User-Visible OpenAFS Changes
+OpenAFS 1.9.0
+
+ All platforms
+
+ Introduce the rxgk Rx security class, initially limited to server-to-server
+ traffic and local keys (gerrit topic: rxgk-phase1).
+
+ Add options to the vos and pts commands for server-to-server rxgk support.
+
+ Add support to add and delete rxgk keys with asetkey. Add support to
+ generate random keys with asetkey, which can be useful to create certain
+ types of rxgk keys.
+
+ Raise implementation-defined anti-DoS length limits for prdb-related XDR
+ array types, which were being reached at some sites (13838).
+
+ Bring "-setpag" functionality in klog to parity with aklog (14146).
+
+ Fix potential Rx hang when an incoming call must wait (14158).
+
+ Fix latent bug preventing RX_CONN_NAT_PING from working (13041).
+
+ Fix potential rx_connection leak in pthreaded programs (13042).
+
+ Avoid NatPing storm with many connections to the same server (14312).
+
+ Do not leave empty directories behind in the file server vice partition
+ when running the "vos zap -force" command (12879, 12839).
+
+ Make non-verbose "vos remsite" output output more readable (14127).
+
+ Display the usage of simple commands (commands without subcommands) when run
+ only with the -help option (10983).
+
+ Replace SOURCE-MAP with a README.md (14003).
+
+ Improve documentation of minimum required dependency versions (14305).
+
+ Remove unused definition of LINUX_PKGREL from configure.ac (14117).
+
+ Improve logging and diagnostic messages:
+ * Add a warning message to vos when performing an incremental volume
+ restore over an existing volume which is newer than the dump
+ volume (13251)
+ * Log the binding address and port during startup in the cache manager and
+ all of the server processes (13272)
+ * Improve volume server logging to provide better information during
+ volume restore failures (13252)
+ * Improved cache manager syslog tracing (11858)
+ * Improved database server logging to log important messages at the
+ default logging level, log information during database synchronizations,
+ and log diagnostic messages during recovery aborts (12617, 13079, 12618)
+ * Set a thread name for rx listener threads (13600)
+ * Avoid truncating authentication information in vlserver log
+ messages (13466)
+ * Log when ubik recovery aborts a running remote transaction (13862).
+
+ Fix warnings issued by static code analyzers:
+ * Fix possible undefined variable in disconnected mode (13207)
+ * Remove redundant conditionals (13158, 13157)
+ * Exit if out of memory while attempting to format command help
+ messages (13335)
+ * Fix possible undefined variable when reading old vldb formats (13755)
+
+ Assorted memory-handling fixes (13461, 12293, 13355, 13395, 13396, 13161,
+ 13659, 13714, 13715, 13760, 13716, 13761).
+
+ Fix many (but not all) of the new warnings issued by recent versions of
+ gcc and clang (12987..12989, 13010, 13287, 13462..13464, 13467..13468,
+ 13470..13476, 13494, 13660..13664, 13684, 13726, 13754, 14049, 14092,
+ 14106, 14207, 14273, 14277, 14274, 14275, 14279, 14292, 14125).
+
+ Added unit tests for functions mapping vice partition to id (13176).
+
+ Fix issues resulting in parallel "make install" to fail (13786, 14137).
+
+ Updated libauth test program (13394).
+
+ General code cleanup; remove unused code or obsolete code, old comments,
+ or refactor for clarity
+ (12988, 13204, 13209, 13210, 13213, 13226, 13227, 13260, 13271, 13277,
+ 13309, 13310, 13324, 13325, 13339, 13345, 13346, 13351, 13361, 13362, 13363,
+ 13390, 13397, 13408, 13414, 13458, 13490, 13500, 13509, 13514, 13557, 13640,
+ 13655, 13282, 13683, 13995, 14218, 14219, 14236, 14246, 14322, 14338).
+
+ Build system clean up and fixes
+ (12956, 12961, 12962, 12963, 12992, 12993, 12994, 13237, 13275, 13338,
+ 13357, 13360, 13387, 13419, 13594, 13652, 14115, 14148..14150, 14132,
+ 14133, 14135, 14153).
