+Since 1.3.80:
+ * Fixed a locking error in cm_TryBulkStat() which had the
+ potential of deadlocking the system for the length of time
+ it takes to perform a bulk status fetch operation.
+
+ * Replaced time conversion code (UnixTime <-> FILETIME) to
+ be completely arithmetic instead of relying on a bizarre
+ algorithm involving a variety of C RTL time functions.
+ This has the side effect that UnixTime and FILETIME which
+ are both stored in UTC are interpretted as UTC throughout
+ the year. Windows will apply the same localization to AFS
+ as it does to NTFS. Applications which rely on the ability
+ to sync files between the two file systems will no longer
+ see the timestamps of files in AFS change an hour relative
+ to the files stored in NTFS or Windows based backup devices.
+
+ * Fixed a invalid memory access under a bizarre circumstance.
+ Windows will allow a physical mass media device to be
+ installed via Plug N Play to the system and will assign it
+ the lowest available drive letter. This is true even if the
+ drive letter is currently assigned in the user session to
+ a network device via NET USE (or its equivalent.) When this
+ happens, queries sent to the CIFS server will contain invalid
+ data. This invalid data was not being caught by the AFS
+ Client Service and was resulting in a crash when Freelance
+ mode was in use.
+
+ * Fixed a reference count error when registering callbacks
+ on a stat cache object if the callback was already registered
+
+ * Add a case to cm_Analyze() in order to handle the case where
+ cm_GetConnByMServers() returns CM_ERROR_NOSUCHVOLUME because
+ the server list for the volume is empty. In this case, force
+ an update of the volume info and retry.
+
+ * Insert a missing cm_EndCallbackGrantingCall() which could
+ result in threads waiting for a callback to complete to never
+ be woken up.
+
+ * In the persistent cache, there is a maximum number of volume
+ entries. Allow volume entries to be reused if the maximum
+ number have been allocated and their reference count is zero.
+
+ * If we already have a dead virtual connection object, don't
+ ignore the fact that additional dead vc objects must be taken
+ care of.
+
+ * Removed a deadlock condition introduced in the summer of 2004.
+ Do not hold mx locks around calls to RX functions including
+ rx_NewCall(). That is what reference counts on the rx_connection
+ object are for.
+
+ * Fixed an initialization error in afslogon.dll which could
+ result in random behavior including a failure to terminate
+ the NPLogon function. (1.3.80b)
+
+ * Fixed an error preventing the use of SMB authentication
+ on Windows 2000. (1.3.80a)
+
+Since 1.3.77:
+ * Updated CellServDB to Public CellServDB 16 Mar 2005
+
+ * Fixed DNS AFSDB queries to ensure that "csail" cannot be
+ misinterpretted as "csail.mit.edu" when the resolver
+ is configured to append ".mit.edu" to failed DNS queries.
+
+ * Fixed another case in which the client would replace connections
+ to the host when it was not necessary. In this case the
+ situation would occur if cryptall was on and the connections
+ were unauthenticated due to lack of an appropriate token.
+
+ * OpenAFS for Windows has failed to work at sites which are
+ utilizing a cross-realm trust between an MIT/Heimdal realm
+ and a multi-domain Windows forest when the workstation being
+ accessed is not located in the root domain. This is caused
+ by a bug in the workstation which was triggered after the
+ introduction of Windows 2003 Server. When the bug is triggered,
+ the workstation attempts to authenticate users to afsd_service.exe
+ by contacting the Domain Controller instead of using the
+ LSA loopback authentication mechanism.
+
+ One of the reasons this bug occurs is because the workstation
+ does not have a reliable way of knowing that the service whose
+ netbios name is "AFS" is located on the workstation. This will
+ be fixed starting in Longhorn Beta 1 by Microsoft. The
+ "BackConnectionHostNames" registry value will be used to
+ indicate that the authentications to that service name should
+ be performed using the loopback authentication mechanism.
+
+ In the meantime, when Logon Caching is enabled, we can force
+ afsd_service.exe to authenticate using the logon cache before
+ contacting the Domain Controller. This will work with both
+ password and smart card based logons.
+
+ * The allDown logic in cm_ConnByMServers() was wrong. The allDown
+ flag should not be cleared if a volume's server reference is
+ marked as "offline". In the case where all of the volume's
+ servers are either "down" or the volumes are "offline", we want
+ cm_Analyze() to process the condition as CM_ERROR_ALLOFFLINE
+ instead of as CM_ERROR_TIMEDOUT. In fact, CM_ERROR_TIMEDOUT
+ should never occur in practice.
