[openafs.git] / NEWS

                       User-Visible OpenAFS Changes
OpenAFS 1.6.20 (Security Release)

  All platforms

    * Fix for OPENAFS-SA-2016-003: file and directory names leak due to
      reuse of directory objects without zeroing the contents
      (12461 12462 12463 12464 12465)

OpenAFS 1.6.19

  All platforms

    * Documentation improvements (12304)
    * Fixes for test failures (12396 12415)

  All DB server platforms

    * Avoid potentially writing to an out of date volume location or protection
      database, or losing a database write, which could happen in rare cases
      under special conditions during database leader election
      (12339 12389)

  Solaris clients

    * Allow the fsinfo::: DTrace provider to work with AFS files (12371)

  Linux clients

    * Don't commit more data to a file than was actually copied during writes,
      which could happen on architectures with a page size > 4 KiB (12413)
    * Fixed build on PPC64 with GCC 6.1 (12388) (RT #133407)
    * Fixed build on x86_64 with recent GCC (12365 12366)


OpenAFS 1.6.18.3

  Linux clients

    * Support for mainline kernel 4.7 and distribution kernels with
      backports from it (12348)

  Solaris clients

    * Fixed memory mapped I/O on files >= 4 GiB (12349 12350)

      Note that there is a suspicion that this might break the client
      on very old Solaris releases (2.6). If it does, the breakage should
      occur at build time.

  OS X

    * Added tooling to build a package for OS X 10.10 "Yosemite" and
      10.11 "El Capitan" (12335 12351)


OpenAFS 1.6.18.2

  Linux clients

    * Support for mainline kernel 4.6 and distribution kernels with
      backports from it (12332)

    * Switch back to the pre-1.6.18 algorithm for freeing unused vcaches.
      While the new algorithm is still believed to be correct, it turned
      out that at least on some kernels, including 4.5 and 4.6, the dentry
      for the current working directory may be erroneously invalidated.
      This could lead to errors like "Unable to read current working directory"
      when a directory wasn't accessed for a few minutes. (12323)

    * Use a secure URL to retrieve the CellServDB in the script to create
      the Red Hat source package (12330)

  FreeBSD

    * Added sysname IDs for 10.2 and 10.3 to fix the build on those platforms
      (12322)


OpenAFS 1.6.18.1

  Linux clients

    * Support for mainline kernel 4.5 and distribution kernels with
      backports from it (12300..12302)


OpenAFS 1.6.18

  All platforms

    * Documentation improvements (12224 11675 11613 12197)

    * Improved diagnostics and error messages (12129 12207 12185 12211 12113
      12215 12216)

    * Check that CellServDB entries are valid IPv4 addresses, to avoid
      occasional hangs or potentially other erratic behaviour due to invalid
      entries (12210) (RT #131794)

  All client platforms

    * Gracefully handle cases where a client shutdown sequence is initiated
      while the client is already shutting down, rather than cause a panic
      (12179)

    * Fixed several bugs that could cause erratic behaviour when the write
      offset into a file was more than 2 GiB beyond the file's current end
      on the server (12213 12214)

  All server platforms

    * Avoid a possible volserver crash during volume dump or restore due
      to invalid ACL entries (12127)

    * Allow recovering from a DAFS fileserver operation which allocates a
      new vnode but fails to update the vnode index, rather than crashing the
      server (12209)

    * Fixed a longstanding bug which could damage the volume location database
      when "vos changeaddr" was run with "-oldaddr" and "-newaddr" and the
      old address was present in a multi-homed entry (12089)

  FreeBSD

    * Added support for releases 10.2 and 10.3 (12232)

  Linux clients

    * Support for mainline kernel 4.4 and distribution kernels with
      backports from it, alas at a performance penalty (12226 12227 12228)
      (RT #132677 #132819)

    * Avoid using excessive amounts of kernel memory for dynamically
      allocated vcaches, by improving the algorithm to free unused ones
      (12256 12257)

    * In Red Hat packaging, make the init script use "ip" if available, with
      "ifconfig" as a fallback (12193)

  OS X

    * Basic support for release 10.11 "El Capitan" (12212)

  IRIX clients

    * Fixed kernel module builds with optimization (12198) (RT #131261)


OpenAFS 1.6.17 (Security Release)

  All server platforms

    * Fix for OPENAFS-SA-2016-001: foreign users can create groups as
      if they were an administrator (RT #132822) (CVE-2016-2860)

  All client platforms

    * Fix for OPENAFS-SA-2016-002: information leakage from sending
      uninitialized memory over the network.  Multiple call sites
      were vulnerable, with potential for leaking both kernel and
      userland stack data (RT #132847)

    * Update to the GCO CellServDB update from 01 January 2016 (12188)

  Linux clients

    * Fix a crash when the root volume is not found and dynroot is not
      in use, a regression introduced in 1.6.14.1 (12166)

    * Avoid introducing a dependency on the kernel-devel package corresponding
      to the currently running system while building the srpm (12195)

    * Create systemd unit files with mode 0644 instead of 0755
      (12196) (RT #132662)

OpenAFS 1.6.16

  All platforms

    * Documentation improvements (11932 12096 12100 12112 12120)

    * Improved diagnostics and error messages (11586 11587)

    * Distribute the contributor code of conduct with the stable release (12056)

  All server platforms

    * Create PID files in the right location when bosserver is started with
      the "-pidfiles" argument and transarc paths are not being used (12086)

    * Several fixes regarding volume dump creation and restore (11433 11553
      11825 11826 12082)

    * Avoid a reported bosserver crash, and potentially others, by replacing
      fixed size buffers with dynamically allocated ones in some user handling
      functions (11436) (RT #130719)

    * Obey the "-toname" parameter in "vos clone" operations (11434)

    * Avoid writing a loopback address into the server CellServDB - search
      for a non-loopback one, and fail if none is found (12083 12105)

    * Rebuild the vldb free list with "vldb_check -fix" (12084)

    * Fixed and improved the "check_sysid" utility (12090)

    * Fixed and improved the "prdb_check" utility (12101..04)

  All client platforms

    * Avoid a potential denial of service issue, by fixing a bug in pioctl
      logic that allowed a local user to overrun a kernel buffer with a single
      NUL byte (commit 2ef86372) (RT #132256) (CVE-2015-8312)

    * Refuse to change multi-homed server entries with "vos changeaddr",
      unless "-force" is given, to avoid corruption of those entries (12087)

    * Provide a new vos subcommand "remaddrs" for removing server entries, to
      replace the slightly confusing "vos changeaddr -remove" (12092 12094)

    * Make "fs flushall" actually invalidate all cached data (11894)

    * Prevent spurious call aborts due to erroneous idle timeouts (11594)

    * Provide a "--disable-gtx" configure switch to avoid building and
      installing libgtx and its header files as well as the depending
      "scout" and "afsmonitor" applications (12095)

    * Fixed building the gtx applications against newer ncurses (12125)

    * Allow pioctls to work in environments where the syscall emulation
      pseudo file is created in a read-only pseudo filesystem, like in
      containers under recent versions of docker (12124)

  Linux clients

    * In Red Hat packaging, avoid following a symbolic link when writing
      the client CellServDB, which could overwrite the server CellServDB,
      by removing an existing symlink before writing the file (12081)

    * In Red Hat packaging, avoid a conflict of openafs-debuginfo with
      krb5-debuginfo by excluding our kpasswd executable from debuginfo
      processing (12128) (RT #131771)

OpenAFS 1.6.15 (Security Release)

  All client and server platforms

    * Fix for OPENAFS-SA-2015-007 "Tattletale"

      When constructing an Rx acknowledgment (ACK) packet, Andrew-derived
      Rx implementations do not initialize three octets of data that are
      padding in the C language structure and were inadvertently included
      in the wire protocol (CVE-2015-7762).  Additionally, OpenAFS Rx in
      versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0
      through 1.7.32 include a variable-length padding at the end of the
      ACK packet, in an attempt to detect the path MTU, but only four octets
      of the additional padding are initialized (CVE-2015-7763).

OpenAFS 1.6.14.1

  Linux clients

    * Support kernels up to 4.2

      Due to changes to internal data structures with this kernel release,
      the OpenAFS client can no longer reset the link count during path
      lookups. Since volume root directories must behave like symlinks
      instead of normal directories in order to satisfy Linux kernel
      invariants, looking up paths containing more than 40 mount points
      will fail with ELOOP on such kernels.

OpenAFS 1.6.14

  All server platforms

    * Prior to the OpenAFS security release 1.6.13, the Volume Location
      Server (vlserver) RPC VL_ListAttributesN2() supported wildcard volume
      name lookups via regular expression (regex) pattern matching. This
      support was completely disabled in 1.6.13 because it was judged to be
      a security risk due to buffer overruns in the implementation, as well
      as the possibility of denial of service attacks where certain regular
      expressions could cause excessive CPU usage in some regex
      implementations.

      Unfortunately, after 1.6.13 was released, it was discovered that
      the native OpenAFS 'backup' system uses the VL_ListAttributesN2()
      regex support to evaluate configured volume sets. If you use the
      OpenAFS 'backup' system (or another backup system which relies on it,
      such as Tivoli Storage Manager (TSM, aka Tivoli ADSM)), and are using
      volume sets which require regular expressions for the volume name,
      then those volume sets cannot be resolved by OpenAFS 1.6.13. The next
      paragraph provides details on how to identify any affected volume sets.

      OpenAFS backup volume sets may be described by fileserver, partition
      name, and volume name. The fileserver and partition specifications
      never require regular expression support. The volume name specification
      always requires regular expression support except for when specifying
      _all_ volumes via two special cases: the universal wildcard ".*", or "".
      For example, volume name "proj" or "*.backup" or "homevol.*" all
      require regex support - even if the specification contains no wildcard
      characters and/or exactly matches an existing volume name.

      As a result of this issue, OpenAFS 1.6.14 replaces the 1.6.13 changes
      to VL_ListAttributesN2. 1.6.14 prevents the buffer overruns and
      reenables the regex support, but restricts it to OpenAFS super-users
      and -localauth only. This is sufficient to restore the OpenAFS 'backup'
      system's ability to work correctly with any previously supported volume
      set. The OpenAFS 'backup' commands are already documented to require
      super-user authorization, so this restriction is moot for the backup
      system.

      There are no other direct consumers of the VL_ListAttributesN2() regex
      support in the OpenAFS tree. However, the VL_ListAttributesN2 RPC is
      publicly accessible and might be used by third party tools directly or
      indirectly via OpenAFS's libadmin. Any such tools that issue
      VL_ListAttributesN2 RPCs must now be executed using super-user or
      -localauth tokens.

      None of the other security fixes in OpenAFS 1.6.13 are known to have
      any issues, and are still included unchanged in OpenAFS 1.6.14.

      If there are any questions concerning the possible impact of OpenAFS
      1.6.13 or 1.6.14 at your site, please contact your OpenAFS support
      provider or the openafs-info@openafs.org mailing list for further
      assistance.

OpenAFS 1.6.13

  All server platforms

    * Fix for CVE-2015-3282: vos leaks stack data onto the wire in the
      clear when creating vldb entries

    * Workaround for CVE-2015-3283: bos commands can be spoofed, including
      some which alter server state

    * Disabled searching the VLDB by volume name regular expression to avoid
      possible buffer overruns in the volume location server

  All client platforms

    * Fix for CVE-2015-3284: pioctls leak kernel memory

    * Fix for CVE-2015-3285: kernel pioctl support for OSD command passing
      can trigger a panic

  Solaris clients

    * Fix for CVE-2015-3286: Solaris grouplist modifications for PAGs can
      panic  or overwrite memory

OpenAFS 1.6.12

  All server platforms

    * Avoid database corruption if a database server is shut down and then
      brought up again quickly with an altered database (11773 11774)
      (RT #131997)

  All client platforms

    * Fixed a potential buffer overflow in aklog (11808)

    * Avoid a bogus warning regarding the checkserver daemon, which could be
      logged during startup when the cache initialization was very fast (11680)

    * Added documentation of the inaccuracy of the 'partition' field in
      'fs listquota' output for partitions larger than 2 TiB (11626)

  Linux clients

    * Support kernels up to 4.1 (11872 11873)

    * Avoid spurious EIO errors when writing large chunks of data to
      mmapped files (11877)

  OS X

    * Build fixes required at least on OS X 10.10 Yosemite with the latest
      XCode (11859 11876 11842..11845 11863 11878 11879)

OpenAFS 1.6.11.1

  Linux clients

    * Support kernels up to 4.0 (11760 11761)

  FreeBSD clients

    * Fixed kernel module build on systems with an updated clang which no
      longer accepts the -mno-align-long-strings as a no-op (11809)

OpenAFS 1.6.11

  All platforms

    * Allow aklog to succeed creating native K5 tokens even when mapping
      the K5 principal to a K4 one fails (11538)

    * Build fixes (11435 11636)

  All client platforms

    * Avoid a potential kernel panic due to connection reference overcounts
      (11645) (RT #131885)

    * Avoid potential corruption of files written using memory mapped I/O
      when the file is larger than the cache (11656) (RT #131976)

  Linux clients

    * Support kernels at least up to 3.19 (11549 11550 11569 11570 11595
      11658..11662 11694 11752)

      Note: By default this excludes kernels 3.17 to 3.17.2, which will leak
            an inode reference when an error occurs in d_splice_alias(). The
            module will build and work, but leak kernel memory, leading to
            performance degradation and eventually system failure due to
            memory exhaustion. Since it's impossible to detect this condition
            automatically, the switch --enable-linux-d_splice_alias-extra-iput
            must be passed to configure when building the module for those
            kernels. The same would be necessary for any kernel with backports
            of commit 908790fa3b779d37365e6b28e3aa0f6e833020c3 or commit
            95ad5c291313b66a98a44dc92b57e0b37c1dd589 but not the fix in commit
            51486b900ee92856b977eacfc5bfbe6565028070 in the linux-stable repo
            (git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git) or
            the corresponding changes on other branches.