+
+ All server platforms
+
+ Improve database server logging by logging messages when and why a server
+ is marked as down (12616).
+
+ Log a warning message when starting server processes with no encryption
+ keys available (13911).
+
+ Fix use of triple-DES cell-wide keys for rxkad.krb5 (14203).
+
+ Remove redundant lseek system calls and use positional I/O in the database
+ servers to improve performance (12271, 12272).
+
+ Fix option parsing to enable parallel salvageserver operation (14201).
+
+ Fix an edge case where writes were errneously allowed on readonly
+ fileservers (13934).
+
+ Add an option to allow members of system:administrators to perform
+ write operations on otherwise readonly fileservers (13707).
+
+ Allow "vos rename" to be re-run to finish a previously interrupted
+ volume rename operation (13720).
+
+ Return errors for short reads during volume dumps instead of silently
+ padding with NUL bytes (14255).
+
+ Work around potential deadlocks when the salvageserver spawns a child
+ at the same time another thread is writing to the log (14239).
+
+ Do not overwrite the errno variable when logging certain database sendfile
+ errors (13263).
+
+ Avoid confusing log message ("Unable to create the volume") when
+ restoring over an existing volume (14208).
+
+ Fix vldb listing of created-but-not-released RO replicas (14154).
+
+ Avoid confusing "half-locked" state for interrupted volume renames (14157).
+
+ Prevent attempts to grow the VLDB past the maximum 2GB size (14180).
+
+ Fix a bug that prevented logging of discarded callbacks (14256).
+
+ Code migration to POSIX Threads (pthreads) from LWP.
+ * Convert upserver and upclient to pthreads (12754)
+ * Convert xstat libraries and related utilities to pthreads (12745, 12746,
+ 12747, 12753, 13454, 13455)
+
+ All client platforms
+
+ Attempt to detect and report some common types of cache corruption
+ (13436, 13747, 13969, 14002).
+
+ Log a warning when the cache is "stressed" (almost full) to suggest
+ possible re-tuning (13255).
+
+ Require opt-in to use the historical/deprecated single-DES krb5
+ encryption types, which are being removed from krb5 distributions (13689).
+
+ Fix incorrect informational messages when the AFSCELL environment
+ variable is set (13371).
+
+ Assorted cleanup and microoptimizations (12655, 13254, 12656, 13253, 14241,
+ 13256, 14254).
+
+ Tidy up the shutdown sequence, closing some memory leaks and not
+ generatin Rx traffic while Rx datastructures are being deconstructed
+ (13718, 13719).
+
+ Fix reading entries of historic vldb formats (13465).
+
+ Suppress warning about running unauthenticated for `bos -noauth` (14306).
+
+ Linux
+
+ Support upstream kernels through Linux 5.9.
+
+ Be more careful about overriding the current credentials for operations
+ on cache files, preventing spurious permission errors when systems like
+ AppArmor and SELinux are in use (13751, 14098).
+
+ Avoid panics from procfs when the kernel module is loaded but afsd is
+ not running (14093).
+
+ Improve ppc64le support (13980, 14046).
+
+ Improve RPM packaging (14114, 14116, 14266)
+
+ MacOS
+
+ Simplify background-move return-code processing (13280).
+
+ Support macOS Catalina (13935, 13936, 13668..13671, 13928, 14062, 14222).
+
+ Add OpenAFS.pkg to the list of files to be codesigned (14221).
+
+ Solaris
+
+ Remove references to (unspported) SunOS 4 (13506).
+
+ Build system fixes for parallel make on Solaris.
+
+ Support function attributes when building with recent versions of Solaris
+ compilers.
+
+ Fix many (but not all) of the compiler warnings when building on the Solaris
+ platform.
+
+ Add autoconf support for Studio 12.6 tools (13867).
+
+ FreeBSD
+
+ General improvements to VFS compliance.
+
+ Create destination kernel module directory when installing on
+ FreeBSD (13653, 13690)).
