption error when reading the CellServDB file - location. + * Add OpenAFS License text to installers - * Add the "RxUdpBufSize" registry value. The new default is 256KB. + * fs setquota and fs mkmount commands behave the same as the UNIX + version - * Do not include trailing NULs in the directory search output. - (1.5.50) +OpenAFS 1.4.2 - * Pre-allocate 64 Rx Packet buffers per thread in order to improve - performance. + All systems: Major bugfixes. - * For debugging: add smb lock requests and stat cache lock allocations - to the output from "fs memdump". + * Bugfixes: - NetBSD + All systems: - * Workaround broken sigwait() to allow fileserver to shut down - correctly pre NetBSD 5.0. + - Volume dump parsing code in the volserver has better error checking. - Solaris 10 + - salvager has improved damaged volume handling on namei fileservers. - * Default to namei fileserver; Allow inode fileserver at configure - time by override. + - fileserver has size validity checks for when large file support is disabled. - NFS translator + - fileserver avoids potentially multiply adding a host to its hash table. - * Try harder to avoid kernel panics for malformed requests. + - rxkad client private data storage is allocated dynamically on ticket size. + - Handle universal error code translation for file locking. -OpenAFS 1.5.51 (2008-07-29) + - fileserver needs to swap callback connections on a client IP change. - All platforms + - fileserver host package revised to reduce lock contention. - * salvager tries harder to arrange for clients to get VBUSY while - salvaging single volumes. + - Rx has been fixed to count hard acks, thus opening the congestion window. - * salvager avoids certain corruption when salvaging directories. + - All servers support bound Rx sockets (on one interface). - * Rx connection clones disabled. + - namei fileserver no longer use lockf() to avoid range locking issues. - Microsoft Windows + - most binaries now support the -version switch. - * The 32-bit EXE 1.5.50 installer failed to properly install the C - Runtime library. When used as an upgrade OpenAFS would continue to - work but when used as a new installation, OpenAFS binaries would - fail to load. + - backup suite fixes for 64 bit platforms. - * Fixes the "fs" and "symlink" commands to properly parse Unicode path - prefixes during the pioctl remote procedure call. This bug would - result in file not found errors for files and directories that - clearly exist. (Bug introduced in 1.5.50) + - volserver avoids holding holds during volume purges. - * Large File support is disabled. (Bug introduced in 1.5.50) + - volserver avoids losing files on namei during vos zap. - * Removes the possibility of a deadlock during volume location update - operation if all of the reported file servers are unreachable at the - time of the update. + AIX: - * Ensures that reference counts are properly incremented/decremented - on Rx connection objects used for volume location RPCs. + - fileserver now properly supports large files. - * Over Quota errors during cm_FSync() calls would lead to an infinite - loop as the error was never propagated to the caller. + - TSM updates for AIX 5 - All UNIX client platforms + - Kernel module avoids leaking Rx packets. - * Bugfixes to disconnected AFS support in the cache manager. + - Avoid use of global ubik client structure in fileserver. + - Update ubik call client interface to allow for prototyping. -OpenAFS 1.5.50 (2008-07-16) + - audit logging fixes when stdarg does not provide integral va_list type. - All platforms + MacOS 10.4: - * volserver puts recloned volumes back online before returning the - volume to the fileserver, avoiding spurious VNOVOL errors. + - A bug where the client kernel module could free stack memory (which + caused issues with 64 bit Intel most commonly) has been fixed. - * Updated TSM X/Open API support available. + - Packaging fixes and updates. - * Demand Attach fileserver will not crash due to accesses during - volume cloning. + - Uninstaller added. - * Substantial documentation updates. + - Fix large file support. - * Demand Attach fileserver state tracking and analyzer tool - improvements. + Linux: - * UAFS userspace cachemanager updates. + - autoconf kernel feature testing has been restructured. - * Corrected support for anti-meltdown protection in the client. + - PAG garbage collection is enabled by default. - Microsoft Windows + - Kerberos updates for RHEL3. - * UNICODE Character Set Support. + - Fix POSIX lock enrollment for older Linux kernels. - * Pioctl interfaces to the cache manager have been refactored to - provide layering between the SMB specific code and the general - purpose ioctl operation. + - Updates for new 2.6 kernels. - * Garbage collect dead SMB virtual circuits as soon as they are no - longer being referenced. This avoids problems with outstanding - locks not being dropped when the virtual circuit becomes invalid. + - Avoid deadlocks in put_inode handler. - * Remove the IBM Administration Reference documentation and replace it - with the OpenAFS Command Reference Manual. + - Keyring-based PAG support. - * Avoid calling rx_SetDeadTime and rx_SetHardDeadTime functions each - time a connection is about to be used. Do not hold a lock on the rx - connection object while it is being selected. This avoids a race - between threads attempting to set the timeout values and removes a - bottleneck that was hampering performance. + - Fixes to avoid getting better oops info in the kernel. - * Ensure that the smb directory attribute is set for all directory - objects. + Solaris: - * Replace the VC Runtime EXE installer with the MSI installer in the - NSIS installer scripts. + - Remove some kernel symbol bindings for symbols we don't use. - Solaris + - Cleanup for loopback mount of AFS on Solaris 10. - * Support for updates to OpenSolaris. + - Avoid issues with stdio not