    * Fixed a regression introduced in OpenAFS release 1.6.10 which could
      make the spurious "getcwd: cannot access parent directories" problem
      return (11558 11568) (RT #131780)

    * Avoid leaking memory when scanning a corrupt directory (11707)

  OS X clients

    * Support OS X 10.10 "Yosemite" (11571 11572 11611) (RT #131946)

  Solaris clients

    * Avoid reading random data rather than correct cache content when using
      ZFS as the cache file system on Solaris >= 11, and fix potential similar
      problems on other platforms (11713 11714)

  FreeBSD

    * Build fix for releases >= 11.0 (11610)

  OpenBSD

    * Support release 5.4 (11700)


OpenAFS 1.6.10

  All platforms

    * Don't hide the "version" subcommand in help output (11214)

    * Documentation improvements (11126 11216 11222 11223 11225 11226)

    * Improved diagnostics and error messages (11154 11246 11247 11249 11181
      11182 11183)

    * Build system improvements (11158 11221 11224 11225 11227..11241 11282
      11342 11350 11353 11242 11367 11392)

    * Avoid potentially erratic behaviour under certain error conditions by
      either avoiding or at least not ignoring them, in various places (11008
      11010..11065 11112 11148 11196 11530)

  FreeBSD

    * Support releases 9.3 and 10.1 (11368 11369 11402 11403 11404)

    * Makes a disk cache more likely to work on FreeBSD, though such
      configurations remain not very tested (11448)

  All server platforms

    * Added volscan(8) (11252..11280 11387 11388)

    * Fixed a bug causing subgroups not to function correctly if their
      ptdb entry had more than one continuation entry (11352)

    * Logging improvements (10946 11153)

    * Allow log rotation via copy and truncate (11193)

    * Avoid a server crash during startup only observed on a single platform
      and when using a 3rd party library under certain circumstances, which is
      a collateral effect of the security improvements introduced in OpenAFS
      release 1.6.5 (11075) (RT #131852)

  All client platforms

    * Raised the free space reported for /afs to the maximum possible value of
      just under 2 TiB - the old value was 9 GiB on most platforms (10984)

    * Reduced the amount of stack space used (11162 11163 11203 11164..11167
      11338 11339 11364..11366 11381)

    * Sped up a periodic client task which could be problematically slow
      on systems with a large number of PAGs and files in use (11307)

    * Fixed failure of the up command with large ACLs (11111)

    * Avoid a potential crash of aklog (11218)

    * Avoid potential crashes of scout and xstat_fs_test (11155)

  Linux clients

    * Support kernels up to 3.16 (11308 11309)

    * Fixed a regression introduced in OpenAFS release 1.6.6 that made
      checking for existing write locks incorrectly fail on readonly volumes
      (11361)

    * Fixed a regression introduced in OpenAFS release 1.6.8 that could
      cause VFS cache inconsistencies when a previously-accessed directory
      entry was removed and recreated with the same name but pointing to a
      different file on another client (11358)

    * Use the right path to depmod in Red Hat packaging to avoid dependency
      calculation incorrectly failing unless a link /sbin -> /usr/sbin is
      present on the system performing it (11171) (RT #131860)

    * Do not ignore kernel module build errors (11205)

OpenAFS 1.6.9

  All server platforms

    * Fix for OPENAFS-SA-2014-002

OpenAFS 1.6.8

  All platforms

    * Documentation improvements (10751 10875 10931 10897 10883 10954 10955)

    * Improved diagnostics and error messages (10756 10814 10949)

    * Fixed a bug in RX that could make errors during packet reception go
      unnoticed. (10733)

    * Fixed a bug that made "vos size -dump" display the wrong size for
      large volumes. (10933)  (RT #131819)

  All server platforms

    * Change the default fileserver sync behavior from "delayed" to "onclose".
      This means that explicit syncing only happens when a volume is detached.
      (10809)

    * Added the -offline-timeout and -offline-shutdown-timeout options to the
      fileserver, to implement interrupting clients accessing volumes we are
      trying to take offline. (6266 10799)

  All client platforms

    * When a client is shut down, it will give up its callbacks. The Windows
      client has been doing this since 2007. Note that older fileservers
      (1.3.50 to 1.4.5 and 1.5.0 to 1.5.27) had a bug in the implementation of
      the relevant RPC that could cause crashes or other undefined behavior
      when this happens. (6272 8840 10855)

    * Restored the pre-1.6 behavior of "vos e" being an alias for "vos examine".
      (10886)

    * Avoid flooding logs with warnings about byte-range locks, by throttling
      them per file. Also, make the messages more useful by including the
      FID. (10836..10839)

    * Avoid a possible panic during shutdown while tracing. (10932)

  Linux clients

    * Fixed a bug that could cause the "getcwd: cannot access parent
      directories" problem (10804 10984)

    * Avoid a delay when accessing uncached data in AFS in a confined
      context under SELinux. (10598)

    * Red Hat packaging improvements (10600 10767 10807)

OpenAFS 1.6.7

  All server platforms

    * Fix for OPENAFS-SA-2014-001

    * Fix for a potential DOS attack against RX servers

OpenAFS 1.6.6

  All platforms

    * As of this release, OpenAFS no longer ships uncompressed source tarballs.
      Tarballs are still shipped with both compression formats, gzip and bzip2.
      (10131)

    * Documentation improvements (10136 10314 10601)

    * Improved diagnostics and error messages (9412 10085 10274)

    * Avoid redefining "assert" in our public header files, which could
      cause failures when building some applications using them. (10096)

    * Fixes for parallel builds (10005 10309 10337)

    * Added a -s switch to afscp (not installed by default) to help simulate
      a slow client. (9416 9417)

    * Added a -probe switch to vlclient test program (not installed by default)
      to ping all vlservers in a cell in parallel. (9570)

  All server platforms
    * The fileserver now ignores any vice partitions with a NeverAttach flag
      file present in the root directory. (RT #130561) (9470 9471)

    * Restrict forcing CPS ("Current Protection Subdomain") recalculation in
      the fileserver to administrators. Also fixed a bug that could cause this
      operation to be incomplete. (9485 9487)

    * Allow non-DAFS fileservers to attach unusable volumes, restoring pre-1.6
      behaviour. (RT #131505) (9499)

    * Restored the pre-1.6 behaviour when running vos examine for a volume
      currently in a transaction, showing the volume as busy again rather than
      offline. (9685 9915 9916)

    * Reduced the minimum time a bos salvage takes from 5 seconds to 1. (9476)

    * Fixed buserver to not segfault when started with the -servers option.
      (RT #131706) (10166)

    * Salvager fixes, addressing a wide variety of possible problems from
      unnecessary salvaging to aborts (9282 9283 9457 9458 9459 9461 9462 9480
      9481 10165 10167)

    * Fixed a bug that could cause saved state information to be discarded
      when restarting a large or busy fileserver, which negatively impacted
      performance. (9683)

    * Fixed a bug that could have caused undefined behaviour in the vlserver
      in rare cases when a fileserver registered its addresses in the VLDB.
      (9429)

    * Added the -preserve-vol-stats switch to volserver, allowing it to keep
      the access statistics across volume restore and reclone operations
      instead of resetting them. (9477)

    * Inserted an exponential delay between retries when bosserver attempts to
      restart a server process. (9571 10199)

    * Improved vldb_check (not installed by default) to cope with broken
      vlentry names and volids, and provide more output to aid debugging.
      (10268)

    * Releasing a volume after adding a new RO site no longer touches any of
      the existing RO sites, if the RW data hasn't changed since the last
      release. (10174)

    * Make the copyDate field for RO clones have the same meaning as for
      remote RO volumes. Previously, the copyDate field for clones was updated
      every time we released. (9451)

    * Fixed potentially undefined behaviour in ptserver when too many pts
      ids are allocated. (10124)

    * Note that the server side NAT pings feature present in the prereleases
      was removed before the final release, since no positive feedback
      was provided during prerelease testing. (9420 10135)

  Linux servers

    * Start bosserver with -nofork in the systemd unit file, to allow systemd
      to track its state (10093)

  All client platforms

    * No longer track file locks on read-only volumes. Write locks can't
      succeed, read locks always will. Avoids log messages about this kind
      of lock. (8910)

    * Added the "fs flushall" subcommand, which makes the client discard all
      cached data. This was previously available on Windows only. (9065 9388
      9389 9390)

    * Fixed a bug that could make the client incorrectly believe its cache
      is up to date. This change could negatively impact AFS <-> DFS
      translators, should those still be running anywhere. (8898)

    * Several changes to avoid panicing in certain error conditions.
      (9131 9287 10354 10355 10356 10357) (partially addressing RT #131747)

    * Added the -rxmaxfrags switch to afsd, allowing to limit the number
      of UDP fragments sent or received per RX packet. (9430)

    * Build fixes for aklog on several platforms (RT #131716) (9917 10107 10275)

    * Require that the AFS mountpoint specified in the cacheinfo file is
      an absolute path. Relative paths result in a client that basically
      works but is not fully functional. (10253)

    * Fixed a bug that could cause one of the afsd threads to enter an infinite
      loop (10431 .. 10436)

  Linux clients

    * Support Linux kernels up to 3.13 (10241)

    * Fixed a bug that made readv/writev calls in AFS space fail with Linux
      kernels where generic_file_aio_read exists but those operations have
      not been switched to using aio_read/aio_write. This was a regression
      introduced with release 1.6.3 and affected at least RHEL 5.9 kernels.
      (10248)

    * Fixed a similar bug making core dumps fail in AFS space, affecting
      a much wider range of kernels including the most recent ones.
      (RT #131729) (10254)

    * Enhanced the keyring code to make PAGs work correctly on kernels with a
      distribution specific change to the Linux keyring code. This affected at
      least SLES 11 SP3 kernels. (10252)

    * Fixed a bug that could make failures during PAG instantiation go
      unnoticed. (10255)

    * Fixed a bug that made compilation fail for Linux kernels without
      keyring support. This affected at least the SLE 10 SDK and an
      OEM version of SLES 11 SP1. (10325)

    * Fixed build for kernels with user namespace support enabled. Likely
      to be required for Ubuntu 14.04 and eventually other distributions.
      (10456 10457 10458 10518 10472)

    * Support RHEL 6.5 kernels, and possibly others with changes backported
      from recent mainline kernels that touch getname/putname, by no longer
      using those functions. Previously, the client could cause a kernel
      panic when syscall auditing was enabled. (10578)

    * Make tmpfs usable as the cache filesystem again. This had been broken
      since kernel 3.1 (9950 10193)

    * When starting the client fails, clean up the backing device information
      created in sysfs, to avoid error messages during a subsequent start
      and possible system instability later on (10454)

    * Update Red Hat packaging to support Fedora >= 20, RHEL >= 7 and
      ELrepo kernels (10597 10619 10622 10703 10704)

  OS X Clients

    * Support OS X 10.9 "Mavericks" (10519 10541 10542 10543 10548 10549)

  AIX clients

    * Fixed a bug that caused the 1.6 AIX client to never receive any RX
      packets in the kernel. (RT #131725)

  FUSE client

    * Support Solaris 11 (9454 9455)

    * Allow other users to access filesystems mounted by root. (9452)

  FreeBSD

    * Build tvolser and dvolser on this platform (10122)
    * Several fixes to catch up with newer releases (10374 .. 10381)

  NetBSD

    * Build tsalvaged, tvolser and dvolser on this platform (10121)
    * Fixed build on NetBSD 5 and newer. (10138)

OpenAFS 1.6.5

All platforms

    * Fixes for OpenAFS-SA-2013-0003 and OpenAFS-SA-2013-0004

OpenAFS 1.6.4

All platforms

    * Obey the jumbo/nojumbo settings for ubik servers (the DB servers)
      too. In previous releases, those servers may have used jumbograms
      even if they were not configured to do so. This change corrects
      the actual behaviour, and will improve performance and reliability
      for sites where jumbograms are problematic. It could cause a decrease
      in performance for sites where jumbograms work, but those can turn
      them back on manually.

    * Dozens of fixes for common coding problems like use after free,
      use of possibly uninitialised memory, reading or writing past the
      end of arrays and potential NULL pointer derefences. Spotted by
      code analysis tools or human inspection.

    * Documentation improvements.

    * Fixes and improvements to the diagnostic or log messages printed by
      vos, the fileserver and others.

    * Build fixes, making parallel builds more reliable with certain
      configuration options and helping various platforms including
      recent releases of IRIX, Solaris and several flavours of Linux.

    * Avoid sending a small amount of data over the wire unencrypted
      under certain conditions, and emit the correct error message in
      this case.

All server platforms

    * Avoid generating duplicate IDs for readonly and backup volumes,
      which could happen under certain conditions.

    * Allow the fileserver to return volume data like quota or free space,
      which is available publicly elsewhere, without the additional access
      check for read permissions on a volume's root directory the fileserver
      performed before.

    * The fileserver now emits a log message when it ran out of memory for
      callbacks.

    * Avoid several potential fileserver problems, including memory
      corruption and segmentation faults, due to client bookkeeping.

    * Avoid known cases of silent data corruption due to background syncs
      on the fileserver, especially during Copy on Write.

    * Make the fileserver sync behaviour runtime configurable. Up to 1.4.5,
      we had synchronous syncs which were safe but really slow. Since 1.4.5,
      we've had asynchronous syncs which are much faster but believed to
      be the cause of rare data corruption issues, and while all known cases
      of these happening are believed to be fixed in the 1.6.3 release, doubts
      remain. This change allows choosing between those, and in addition allows
      to turn syncs by the fileserver off altogether, thus relying on the vice
      partition's backend filesystem and the operating system, or to just
      execute them when a volume is detached. The default behaviour is
      unchanged from releases since 1.4.5, but it's highly recommended to
      consider the additional options this change provides. Future OpenAFS
      releases will default to "-sync=none".

    * For dbservers, avoid a situation where misinterpreting transient
      network errors causes long-term issues with achieving ubik quorum.

All UNIX client platforms

    * Improvements to the detection of an aklog-specific krb5 configuration
      file, for the purposes of turning on "weak crypto" for aklog.