+
+ In the case of CM_ERROR_ALLOFFLINE, cm_Analyze() will sleep for
+ 5 seconds, clear the server down and volume busy flags, and
+ then force an update from the VLDB. This allows the client to
+ update the location of a volume if the reason for it being
+ marked offline is because it is being moved. Calls to
+ cm_ConnByMServers() will be retried either until success or
+ the RDRtimeout period is reached.
+
+ * Correct the Power Management code behavior in response to
+ Standby, Suspend, and Shutdown events. Instead of flushing the
+ buffers associated with the mounted SMB submounts, simply write
+ all buffers which are marked dirty.
+
+ * Added support for "TheseCells" to afslogon.dll. "TheseCells"
+ provides a list of cells other than the default cell for which
+ tokens should be obtained using the default Kerberos principal.
+ This functionality is logon domain specific and is only available
+ when using KFW for authentication.
+
+ * Fixed FindNext Invalid Handle error caused by over agressive
+ attempts at garbage collecting dirSearch entries when the
+ dirSearch ID wraps from the maximum value to 1.
+
+ * Add support for registry defined server preferences for VLDB and
+ File servers. See registry.txt for details.
+
+ * Increased default cache size to 96MB and default number of cache
+ entries to 10,000.
+
+ * Fixed refCount leaks related to directory lookups and pioctl calls.
+
+ * Callbacks revoked during a race condition with an attempt to
+ obtain the same callback no longer result in an inaccessible
+ stat cache entry.
+
+ * New command line tool:
+
+ afsdacl : Set or reset the DACL to allow starting or stopping
+ the afsd service by any ordinary user.
+
+ Usage : afsdacl [-set | -reset] [-show]
+ -set : Sets the DACL
+ -reset : Reset the DACL
+ -show : Show current DACL (SDSF)
+
+ * IP addresses are no longer queried once at startup. Instead IP
+ addresses are obtained as needed. Loopback adapter addresses are
+ no longer published to the server.
+
+ * Pay attention to the MIT KFW registry configuration for automatic
+ importation of MSLSA credentials. (SOFTWARE\MIT\Leash32,MsLsaImport)
+
+ * Fix (once again) case-sensitive comparisons which was apparently
+ broken in 1.3.72.
+
+ * Activate support for vos listvol -format
+
+ * Population of the "AFS Client Admins" group failed on non-English
+ versions of Windows because the name of the "Administrators" group
+ is localized. Now we lookup the name of the group by using the
+ Administrators Group Alias Relative ID.
+
+ * Multiple cell token acquisition within afscreds.exe was broken in the
+ case of Kerberos 5 cross realm authentication. Instead of contacting
+ the KDC associated with the cell's realm, afscreds would obtain a
+ token from the KDC of the user's realm. This would result in
+ "invalid kvno errors" while authenticating to the AFS servers.
+ Unauthenticated access would work. The symptoms would vary based upon
+ whether or not the VLDB servers had been contacted using unauthenticated
+ connections prior to the user obtaining tokens.
+
+ * The list of ACL entries was becoming corrupted. It appears as if
+ an ACL when it expires was not being appropriately cleaned up. In
+ fact, it was left in the list of ACLs associated with the scache
+ entry.
+
+ * Changed the default @sys name list to "x86_win32 i386_w2k i386_nt40"
+ for 32-bit x86 systems. The default for itanium will be "ia64_win64"
+ and "amd64_win64" for amd 64-bit processors.
+
+ * When executing executables, Windows provides a mechanisms by which
+ the normal search for DLLs can be bypassed. If a file foo.exe is
+ being executed and there exists a file or directory "foo.exe.local"
+ (the contents are ignored if a file), then Windows will search for
+ DLLs first in the "foo.exe.local" directory and second in the
+ directory in which the "foo.exe" file is located.
+
+ Previous releases of OAFW would improperly return
+ STATUS_NOT_A_DIRECTORY instead of the expected
+ STATUS_OBJECT_PATH_NOT_FOUND. This would cause the Windows SMB client
+ to terminate the search for the DLL causing the execution of the
+ application to fail.
+
+ * Rework the reference counting of smb_vc_t objects. The references
+ stored in the waiting locks were not counted. This could result in
+ an assertion if the reference count drops to zero.
+
+ * "fs wscell" returns "Freelance.Local.Root" for the workstation cell
+ when running in freelance mode.
