+Since 1.3.66:
+ * file and directory names beginning with "." will now be given the
+ hidden attribute when the volume access is anonymous. this matches
+ the behavior when the volume access is via an authenticated user.
+
+ * Added a change monitor to the HKLM\SOFTWARE\OpenAFS\Client\Freelance
+ key. When a change occurs mark the root.afs data as invalid and
+ for it to be reloaded on the next access. This allows administrators
+ to modify the mount point list without restarting the service.
+
+ The freelance client used to provide a fake modification time for
+ the root.afs volume data and its mount points of 7/09/2001 14:24 EDT.
+ Added code to extract the last modification time of the Freelance
+ registry key and use that instead. The time now represents the
+ most recent mount point change.
+
+ * PTS registration of new users to foreign cells has been added to
+ aklog.exe
+
+ * Additional Cache Control and Credential Manager options have been
+ added to the WiX installer. See deployment guide for details.
+
+ * The CachePath setting is now optionally a REG_EXPAND_SZ type
+
+ * The WiX installer has been upgraded. Version 2.0.1927.1 is now
+ required.
+
+ * The loopback installation code may have had a problem updating the
+ %ETC%\HOSTS file which could have resulted in a premature failure.
+ Work around code has been added for the case where the file cannot
+ be deleted.
+
+ * The default max chunksize was increased from 15 (32K) to 17 (128K)
+ because Windows sends 64K blocks when using overlapped writes.
+
+ * The default number of server threads was increased from 4 to 25 to
+ better handle overlapped writes.
+
+ * The "AfscredsShortcutParams" registry value was not being properly
+ loaded by afscreds.exe. Therefore, the default value was always being
+ used instead of the value set by the installer.
+
+ * Windows XP provides downgrade attack detection to prevent an attacker
+ from being able to force the use of NTLM simply by disrupting
+ communication with the KDC. This attack cannot exist between the
+ Windows CIFS client and the AFS Client Service. Therefore, when a
+ downgrade has been detected the afs pioctl library will force the
+ establishment of a new CIFS connection using NTLM.
+
+ * A locking error was discovered surrounding all references to volume
+ server lists within the cm_cell.c source file.
+
+ * The logged into Windows username was incorrect on Terminal Server
+ machines.
+
+ * A new registry value "NonPersistentCaching" was added to the service
+ parameters key. When set to a non-zero value, the afs cache is stored
+ in the Windows paging file. There are two limitations to choosing
+ this option:
+ 1. when persistent caching is implemented it won't work with
+ this flag set since there will be nothing to persist.
+ 2. with this flag set the initial paging allocation cannot be
+ changed while the service is running
+
+ * An initialization bug was discovered in aklog.exe which affected users
+ who have a domain name for their afs servers which could not be mapped
+ to a realm
+
Since 1.3.65:
+ * afs_config.exe now validates cell names against DNS in addition
+ to the CellServDB file.
+
+ * In order to allow the freelance client to connect to a volume with ID
+ equal to 1 on the default cell we changed the fake root.afs volume ID
+ once again. This time we choose 0xFFFFFFFF. In addition, we change
+ the cell ID of the fake root.afs volume from 1 to 0xFFFFFFFF as well.
+ It will now be impossible for a volume ID to match that of another
+ cell unless the client is connected to 0xFFFFFFFD cells. That should
+ be enough room for growth.
+
+ * Fix "fs mkmount" command to work with UNC paths and when
+ started from non-AFS drives. It is now possible to create a mount
+ point in the freelance fake root.afs volume with the command
+
+ fs mkmount \\AFS\all\<directory-name> <volume-name> <cellname>
+
+ For example,
+
+ fs mkmount \\AFS\all\openafs.org root.cell openafs.org
+ fs mkmount \\AFS\all\.openafs.org root.cell openafs.org -rw
+
+ * The algorithm used to re-attempt access to the servers associated with
+ a volume has been altered to properly address the case in which all
+ servers have been marked down. The previous algorithm did not reset
+ the server's down flags so the servers were never actually retried.
+ This caused a problem with active volumes if the network connectivity
+ was lost as could be the case with a network cable removal, wireless
+ drop, or laptop hibernation. With the fix volume access is restored
+ almost instantenously when network connectivity becomes available.
+
+ * Support for SMB/CIFS browsing has been added to the AFS Client Service
+ SMB server. It is now possible to use "NET VIEW \\AFS" to obtain a
+ listing of AFS submounts and freelance mount points. Support for
+ NETSHAREENUM, NETSHAREGETINFO, NETSERVERENUM2, NETSERVERGETINFO
+ significantly enhances the behavior of AFS volumes within the Explorer
+ Shell. For instance, "AFS" now shows up as server in the Explorer
+ with each submount or freelance mount point visible as a share.
+ The right click menu in each folder now works with full functionality
+ on a consistent basis.
+
+ * The network provider can be configured to have different behavior
+ depending on the domain that the user logs into. These settings are
+ only relevant when using integrated login. A domain refers to an
+ Active Directory (AD) domain, a trusted Kerberos (non-AD) realm or the
+ local machine (i.e. local account logins). The domain name that is
+ used for selecting the domain would be the domain that is passed into
+ the NPLogonNotify function of the network provider. (see registry.txt
+ for details)
+
* Added a new registry value [HKCU\SOFTWARE\OpenAFS\Client]
"Authentication Cell" which may be used to specify a default
authentication cell for afscreds.exe which is different from
New registry entries added to register the dll for Winlogon events.
The logoff event will now force a call to ktc_ForgetAllTokens()
- using the context of the user being logged off.
-
- Need to double check that this code does not prevent profile data
- from being written back to an afs volume
+ using the context of the user being logged off as long as the
+ user's profile is not loaded from within AFS. If the profile
+ was loaded from AFS we can't release the tokens since the Logoff
+ event is triggered prior to the profile being written back to
+ the its source location.
* Windows XP SP2 Internet Connection Firewall interoperability
has been added.
builds as well as CHECKED (aka DEBUG) builds
* Sites which have a volume ID of 0x20000001 assigned to their
- root.afs volumes have been experiencing problems with accessing
- the root.afs volume of their cell when Freelance mode has been
+ root.cell volumes have been experiencing problems with accessing
+ the root.cell volume of their cell when Freelance mode has been
active. This was because 0x20000001 was assigned to the fake
root.afs volume created by freelance. The fake volume id is
now set to 0x00000001 to prevent conflicts.
This should be the end of the "Server paused or restarting messages"
- * Fix "fs mkmount" command to work with UNC paths and when
- started from non-AFS drives
-
* Add support for arbitrary UNC paths to the pioctl() support.
This enables the fs commands as well as the AFS Shell Extension
to work correctly when UNC paths are being used.
git://git.openafs.org / openafs.git / blobdiff