    * Fixed a regression introduced in release 1.6.2 which caused the
      supposedly persistent disk cache to be discarded upon client start.
      (RT #131655)

Linux clients

    * Support Linux kernels up to 3.10

    * Fixed two bugs making it impossible to unmount a disk cache filesystem
      after it has been used by the client. (RT #131613)

    * Fixed a bug that could cause an oops with kernels 3.6 and later

OpenBSD

    * Improved support for OpenBSD 4.9 to 5.3

OpenAFS 1.6.3

  This release number had to be skipped for technical reasons.

OpenAFS 1.6.2.1

  Linux clients

    * Support Linux kernels up to 3.8.

    * Make the init script cope with the output of ifconfig on recent Fedora.

OpenAFS 1.6.2

  All platforms

    * Fix buffer overflows in fileserver and ptserver.

    * Abort an rx connection when given an unknown service (Gerrit 7593).

    * "idle dead" behavior improvements.

    * Documentation updates.

  All server platforms

    * Fix rare file corruption during background sync (Gerrit 8796).

    * Fix corrupting clients' metadata cache during certain errors (Gerrit
      6957).

    * Avoid saying a volume doesn't exist when accessed as the volume is
      going offline (Gerrit 7488).

    * Fix fileservers to properly report >2 TiB partitions.

    * Fix stale volume info from vos examine on non-DAFS filservers.

    * Fix possible volume corruption with vos convertROtoRW.

    * Fix bosserver to preserve all command-line options over restart.

    * Fix bosserver to properly kill hung processes during shutdown.

  All UNIX client platforms

    * Fixes for memcache, especially on Solaris.

    * Increase the size of the DNS resolver answer buffer to allow sites
      with a long response list to use SRV and AFSDB records.

    * Fix a crash when a server appears to run out of addresses (Gerrit
      7487).

    * Fix cache corruption when reading from a file another client is
      simultaneously writing to (Gerrit 7994).

    * Improve handling of disk cache disk errors.

  Linux

    * fix DKMS configuration for DKMS 2.2.

    * Avoid generating inode number 0 with md5 inodes (Gerrit 7276).

    * Fix a crash when reading /proc/fs/openafs/unixusers (Gerrit 7914).

    * Make PAG-less access use the real UID of the calling process
      instead of the effective UID, when determining what credentials to
      use (Gerrit 7931).

    * Fix possible abuse of fs mkmount.
      Prior to 1.6.2, users could crash a client by nesting volume mounts.

    * Fix fileserver memory corruption on RHEL 6
      Prior to 1.6.2, fileservers on RHEL 6 may crash under heavy load.

    * Fix client page cache corruption on Linux
      When multiple clients read and write to a file, the reading client
      may see first page (4096 bytes) of a file as nulls.

    * Support Linux kernels up to 3.7.

    * Support newer glibc versions.

    * Improve client systemd unit file.

    * Update Red Hat packaging.

  OS X

    * Fix crashes on shutdown.

    * Prevent unloading the module before shutdown completes.

    * Security improvement for the OpenAFS preference pane.

  Solaris

    * Support newer versions of the Sun Studio compiler software.

    * Support compiling on newer versions of Solaris 11 and Solaris 10.


OpenAFS 1.6.0 (2011-08-15)

  All platforms

    * Substantial Rx updates to correct erroneous behavior.

    * vos now properly deals with matching sites when servers are
      multihomed.

    * Don't stop Rx keepalives after an ackall is received, avoiding
      spurious connection timeouts. (128848)

    * Don't retry Rx calls on channels returning busy errors and improve
      Rx busy call channel error handling. (128671)

    * Properly enable Rx connection hard timeouts.

    * Rx NAT pings are not enabled until peer has answered.

    * Initialize rx_multi lock before use.

    * Avoid spurious crashes when initializing in "backup" client.

    * Revert UUID support in vos.

    * pt_util fixed to properly create new databases.

    * MTU discovery now properly shut down on call reset.

    * Avoid leaking references to hosts during callback break multi-Rx
      operations. (129376)

    * xstat tools now cope with differing timeval structures between
      endpoints.

    * Numerous fixes to command argument parsing.

    * Documentation updates.

  All server platforms

    * A file descriptor leak which could result in corrupted files in the
      fileserver was fixed. An IMMEDIATE upgrade from previous 1.5 release
      fileservers is recommended.

    * Fix ptserver supergroups support on 64 bit platforms.

    * Demand attach salvaging doesn't use freed volume pointers.

    * Properly hold host lock during host enumeration in fileserver.

    * Attempt to recovery more quickly from timed out volume release
      transactions.

    * Auditing now properly byte order swaps IP addresses when printing.

    * vos split now has improved error handling.

    * Many changes to again support Windows fileservers.

    * During volume removal, data removal speed improved.

    * Improve CPU utilization during volume attaching by DAFS.

    * In salvager check-only mode, avoid potentially fixing a vnode.

    * Fix support for large (greater than 2gb) volume special files.

    * Salvager will not crash if multiple or bad volume link tables are
      encountered.

    * Avoid erroneous full dump by remembering which sites were out of
      date at the start of the release.

    * A deleted volume can now be recreated properly.

    * Callbacks are again not broken during whole partition salvages.

    * Positional vectored IO fixed for largefile (>2GB) capable systems.

    * Fileserver per-client thread usage again properly enforced.

    * Anonymous dropbox support improved and drawbacks documented.

    * Demand attach: ensure vnodes are not reallocated while in use due to
      volume bitmap errors.

    * Properly support large volume numbers (larger than 2147483647).

    * Allow salvager to be run manually again when DAFS is being
      used. (129458)

    * Avoid leaking references to hosts during callback break multi-Rx
      operations. (129376)

    * Demand attach: unlink fileserver state file on standalone salvage.

    * Salvager tries harder to detect linktable issues.

    * Demand attach: don't attach volumes with special status set.

    * Avoid crashing on host table exhaustion. Instead, defer clients.

  Microsoft Windows

    * afs_config will not longer set the Tray Icon State in the registry
      if the checkbox is not present in the dialog. (128591)

    * AFS Explorer Shell Extension now works from folder backgrounds.
      Overlays for mount points and symlinks are present in the dll, but
      are not registered at present by the installers.

    * Do not use RankServerInterval registry value as the value for
      PerformanceTuningInterval.

    * When the data version of a mountpoint or symlink changes, the target
      string in the cm_scache_t object must be cleared.

    * "fs checkservers" now includes vldb servers in the output and only
      lists multi-homed servers once.  A multi-homed server that has at
      least one up interface is no longer considered to be down.

    * When asynchronously storing dirty data buffers to the file server
      ensure that (a) the cm_scache_t object and the cm_buf_t object are
      for the same File ID so that locking and signalling work properly;
      and (b) if the FID no longer exists on the file server, do not
      panic, just discard the buffer.

    * When processing VNOVOL, VMOVED and VOFFLINE errors perform server
      comparisons by UUID or address and not simply by cm_server_t
      pointer.  Otherwise, server failover may not succeed.

    * Do not preserve status information for cm_scache_t objects when the
      issuing server is multi-homed.

    * Giving up all callbacks when shutting down or suspending the machine
      is now significantly faster due to the use of an rx_multi
      implementation.  (This functionality is still off by default and
      must be activated by a registry value.)

    * Race conditions were possible when updating the state of the
      cm_volume_t flags and when moving the volumes within the least
      recently used list.

    * Ensure that the lanahelper library does not perform a NCBRESET of
      each lan adapter when enumerating the current network bindings.
      Correcting this permits OpenAFS to work on Windows 7 when the
      network adapter settings change.

    * Fix creation of mount points and symlinks as \\AFS\xxxx

    * Icon tray state now conditionally set. (128591)

    * Properly create new cell mount points in freelance mode.

    * Avoid recursive offline volume checks.

    * Fix caching of non-existent volumes.  The test to trigger an
      immediate CM_ERROR_NOSUCHVOLUME in cm_UpdateVolumeLocation() was
      backwards.

    * Prevent the background daemon from checking the status of
      non-existent volumes.  cm_CheckOfflineVolumes() should skip volume
      groups with the CM_VOLUMEFLAG_NOEXIST flag set.

    * The afskfw library should return an error immediately if the
      krb5_32.dll library cannot be loaded.  Affects afslogon.dll and
      afscreds.exe.

    * No longer depend on leashw32.dll in afskfw library.

    * NPLogonNotify must provide the user password in all calls to
      KFW_AFS_get_cred().  It cannot count on a credential cache being
      preserved between calls.  Permits tokens to be acquired for all
      cells listed in the TheseCells registry value for a domain.

    * Improve the trace logging from NPLogonNotify().

    * Avoid a race when writing the cm_scache_t mountPointString
      when acquiring mount point or symlink target data via
      cm_GetData().  The race could result in bogus target
      data being cached.

    * Permit the use of des-cbc-md5 and des-cbc-md4 enctypes
      as DES keys in asetkey.exe.

    * aklog supports dotted Kerberos v5 principal names.

    * afskfw library always attempts afs/cell@USER-REALM

    * afskfw library must test return code from krb5_cc_start_seq_get() or
      will trigger a null pointer exception when using Heimdal.

    * Lock protected fields must be 32-bit in order to avoid memory
      overwrite races.

    * Add support for NTFS symlinks.

    * Handle file search requests for virtual syscall ioctl file.

    * Process SyncOps properly to enforce ordered operations.

    * Avoid recursing during NewServer operations.

    * Correct lock acquisition order during SMB locking.

    * Add shutdown message to event log.

    * Check offline volume status by policy rather than on each daemon
      thread run.

    * Return error on directory object not found instead of crashing.

    * Improve error message output.

    * afslogin.dll can start afsd_service if it's not starting or started.

    * Optimize away release lock RPCs for deleted files.

    * Background Daemon will not perform operations on deleted files.

    * Resort recently used directories to the top of the LRU if the
      directory is larger than the stat cache.

    * Resort deleted objects to the bottom of the LRU.

    * Use interlocked operations for state and queue fields to allow safe
      bit set and clear on multiprocessor systems.

  All UNIX client platforms

    * Servers now marked down when GetCapabilities returns error.

    * In-use vcache count is now properly tracked.

    * Check for /afs existance before starting, unless -nomount is
      specified.

    * Avoid a potential panic when using /afs/.:mount syntax.

    * Avoid a panic in memcache mode due to missing CellItems file.

    * FUSE client support fixed for non-/afs mounts.

    * Avoid a potential deadlock (which times out) when we need to
      allocate more callback returns and must flush some already in use.

    * Deal with libcom_err conflicts with other packages using it
      (e.g. krb5) (128640)

    * Fall back to afs3-vlserver SRV record values when afs3-ptserver SRV
      record is not available.

    * Avoid holding unneeded locks when probing server capabilties.

    * Do not attempt page flushes for directories.

    * Rx connection reference counting is enabled.

    * An Rx connection reference count leak is fixed in bulkstat.

    * Handle unparsable directory objects.

    * Handle Kerberos cred cache errors in aklog.

  AIX

    * Fix PAG usage to track by PAG identifier, not group list.

  FreeBSD

    * Fix socket termination on shutdown.

    * Support for 7.2, 7.3, 7.4 and 8.2 included.

    * References to vcaches are no longer leaked during root or reclaim.

    * Remove support for "Giant" lock as we no longer need to use it.

    * Don't sleep with AFS GLOCK.

    * Properly enable 64 bit long long support.

    * Restore support for FreeBSD 7 (128612)

    * Fix locking issues at shutdown and avoid panic at shutdown due to
      vcache flushing.

    * Support for virtual network stacks.

    * New RC script, updated packaging.

  IRIX

    * Properly create new vnodes to avoid crashing in the client.

  Linux

    * Support through kernel 2.6.39.  Treat Linux 3.0 as Linux 2.6 for
      sysname purposes.

    * Use rx_Readv in cache bypass to improve performance.

    * Properly handle 0-length replies during cache bypass operations.

    * Properly handle non-contiguous readpage cache bypass operations.

    * Do proper locking when transitioning to or from cache bypass.

    * Avoid extra runs of vcache freeing routine. (128756)

    * Perform vcache eviction via a fast path before visiting vcaches
      where sleep is needed.

    * setpag() errors are now properly reported.

    * Avoid attempting to free stat cache entries when we are below
      user-specified number of entries in use.

    * Properly track user-specified number of stat cache entries to use as
      a desired usage target.

    * Don't read pages beyond EOF in the cache. (128452)

    * Various corrections and improvements to Red Hat packaging, including
      modifying the init script to allow deferring for a new binary
      restart and properly supporting RHEL6.

    * Fix lockup in 2.6.38 due to erroneous kernel feature configure test.

    * Improve RPM building tools.

    * Attempt to properly handle SELinux in packaging.

    * Init script properly returns status as exit code.

    * RPM packaging fixes (executable libraries, no postinstall message)

    * Kill i386 from RPM packaging.

  MacOS

    * MacOS 10.7 support.

    * Properly handle setpag errors.  PAGs are not supported.

    * Check for unloaded kernel extensions when decoding AFS panics.

    * Disable "get tokens at login" in prefs pane if AD authentication
      plugin is configured.

    * aklog AuthorizationPlugin now provided.

    * Preferences Pane behavior fixed for 1.6 series (version detection is
      used to select default behavior).

    * A potential kernel panic during bulkstat operations is
      fixed. (128511)

    * 64-bit MacOS kernel performance is greatly improved. (128934)

    * Properly shut down AFS, closing the Rx socket in the upcall handler
      to avoid attempting to process data after we can no longer do so.

    * Rework logic for bulk status operations to avoid a potential hang.

    * Avoid panic when doing FSEvent synthesis.

    * Fix bug when using non-dynroot.

    * Update Kerberos support in PreferencesPane.

  NetBSD

    * Updates for platform support.

  OpenBSD

    * Bug fixes for issues introduced previously in 1.5 series.

    * Support through OpenBSD 4.8.

