User-Visible OpenAFS Changes
+OpenAFS 1.9.1
+
+ All platforms
+
+ * Fix initial Rx Connection ID (CID) generation.
+ Remove stale initialization and overflow detection logic that resulted
+ in connection failures due to all CIDs being set to 0x80000002.
+ (14491, 14492, 14496)
+
+ * Fix RPC hangs if a server is restarted while a client is sending
+ data (13875 13758 13876).
+
+ * Fix xstat_cm_test/xstat_fs_test -period option bug introduced
+ by pthreaded xstats. (14366)
+
+ * Fix remote_is_server field in Rx RPC statistics. Before this fix, the
+ rxstat_get_process and rxstat_get_peer programs reported all RPC stats
+ as "accessed as a client" (14374).
+
+ * Fix an incorrect server type reported by rxstat_get_process and
+ rxstat_get_peer programs (14375).
+
+ * Fix the clock square calculation for stats reported by xstat_fs_test,
+ xstat_cm_test, rxstat_get_process, and rxstat_get_peer (14376)
+
+ * Avoid packet resend delays when ICMP socket errors are
+ encountered (14424).
+
+ * Report RxRPC packet statistics for version packets, that had previously
+ been ignored (14519).
+
+ * Fix various issues detected by static-analyzer tools (13155, 13156,
+ 13163, 13206, 13333, 14501).
+
+ All server platforms
+
+ * Add support for multiple audit log interfaces and options (13774).
+
+ * Fix a directory handle leak in the convertROtoRWvolume procedure
+ when a new transaction cannot be created (14342).
+
+ * Fix out of range memory access when orphaned vnodes are encountered
+ during salvages (14385).
+
+ * Add KeyFileExt and rxkey.keytab access rights checks to the
+ bosserver and log all access check failures instead of stopping
+ on the first failure (14239, 14330).
+
+ * Fix creation of the bosserver audit log file when the bosserver
+ is started with the -auditlog option (14381)
+
+ * Fix 'bos salvage -forceDAFS' when the DAFS fileserver is stopped (14382).
+
+ * Add VL_DBBAD ("Database is inconsistent") error code to indicate vlserver
+ database inconsistencies, and report VL_DBBAD when unable to remove
+ deleted vlentries from the database hash chains (13382, 13383)
+
+ * Fix possible memory leaks when under memory pressure (13156 13313).
+
+ * Fix possible double release of volume locks in vos release
+ and vos convertROtoRW (14426).
+
+ * Fix -partition option requires a -server option checks in vos (14005).
+
+ * Take the target read/write volume offline during the conversion
+ to a read-only volume by vos convertRWtoRO (14340).
+
+ * Check for volume lock inconsistencies in vldb_check (14307).
+
+ * Document vos restore -readonly option (14348).
+
+ * Consolidate implementation of, and more reliably use, logged warnings
+ for single-DES or missing keys (10831).
+
+ All client platforms
+
+ * Avoid panic when failing to allocate a new vnode or
+ failing to write a dcache (13701, 13804).
+
+ * Fix double release of afs_xvcb lock (14411).
+
+ * Log process name and PID on disk cache read errors (14416).
+
+ * Add cache-too-full and wait-for-drain cache manager stats (13168).
+
+ * Add afsio readdir and afsio fidreaddir commands to dump
+ AFS3 directories (12381).
+
+ * Fix diagnostic messages from "vos partinfo" to correctly refer to
+ itself (14489).
+
+ Linux
+
+ * Fix file leak in background thread regression introduced by
+ 13284 (LINUX: Turn on AFS_NEW_BKG). (13984)
+
+ * Avoid getcwd() and bind-mount call errors by returning
+ errors from the d_revalidate callback (14417).
+
+ * Fix 64/32bit compatibility mode checks for Linux 5.11
+ support (14499, 14500).
+
+ * Support Linux 5.12-RC2 (14548, 14549).
+
+ Solaris
+
+ * Add the OpenAFS provider for the Solaris kstat framework (13170).