+
+ * Added support for persistent caching of file contents, stat entries,
+ volume data, cell data, and name lookup data. When the registry
+ value, "NonPersistentCaching", is not defined or set to 0 the file
+ specified by "CachePath" becomes a persistent cache file. The
+ size of the cache file is computed at run time. It has a maximum
+ size of approximately 1.2GB. The contents of the file will be
+ validated according to the rules specified by the "ValidateCache"
+ registry value.
+
+ * Added support for UUIDs. UUIDs are kept for as long as the
+ cache file is intact.
+
+ * Added cmdebug.exe and support cache manager debugging callback
+ interfaces in afsd_service.exe.
+
+ Usage: cmdebug -servers <server machine> [-port <IP port>] [-long]
+ [-addrs] [-cache] [-help]
+ Where: -long print all info
+ -addrs print only host interfaces
+ -cache print only cache configuration
+
+ * Symlinks to \\AFS\[all\]... will now be treated the same as
+ symlinks to /afs/.... However, please use /afs/... as otherwise
+ the symlinks won't work on Unix.
+
+ * Correct a problem with local CellID allocation for cells whose
+ server list is obtained via DNS instead of a CellServDB file. If
+ the DNS information expires the CellID assigned to the entry will
+ be changed. This causes all of the cm_scache_t objects which refer
+ to the old cellID number to become useless. Attempts to access
+ files or directories with cm_scache_t objects using the old cellID
+ will fail since the server list cannot be obtained.
+
+ * Correct deadlock condition in cm_EndCallbackGrantingCall which can
+ be triggered if the volume referenced by the cm_scache_t object is
+ offline.
+
+ * The AFS Service needs to respond to SERVICE_ACCEPT_SHUTDOWN messages
+ in addition to SERVICE_ACCEPT_STOP.
+
+ * Move RPC shutdown until after the SMB and RX shutdown procedures
+ complete. Block until RPC shutdown is complete.
+
+ * Modify afslogon.dll (integrated logon) to wait for service if its
+ state is START_PENDING. If the timeout period occurs, reset to
+ the retry interval and not the sleep interval.
+
+ * When renewing the server list for a cell obtained via DNS AFSDB
+ records, the cm_cell_t entry must be removed from the list of all
+ cells. Otherwise, the list of cells will be corrupted.
+
+ * In the dcache and scache modules, use the cm_scache_t dataVersion
+ instead of the cm_fakeDirVersion.
+
+ * Synchronize fs.c with the unix version.
+
+ * The variable used to determine whether a file or virtual memory
+ mapped cache is used was not properly initialized to a default
+ value. If the registry setting "NonPersistentCaching" was not
+ set, the choice would be random. Properly initialized to be
+ "file".
+
+ * The memory mapped view was never unmapped before closing the file
+ at service shutdown. This is now properly cleaned up.
+
+ * Default location of Cache file is now %TEMP%\AFSCache
+
+Since 1.3.76:
+
+ * A bug affecting new installations of 1.3.75/76 would result in
+ the creating of incorrect mountpoints in the freelance root.afs
+ volume for the default cell.
+
+ If "fs \\afs\all\<cellname>" lists a volume name of "root" instead
+ of "root.cell", you have been affected by the bug. To correct the
+ problem, execute the following commands:
+
+ fs rmmount \\afs\all\<cellname>
+ fs rmmount \\afs\all\.<cellname>
+
+ fs mkmount \\afs\all\<cellname> root.cell <cellname>
+ fs mkmount \\afs\all\.<cellname> root.cell <cellname> -rw
+
+Since 1.3.75:
+
+ * A bug has been fixed in the auto-generation of Freelance root.afs
+ symlinks which produced random entries in the \\AFS\all directory.
+
+ * Support has been added for multi-homed servers
+
+Since 1.3.74:
+ * Added a new registry value, "StoreAnsiFilenames", which can be used
+ to force the use of ANSI character sets instead of OEM Code Pages.
+ This feature is useful when users require the ability to create
+ filenames with 8-bit characters and need to access the files from
+ both Latin-1 based Unix systems as well as from Windows.
+
+ Activation of this feature will prevent access to files stored with
+ 8-bit OEM characters.
+
+ * Shutdown all SMB threads in a synchronized manner when stopping the
+ service.