  Solaris

    * Switch to ioctl() syscall replacement for Solaris 11 since syscall
      65 is not safe.

    * Fix support for Solaris pre-10.

    * Corrected Solaris 11 startup script.

    * vcache mappings freed on shutdown to avoid panic.

    * Properly report errors for AFS system call callers.

    * Don't leave dangling function references if kernel extension fails
      to load.

    * Try harder to avoid deadlocks on file-larger-than-cache operations.

    * Avoid panic on shutdown when mount failed.


OpenAFS 1.5.78 (2010-11-04)

  All platforms

    * Revisions to Rx to fix performance issues.

    * Make fs getfid behave consistently across all platforms. (128372)

    * Properly check IDs handed to pts when creating users or groups so
      useful error messages can be provided. (128343)

    * Correct byte order handling of port in afsconf_LookupServer for SRV
      records.

    * Force a full dump when releasing to a site which was previously
      marked "don't use", in case the previous clone was out of date.

  All server platforms

    * Demand salvage of attached volumes now correctly track attachment
      state.

    * Avoid a potential crash due to failure to hold a lock when attaching
      a volume fails.

  Microsoft Windows

    * Track SMB connections by SID rather than username.

    * Error write attempts to known-readonly volumes earlier.

    * Validate directory buffers to avoid potential crashes.

    * Handle VIO errors from bulkstatus.

    * Make PMTU discovery configurable and register error handlers for it.

  All UNIX client platforms

    * Use larger I/O sizes in memcache to improve performance.

    * Avoid potential alignment issues doing I/O for pioctl calls.

  FreeBSD

    * Avoid panicing if the listener process is not findable.

    * Avoid deadlock issues while performing lookups.

  Linux

    * Handle stale file handle errors for some cache partition types.

    * Avoid blocking with xvcache lock when attempting to free in-use
      vcaches.

    * Build fixes for older kernels.

    * Properly configure LWP to use ucontext() on platforms where it
      should.

    * Eliminate spurious errors from AFS system call returns. (126230)

  MacOS

    * Attempt to honor configured Kerberos defaults in Preferences Pane.


OpenAFS 1.5.77 (2010-09-08)

  All platforms

    * Rx path MTU detection will terminate detection in cases where the
      minimum required packet size cannot be transferred.

    * vos dryrun mode now shows effects for syncvldb single volume case.

    * vos dryrun mode now shows "status after" for syncvldb and syncserv.

  All server platforms

    * RXAFS_GetStatistics64 now returns statistics properly.

  Microsoft Windows

    * Attempt to properly identify the local system SMB connection for
      token tracking.

    * Remap timeout and offline errors to proper NT RPC errors.

    * Properly fail over to other replicas on bulkstat IO errors.

    * Properly error delete-mode createfile if a file is set readonly.

    * Validate directory entry buffers to avoid crashing the service.

    * Log file modes properly.

    * Log cell name when logging server information.

  All UNIX client platforms

    * cacheout program for discarding callbacks is now built.

    * bulkstatus kernel locking is corrected to avoid a potential panic.

  Dragonfly BSD

    * userspace support update

  FreeBSD

    * Updated vnode locking for children returned via lookup().

    * Avoid file open undercount with needed calls to
      FakeOpen/FakeClose().

    * Use vnode_pager_setsize to properly track file size during kernel
      IO.

    * Update system call installation.

    * Fix shutdown of Rx kernel listener to avoid potential dereference
      after it's gone.

    * Avoid closing vnodes during vnode recycle.

    * Fix bogus call to FlushVS for vnode reclaims.

  Linux

    * Packaging updated for current configure options and built files.

    * Cache bypass now holds reference on pages during readpage.

    * s390x setgroups32 patching update.

  MacOS

    * DNS resolver is reinitialized on IP address change. (126440)


OpenAFS 1.5.76 (2010-08-16)

  All platforms

    * Updates to build-time configuration.

    * Fix XDR support in Rx to match header definition.

    * vos status now shows transaction creation, not action creation.

    * Rx avoids reporting loopback adapters when listing interfaces.

  All server platforms

    * Demand-Attach Fileserver always built and installed (dafileserver,
      davolserver, dasalvager).

    * Return VNOVOL from fileserver when a volume is deleted.

    * Ignore duplicate tags during volume restore operation.

    * Update inode array after salvage repairs volume.

    * Zero a corrupted header in memory during salvage to avoid further
      corruption.

    * Fix NAMEI backend to allow low-numbered volumes to work properly.

    * ptserver does not include cell name as part of length check for
      names.

    * Updated error messages for unblessed volumes.

    * vlserver avoids buffer overflow with regex pattern

    * Attach-time failures now note failures as the rest of the fileserver
      would.

    * Server argument logging will no longer overflow stack.

    * Provide fast-restart-like unsafe-nosalvage option for DAFS.

    * Deal with host hash collisions in the fileserver.

  Microsoft Windows

    * Avoid crashing when interpreting a drive letter as potentially
      matching a cell name.

    * Properly handle volume package errors.

    * Allow page recycling from known-readonly content without ensuring
      they are not dirty.

    * 32 bit tools installer should not override client configuration.

    * Ensure root scache item has a valid callback when use is attempted.

    * Freelance directory changes now properly invalidate and replace the
      old root object.

  All UNIX client platforms

    * Support disconnected reconnecting with specified UID for PAGless
      platforms.

    * Proper disconnected vnode reference tracking.

    * Update server site blacklisting to not return success if nothing was
      blacklisted.

    * Avoid a panic during vcache contention due to CVInit vcache
      racing. (127645)

  FreeBSD

    * Update for network stack in 8.1/9.0.

  HP-UX

    * Bug fixes.

  Linux

    * 2.6.36 support

    * Disable PMTU error packet handling.

    * flock() fixes.

    * Debian packaging updated.

    * freezer interface updates.

  MacOS

    * Hold references to disconnected mode written vnodes properly.

  Solaris

    * Handle NFS translator module references for amd64.

    * INODE fileserver backend support now exists for amd64.


OpenAFS 1.5.75 (2010-07-07)

  All platforms

    * Prevent rx_rpc_stats global lock from being a bottleneck.

    * Path MTU discovery is now provided to allow traffic to pass networks
      with sub-1500 byte MTUs and poor fragment handling.

    * Further reduce Rx NAT ping transmission when enabled.

    * Update Kerberos 5-based token handling in rxkad from upstream
      Heimdal.  (127554)

    * Update version numbers emitted during build to reflect what is
      actually being built.

    * Add "-human" switch for human-readable units in fs diskfree and
      listquota. (124529)

    * vos provides reasons for locked volumes when known.

    * Do not count retransmission and ping acks as non-idle for Rx
      connections.

    * Rx: provide service-specific data getter and setter routines.

    * Update build-time Kerberos detection.

    * Updated userspace AFS client.

    * Beginning of a modernized test suite.

    * Additional documentation.

    * Updated documentation, notably the Administrators Guide.

    * Substantial code cleanup.

  All server platforms

    * Update handling of vnode allocation failures.

    * DAFS: allow salvaging volumes not known to the fileserver, to allow
      cleanup of data not attached to a current volume.

    * Properly handle volumes slated for destruction.

    * Handle volumes with many files properly.

    * Force core file generation in bosserver by overriding default
      resource limits when possible.

    * Update vlclient and vldb_check.

    * Avoid potentially corrupting a volume on creation if files are left
      from previous failed cleanup.

    * Note volume changed during salvage as needed.

    * DAFS: do not assume invalid addresses are in fileserver address hash
      table.

    * Avoid tying up fileserver threads with volumes that are being taken
      offline.

    * Do not set inUse on volumes for non-DAFS other than in fileserver.

    * Break origin's callback on target of rename operation.

    * Avoid unneeded parent directory link updates during some rename
      operations.

    * Do not open /dev/console for writing in the fileserver.

    * DAFS: avoid spurious restarts when binary restarts are configured.

    * Avoid spurious and unneeded calls to sync(), which can slow down the
      fileserver.

  Microsoft Windows

    * Revised SMB QuerySecurityInfo to address issues caused by MS10-020
      (http://support.microsoft.com/kb/980232)

    * Prevent use of the AFSCache file contents if mapped to a new
      address.

    * Make fs newcell include behavior compatible with the non-Windows
      version.

    * Provide a registry option (FreelanceImportCellServDB) to pre-create
      mount points in the AFS root for all cells in CellServDB.

    * Fix a memory leak in the cm_FreeServerList() routine.

    * Reduce privilege when reading registry CellServDB.

    * Add support for RPC Pipe Service NetWkstaGetInfo levels needed for
      Windows 7.

    * Prevent overflow when computing quota percentage in Explorer Shell.
      (126846)

    * Generate meaningful errors for ACL operations on freelance AFS root.

    * Fix error handling on InlineBulkStatus RPCs.

    * Show configuration pages for all types of MSI installations.

    * Improve freemount AFS root directory handling and operations.

    * Properly validate GetVolumeStatus pioctl responses.

    * Commit file length changes and dirty buffers when flushing a file.

  All UNIX client platforms

    * Update version of files for disk cache.

    * Do not call afs_FlushVCBs with xvcache lock held, to improve
      parallelization.

    * Add mariner log messages for creating and removing files.

    * Don't hold xvcache lock while creating symlinks, to improve
      parallelization.

    * Provide -dynroot-sparse mode to not show all cells in CellServDB in
      dynroot mode.

    * Avoid a potential crash in aklog in linked cell handling.

    * Log MTU-caused packet retransmission.

    * Prevent crashes caused be fs checkservers while cache is being set
      up.

    * fs getserverprefs now has a buffer large enough for the default
      CellServDB.

    * Report server address when logging warnings.

    * Avoid panic in GetCapabilities when cell is not known.

    * Lock process name and id for advisory lock warnings when possible.

    * Handle need for allocating additional Rx packets.

    * Properly handle errors from InlineBulkStatus operations.

    * Fix errors returned from fcntl() on readonly files locked for write.

    * Flush pending changes to the server on LOCK_EX unlock.

    * Reflect length changes as a result of callbacks even when file is
      open for write.

    * Avoid hanging due to error exit when attempting to store a large
      file to a non-largefile fileserver.

    * Recover from afs_GetVolSlot errors.

  FreeBSD

    * Bugfixes for kernel VFS and network routines.

  IRIX

    * Provide makesname().

  Linux

    * Avoid syscall probes when keyrings are present, by default. (125215)

    * Remove "Big Kernel Lock" from VFS operations.

    * Use filehandles for all Linux 2.6 versions to avoid need for matched
      afsd. (127530)

    * Updated RPM packaging.

    * Fix dkms configuration provided with RPMs.

    * Hold reference on pages during background I/O for cache bypass.

    * Fix cache bypass handling of non-largefile fileservers.

    * Protect truncate_inode_pages mappings with mutex or semaphore as
      needed.

    * Fix pagevec use in cache bypass. (127505)

    * Updates for 2.6.35

  MacOS

    * Improve launchd configuration.

    * Avoid hanging on recursive cache file lock acquisition when user
      notification is enabled.

    * Fix and re-enable bulkstat mode.

  OpenBSD

    * Build updates.

  Solaris

    * Precluding unmount while AFS is busy.

    * Avoid deadlocking when releasing the VFS object.

    * Stop network interface poller in kernel on AFS shutdown.

    * Avoid issues with lookups on empty directory names. (127356)


OpenAFS 1.5.74 (2010-04-22)

  All platforms

    * Add "vos setaddrs" command.

    * Rx library lock contention avoidance between rx_NewCall and
      rx_EndCall.

    * Rx library races due to inconsistent use of rx_connection
      conn_data_lock to protect the flags field.

    * Rx library inconsistent use of RX_CALL_TQ_WAIT which could result in
      deadlocks.

    * Rx library must signal transmit queue waiters when flushing.

    * afsmonitor shows busy counts now.

    * afsmonitor displays xstat callback statistics.

    * Provide expandgroups for pts mem on a supergroups server.

    * Provide supergroup option to liste nested groups during pts mem.

  All server platforms

    * Avoid volume lock contention during DAFS startup.

  Microsoft Windows

    * Avoid a race when updating cell vldb server lists that can result in
      a crash.

    * Avoid a deadlock when managing CM_SCACHESYNC_STOREDATA state
      operations for directory objects.

    * Add new Windows Application Event log messages for VBUSY,
      VRESTARTING, ALL_BUSY, ALL_OFFLINE, and ALL_DOWN.

    * Reduce lock contention by waiting for cm_buf_t I/O operations.

    * Split the cm_buf_t flags field to separate the flags that are
      protected by the cm_buf_t mutex from those protected by the
      buf_globalLock.

    * In cm_UpdateVolumeLocation, avoid searching for a ".readonly" volume
      on a numeric volume name.

    * File buffer allocations whose offsets are beyond server EOF should
      be locally allocated and zero filled.  The file server should not be
      issued a FetchData rpc which is guaranteed to fail.

    * Enable integrated logon to work with Windows 7/2008 when user logons
      are performed with a non-Domain Kerberos principal.

    * Add Protection Error messages to aklog output.

  All UNIX client platforms

    * Provide a FUSE-interfacing userspace afs client.

    * Updates to libuafs userspace cache manager.

    * Probe servers using GetCapabilities instead of GetTime, thus
      requiring fewer RPCs.

    * Fix DNS SRV record handling for cell lookup.

  FreeBSD

    * Fix sleep/wakeup routines.

    * Update for 8.0 release.

  Linux

    * Handle high memory addresses correctly.

  MacOS

    * Make 32 bit AFS syscalls work again.

    * Work around finder "Duplicate" failure (caused by setting modes on
      symlinks).

    * Disable bulkstat again (will be re-enabled at or before .75).

    * Provide symlink type hints during readdir.


OpenAFS 1.5.73 (2010-03-24)

  All platforms

    * NAT keepalive support at Rx level.

    * Corrected SRV record support for cell name canonicalization.

  All server platforms

    * Fix volume callback notification to not notify unaffected clients.
      (126497)

    * Allow root directory recreation by salvager. (94658)

    * Numerous DAFS fixes.

