-Since 1.3.87:
+Since 1.5.1:
+
+ * A deadlock was detected when performing "fs flushall" if the
+ file server reports VNOVNODE. The scp->createBufferLock is
+ already held by the current thread and there is no mechanism
+ to propagate the knowledge. Therefore, an alternate mechanism
+ for clearing the cache must be developed. A new function
+ cm_RecycleSCache(scp,flags) has been extracted from
+ cm_GetNewSCache(). This function performs the task of recycling
+ an cm_scache_t object. When called from cm_GetNewSCache() with
+ no flags the expectation is that there are no associated buffers
+ that are queued to be read or written. When called from
+ cm_Analyze() with the CM_SCACHE_RECYCLEFLAG_DESTROY_BUFFERS
+ flag, any queued buffers will be de-queued and marked as if
+ the operations were performed so the data can be discarded.
+
+ * CM_ERROR codes were logged as "unknown" by cm_Analyze.
+
+ * In response to VNOVNODE, the parent is only discarded if the current
+ cm_scache_t is not a directory.
+
+ * In the Ioctl FlushFile and FlushVolume functions, there were no
+ checks to protect against flushing the Freelance SCache entries.
+
+ * In FlushFile, the wrong cm_scache_t object was being released.
+
+ * In cm_GetNewSCache, do not allow Freelance SCache entries to be
+ recycled. Choose a new entry if cm_RecycleSCache fails.
+
+ * Speed up the performance of the cache manager by not
+ holding the smb_fid_t mutex across calls to cm_SyncOp
+ and AFS RPCs.
+
+ * Ensure that all smb_fid_t flag references are protected.
+
+ * Remove a deadlock between smb_fid_t mutex and
+ smb_rctLock introduced in 1.4.1.
+
+ * Fix aklog AFSID lookup to use not send the realm
+ name when the realm is the local realm for the
+ cell. The PT Server doesn't strip the realm
+ name when it is the local realm.
+
+ * Treat "\\afs\*." as an alias for "\\afs\all"
+
+ * Dynamically adjust the priority of server threads
+ based upon the age of the CIFS request that is
+ being processed. The priority is bumped one level
+ for every 15 seconds of processing time.
+
+ * The original openafs contribution mis-used the
+ cm_GetCallback function. This function should only
+ be called as a side effect of a call to
+ cm_SyncOp(CM_SCACHESYNC_NEEDCALLBACK). The way it
+ was being called results in a FetchStatus RPC being
+ performed even when the client already has a valid
+ callback and does so in a manner that destroys the
+ synchronization of the threads that are calling
+ cm_SyncOp. If nothing else this results in a
+ significant performance penalty.
+
+ * More changes to cleanup of smb_vc_t objects in
+ order to prevent race conditions.
+
+ * Reduce the amount of Power Management event logging
+ to afsd_init.log
+
+ * If the client detects that the IP address has
+ changed, force the use of new RX connections. This
+ enables the file server to recognize that the client
+ has moved.
+
+ * Remove a race condition and deadlock associated
+ with cleanup of smb_vc_t objects.
+
+ * Fix the ANSI filename support. One function that
+ required it was missing the translations.
+
+Changes not present in 1.4.1 and since 1.5.0: 1.5.1 released
+(24 April 2006)
+
+ * Add a DllMain() function to afspthread.dll. Perform
+ cleanup of thread local storage, rx queues, critical
+ sections, event handles, etc. This was implemented
+ to avoid crashes in afspthread.dll when applications
+ which load/unload the dll attempt to terminate.
+
+ * Lock request behavior has been altered. As of this
+ release a locally allocated lock will be used whenever
+ the volume is RO or the requesting user's permissions
+ are 'rl'. This will allow end users to execute programs
+ from RW volumes when they do not have the 'k' privilege.
+
+ Note that a recent discovery indicates that the 'k' bit
+ is only supposed to control the ability to obtain read
+ locks. Write locks are to be controlled by the 'w' and
+ 'i' privilege bits.
+
+ * Code has been added to enable the cache manager to be
+ able to obtain the AFSID of the authenticated user.