+
+ FreeBSD
+
+ * Import the start of a series of locking and stability fixes developed by
+ Tim Creech and Andrew Deason that will culminate in a client that
+ supports FreeBSD 12.2 (13854, 13856, 13858..13860, 13998..14000, 14162,
+ 14373, 14550,
+
+
+OpenAFS 1.9.0
+
+ All platforms
+
+ Introduce the rxgk Rx security class, initially limited to server-to-server
+ traffic and local keys (gerrit topic: rxgk-phase1).
+
+ Add options to the vos and pts commands for server-to-server rxgk support.
+
+ Add support to add and delete rxgk keys with asetkey. Add support to
+ generate random keys with asetkey, which can be useful to create certain
+ types of rxgk keys.
+
+ Raise implementation-defined anti-DoS length limits for prdb-related XDR
+ array types, which were being reached at some sites (13838).
+
+ Bring "-setpag" functionality in klog to parity with aklog (14146).
+
+ Fix potential Rx hang when an incoming call must wait (14158).
+
+ Fix latent bug preventing RX_CONN_NAT_PING from working (13041).
+
+ Fix potential rx_connection leak in pthreaded programs (13042).
+
+ Avoid NatPing storm with many connections to the same server (14312).
+
+ Do not leave empty directories behind in the file server vice partition
+ when running the "vos zap -force" command (12879, 12839).
+
+ Make non-verbose "vos remsite" output output more readable (14127).
+
+ Display the usage of simple commands (commands without subcommands) when run
+ only with the -help option (10983).
+
+ Replace SOURCE-MAP with a README.md (14003).
+
+ Improve documentation of minimum required dependency versions (14305).
+
+ Remove unused definition of LINUX_PKGREL from configure.ac (14117).
+
+ Improve logging and diagnostic messages:
+ * Add a warning message to vos when performing an incremental volume
+ restore over an existing volume which is newer than the dump
+ volume (13251)
+ * Log the binding address and port during startup in the cache manager and
+ all of the server processes (13272)
+ * Improve volume server logging to provide better information during
+ volume restore failures (13252)
+ * Improved cache manager syslog tracing (11858)
+ * Improved database server logging to log important messages at the
+ default logging level, log information during database synchronizations,
+ and log diagnostic messages during recovery aborts (12617, 13079, 12618)
+ * Set a thread name for rx listener threads (13600)
+ * Avoid truncating authentication information in vlserver log
+ messages (13466)
+ * Log when ubik recovery aborts a running remote transaction (13862).
+
+ Fix warnings issued by static code analyzers:
+ * Fix possible undefined variable in disconnected mode (13207)
+ * Remove redundant conditionals (13158, 13157)
+ * Exit if out of memory while attempting to format command help
+ messages (13335)
+ * Fix possible undefined variable when reading old vldb formats (13755)
+
+ Assorted memory-handling fixes (13461, 12293, 13355, 13395, 13396, 13161,
+ 13659, 13714, 13715, 13760, 13716, 13761).
+
+ Fix many (but not all) of the new warnings issued by recent versions of
+ gcc and clang (12987..12989, 13010, 13287, 13462..13464, 13467..13468,
+ 13470..13476, 13494, 13660..13664, 13684, 13726, 13754, 14049, 14092,
+ 14106, 14207, 14273, 14277, 14274, 14275, 14279, 14292, 14125).
+
+ Added unit tests for functions mapping vice partition to id (13176).
+
+ Fix issues resulting in parallel "make install" to fail (13786, 14137).
+
+ Updated libauth test program (13394).
+
+ General code cleanup; remove unused code or obsolete code, old comments,
+ or refactor for clarity
+ (12988, 13204, 13209, 13210, 13213, 13226, 13227, 13260, 13271, 13277,
+ 13309, 13310, 13324, 13325, 13339, 13345, 13346, 13351, 13361, 13362, 13363,
+ 13390, 13397, 13408, 13414, 13458, 13490, 13500, 13509, 13514, 13557, 13640,
+ 13655, 13282, 13683, 13995, 14218, 14219, 14236, 14246, 14322, 14338).