    * Improvements to callback table overflow handling. (126451)

    * bosserver now shuts down cleanly on SIGTERM.

  Microsoft Windows

    * Prevent the Explorer Shell extension from crashing if symlink
      creation failed.  (126406)

    * A Rx level NAT ping has been implemented. A registry value enables.

    * Adds krb5 error message translation to aklog, afscreds,
      afslogon.dll, the network identity manager afs provider and
      translate_et.

    * Default mode bit settings for file and directory creation are now
      provided, and can be configured.

    * An SMB request trace facility is provided and can be enabled for
      debugging.

  All UNIX client platforms

    * Rx idle deadtime does not stop file writes.

    * Disconnected AFS no longer has a race condition during remove ops.

    * Fakestat avoids a condition which could cause it to block on network
      activity.

    * Several fixes to handle interruptions in vos operations. (33360,
      125535)

    * Allow more sysnames in a sysname list.

    * Attempt to enforce timeouts on AFSDB lookups.

  AIX

    * Clean up properly on mount failure.

    * Add entry to /etc/vfs to allow umount to work.

  Linux

    * Several issues to deal with older kernels.

    * Avoid leaking the global lock in the /proc cellservdb code.

    * Keyring destruction now cleans up all tokens.

    * Keyring quotas are not enforced against root.

  MacOS

    * Some FSEvents hinting for authentication events now done. (23781)

    * Update uninstaller. (125634)

    * Rewrite afssettings and fstab code to avoid licensing issue with
      APSL.

    * Growl client for user monitoring of AFS events included.

    * Properly support insert-only dropboxes.

    * Add bulkstat support.

    * Include support for moving in Finder across mount points.

    * Preferences Pane includes support for Kerberos 5 ticket renewal.


OpenAFS 1.5.72 (2010-02-15)

  All platforms

    * Provide internationalization support in com_err.

    * Fix array length checking to avoid crashes when checking for a
      volume type based on name in vos.

  All server platforms

    * Provide backward compatible "-f" flag to salvager for force mode.

  Microsoft Windows

    * Restore use of DNS AFSDB and SRV records by kaserver clients.

  All UNIX client platforms

    * Fix client cache file truncation to not lose chunks when truncating
      a large file.

    * Ensure a cache writeback hook is installed in the client (bug from
      1.5.71).

    * Avoid spurious free memory warnings during clean shutdown.

    * Fakestat mode avoids AFSDB lookups.

    * "fs storebehind" now correctly reports errors on readonly volumes.

    * Additional documentation for "fs getcacheparms"

    * Forced new uuid generation with "fs uuid -generate" now works
      enforced permission correctly.

  MacOS

    * Add optimized Rx event handler in kernel.

    * Installer now allows installing an older version.

    * Panic decoder can now deal with MacOS 10.5 again.

    * MacOS ._ files are now correctly not looked up as cellnames.

  Linux

    * To deal with SELinux file labeling, try cache accesses with current
      credentials in event of failure.

    * Rx XDR encoding bug on i386 Linux is fixed (bug introduced in
      1.5.71).

  IRIX

    * Code compilation fixes.

  OpenBSD

    * Update for OpenBSD 4.6.


OpenAFS 1.5.69 (2010-01-19)

  All platforms

    * Configuration of BOSserver no longer defaults to weekly restarts
      enabled.

    * Provide BOS restricted mode by default.

    * Add support for "vos endtrans" command.

    * Default to providing full output from vos listvol.

    * Correct additional-address tracking in the fileserver.

    * Improve Rx performance by not unnecessarily dropping and reacquiring
      call locks in read and write processes.

    * Avoid crashes when monitoring volserver transactions across
      potential transaction garbage collection.

    * Numerous warning fixes.

  All server platforms

    * Avoid saving fileserver state in demand attach fileserver when
      panicing.

    * Demand attach fileserver allows other callers to schedule salvages.

    * Demand attach "bos salvage" now works correctly with restricted
      mode.

  Microsoft Windows:

    * Numerous changes to the client-internal btree directory handling to
      prevent errors.

    * fs examine reports owner and group ids as signed values (PTS groups
      are negative).

    * Preclude corruption due to races writing to smb buffers.

    * Allow MTU settings in registry to be used.

    * Apply MTU to both send and receive sizes.

  All UNIX client platforms

    * Avoid double-freeing Rx call structure if reading a response from
      the file server results in a short read.

    * Handle negative lengths in FetchStatus results correctly.

    * Properly clean up allocated memory at shutdown.

    * Default to AFSDB compiled into the cache manager.

    * Avoid inadvertant disclosure of stat() information to clients not so
      entitled.

    * Correct a bug with AFSDB lookups introduced with SRV record support.

  MacOS

    * Install kernel panic processing tool in /Library/OpenAFS/Tools.

    * Include debugging symbols for kernel extension in additional package.

    * Support "Application Firewall" users.

    * Avoid ._cellname AFSDB lookups.

    * Compile preferences pane as a universal binary.

  Linux

    * Use splice to speed up storing files.

    * When using memcache, avoid duplicating work in readpages.

    * Use dget_parent to safely find an inode's parent.

    * Disable access time updates in our superblock.

    * Avoid crashing doing writeback if no credentials were stashed at
      file open.

    * Simplify keyring support.

    * Properly clean up vcache in event of failed mount.

  FreeBSD

    * Update for current FreeBSD 8.

  Solaris

    * Abstractly manipulate groups as now required.

    * Abstractly access time instead of using lbolt directly.


OpenAFS 1.5.68 (2009-12-08)

  All platforms

    * aklog now attempts to convert non-AFS errors to human-readable
      strings.

    * Make stack not executable when compiling assembler source with GCC.

    * Numerous source warning cleanups and code reorganization.

  All server platforms

    * Compute midnight for volume statistics calculation from local time.

    * Salvager now orphans duplicate special inodes when running to allow
      recovery in event of a problem, instead of simply ignoring the
      issue.

    * Support to ensure a server panic attempt leaves a core and thus
      restarts in a timely manner, rather than potentially hanging. Use
      panic to attempt cleanup before leaving a core when possible.

    * Volume sync data reported during bulkstatus is now set correctly.

    * Provide better tuning for fileserver file descriptor caching.

    * Allow more than 128 threads in fileserver by modifying host
      structure in-use tracking.

    * Avoid crashes getting volume server status during transaction
      cleanup.

    * Improved logging of offline volume conditions.

    * Correct volume statistics when cloning a volume.

    * Avoid referencing host structures in the fileserver which are marked
      for deletion.

    * Demand attach fileserver corrections to avoid coring during an
      aborted startup.

    * host array bounds checking corrections to avoid buffer overflow.

    * Handle special inodes correctly when promoting an inode fileserver
      readonly volume to read-write.

  Microsoft Windows

    * Set the DOS Readonly attribute on a file/directory whenever the unix
      mode combined with the mask 0200 is true.  Previously there was a
      discrepency between the mask used for testing for readonly behavior
      and that used for setting the attribute.

    * Disable AFSVolSync based .readonly "whole-volume callback" support
      because the all file servers prior to 1.5.67 (and perhaps 1.4.12) do
      not properly assign a value to the AFSVolSync structure in bulk
      status RPC responses.

    * Improve the error output from aklog to output the value from krb5
      error_message() if the afs_com_err output indicates an unknown
      value.

    * Convert VBUSY and VRESTARTING to CM_ERROR_ALLBUSY and do not permit
      them to be exposed to the smb redirector.

    * Convert STATUS_TIMEOUT responses to STATUS_IO_TIMEOUT to avoid
      confusion within the smb redirector.

    * Fix the byte order assigned to port numbers associated with AFSDB
      record lookups.  They must be network byte order not host byte
      order.

    * Add dynamic server ranking based on RPC round trip time
      measurements.

  All UNIX client platforms

    * Additional shutdown-time memory leaks removed.

    * Improved logging of resource contention.

    * Provide dumping for Rx debug packet tracking support in source.

    * Update afscp test client to build, and provide an unlock client.

    * Client buffers for directory parsing can now be allocated beyond the
      fixed set formerly provided.

    * Work around race condition when manipulating read-only volume
      callbacks.

    * Bugfixes to get PAG value pioctl.

    * Bugfixes to SRV record support.

  Linux

    * Path MTU tracking code cleanup.

    * Avoid an oops due to racing with vcache recycling thread.

    * Changes to keyring PAG handling: for sufficiently new kernels, use
      only keyring-based PAGs, and disable group PAGs entirely.

    * Updates to the kernel page cache interface: writing pages will now
      not spuriously leak page locks, and will avoid requiring duplicate
      work.

    * Credential references are now tracked using native atomic counters.

    * Kernel mutex/semaphore lock ordering fix to avoid deadlocks.

    * Manipulate disk cache with credentials used to initialize it, to
      avoid security issues.

  MacOS

    * Fix fstrace message catalog location.

    * Fix kernel fstrace logging.


OpenAFS 1.5.66 (2009-10-25)

  All platforms

    * Avoid calling exit() in library code.

    * Add rx window size and peer timeout tuning APIs.

    * Correct rx peer timeout handling to disallow 0ms timeouts.

    * Correct calculation of rx RTT by disregarding retransmitted packets.

    * vos manpages updated to reflect changes in recent versions.

    * GNU-style long options (e.g. --cell) are now supported in all
      commands.

    * fs listacl can now print a command to recreate the current ACL.

  All server platforms

    * Fix a race on transaction objects in the volserver which can cause a
      crash.

    * Avoid destroying and setting to NULL the callback connection when it
      could still be being used.

    * Correct unlink handling in salvager.

    * Improve error messages due to I/O errors in the volserver.

    * Correct an issue which caused converted RO to RW volumes on namei
      fileservers to not come online immediately.

  Microsoft Windows

    * Official support for Windows 7 and Server 2008 R2.

    * Prevent a file server bug (FetchData returning an invalid length
      instead of zero) from causing an "unexpected network error" when
      writing to files.

    * Promote DNS SRV records as superior to DNS AFSDB records.  Support
      arbitrary port numbers for vldb servers.

    * Add AFSVolSync based .readonly "whole-volume callback" support.
      With this functionality, multiple objects from a .readonly volume
      can have their status validated by issuing a single
      RXAFS_FetchStatus RPC.

    * Remove drive mapping functionality and service start/stop from
      afscreds.exe.

    * Remove drive mapping functionality from afs_config.exe.

    * Use {HKLM,HKCU}\SOFTWARE\OpenAFS\Client DWORD "ShowMountTab" to
      restore access to drive mapping functionality in afscreds.exe and
      afs_config.exe.

    * Adjust SMB error return codes to avoid returning STATUS_TIMEOUT
      which results in the SMB redirector disconnecting.

    * Network Identity Manager OpenAFS Provider now provides its own "AFS
      lock" notification icon to report the status of "have tokens, have
      no tokens, service not started, service started but inaccessible".
      Hovering over the icon lists the cells for which tokens exist (if
      any) and the OpenAFS version number.  Double-clicking executes the
      Network Identity Manager default action.

    * Prevent pioctl calls from retrying indefinitely when a sharing
      violation error occurs.

  All UNIX client platforms

    * Correct a condition which could discard the error from initializing
      a fetch request.

    * Avoid using invalid references to afs_Conn connection structures,
      and thus potentially producing invalid data when a retry is needed.

    * SRV records are now supported for discovering AFS servers.

  Linux

    * Correct writepage behavior.

    * Fix error code handling in the writepage code.

    * Avoid leaking page locks, which could potentially hang a machine.

  MacOS X

    * Preferences Pane improvements.

  HP-UX

    * Avoiding attempting to handle critical signals in servers, so that
      core file handling works correctly.


OpenAFS 1.5.65 (2009-10-06)

  All platforms

    * Code compilation warning fixes, to enable better finding and
      tracking bugs.

    * Provide configure-time switch to enable code warning compilation.

  All server platforms

    * Demand-attach fileserver now makes volume LRU list operations
      exclusive operations to avoid races during adding to the list.

    * Fileservers now avoid potential "negative length" fetches.

    * A leak in host tracking objects in the fileserver has been fixed.

    * Salvager now unlinks all files by full path, to deal with the change
      to not chdir for core file tracking.

    * Salvager avoids asserting if the volume header is unreadable.

    * Demand-attach fileserver puts back volume references from fssync
      handlers when done.

  Microsoft Windows

    * Improved service response to suspend and shutdown event
      notifications.

    * Avoid a bug in the file server that can result in an invalid length
      being returned as part of a fetch data response if the client
      attempts to read beyond the length of the file.

    * Do not publish a default stream object for directories and mount
      point objects.  This was impacting the ability of some Windows XP
      systems to save roaming profiles.

  All UNIX client platforms

    * A bug which could cause erroneous handling of lengths on data reads
      has been fixed.

    * A bug where erroneous length returns from the fileserver could
      result in a false error has been fixed.

  Linux

    * Background page copies are now supported for enhanced disk cache
      read performance.

    * Blocking readahead is supported in readpages() to reduce overhead.

    * Use readpage() instead of read() to access cache data to avail disk
      cache users of the kernel backing cache for improved performance.

    * Minimize credential handling for improved performance.

  MacOS X

    * Preferences Pane cleanup.

  Solaris

    * Provide a fs_pathconf method with sensible defaults.

    * Provide a _PC_FILESIZEBITS method to fix some NFS translator
      consumers.


OpenAFS 1.5.64 (2009-09-22)

  All server platforms

    * The demand attach fileserver now puts back volume references gotten
      via the fssync interface.

    * The demand attach fileserver had a structure reference error, which
      has been correected.

  Microsoft Windows

    * Restores Windows 2000 compatibility.

    * Fixes a data consistency error between the output of NetWkstaGetInfo
      and NetServerGetInfo RPCs, specify the Lan workstation group name
      "AFS", and report server name as "AFS" instead of "\\AFS" when the
      caller asks for "\\AFS".