+ This is required to be able to determine when "Insert"
+ privileges should apply. AFS considers a file to be
+ a new file whenever the owner's AFSID matches the
+ AFSID of the user. The current implementation relies
+ on the name specified during the SetToken call to be
+ correct. This will be replaced in the future with a
+ new RPC that allows the AFSID of the authenticated
+ user to be obtained.
+
+ * A 32-bit-tools installer for use on 64-bit systems
+ is now available. These tools are for use with 32-bit
+ versions of Kerberos for Windows or JPSoftware's 4NT.
+
+Since 1.4.1 rc10: 1.4.1 final released (9 April 2006)
+
+ * Remove the use of the "active_vcp" variable. This variable
+ no longer serves any useful purpose and was the cause of
+ race conditions that produced under counts of the smb_vc_t
+ references.
+
+ * Change default minidump output to include data segments
+
+ * restore access to cm_IoctlGetVolumeStatus and
+ cm_IoctlSetVolumeStatus calls for AFS pioctl operations.
+ Still need to figure out why they are being called
+ for SMB/CIFS IOCTL operations instead of Trans2GetFileInfo.
+
+Changes not present in 1.4.1: 1.5.0 released (16 Feb 2006)
+
+ * Update build system to include the "sys_name" in the
+ obj and dest paths.
+
+ * optimize the number of calls to obtain the smb_user_t for a
+ smb virtual circuit.
+
+ * add logging of server addresses, status and capabilities when
+ pinging the server.
+
+ * prevent multiple threads from pinging the same server simultaneously.
+ instead, threads block and then use the result of the ping that was
+ already taking place.
+
+ * Add registry values to allow the defaults for daemon checks to be altered
+ at startup. Log values to afsd_init.log.
+
+ daemonCheckDownInterval
+ daemonCheckUpInterval
+ daemonCheckVolInterval
+ daemonCheckCBInterval
+ daemonCheckLockInterval
+ daemonCheckTokenInterval
+
+ * Add EventLog messages for transitions in fs crypt state.
+
+ * Byte range locking (when locks will be obtained from the
+ is still under discussion)
+
+ * 64-bit Windows operating systems now supported
+ (XP SP2 64-bit, 2003 SP1 64-bit, 2003 R2 64-bit)
+ This is a native 64-bit implementation of OpenAFS for Windows.
+ There is currently no 64-bit version of KFW and therefore
+ there is no (easy) method for obtaining AFS credentials.
+ 32-bit KFW 3.0 can be used with 32-bit OAFW libraries
+ to obtain AFS tokens but there is not for the feint of
+ heart.
+
+ * A faster implementation of the fcrypt algorithms improves
+ performance.
+
+ * The afsd_service.exe now supplies Event Log Message Text.
+ The event log no longer generates warning text due to lack
+ of message configuration.
+
+ * When afs servers are unreachable and network stack returns
+ a WSAEHOSTUNREACHABLE error, the AFS client will immediately
+ mark the attempted server as being down. This allows for
+ very fast response to the calling application. This change
+ has a pronounced improvement when the Windows Explorer is
+ used on disconnected mobile computers.
+
+ * Added DebugOutputString debugging of the RX library
+
+Since 1.4.1 rc9: 1.4.1 rc10 released (10 March 2006)
+
+ * Fix the rx-lwp implementation to randomly generate rx call
+ identifiers which are supposed to be unique at a given point
+ in time. This affects some of the command line tools used
+ for debugging but not the AFS Client Service itself which
+ uses the rx-pthreads implementation.
+
+ * xstats_fs_test.exe and xstats_cm_test.exe are now built for
+ Windows although they are not distributed
+
+ * don't generate an exception when logging unexpected SMB packets
+
+ * the data structures used by cm_IoctlGetVolumeStatus and
+ cm_IoctlSetVolumeStatus are not compatible with the CIFS
+ Get/Set File Information calls so don't bother executing them.