+
+ Build system clean up and fixes
+ (12956, 12961, 12962, 12963, 12992, 12993, 12994, 13237, 13275, 13338,
+ 13357, 13360, 13387, 13419, 13594, 13652, 14115, 14148..14150, 14132,
+ 14133, 14135, 14153).
+
+ All server platforms
+
+ Improve database server logging by logging messages when and why a server
+ is marked as down (12616).
+
+ Log a warning message when starting server processes with no encryption
+ keys available (13911).
+
+ Fix use of triple-DES cell-wide keys for rxkad.krb5 (14203).
+
+ Remove redundant lseek system calls and use positional I/O in the database
+ servers to improve performance (12271, 12272).
+
+ Fix option parsing to enable parallel salvageserver operation (14201).
+
+ Fix an edge case where writes were errneously allowed on readonly
+ fileservers (13934).
+
+ Add an option to allow members of system:administrators to perform
+ write operations on otherwise readonly fileservers (13707).
+
+ Allow "vos rename" to be re-run to finish a previously interrupted
+ volume rename operation (13720).
+
+ Return errors for short reads during volume dumps instead of silently
+ padding with NUL bytes (14255).
+
+ Work around potential deadlocks when the salvageserver spawns a child
+ at the same time another thread is writing to the log (14239).
+
+ Do not overwrite the errno variable when logging certain database sendfile
+ errors (13263).
+
+ Avoid confusing log message ("Unable to create the volume") when
+ restoring over an existing volume (14208).
+
+ Fix vldb listing of created-but-not-released RO replicas (14154).
+
+ Avoid confusing "half-locked" state for interrupted volume renames (14157).
+
+ Prevent attempts to grow the VLDB past the maximum 2GB size (14180).
+
+ Fix a bug that prevented logging of discarded callbacks (14256).
+
+ Code migration to POSIX Threads (pthreads) from LWP.
+ * Convert upserver and upclient to pthreads (12754)
+ * Convert xstat libraries and related utilities to pthreads (12745, 12746,
+ 12747, 12753, 13454, 13455)
+
+ All client platforms
+
+ Attempt to detect and report some common types of cache corruption
+ (13436, 13747, 13969, 14002).
+
+ Log a warning when the cache is "stressed" (almost full) to suggest
+ possible re-tuning (13255).
+
+ Require opt-in to use the historical/deprecated single-DES krb5
+ encryption types, which are being removed from krb5 distributions (13689).
+
+ Fix incorrect informational messages when the AFSCELL environment
+ variable is set (13371).
+
+ Assorted cleanup and microoptimizations (12655, 13254, 12656, 13253, 14241,
+ 13256, 14254).
+
+ Tidy up the shutdown sequence, closing some memory leaks and not
+ generatin Rx traffic while Rx datastructures are being deconstructed
+ (13718, 13719).
+
+ Fix reading entries of historic vldb formats (13465).
+
+ Suppress warning about running unauthenticated for `bos -noauth` (14306).
+
+ Linux
+
+ Support upstream kernels through Linux 5.9.
+
+ Be more careful about overriding the current credentials for operations
+ on cache files, preventing spurious permission errors when systems like
+ AppArmor and SELinux are in use (13751, 14098).
+
+ Avoid panics from procfs when the kernel module is loaded but afsd is
+ not running (14093).
+
+ Improve ppc64le support (13980, 14046).
+
+ Improve RPM packaging (14114, 14116, 14266)
+
+ MacOS
+
+ Simplify background-move return-code processing (13280).
+
+ Support macOS Catalina (13935, 13936, 13668..13671, 13928, 14062, 14222).
+
+ Add OpenAFS.pkg to the list of files to be codesigned (14221).
+
+ Solaris
+
+ Remove references to (unspported) SunOS 4 (13506).
+
+ Build system fixes for parallel make on Solaris.
+
+ Support function attributes when building with recent versions of Solaris
+ compilers.
+
+ Fix many (but not all) of the compiler warnings when building on the Solaris
+ platform.
+
+ Add autoconf support for Studio 12.6 tools (13867).
+
+ FreeBSD
+
+ General improvements to VFS compliance.
+
+ Create destination kernel module directory when installing on
+ FreeBSD (13653, 13690)).