    * Enables executables to be run from \\AFS on Windows 7.  Returns
      "Name not found" instead of "File not found" when a directory or
      file name cannot be found.  This avoids loader errors when system
      dlls cannot be located in the executable directory.

    * Prevents cache manager from marking the file server "down" when the
      data returned in response to either RXAFS_FetchData64 or
      RXAFS_StoreData64 is invalid.

    * Adds pioctl data validation to the AFS Explorer Shell extension.

  All UNIX client platforms

    * A bug which could cause a kernel panic in 1.5.63 has been corrected.
      This would manifest as a GetDCache panic or oops.

  Linux

    * aklog -setpag works again with recent kernels when keyring is in
      use.

  MacOS

    * When Fast User Switch is in use, AFS login is now handled correctly
      by the integration tool included with the preferences pane.

    * Several packaging bugs have been corrected.


OpenAFS 1.5.63 (2009-09-11)

  All platforms

    * The restorevol command is now documented and installed as a user
      command.

    * The uss command now properly translates vldb entries to its expected
      format when handling them in all cases.

    * Documentation now refers to Kerberos instead of kaserver.

  All server platforms

    * bosserver now handles BosConfig.new when restarting, allowing
      configuration to be replaced at restart time rather than with bos
      delete and bos create.  Documentation is updated to reflect this.

    * The demand attach fileservice not longer potentially hangs trying to
      terminate demand-salvages which have already exited.

    * The demand attach fileservice has been modified to avoid spurious
      'SYNC_putRes: write failed' warnings when some protocol messages
      cannot be acknowledged due to the sender terminating the connection.

    * In the event of failure to contact the vlserver or ptserver, the
      fileserver will not exit and trigger a forced salvage. It will
      continue to try in the background to contact the needed services.

    * The salvager can now repair certain cases of a damamged vnode index.

    * The accessDate metadata for a volume is now updated correctly.

  Microsoft Windows

    * CRITICAL: Some applications for example those based on Cygwin were
      unable to access data stored in the AFS name space.  Explorer Shell
      also experienced inconsistent behavior.  This is fixed.

    * CRITICAL: Multiple AFS pioctl requests issued nearly simultaneously
      by applications could result in pioctl responses being received by
      the wrong requester.  This in turn could result in application
      crashes.  symlink.exe, fs.exe, afslogon.dll, afscreds.exe, and the
      netidmgr afscred.dll plugin were all affected.

    * Some XP machines running 1.5.62 had trouble saving roaming profile
      data.  This is fixed.

    * Integrated Logon (afslogon.dll) did not function with domain
      specific configurations.

    * Ensure that access denied and over quota errors experienced while
      storing data to the file server do not result in on-going retry
      attempts.

  All UNIX client platforms

    * Except on Solaris and AIX, the compiler may now be overriden at
      configure time by setting the CC environment variable.

    * afsd now properly deals with large cache partitions.

  FreeBSD

    * Build shared libafsauthent and libafsrpc.

  Linux

    * Kernel module DKMS support now installs an unstripped module to
      allow debugging information to be collected.

  MacOS

    * Preferences pane properly updates token information.

  MacOS 10.6

    * klog will now properly handle passwords of 8 or fewer characters
      with an AFS string to key on hosts able to run 64 bit binaries.

    * A panic at AFS shutdown due to "NO PCB" on a udp_lock has been
      addressed.

    * The panic decoder script included in the source now properly handles
      32 and 64 bit panics.

  NetBSD

    * Avoid defining AFS_KERBEROS_ENV globally as it creates a circular
      dependency.

    * Build shared libafsauthent and libafsrpc.

  OpenBSD

    * Build shared libafsauthent and libafsrpc.


OpenAFS 1.5.62 (2009-08-28)

  All platforms

    * Numerous invisible changes to improve code maintainability,
      portability and enhanceability.

  Microsoft Windows

    * CRITICAL: Fixes two errors that can result in data loss when storing
      data to the file server.
      1. Failure to Store Portions of Unaligned Writes
      2. Failure to Store Data to File Servers Lacking Large File Support
      Read the announcement for more details:
        http://www.openafs.org/pipermail/openafs-announce/2009/000305.html

    * CRITICAL: The cache manager daemon thread could terminate when the
      machine enters suspend mode.  This daemon thread performs the
      background check of down servers, offline volumes, callback
      expirations, etc.

    * CRITICAL: Integrated Logon (afslogon.dll) was terminating
      unexpectedly.  Error checking has been improved and NULL pointer
      dereferences after Lsa API calls fail have been eliminated.

    * For the first time, the OpenAFS SMB Server supports the DCE RPC
      services SRVSVC and WKSSVC.  Browsing \\AFS with the Explorer Shell
      or NET VIEW will now be faster and provide additional functionality.
      No longer will cell names longer than 12 characters be truncated.

    * Improvements to DFS Referral request processing have been
      implemented.

    * Unnecessary DNS lookups of share names are avoided improving
      performance.

  All UNIX client platforms

    * Non-Kerberos PAM modules work correctly again.

  MacOS X

    * MacOS 10.6 (Snowleopard) is now supported, both 32 and 64 bit mode.

    * Updates to the AFSCommander preferences pane.

    * Installer now permits cell names with dashes.


OpenAFS 1.5.61 (2009-08-06)

  All platforms

    * Correct another race condition in the Rx library that could result
      in an unexpected panic while freeing the Rx call iovq.

    * rx packet resend and data packets sent counts were incorrect.

    * fs setquota, fs setcachesize, vos setfields, and vos create now
      accept human readable orders of magnitude. (K, M, G)

    * fs listquota fixed to permit large quota sizes to be displayed.

    * Correct documentation of bosserver permissions requirements.

    * Modify vlserver to avoid potentially corrupting the database through
      volume id reuse.

    * Generalized support for fast Rx timeout due to network
      down/unreachable.

  All server platforms

    * Allow audit logs to be sent via sys5 IPC message queues instead of
      logged directly.

  Microsoft Windows

    * If a file server becomes inaccessible while the cache manager has
      dirty buffers to write, the afsd_service buf_IncrSync thread can
      attempt to use 100% of the cpu.

    * Fix "fs newcell" which was broken in 1.5.60.

    * Do not attempt to synchronize dirty buffers if the associated volume
      is known to be unavailable.

    * Modify behavior of a Freelance mountpoint target that does not
      specify a cell.  Instead of assuming the target volume is in the
      Freelance.Local cell, use the workstation "Cell" specified in the
      registry. A mountpoint target of "#root.cell." will now mean the
      root.cell volume in the workstation cell for the current session.
      If the workstation cell changes from "athena.mit.edu" to
      "andrew.cmu.edu", the referenced volume will also change without
      requiring that the mount point targets be altered.

    * Add cm_FindServerByUuid().  Re-implement RXAFS_InitCallBackState3()
      to permit the server Uuid to be used to lookup the server object and
      from that determine the cell.  This permits callbacks that are
      received from alternate addresses to be processed with a known
      server object.  Previously a request from an unknown server would
      clear all callbacks from all cells.

    * Fix a bug that prevented optimal performance when using a non-zero
      value for 'daemonCheckVolCBInterval'.  As a reminder, when
      "daemonCheckVolCBInterval" is set to a non-zero value, all .readonly
      volume callbacks are automatically renewed 90 minutes before their
      expiration.

    * Fix automatic ranking of vldb servers whose values are obtained from
      the CellServDB file.

    * Add failover for RX CALL TIMEOUT errors when the volume is readonly
      or the call is to a vldb server.

    * Add registry based cell search functionality to NetIdMgr,
      afs_config.exe, and klog.exe.

    * afsconf_GetCellInfo() has been modified to perform gethostbyname()
      lookups on the host names in the CellServDB instead of using the
      specified IP addresses.  This provides aklog, pts, vos, etc. the
      same CellServDB behavior that the Windows Cache Manager uses.

    * When updating the stat cache entry callback of a .readonly object
      from the volume group object, update the file server reference to
      ensure it matches the most update to date callback.

    * Add proper support for processing callbacks from multi-homed file
      servers.  Instead of comparing servers by cm_server_t pointer,
      compare them by UUID when the UUID is known.

    * During a shutdown short circuit the offline volume check daemon
      functionality.

    * Return the error code of RXAFS_FetchData / RXAFS_StoreData in
      preference to an error code reported by rx_EndCall.

    * Add "PerFileAccessCheck" registry value to permit testing against
      experimental file servers that include per-file acl support.  This
      value is intentionally undocumented.  It is not to be used by
      production environment deployments.

    * Fix a bug introduced in 1.5.60 that prevents the afs netidmgr
      provider from obtaining tokens when referrals are in play.

    * Add "fs chown" and "fs chgrp" commands to permit the owner and group
      of objects stored in AFS to be set from Windows.

    * Avoid performing background daemon operations when the machine is
      going into suspend mode.

    * Perform offline volume checks in most recently used order.

    * Prevent crash when a data version for a cache object goes backwards.

    * Multi-thread safe library versions are now being generated and used.
      mtafsubik.lib, mtafsutil.lib, mtafsvldb.lib, mtafsvol.lib.

    * Microsoft SMB Redirector (mrxsmb.sys) support for
      ExtendedSessTimeout values are now available on XP through Windows
      7.  Add functionality to autodetect if such support is present on
      the machine.  If so, configure it if necessary and dynamically
      adjust the AFS Rx timeout values accordingly.

  All UNIX client platforms

    * Fix out-of-tree source builds.

  MacOS

    * GUI installer now asks for local cell information.

    * AFS Commander preferences pane is now installed by default.

  Solaris

    * Avoid kernel panics due to null pointer dereferences in the network
      interface poller kernel thread.


OpenAFS 1.5.60 (2009-05-31)

  All platforms

    * Retry volserver transaction creation on failure.

    * Allow building HTML and PDF documentation from included XML copies
      of User Guide, Admin Guide and Quick Start Guide for Unix.

    * Documentation updates and additional documentation.

    * Add -encrypt support to pts client.

    * Convert MR-AFS fs commands to OSD commands.

  All server platforms

    * Updated background sync process in fileserver to avoid a race which
      could result in a volume being taken offline.

  Microsoft Windows

    * On April 9th Microsoft released a Hot Fix for Windows Server 2003
      SP2 that corrects a deadlock in the smb redirector and also adds new
      functionality that permits the AFS SMB server to be given a longer
      timeout than is normally the case.  New functionality has been added
      to configure these additional LanmanWorkstation\Parameter values.
      (This functionality has been backported to XP SP3 and is scheduled
      to be released on June 5th.)

    * Fix RT#124787, a race condition between "fs flush <dir>", "fs
      flushvolume", or "fs flushall" and on-going directory operations
      that can result in afsd_service.exe crashing.

    * Release Notes, User and Administrator guides are now shipped as
      indexed Windows HtmlHelp Files. (.chm).  Shortcuts are provided from
      the Start Menu.

    * A method of specifying Client CellServDB information within the
      registry has been added that can be used to either override the
      CellServDB file or force the use of DNS lookups for a given cell.
      See the release notes for details.

    * The pioctl interface now properly handles drive letter substitution
      to UNC paths.  (SUBST <d:> <\\afs\cell\path>)

    * The BackConnectionHostNames registry value configuration was broken
      when dynamic re-establishment of Netbios Name registrations was
      added.  This release restores the functionality.

    * All hidden vos.exe commands are now revealed.

    * Attempts to store the same dirty file chunk from multiple threads
      are now prevented.

    * The IsPathInAfs test in Explorer Shell Extension and fs.exe now
      permits broken symlinks to be treated as being in AFS.

    * vos.exe commands that output 64-bit integer values once again do so.
      This was broken in 1.5.59.

    * Cygwin Import Libraries are provided in the SDK for all OpenAFS
      DLLs.  This permits building cygwin applications against OpenAFS
      libraries.

    * NSIS installer does a much better job of cleaning up files left over
      from previous installs.

    * libafsconf.dll moved from Client\Program to Common directory as is
      is now used by all modules for CellServDB processing.

  All UNIX client platforms

    * Write back changes on last store for memcache to avoid discarding
      changes.

    * Abstract disk cache support to allow for path, fh, inode based
      caches with no need for messy ifdef structures each time a new type
      is added.

  DragonflyBSD

    * Support as a userland port.

  FreeBSD

    * Corrected structure definition for userspace cache manager to allow
      builds to complete.

  Linux

    * Corrected client locking support.

    * Updated patch to stop deadlocking in the kernel during mmap.

    * Avoid oops when setting up groups for PAGs to match keyrings.

    * Use Linux fh-based cache in cases where possible by default.

  MacOS 10.3:

    * Corrected structure definition for userspace cache manager to allow
      builds to complete.

  OpenBSD

    * Support for OpenBSD 4.5.

  Solaris

    * Corrected support for server-side vos split interface.


OpenAFS 1.5.59 (2009-04-06)

  Microsoft Windows

    * Increased service priority class to "High" to match the priority of
      system components that are dependent upon the a timely response.

    * SMB error responses avoid returning errors that could confuse the
      Microsoft SMB redirector into disconnecting the connection to \\AFS.

  All UNIX client platforms (except MacOS X 10.4 and 10.5)

    * OpenAFS 1.5.59 contains fixes for the client issues addressed by the
      security advisories OPENAFS-SA-2009-001 and OPENAFS-SA-2009-002.

  Linux platforms

    * Support for prerelease Linux 2.6.30 kernels.


OpenAFS 1.5.58 (2009-03-30)

  All platforms

    * Code cleanup and prototyping.

    * Avoid unnecessary blocking in Rx periodic cleanup code.

  All server platforms

    * Fileserver CopyOnWrite routine optimized for performance.

    * Make fileserver callback dumps 64 bit safe.

    * Fix byte order issues with fileserver host hashing.

    * Fix buffer size issues with butc.

    * Fix several Ubik recovery issues.

    * Avoid leaking file references in the fileserver.

    * Fix a race in DAFS while closing vnodes, and another offlining
      volumes.

    * volserver interfaces for volume splitting client.

  Microsoft Windows

    * [RT 124293] A race condition exists which can result in a crash.