+
+Since 1.4.1 rc8:
+
+ * Fix data written to registry as part of BackConnectionHostnames
+ data value
+
+ * Fix initialization bug when allocating cm_server_t objects that
+ would cause servers to appear to be down after each allocation
+ or renewal. Server would appear up after the next check servers
+ cycle.
+
+Since 1.4.1 rc7:
+
+ * Windows will return WSAECONNRESET to the next receive packet
+ operation on a socket if an ICMP packet is received in response
+ to a packet that was sent and could not be delivered because
+ the port was unreachable. We have to treat this as
+ WSAEWOULDBLOCK so that we can retry the select() check and
+ not mark the connection as bad.
+
+Since 1.4.1 rc6: 1.4.1 rc7 released (14 Feb 2006)
+
+ * The client manager maintains a least recently used list of
+ all the ACLs. If an ACL is already the most recently used
+ do not bother to remove it from the list and place it on the
+ front.
+
+ * As part of the process of adding a new server, set the
+ server is down flag and then perform a ping. If the server
+ is up, the flag will be reset. If the server is down, the
+ client will not timeout unnecessarily while attempting to
+ perform real work.
+
+ * If a Mountpoint String is the empty string, return PATH NOT
+ FOUND.
+
+ * Modify behavior of the Network Provider to avoid querying the
+ profile location if integrated logon is known to be disabled.
+
+ * Correct behavior of 'LogoffPreserveTokens'. When set, tokens
+ will always be preserved regardless of whether or not integrated
+ logon was used to obtain tokens. When unset, tokens will be
+ destroyed regardless of whether integrated logon was used to
+ obtain the tokens unless the profile is stored in AFS.
+
+ * Disable LogoffTransferToken functionality. The SMB V3 Logoff
+ message is being delivered even when the user is not logging
+ off of the computer.
+
+ * Fix a deadlock condition introduced in rc6.
+
+ * Cell names are case-insensitive. Since the founding of OpenAFS
+ there has been a bug that treated "cell", "Cell", and "CELL" as
+ different cells. This would result in what appeared to be
+ random disappearance of user tokens or a failure to authenticate
+ even when tokens were listed by the "tokens" command.
+
+Since 1.4.1 rc5: 1.4.1 rc6 released (2 Feb 2006)
+
+ * Additional auditing of the smb code revealed that smb ioctl
+ operations were failing to free smb_fid_t objects
+
+ * The File Identifiers assigned to smb_fid_t objects could be
+ given the value 65535 which is 0xFFFF which is also the
+ INVALID_HANDLE value. Both 0 and 65535 are now treated as
+ reserved values.
+
+ * Audited all assignments to fields and ensured that they are
+ protected by obtaining the relevant mutex object.
+
+ * Re-wrote the VNOVNODE handling to avoid a potential deadlock
+ if both the current cm_scache_t object and its parent are
+ both returning VNOVNODE.
+
+ * Removed all the logic associated with the 'dead_vcp' variable
+ which must have been added for debugging because its used
+ was never thread safe and it truly served no purpose.
+
+Since 1.4.1 rc4: 1.4.1 rc5 released (18 Jan 2006)
+
+ * Check access permissions to the file before the file is
+ truncated.
+
+ * More improvements to the handling of SMB Virtual Circuits
+ when SMB sessions are closed.
+
+ * Correct a race condition introduced in rc4 that could result
+ in a crash of afsd_service.exe.
+
+Since 1.4.1 rc3: 1.4.1 rc4 released (11 Jan 2006)
+
+ * Properly handle pre-mature SMB session closures.
+ File handles, tree connections, and user sessions are now
+ freed when the virtual circuit is closed.
+
+ * smb_username_t and smb_user_t objects are now properly reference
+ counted and freed as appropriate.
+
+ * disable to use of AFS file locks. byte range locking is still
+ implemented but all locks are managed locally. This prevents
+ multiple processes from editing the same file on the same
+ machine but it does prevent multiple processes on separate
+ machines from modifying the file.
+
+Since 1.4.1 rc2: 1.4.1 RC3 released (4 Jan 2006)
+
+ * A fix to "fs setserverprefs -vlserver". Multiple calls with
+ the same server parameter would result in a panic condition
+ if the server had not already been contacted by the AFS
+ client service.