+
+ Add param.h files and sysnames for FreeBSD 11.2 (13534), 11.3 (13792),
+ and 12.1 (13982).
+
+ Fix fcntl-style locks by adapting to quirky historical behavior (12579).
+
+ Support kernels that use VIMAGE support at runtime, not just at
+ build-time (12580).
+
+ Change LWP stack strategy to avoid SIGBUS errors (13691).
+
+ Skip SIGBUS test (for reasons unrelated to the previous) (14145).
+
+
+OpenAFS 1.8.6
+
+ All platforms
+
+ * Address warnings and errors encountered when building OpenAFS with
+ modern compilers like gcc9 or recent clang (13727..45 13749..50 13756
+ 13846 13879)
+
+ * Avoid some rare cases of Rx calls getting stuck in the incoming queue
+ (13892)
+
+ * Display the usage of simple commands (commands without subcommands) when
+ run only with the -help option (13894)
+
+ * Fix a memory leak in the cache manager and the fileserver while
+ processing "fs uuid" or "fs setcbaddr" (13899)
+
+ * Fix a memory leak when reopening krb local realms configuration (13900)
+
+ * Avoid possible crashes when freeing kerberos contexts (13902)
+
+ All server platforms
+
+ * Do not leave empty directories behind in the file server vice partition
+ when running the "vos zap -force" command (13897)
+
+ * Fix "vos zap -force" failures when the volume being zapped does not have
+ an entry in the fileserver's volume group cache (e.g., during fileserver
+ startup) (13896)
+
+ * Relax the length limits on some membership lists used in ptserver RPCs,
+ introduced in release 1.8.0 to prevent denial of service attacks, to
+ accommodate use cases of some larger existing sites (13844)
+
+ * Improved diagnostics and error messages (13898 13906..8 13938)
+
+ * Ensure that fileservers running in readonly mode actually reject all
+ write requests, but introduce a -admin-write switch allowing writes
+ by members of the system:administrators group (14018 14019)
+
+ All client platforms
+
+ * Require the -insecure_des switch to be passed to aklog and klog.krb5
+ to make them work with single-DES encryption types (13791)
+
+ * Avoid a panic due to a retryable error - retry in a background request
+ instead (13847)
+
+ * Avoid blocking other functions on the completion of some potentially
+ long-running RPCs issued by the server (13893)
+
+ * Fix a potential memory leak in "fs getserverprefs" when the pioctl fails
+ with E2BIG (13895)
+
+ * Avoid the local cache incorrectly reflecting the state of a file on the
+ fileserver after flushing large chunks of data to the server. This
+ issue was present on FreeBSD clients, but probably not Linux/Solaris
+ ones (13951) (RT #135041)
+
+ * After a VLDB lookup of a read-write volume already failed, don't bother
+ looking up corresponding read-only or backup volumes since those lookups
+ are bound to fail, in order to make the client more responsive and
+ avoid unnecessary load on the vlserver (13968)
+
+ * Allow a "vos rename" to succeed if the new volume name is the same as
+ that in the current VLDB, to make it possible to complete a previously
+ interrupted volume rename (14055)
+
+ * Allow processes which are sleeping due to PAG throttling to be killable
+ (13974).
+
+ * Fix set PAG failures due to signals (13975).
+
+ Linux clients
+
+ * Support mainline kernels up to and including 5.7 (14069 14094 14095
+ 14209 14210)
+
+ * Make builds succeed with --enable-checking for mainline kernels
+ 5.3-rc2 and later (13910)
+
+ * Avoid possible deadlocks (13748 13765)
+
+ * Fix build of libuafs on ppc64le (14104)
+
+ * Fix build on certain recent 32-bit distributions (14234) (RT #135084)
+
+ macOS
+
+ * Support building, packaging and notarization on macOS 10.15 "Catalina"
+ (14031..7 14068)
+
+ Microsoft Windows
+
+ * Build fixes (13848..52)
+
OpenAFS 1.8.5
All platforms
(These runtime options override the use of UID-based PAGs, which were
introduced to appease the CDE screensaver.)
+
OpenAFS 1.6.21
All platforms