    * [RT 124276] If the vldb is out of sync with the contents of the file
      servers, afsd_service will retry too many times when a file server
      reports a volume as not being present.  Now if the list reported by
      the vldb is the same as the previously seen list, then the retry is
      aborted.

    * [RT 124276] Read-only volume failover was broken in 1.5.53 whenever
      accessing a volume results in VNOVOL or VMOVED.

    * [RT 124276] Prior to 1.3.70 the volume server reference list was not
      reference counted and would be prematurely freed while in use.  When
      reference counting was added in 1.3.70 a bug was introduced that
      could result in service reference list corruption.

    * Add Windows Application Event Log warning messages for "Client SMB
      MPX value too large" and "Client SMB Buffer Size too small".

    * Renaming of files across directory boundaries would result in an
      invalid handle error when attempting to access the files after the
      move.

    * Fix the handling of Tran2 Set Path Info RPCs.  Do not fail when a
      smb file descriptor cannot be found.  The whole point of using a
      Path Info function is because an smb file descriptor wasn't
      allocated.

    * More edge cases in which dynamic addition of Freelance root.afs
      entries would get the wrong FID or where the root.afs directory
      would not be refreshed.

    * Buffer overflow could occur if the workstation cell name was longer
      than 64 characters.  Crashes could occur in afscreds.exe,
      afslogon.dll, and afsd_service.exe.

    * VNOSERVICE and VOFFLINE errors were leaking and were exposed to the
      smb client.

    * Log file server uuid values as part of the cm_server object when
      available.  Dump the cm_server object list in response to "fs
      memdump".

    * Optimize the performance of resetting access control lists when
      tokens are set or removed.

    * Remove symlink recursion tests and increase max symlink count to 64
      from 16.

    * Windows specific Rx performance improvements.

    * Support for Network Identity Manager 2.0

  All UNIX client platforms

    * Avoid issues with freeing resources at shutdown.

    * Numerous fixes to disconnected AFS.

    * Disconnected AFS fixes for replaying changes without double-freeing.

    * Attempt to use krb524 principal conversion in aklog if available.

  AIX

    * Kerberos configuration at build time corrected.

  Linux

    * Default to dynamic allocation of AFS kernel cache entries to allow
      growth for inotify()-pinned entries. (beagle, famd, etc)

    * Change client truncation routines to avoid locking issues.

    * IA64 port clients fixed on Linux 2.6.

    * RPMs now install fstrace message catalog.

    * Support through kernel 2.6.29 tested.

    * Fix locking issues on CellServDB file in /proc.

  OpenBSD

    * Support OpenBSD 4.4


OpenAFS 1.5.57 (2009-01-23)

  All platforms

    * Conditional compilation of rxdebug support is now possible.

    * Documentation updates.

    * Further race connditions in Rx have been corrected.

  All server platforms

    * Salvager no longer attempts to recreate headers in the wrong
      partition.

    * Volumes are properly marked in use on creation and subsequently on
      examination with vos.

  Microsoft Windows

    * Undo the "UAC manifest fix" applied to afs_config.exe.

    * Ensure that Freelance allocation of vnodes follow the AFS convention
      of odd vnodes are directories and everything else is an even vnode.

    * Add Freelance logic to mount point and symlink evaluation functions.

    * Enhance smb_ParseASCIIBlock() so that it can handle all of the
      STRING formats defined by the CIFS Technical Report 1.0.

    * Validate the output of smb_ParseASCIIBlock() in all callers.  Return
      CM_ERROR_BADSMB if the STRING field cannot be parsed.
      CM_ERROR_BADSMB will cause the contents of the packet to be logged.

    * If multiple SMB Raw Write operations were taking place at the same
      time, there could be data corruption because unique event objects
      were not generated for each Netbios receive operation.

  All UNIX client platforms

    * Userspace AFS library can now deal with large files when supported
      by the platform.

    * Numerous updates to disconnected AFS support, including changes to
      allow reconnection to work in more circumstances.

  FreeBSD

    * FreeBSD unstrategy code has been updated.

  Linux

    * A race during file truncation has been corrected.

    * System call probing routines have been updated.

    * 2.6.29 is now supported.

  MacOS

    * 10.3 support has been corrected.

  OpenBSD

    * Initial OpenBSD 4.4 support.

  Solaris

    * Updates to allow compiling on newer OpenSolaris are now included.


OpenAFS 1.5.56 (2008-12-30)

  All platforms

    * libuafs (userspace cache manager) updated to correct several errors.

    * Additional rx debugging support is available as a conditional
      compile.

    * A race condition in Rx leading to a panic has been corrected.

    * Rx idle time tracking has been corrected.

    * ubik clone server support has been corrected.

  All server platforms

    * Salvager no longer leaves cores in vice partitions.

    * The vol-dump tool now supports dumps larger than 2gb where possible.

    * Operations on multiple files now report all FIDs in the audit log.

    * butc XBSA support now works correctly on amd64.

  Microsoft Windows

    * The NetIDMgr AFS Provider automated configuration logic was broken
      by the introduction of Kerberos referrals.  If the realm of the
      identity cannot be determined, the workstation cell is now assumed
      to belong to the newly created identity.

    * Avoid a reference count under flow during rename operations.

    * Avoid a crash caused by treating an arbitrary length directory
      search mask as an 8.3 mask.

    * Prevent rename operations if a case insensitive match for the target
      name already exists and does not refer to the object being renamed.

    * Increase the maximum number of background daemons to 64.

    * Fix the UAC manifest applied to afs_config.exe

  All UNIX client platforms

    * Updates to disconnected AFS support.

  FreeBSD

    * FreeBSD 7.1 is now supported.

    * amd64 FreeBSD is now supported.

  Linux

    * Generic fh (exportfs API) cache type is now available.

    * Avoid some oopses due to backing_dev_info inode fields not being
      filled.

    * 2.6.28 is now supported.

  MacOS

    * 10.3 support has been corrected.

  Solaris

    * Large partition support has been corrected.

    * Filesystem-agnostic cache is now available on Solaris 10 and 11.


OpenAFS 1.5.55 (2009-11-10)

  All platforms

    * Salvager avoids leaving core files in vice partitions.

    * NFS translator fixes.

    * Unresponsive server handling fixes.

    * A volserver race which could result in duplicate transactions is
      fixed.

  Microsoft Windows

    * Fixes a panic caused by corruption of the SMB virtual circuit list.
      (race condition)

    * Fixes a panic caused by receipt of a UTF-16 string that cannot be
      converted to UTF-8.

    * Implements a more aggressive recovery algorithm for Netbios errors
      that result in loss of communication to the AFS SMB server.

    * Improve pioctl response time when testing whether or not a PATH is
      in AFS.

    * Adds support for linked cells.

    * Increases the length of the cell and realm names that can be input
      into the Network Identity Manage AFS provider configuration dialog.

  All UNIX client platforms

    * Disconnected AFS avoids infinite recursion during rmdir.

  Linux

    * Support for 2.6.28 (not complete for NFS translator modules).

    * Support for using exportfs API for filesystem-agnostic cache.

    * Disable backing store readahead.

    * Avoid deadlocks when writing back mmapped files larger than the
      cache.

    * Avoid Oops when doing PAG garbage collection.


OpenAFS 1.5.54 (2008-10-08)

  All platforms

    * Updates for new Tivoli X/Open API finding.

    * A double-free is corrected in Rx.

  All server platforms

    * Ubik cleans up file descriptor cache correctly when doing recovery.

    * Enhanced vldb error checker included.

  Microsoft Windows

    * Prevent a crash that could occur when multiple file / directory
      change notifications are processed simultaneously.

  MacOS

    * AFS claims more free space so Finder will attempt file copies.

  Linux

    * Avoid spurious ENOENT when calling gwtcwd() on a volume root.

    * Avoid spurious ENOTDIR during fakestat.


OpenAFS 1.5.53 (2008-09-26)

  All platforms

    * rx avoids many packet leaks.

    * rx jumbogram disabling now works (and is the default).

  All server platforms

    * Demand Attach fileserver tries to avoid issues tracking offline
      status of volumes.

  Microsoft Windows

    * Many potential deadlock conditions due to out of order lock
      acquisitions have been corrected.

    * A race condition resulting in an undercount on the cm_scache_t
      reference counts has been corrected.

    * An empty string when sent as an ioctl path is now properly
      interpreted as meaning the current directory.  This affects "fs
      lsm", "symlink list", etc.

    * Fix smb string parsing differences where the smb protocol
      documentation does not match the actual Windows implementation.

    * Random access denied errors fixed.

    * A file server lock synchronization issue was corrected in SMB
      NTCreateX and NTTranCreate operations.  This bug prevented properly
      operation when loading roaming profiles.

    * Fix a heap overwrite error during server probe operations if a new
      server is added while a probe operation is in progress.

    * Fix an LSA memory leak that was the result of an LSA error.

    * Do not leak cm_cell_t objects if the VLDB server lookup fails.

    * Only initialize rx mutex/lock objects once.

    * Do not nul terminate the AFS volume name when reported to Windows.

    * Improve VNOVOL error handling.  Prevent updated vl information from
      being destroyed immediately after it was acquired.  This bug
      prevented proper fail over when volumes are moved or removed from a
      server.

    * Remove volume id from the server volume list in response to VMOVED
      and VNOVOL errors.

    * "fs flushXXX" commands now destroy locally built B+ directory trees.

    * Prevent mixture of locally modified directory pages and file server
      directory pages.

    * Fail over to alternate vl servers if a ubik error is returned.

  All UNIX client platforms

    * Disconnected AFS now supports read-write mode.

    * volserver now builds correctly.

  AIX

    * AIX 6 is now supported.

  FreeBSD

    * FreeBSD 7 is now supported.

  Linux

    * cache bypass is now supported.

    * 2.6.x kmod compilation now uses kernel compile options always.

    * Support through 2.6.27.

  MacOS

    * Show more space free so Finder doesn't get confused.

  Solaris 10

    * Default to namei rather than inode.


OpenAFS 1.5.52 (2008-08-18)

  All platforms

    * Initialize volume updateDate at volume creation.

    * Avoid potential corruption of directories during salvage.

    * Check for out of memory condition during allocation of additional Rx
      packets.

  Microsoft Windows

    * Restore support for Windows 2000 (broken in 1.5.50).

    * Perform additional validation on volume names in mount points during
      creation and evaluation.

    * Fix several deadlocks, races, and reference count issues.

    * Further optimize SMB Directory Search processing and minimize the
      number of InlineBulkStatus RPCs sent to the file server.

    * Enable "bos restricted" operations.

    * Fix the create of submounts used by the AFSCreds and afs_config
      drive mapping tabs.

    * Fix a short name truncation bug. (1.5.50)

    * Fix the error code reported when attempting to delete a file on a
      readonly volume or one that is marked with the readonly DOS
      attribute.

    * Fix a heap corruption error when reading the CellServDB file
      location.

    * Add the "RxUdpBufSize" registry value.  The new default is 256KB.

    * Do not include trailing NULs in the directory search output.
      (1.5.50)

    * Pre-allocate 64 Rx Packet buffers per thread in order to improve
      performance.

    * For debugging: add smb lock requests and stat cache lock allocations
      to the output from "fs memdump".

  NetBSD

    * Workaround broken sigwait() to allow fileserver to shut down
      correctly pre NetBSD 5.0.

  Solaris 10

    * Default to namei fileserver; Allow inode fileserver at configure
      time by override.

  NFS translator

    * Try harder to avoid kernel panics for malformed requests.


OpenAFS 1.5.51 (2008-07-29)

  All platforms

    * salvager tries harder to arrange for clients to get VBUSY while
      salvaging single volumes.

    * salvager avoids certain corruption when salvaging directories.

    * Rx connection clones disabled.

  Microsoft Windows

    * The 32-bit EXE 1.5.50 installer failed to properly install the C
      Runtime library.  When used as an upgrade OpenAFS would continue to
      work but when used as a new installation, OpenAFS binaries would
      fail to load.

    * Fixes the "fs" and "symlink" commands to properly parse Unicode path
      prefixes during the pioctl remote procedure call.  This bug would
      result in file not found errors for files and directories that
      clearly exist.  (Bug introduced in 1.5.50)

    * Large File support is disabled. (Bug introduced in 1.5.50)

    * Removes the possibility of a deadlock during volume location update
      operation if all of the reported file servers are unreachable at the
      time of the update.

    * Ensures that reference counts are properly incremented/decremented
      on Rx connection objects used for volume location RPCs.

    * Over Quota errors during cm_FSync() calls would lead to an infinite
      loop as the error was never propagated to the caller.

  All UNIX client platforms

    * Bugfixes to disconnected AFS support in the cache manager.


OpenAFS 1.5.50 (2008-07-16)

  All platforms

    * volserver puts recloned volumes back online before returning the
      volume to the fileserver, avoiding spurious VNOVOL errors.

    * Updated TSM X/Open API support available.

    * Demand Attach fileserver will not crash due to accesses during
      volume cloning.

    * Substantial documentation updates.

    * Demand Attach fileserver state tracking and analyzer tool
      improvements.

    * UAFS userspace cachemanager updates.

    * Corrected support for anti-meltdown protection in the client.

  Microsoft Windows

    * UNICODE Character Set Support.

    * Pioctl interfaces to the cache manager have been refactored to
      provide layering between the SMB specific code and the general
      purpose ioctl operation.

    * Garbage collect dead SMB virtual circuits as soon as they are no
      longer being referenced.  This avoids problems with outstanding
      locks not being dropped when the virtual circuit becomes invalid.

    * Remove the IBM Administration Reference documentation and replace it
      with the OpenAFS Command Reference Manual.

    * Avoid calling rx_SetDeadTime and rx_SetHardDeadTime functions each
      time a connection is about to be used.  Do not hold a lock on the rx
      connection object while it is being selected.  This avoids a race
      between threads attempting to set the timeout values and removes a
      bottleneck that was hampering performance.

    * Ensure that the smb directory attribute is set for all directory
      objects.