+
+ * Better warnings are written to the afsd.log file when
+ the Windows RPC Protocols are not properly configured as
+ is often the case on Windows 2000.
+
+ * fix the procmgmt library to restore C RTL signal handlers when
+ it is being detached from the process prior to process termination.
+
+Since 1.4.1 rc1: 1.4.1 RC2 released (30 Nov 2005)
+
+ * close a lock leak in the rx library that could be triggered while
+ processing aborts
+
+ * prevent removal of drive mappings in response to afscreds.exe -M
+
+ * add logic to process VNOVNODE in cm_Analyze. Force re-evaluation of symlink
+ strings and flush the stat cache entry.
+
+ * prevent server objects from being freed if user preferences are set.
+
+ * Update WIX support to 2.0.2419.0
+
+ * Release all locks on the server at service shutdown.
+
+ * A down server should be marked up as long as it responds to the client.
+ It doesn't matter if the server returned an error as long as the error
+ is something other than VRESTARTING. If there is such an error, all
+ connections on that server should be marked for replacement.
+
+ * Change the check "up" servers period from once per hour to once every
+ ten minutes. This matches the behavior of the Unix cache manager.
+
+Post 1.4.0 revisions: 1.4.1 RC1 released (21 Oct 2005)
+ * Byte Range Locking support has been added. Architectural documentation
+ is located within src/WINNT/afsd/cm_vnodeops.c. Best efforts are
+ made to enforce Windows mandatory locking model using locally managed
+ byte range locks with full file locks obtained from the file server.
+ Read-only volumes provide the user with an implied locking privilege.
+ Read-write volumes require that a user be granted the locking privilege
+ in order for a lock to be obtained. As most Windows applications use
+ Shared file access modes, they require the ability to obtain locks in
+ order to access files.
+
+ * Implement error translation functions to convert Universal Error Codes
+ output by modern servers to local errno and winsock error values.
+ This fixes the error message problems using pioctl() calls from fs.exe
+ and the AFS Shell Extension.
+
+Since 1.4.0 rc8: 1.4.0 final tagged (20 Oct 2005); released (31 Oct 2005)
+ * Allow the AFS Client Service to set the firewall configuration by
+ retrying until after Windows determines the boot period is over.
+
+ * Do not attempt to configure the firewall on Windows 2000, XP pre-SP2,
+ or 2003 pre-SP1
+
+ * Detect IP address changes from within the AFS Client Service for the
+ purpose of checking down servers sooner
+
+ * If the file server or vldb server report RXKADUNKNOWNKEY, return
+ SEC_E_NO_KERB_KEY to Windows. This provides an indication to the
+ user that there is a Kerberos key problem. Previously the user would
+ receive no feedback when there was something wrong.
+
+ * Fix the large integer library support to properly handle values greater
+ than 32-bits
+
+Since 1.4.0 rc7: 1.4.0 rc8 released (15 Oct 2005)
+ * Updated CellServDB
+
+ * Fixed file name pattern matching. Question marks can match nothing
+ if found at the end of a component.
+
+Since 1.4.0 rc6: 1.4.0 rc7 released (8 Oct 2005)
+ * Kerberos 5 ticket lifetimes should adhere to KFW Leash lifetimes
+
+ * The MSI installer now has a new Product ID for each build. This
+ is to allow for automated upgrades. The Upgrade ID is remaining
+ constant.
+
+ * Volumes that were cached and then subsequently were salvaged,
+ moved or otherwise taken temporarily offline (as opposed to being
+ busy) would become unreachable. A distinction is now made between
+ a volume being offline and a server being down.
+
+Since 1.4.0 rc5: 1.4.0 rc6 released (2 Oct 2005)
+
+ * Fixed several AFS Shell Extension issues:
+ - Checking Server Status would only work if a specific cell was
+ specified.
+ - If servers were down, the Server Down dialog would write to
+ invalid memory and cause explorer.exe to crash
+ - Default Push Buttons were not specified for many dialogs
+ - The extension would be unloaded by the Explorer Shell and
+ never be reloaded under some circumstances.