+
+ Add param.h files and sysnames for FreeBSD 11.2 (13534), 11.3 (13792),
+ and 12.1 (13982).
+
+ Fix fcntl-style locks by adapting to quirky historical behavior (12579).
+
+ Support kernels that use VIMAGE support at runtime, not just at
+ build-time (12580).
+
+ Change LWP stack strategy to avoid SIGBUS errors (13691).
+
+ Skip SIGBUS test (for reasons unrelated to the previous) (14145).
+
+
+OpenAFS 1.8.6
+
+ All platforms
+
+ * Address warnings and errors encountered when building OpenAFS with
+ modern compilers like gcc9 or recent clang (13727..45 13749..50 13756
+ 13846 13879)
+
+ * Avoid some rare cases of Rx calls getting stuck in the incoming queue
+ (13892)
+
+ * Display the usage of simple commands (commands without subcommands) when
+ run only with the -help option (13894)
+
+ * Fix a memory leak in the cache manager and the fileserver while
+ processing "fs uuid" or "fs setcbaddr" (13899)
+
+ * Fix a memory leak when reopening krb local realms configuration (13900)
+
+ * Avoid possible crashes when freeing kerberos contexts (13902)
+
+ All server platforms
+
+ * Do not leave empty directories behind in the file server vice partition
+ when running the "vos zap -force" command (13897)
+
+ * Fix "vos zap -force" failures when the volume being zapped does not have
+ an entry in the fileserver's volume group cache (e.g., during fileserver
+ startup) (13896)
+
+ * Relax the length limits on some membership lists used in ptserver RPCs,
+ introduced in release 1.8.0 to prevent denial of service attacks, to
+ accommodate use cases of some larger existing sites (13844)
+
+ * Improved diagnostics and error messages (13898 13906..8 13938)
+
+ * Ensure that fileservers running in readonly mode actually reject all
+ write requests, but introduce a -admin-write switch allowing writes
+ by members of the system:administrators group (14018 14019)
+
+ All client platforms
+
+ * Require the -insecure_des switch to be passed to aklog and klog.krb5
+ to make them work with single-DES encryption types (13791)
+
+ * Avoid a panic due to a retryable error - retry in a background request
+ instead (13847)
+
+ * Avoid blocking other functions on the completion of some potentially
+ long-running RPCs issued by the server (13893)
+
+ * Fix a potential memory leak in "fs getserverprefs" when the pioctl fails
+ with E2BIG (13895)
+
+ * Avoid the local cache incorrectly reflecting the state of a file on the
+ fileserver after flushing large chunks of data to the server. This
+ issue was present on FreeBSD clients, but probably not Linux/Solaris
+ ones (13951) (RT #135041)
+
+ * After a VLDB lookup of a read-write volume already failed, don't bother
+ looking up corresponding read-only or backup volumes since those lookups
+ are bound to fail, in order to make the client more responsive and
+ avoid unnecessary load on the vlserver (13968)
+
+ * Allow a "vos rename" to succeed if the new volume name is the same as
+ that in the current VLDB, to make it possible to complete a previously
+ interrupted volume rename (14055)
+
+ * Allow processes which are sleeping due to PAG throttling to be killable
+ (13974).
+
+ * Fix set PAG failures due to signals (13975).
+
+ Linux clients
+
+ * Support mainline kernels up to and including 5.7 (14069 14094 14095
+ 14209 14210)
+
+ * Make builds succeed with --enable-checking for mainline kernels
+ 5.3-rc2 and later (13910)
+
+ * Avoid possible deadlocks (13748 13765)
+
+ * Fix build of libuafs on ppc64le (14104)
+
+ * Fix build on certain recent 32-bit distributions (14234) (RT #135084)
+
+ macOS
+
+ * Support building, packaging and notarization on macOS 10.15 "Catalina"
+ (14031..7 14068)
+
+ Microsoft Windows
+
+ * Build fixes (13848..52)
+
OpenAFS 1.8.5
All platforms
(These runtime options override the use of UID-based PAGs, which were
introduced to appease the CDE screensaver.)
+
OpenAFS 1.6.21
All platforms