    * Replace the VC Runtime EXE installer with the MSI installer in the
      NSIS installer scripts.

  Solaris

    * Support for updates to OpenSolaris.

  Linux

    * Correct dentry revalidation for cross-directory renames.

    * Updated rpm packaging materials for 1.5 release series and 2.4
      kernels.

    * Corrected syscall table probing.

    * NFS translator updates for current kernels.


OpenAFS 1.5.39 (2008-06-24)

  All platforms

    * Updates for Demand Attach fileserver.

  Microsoft Windows

    * Fix two memory leaks.

    * Fix one missing lock.

    * Handle access denied errors when writing dirty buffers.

    * Fix two errors that would cause the *experimental* AFS Servers
      to crash.


OpenAFS 1.5.38 (2008-05-24)

  All platforms

    * Add read-only disconnected support.


OpenAFS 1.5.37 (2008-05-21)

  All platforms

    * Includes a number of optimizations for testing.


OpenAFS 1.5.36 (2008-05-09)

  All platforms

    * Rx optimizations now attempt to deal with high latency WANs.

    * Client will not wait infinitely for a server which is not providing
      data.  Additional servers will be polled without marking the server
      which is not providing data down.

    * vos move will not erroneously unlock locked vldb entries on failure.

  All server platforms

    * Fileserver avoids a potential infinite loop when a client
      relinquishes an address.

    * Fileserver large setting now configures more threads.

    * Fileserver properly registers uuids of new clients.

    * Ubik servers do not improperly hide updates from clients.

    * Fileservers reserve enough file descriptors such that each thread
      can cache one to avoid spurious errors.

  Microsoft Windows

    * Fix a cm_buf_t reference count leak when attempts to write dirty
      buffers to the file server from within cm_IncrSyncer() fail.

    * Prevent udebug from crashing.

    * Another VNOVNODE issue fixed.  When writing a dirty buffer to the
      file server, if VNOVNODE is received, mark all buffers as invalid
      without further attempts to contact the file server.


=======> Changes back to 1.3 have not yet been incorporated here <=======


OpenAFS 1.3

  * -nosettime is now the default for afsd.  Use "-settime" to get the
    old behavior.

  * OpenBSD is now supported.

  * Mountpoint directory information is now only faked for cross-cell
    mountpoints when using the -fakestat flag (e.g. for the directories
    under /afs, but not for most other volumes mounted inside the cell).
    The -fakestat-all switch can be used to fake information for all
    mountpoints.

  * When fakestat is enabled on MacOSX, the Finder can be used to browse
    a fully-populated /afs directory.  However, this precludes reliable
    use of entire volumes as MacOS bundles (i.e. containing a Contents
    directory in the root of the volume).

  * Mountpoint directory information can be faked by the cache manager,
    making operations such as stat'ing all cells under /afs much faster.
    This is enabled by passing -fakestat to afsd, but might not be stable
    on all platforms.


OpenAFS 1.2.9

  * The kaserver now defaults to not allowing interrealm authentication,
    due to security vulnerabilities in the krb4 protocol.  The new
    "-crossrealm" flag to the kaserver is provided to reenable interrealm
    authentication if desired.

  * RedHat Linux 9.0 is now supported.

  * Solaris 9 12/02 is now supported.  Solaris 7 and 8 x86 should now
    work again.

  * On Linux machines using 2.2 series kernels, 2.2.19 or higher is now
    required.

  * An OpenAFS 1.2.9 afsd will not work with kernel modules built from
    an earlier OpenAFS release.  In general, using a mismatched afsd and
    kernel modules set is unsupported; it is not recommended that you use
    such a configuration on a regular basis.


OpenAFS 1.2.8

  * Mountpoint directory information is now only faked for cross-cell
    mountpoits when using the -fakestat flag (e.g. for the directories
    under /afs, but not for most other volumes mounted inside the cell).
    The -fakestat-all switch can be used to fake information for all
    mountpoints.

  * HPUX 11.0 is now supported.

  * It is now possible for AFS to use Kerberos 5 directly, via rxkad 2b.
    See the OpenAFS 1.2.8 Release Notes for more information on using this
    capability.

  * An NFS translator kernel module is now included and compiled by
    default for Solaris only.


OpenAFS 1.2.7

  * MacOS X 10.2 is now supported.  FreeBSD 4.3 and later support is
    included in this release, but is still under active development and
    should only be used by those doing active development on the OpenAFS
    FreeBSD client.

  * When fakestat is enabled on MacOSX, the Finder can be used to browse a
    fully-populated /afs directory.  However, this precludes reliable use
    of entire volumes as MacOS bundles (i.e. containing a Contents
    directory in the root of the volume).

  * The fileserver will now use Rx pings to determine if clients are
    reachable prior to allocating resources to them, to prevent asymmetric
    clients from consuming all fileserver resources.


OpenAFS 1.2.6

  * Mountpoint directory information can be faked by the cache manager,
    making operations such as stat'ing all cells under /afs much faster.
    This is enabled by passing -fakestat to afsd.

  * Solaris 9 FCS and Solaris 7 and 8 x86 are now supported.


OpenAFS 1.2.5

  * A remote denial of service attack in the AIX and IRIX clients has been
    fixed.  Users of those platforms are strongly encouraged to upgrade.

  * Fixed race conditions in fileserver that could result in crash.


OpenAFS 1.2.4

  * Server logfiles now more consistant about format in which hosts are
    referred to.

  * vfsck on Solaris will now allow force runs (using -y flag) even if old
    inodes exist.


OpenAFS 1.2.3

  * Cell aliases for dynroot can be specified in the CellAlias file in
    /usr/vice/etc or /usr/local/etc/openafs, in format "realname alias",
    one per line.  They can also be managed at runtime with "fs newalias"
    and "fs listaliases".


OpenAFS 1.2.2

  * Solaris 9 and Linux PA-RISC are now supported.

  * fileserver will not erroneously delay legitimate errors for 3 seconds
    after 10 errors are returned (e.g. stat() on a directory you can't
    read).

  * Rx MTU calculation now works for Irix, Solaris and Linux

  * If afsd is started with the -dynroot flag, /afs will be locally
    generated from the CellServDB.  AFSDB cells will be mounted
    automatically upon access.

  * The namei fileserver allows vice "partitions" to be directories
    instead of partitions and will attach and display accordingly.
    Creating the file "AlwaysAttach" in the /vicepX directory is used as
    the trigger to attach it.

  * TSM support for butc no longer requires editing a Makefile, simply
    specify the --enable-tivoli-tsm configure option.

  * Linux builds no longer require source changes every time the kernel
    inode structure changes; the OpenAFS sources will now configure itself
    to the actual inode structure as defined in the kernel sources.


OpenAFS 1.2.1

  * vfsck on Digital UNIX and Solaris will now refuse to fsck mounted
    mounted partitions.


OpenAFS 1.2.0

  * AFS now supports --prefix and the other directory options of
    configure.  By default AFS builds assuming it will be installed in
    /usr/local.  In order to get traditional AFS directory paths (/usr/afs
    and /usr/vice/etc) use the --enable-transarc-paths option to
    configure.  More details on the new directory layout are found in
    README.


OpenAFS 1.1.1a

  * Windows 95/98/ME/NT/2000 - Consistent versioning:  Installation, AFS
    Control Center, Client dialog boxes and properties pages for
    executables display a consistent OpenAFS version number.  Installation
    detects previous installation and prompts the user for upgrade
    options.

  * Windows 95/98/ME/NT/2000 - Installation features:  During installation
    the user can select the source of the CellservDB file, AFS home cell,
    and drive mappings.  During installation a drive path mapping can
    include a variable that will be substituted with the current UserName
    that is logged in.

  * Windows 2000/NT - Integrated logon:  The Integrated Logon feature
    works now.

  * Windows 95/98/ME - Logon script features:  The Windows 95/98/ME client
    now offers a command-line option for starting up the AFS client
    without authenication. It is now possilbe to start the AFS client
    first and obtain tokens, and map drives all through Windows scripts.
    This helps using Windows 95/98/ME client in Kerberos 5 environment.

  * Windows 2000/NT - LANA numbers:  AFS client now scans the LANA numbers
    to establish the correct NETBIOS connection.  NetBEUI is no longer
    needed.  The user no longer needs to find the correct LANA number.

  * Windows 2000/NT - OpenAFS naming consistancy:  Further progress has
    been made to remove references to "Transarc AFS" and replace with
    "OpenAFS".


OpenAFS 1.0

  * AFS now builds with configure. The README for building has been
    updated and includes full details.

  * A client system can now have multiple sysname values for @sys.  They
    will be searched in order when looking up files in AFS.  The
    -newsysname argument to fs sysname can be repeated to set multiple
    sysnames.

  * A new system group is created for new cells (system:ptsviewers with id
    -203).  If this group exists, members of this group can examine and
    read the entire protection database.  They can examine all users and
    groups and can get the membership of any group.

  * A new program, pt_util has been added to the distribution.  This
    program allows users to print the contents of the protection database
    or to edit the protection database without running a ptserver.  It can
    be used to set up a new cell without ever running in noauth mode.  Run
    pt_util -h for help.

  * The fs setcrypt and fs getcrypt commands have been added.  These
    commands allow the system administrator to require that the client
    encrypt all authenticated traffic between the client workstation and
    AFS.  The encryption used is weak, but is likely better than sending
    unencrypted traffic in most environments.  Some functions, such as
    looking for a volume may not be encrypted, but data transfer certainly
    is.  By default data is not encrypted.  At this time no significant
    experimentation with server performance has been conducted.

  * By default AFS is compiled with AFS_AFSDB_ENV, enabling the -afsdb
    option to be given to afsd on startup.  If this option is used, then
    new cells will be looked up using AFSDB records stored in DNS if they
    are not found in CellServDB.  This means that users can create
    cross-cell mountpoints in directories they control to access cells not
    in root.afs, and that cells in root.afs need not be in the client's
    CellServDB.

  * AFS database servers can be marked as read-only clones.  Surround the
    hostname in square brackets on the bos addhost command and the
    database server will never be elected sync site.  This is useful for
    cells distributed over a wide region.

  * The AFS servers now support the -syslog flag.  This flag causes them
    to log to syslog rather than to files.  This flag is not supported on
    NT.  For all servers besides the salvager, the flag can also be
    specified as -syslog=facility, where facility is an integer facility
    code from syslog.h.  A -syslogfacility option is provided for the
    salvager to accomplish the same goal.

  * If the --enable-fast-restart flag is given when configuring AFS, then
    the salvager supports the -dontsalvage flag which causes it to exit
    without salvaging any volumes.  If this is configured into the third
    command of a fs process, then the fileserver will start without
    salvaging.  It will fail to attach volumes that need salvaging and
    they can be salvaged manually.  This provides significantly better
    server startup performance at the cost of administrative complexity.

  * If the --enable-bitmap-later flag is given when configuring AFS, then
    the fileserver creates bitmaps for free vnodes on demand, allowing
    faster starts.

  * If bosserver finds a BosConfig.new file at startup, it reads this file
    and renames it to BosConfig.  This allows bosserver to be reconfigured
    at next restart.

  * The bosserver can be placed in a restricted mode in which AFS
    superusers are only granted limited access to the server host. The
    following functionality is disabled when restricted mode is in use:

      bos exec
      bos getlog (except for files with no '/'s in their name)*
      bos create *
      bos delete
      bos install
      bos uninstall

    specific exceptions are made for functionality that "bos salvage"
    uses:

    A cron bnode who's name is "salvage-tmp", time is now, and command
    begins with "/usr/afs/bin/salvager" may be created. This bnode deletes
    itself when complete, so no special "delete" support is needed.  This
    functionality may be removed in the future if a "Salvage" RPC is
    implimented.

    The file with the exact path /usr/afs/logs/SalvageLog may be fetched,
    since that is how bos salvage [...] -showlog is implimented.

    Restricted mode is enabled using a new bos command (bos setrestricted)
    or bossever command line switch (bosserver -restricted). Restricted
    mode can be disabled by a) sending the bosserver process a SIGFPE
    (which will then allow restricted operations until the next restart or
    setrestricted command) or b) editing /usr/afs/local/BosConfig (or
    BosConfig.new), and restarting the bosserver.

  * The bos UserList of trusted administrators can now contain cross-realm
    Kerberos principals.

  * udebug now takes --server not --servers.

  * Several error messages have been improved to include volume numbers.

  * Several new ports have been included for UNIX platforms: Darwin
    (ppc_darwin_12 and ppc_darwin_13), Linux 2.4 (i386_linux24), Linux on
    the Powerpc (ppc_linux22 and ppc_linux24), Linux on the Sparc
    (sparc_linux22, sparc64_linux22 and sparc64_linux24).

  * Incomplete FreeBSD and Alpha Linux ports are included.  The FreeBSD
    port has a working server and the Alpha Linux port has a partially
    working client.

  * A native client for Windows 95/98/ME has been added to the
    distribution.  With this program, a gateway machine is no longer
    required for Windows 9x to access AFS files.  One drive letter will be
    created on your machine by default - Z:.  The Z: drive will be the
    root of the AFS tree, allowing you to browse all sites that have AFS
    servers available.  Additional drive letters can be defined for other
    AFS directories.  A Windows Explorer shell extension is included that
    allows you to right click on items within an AFS tree to bring up an
    "AFS" menu item and perform various operations on a file or directory.
    The most useful item is "Access Control Lists", which allows you to
    view and edit the permissions of a particular directory.  Command line
    tools are also available in the install directory.  These commands
    include klog, unlog, tokens, kpasswd, symlink, fs and pts.  The
    installable includes a readme file that contains more information on
    how to use the client program and known issues.

  * Support for large caches in afsd.  Cachefiles are stored in
    subdirectories.  The default is 2048 files per subdirectory, which
    should work fine in most situations.  You can use the new afsd option
    -files_per_subdir to change this number.  Note that the first time you
    run afsd with this patch, your cachefiles will get moved into
    subdirectories.  If you subsequently run an older version of afsd, you
    will lose all your cached files.