+
+ * Fixed the AFS System Tray menu to disappear if another Window
+ was selected before a menu item was selected
+
+ * Added volume owner and group information to "fs examine" output
+
+ * Added fs and registry support for enabling/disabling/clearing
+ rx statistics gathering.
+
+Since 1.4.0 rc4: 1.4.0 rc5 released (25 Sep 2005)
+
+ * New Product Code GUIDs issues for 1.4 and 1.5 branches. Separate
+ GUIDs for each platform.
+
+ * Documentation directory structure and default installation rules
+ for MSI
+
+ * New OpenAFS for Windows HTML Release Notes installed
+ as part of the documentation set.
+
+ * Add thread id to rx debugging messages
+
+ * When all servers are offline, return a bad network path error
+ immediately. This is necessary to allow Explorer to do the
+ right thing and not hang. The background daemon thread will
+ check the down servers every 30 seconds to see if they are
+ back up.
+
+Since 1.4.0 rc3: 1.4.0 rc4 released (14 Sep 2005)
+
+ * The AFSCache file has been modified to store both the
+ serial number of the volume on which the file resides
+ and the SID of the local machine. If either change,
+ a new UUID is generated.
+
+ * add "fs flushall" command that forces all data buffers
+ to be flushed.
+
+Since 1.4.0 rc2: 1.4.0 rc3 released (4 Sep 2005)
+
+ * add support for '/' instead of '\' in pioctl() calls
+
+ * Apply AFS Client Admins group protect to AFS Shell Extension
+
+ * Add support for \\afs\<name> to most AFS Shell Extension
+ commands except the symlink methods.
+
+ * when installing the Microsoft Loopback Adapter, enable
+ MS Client for Networks and prevent an install failure
+ by not calling CoInitialize twice in the same thread.
+
+ * reload cell vldb values from the CellServDB every two
+ hours in case it changes
+
+ * When updating cell information from DNS, be sure to set
+ a new timeout.
+
+ * Add support to allow use of \\AFS\<foo> where <foo> is
+ either a mount point or symlink. As <foo> is normally
+ treated as a share name, we transform it into \\AFS\all\<foo>
+ for processing.
+
+ * Init 'code' to prevent false errors when integrated logon
+ is disabled and the service is not running
+
+Since 1.4.0 rc1: 1.4.0 rc2 released (28 Aug 2005)
+
+ * Removed trace log messages that were hampering performance.
+
+ * Fixed a deadlock that was being triggered by editing Word
+ documents stored within AFS with WinWord 2003.
+
+ * Bit 3 of the TraceOption registry value is now used to set the
+ default for "fs trace" in the non-Debug builds. The new default
+ is off for release builds and on for debug builds.
+
+ * Bit 2 of the TraceOption registry value can be used to turn on
+ real-time output of debug log entries to the Windows Debug
+ Output monitor interface. This data can be viewed with tools
+ such as Sysinternal's DbgView.
+
+Since 1.3.87: 1.4.0 rc1 released (17 Aug 2005)
+ * When the cache manager reports ALLBUSY or ALLOFFLINE for
+ a resource we should not be returning status codes such
+ as Network Busy or Remote Host Down because these errors
+ will imply that the AFS Client Service is Busy or Down
+ and that is simply not the case. Instead we will return
+ Bad Network Path as the path is temporarily not available.
+
+ Instead of returning Sharing Paused when there is a
+ timeout error, return Timeout. Once again, the AFS Client
+ Service is not paused.
+
* afscreds.exe would display an Obtain Creds dialog when
the expired credentials reminder was triggered even
if there was no network path to the KDC. This is prevented
include the full Kerberos 5 user principal name regardless of
whether or not the cell is local to the realm.
- * Eric William's IFS redirector has been checked onto the CVS head.
- This code is experimental at the current time and is not being
- incorporated into the 1-4 branch releases. Instructions for
- building from sources are found in the top-level README-NT file.
-
* Modify integrated login so that it does not enter an infinite
loop if the service is not set to auto start.