supporting file descriptors above 255 on + Solaris 8 and lower in the fileserver. - Linux +OpenAFS 1.4.1 - * Correct dentry revalidation for cross-directory renames. + All systems: Major bugfixes. + New systems: MacOS 10.4 (PowerPC and Intel) - * Updated rpm packaging materials for 1.5 release series and 2.4 - kernels. + * Bugfixes: - * Corrected syscall table probing. + All systems: - * NFS translator updates for current kernels. + - Several race conditions in the host tracking and handling in the fileserver + which could cause inconsistent behavior and crashes have been fixed. + - A fileserver bug where a reference to a volume could be leaked and later + cause a deadlock as a result of a bulk status call -OpenAFS 1.5.39 (2008-06-24) + - Reference counting of fileserver objects in unsigned 32 bit integers + instead of signed 16 bit integers. - All platforms + - Avoid type mismatches when handling time values (betweemn 32 bit and 64 bit + variables). - * Updates for Demand Attach fileserver. + - Fix a memory leak during multilevel packet queue handling. - Microsoft Windows + - Audit log output had been updated to include FIDs for newly created files. - * Fix two memory leaks. + HP-UX 11i: - * Fix one missing lock. + - 64 bit (large file) inodes are supported. - * Handle access denied errors when writing dirty buffers. + - Salvager will now handle large (>4gb) partitions. - * Fix two errors that would cause the *experimental* AFS Servers - to crash. + * New features: + All systems: -OpenAFS 1.5.38 (2008-05-24) + - asetkey is now included to ease Kerberos 5 integration for server + administrators. - All platforms + - A new fileserver statistics collection including callback statistics was + added. - * Add read-only disconnected support. + - man pages are now generated. + Microsoft Windows: -OpenAFS 1.5.37 (2008-05-21) + - Fixes error message problems experienced by fs.exe and the AFS Explorer + Shell Extensions related to the use of Universal Error Codes by the + AFS File Server - All platforms + - Adds full SMB/CIFS support for byte range locking. In this implementation + all locks are allocated locally and the AFS lock privilege is ignored. + While this will not prevent two processes on different machines from + simultaneously writing to the same file, it will prevent two processes + on the same machine from doing so. - * Includes a number of optimizations for testing. + - The UP server check period has been reduced to once every ten minutes to + match the period used by the UNIX clients. The shorter period will + assist clients maintain RX connections through NATs. + - Fixes the DOWN server check logic to ensure that any server that responds + to a check is marked UP unless it is in the process of restarting. -OpenAFS 1.5.36 (2008-05-09) + - Add logic to better handle objects that no longer exist on the file server. + (VNOVNODE errors.) - All platforms + - Prevent the removal of existing drive mappings by "afscreds.exe -M" - * Rx optimizations now attempt to deal with high latency WANs. + - Fixes the procmgmt library so that it doesn't cause applications that + unload it to crash. - * Client will not wait infinitely for a server which is not providing - data. Additional servers will be polled without marking the server - which is not providing data down. + - Improves the warnings written to the afsd_init.log file when the + Windows RPC Protocol drivers are improperly configured. - * vos move will not erroneously unlock locked vldb entries on failure. + - Fixes "fs setserverprefs -vlserver". Multiple calls with the same + server parameter could result in a crash of afsd_service.exe. - All server platforms + - The SMB/CIFS layer was audited for reference miscounts and memory leaks. + All SMB objects are now properly counted, locked, and released when + their work is done. - * Fileserver avoids a potential infinite loop when a client - relinquishes an address. + - Prevent file truncation of the user does not have the appropriate access. - * Fileserver large setting now configures more threads. + - Token management was re-written to allow user tokens to be preserved + during integrated login and freed after logoff is complete. - * Fileserver properly registers uuids of new clients. + - Added a mechanism by which abandoned SMB virtual circuits can be + detected and the associated resources cleaned up. - * Ubik servers do not improperly hide updates from clients. + - Prevent the allocation of SMB file handles with a value of 0 or 0xFFFF + which would be considered invalid by Windows applications. - * Fileservers reserve enough file descriptors such that each thread - can cache one to avoid spurious errors. + - Fixed the processing of cell names to ensure that they are always + treated as case insensitive strings. - Microsoft Windows + - Fixed the network provider code to avoid querying the profile location + if integrated login is disabled. - * Fix a cm_buf_t reference count leak when attempts to write dirty - buffers to the file server from within cm_IncrSyncer() fail. + - If a mount point string is empty, return Path Not Found to the application. - * Prevent udebug from crashing. + - Windows returns WSAECONNRESET when an ICMP packet is received in response + to a transmitted UDP packet that cannot be delivered. Do not mark the + connection as bad but instead retry the request. - * Another VNOVNODE issue fixed. When writing a dirty buffer to the - file server, if VNOVNODE is received, mark all buffers as invalid - without further attempts to contact the file server. + - Fix the data written to the registry as part of the BackConnectionHostnames + values. + - Fixed the rx-lwp implementation to always generate unique rx call + identitiers. -=======> Changes back to 1.3 have not yet been incorporated here <======= + - The default "fs minidump" type now includes data segments. OpenAFS 1.3