+
+ * There is currently a maximum cache size of 1.3GB. The limit is imposed
+ by the largest contiguous block of unused memory within the 2GB process
+ space which can be assigned to the memory mapped file. Unfortunately,
+ when the executable digital signature verification code is activated
+ Windows sees fit to further segment the process memory which in turn
+ reduces the size of the maximum cache file to less then 800MB. If
+ larger cache sizes are desired, a new registry value should be set:
+
+ HKLM\SOFTWARE\OpenAFS\Client (DWORD) "VerifyServiceSignature" = 0x0
+
+ Setting this value will disable the runtime verification of digital
+ signatures on afsd_service.exe and the afs dlls which it loads. It
+ will not disable the the version number check on those same files.
+ The signature verification is not a security messure and is only meant
+ to enhance the ability to afsd_service.exe to detect potential
+ destablizing mixtures of DLLs from incompatible distributions.
+
+ Added code to auto-disable the signature verification check if
+ the desired cache size is greater then 700MB.
+
+ * Windows' WinTrustVerify(WIN_SPUB_ACTION_PUBLISHED_SOFTWARE) is
+ used to verify the validity of the afsd_service.exe binary
+ as well as each of the AFS DLLs loaded by the service. Not only
+ must the digital signature be valid but the signatures of the
+ DLL must be signed by the same entity as the service.
+
+ * Implement new functions: cm_freelanceMountPointExists and
+ cm_freelanceSymlinkExists. Use them along with other validity
+ checks in cm_freelanceAddMount and cm_freelanceAddSymlink to
+ ensure that name collisions do not occur and that empty strings
+ are not valid file names.
+
+ A symlink may not have a name which would resolve to a valid
+ cell name. Doing so would prevent access to the cell.
+
+ * Add missing cm_HoldSCacheNoLock call to Freelance mount point
+ re-initialization code. The reference counts of the fake root.afs
+ volume scache object(s) would become invalid when the mount point
+ or symlink lists were altered.
+
+ * Add registry entries to provide mappings from the afsdsbmt.ini
+ to the new locations for applications which count on the use
+ of the old Profile file APIs. These apps are likely to fail
+ if the user does not have administrator privileges and the
+ registry is locked down.
+
+ * The afs_config.exe submounts dialog had two errors.
+ First, attempts to remove entries failed because the registry
+ key was being opened without KEY_WRITE privileges.
+ Second, when editing a submount entry, changing the name
+ would add a new key and leave the original one in place.
+ Now the original submount will be removed if its name is
+ changed.
+
+ * In recent months there have been several incidents in which
+ users have experienced problems starting or accessing
+ afsd_service.exe and after significant effort has been spent
+ it has turned out that they have two versions of AFS on the
+ machine or an inconsistent set of DLLs.
+
+ Code has now been added to afsd_service.exe which will walk
+ the list of modules loaded by afsd_service.exe and validate
+ that the version of the AFS DLLs matches the version of the
+ afsd_service.exe executable. If they do not match the service
+ will not start.
+
+ * When Freelance mode is enabled and there is no registry
+ key HKLM\SOFTWARE\OpenAFS\Client\Freelance, afsd_service.exe
+ will attempt to import the afs_freelance.ini file contents.
+ If the file does not exist, it was creating a dummy file
+ with a r/o and r/w entry for the default cell and then
+ importing those values.
+
+ This process has been changed. The temporary file is no
+ longer created. Also, both the OpenAFS Client install
+ directory as well as %WINDIR% are checked for previous
+ afs_freelance.ini files.
+
+ * Added support for VL_GetEntryByNameN(). Still need to add
+ support for VL_GetEntryByNameU() for multi-homed support.
+
+ * Fix a deadlock situation in afscreds.exe when canceling an
+ auto-generated Obtain Tokens dialog
+
+Since 1.3.72/73:
+ * Fix the locking of objects during Directory Searches in the
+ SMB/CIFS server. The failure to properly lock the reference
+ counts was resulting in the premature freeing of smb_dirSearch_t
+ objects while they were still in use by the SMB/CIFS client.
+ This does not solve the "Invalid Handle" problem.
+
+ * Fix Find Cell By Name pioctl call to return a valid cell
+ name for the Freelance fake root.afs volume.
+ "Freelance.Local.Root".
+
+ * Fix the Explorer Shell Extension Symlinks->Add operation.
+ The dialog template was missing and the link destination
+ string was too short.
+
+ * Add support for symlinks to Freelance root.afs volume
+ Stored at HKLM\SOFTWARE\OpenAFS\Client\Freelance\Symlinks
+ <number> = "<linkname>:<relative-path>."
+ Use symlink.exe to create, list, or remove
+
+ * Remove the fallback to the use of KFW's KRB4 library when obtaining
+ tokens. We never obtain KRB4 tickets.
+
+ * Fix AFS Client Configuration Control Panel to support new SysName
+ protocol.
+
+ * Fix a bug in afsd_service.exe which could result in the SysName
+ not being read from the registry.
+
+Since 1.3.71:
+ * Add code to block the issuance of AFS tokens by aklog.exe or
+ afscreds.exe when the Kerberos 5 principal name contains a dot.
+
+ * Modify the IsAdmin() function to always treat the local SYSTEM
+ account as an AFS client administrator. Affects fs.exe and
+ afs_config.exe.
+
+ * Modify the internal handling of Quota Exceeded errors
+
+ * Upgrade all reference count fields in the Windows cache manager
+ and the osi library to use unsigned long instead of signed short.
+ A similar fix has been applied to the afs rpc (rx) library.
+
+ * fix the Windows cache manager to prevent it from replacing the
+ rx_connection object associated with the cm_conn_t object on each
+ and every operation if "fs crypt" was set. This explains the
+ dramatic performance difference when crypt is used vs clear.
+ The problem: 'cryptall', a boolean flag indicating whether or not
+ "fs crypt" is set, was being compared to the rx_connection
+ cryptlevel which is either rxkad_clear:0 or rxkad_crypt:2.
+ 1 != 2 and therefore the rx_connection was always destroyed
+ and replaced on each and every operation.
+
+ Lock the cm_conn_t object around every call to RXAFS_xxxx functions.
+ It is not safe for the cm_conn_t object to not be locked because
+ rx_DestroyConnection might be called from another thread if:
+ - the user's tokens have changed or expired
+ - the crypt mode has changed
+
+ This fix appears to have also taken care of the problems associated
+ with Overlapped Writes resulting in Delayed Write errors.
+
+ * fix NSIS installer's AdminGroup.exe to properly create and
+ remove groups when given -create or -remove. The string comparison
+ test was wrong.
+
+ * fs sysname now accepts a list of sysname values
+
+ * added a new registry value HKLM\SOFTWARE\OpenAFS\Client "IoctlDebug"
+ DWORD which when set to a non-zero value will cause error message
+ text to be output to stderr from the pioctl() routine. Useful in
+ debugging failures of fs.exe, tokens.exe, etc.
+
+ * added a test to the power management code to only perform a
+ flush operation if there is at least one network adapter which
+ is not a loopback adapter.
+
+ * Fix bug in loading of registry value HKLM\SOFTWARE\OpenAFS\Client
+ "EnableKFW". This value will not be read if the key
+ HKCU\SOFTWARE\OpenAFS\Client exists; even if the "EnableKFW"
+ value under that key does not.
+
+ * provide mechanisms to force the use of krb524d for Kerberos 5
+ ticket to AFS token conversion. For afslogon.dll and afscreds.exe
+ there is a new registry value "Use524" and for aklog.exe a new
+ command line parameter "-m".
+
+ * Fix the pattern matching algorithm to properly match patterns
+ ending with a '*'.
+
+ * smb_ReceiveCoreRename() was factored to produce smb_Rename()
+ which is used by both the original function and the new
+ smb_ReceiveNTRename(). smb_ReceiveNTRename() supports the
+ creation of HardLinks in addition to Renaming. smb_Link()
+ is a new function which creates HardLinks via cm_Link().
+ cm_Link() is a new vnodeops function which creates links
+ using RXAFS_Link().
+
+ smb_ReceiveNTRename() does not support the File Copy and
+ Move Cluster Information operations described in its interface.
+ ReceiveNTRename is under documented in CIFS-TR-1p00_FINAL.pdf.
+
+ * When opening files via symlinks, we should follow the symlinks
+ until we reach the actual file stat cache entry. The stat cache
+ entry of the file should then be stored in the FID instead of
+ stat scache entry of the symlink.
+
+ * return bad operation errors for all unimplemented functions
+ even if we do not know the functions exist.
+
+ * Log bad packets and unknown operation packets to the trace log
+
+ * Map CM_ERROR_BADOP to STATUS_NOT_SUPPORTED instead of
+ 0xC09820FF
+
+ * Update list of known CIFS operations to include all those listed
+ in CIFS-TR-1p00_FINAL.pdf.
+
+ * Modify the handling of HKLM\SOFTWARE\OpenAFS\Client\Submounts
+ to support the REG_EXPAND_SZ type.
+
+Since 1.3.70:
+ * A new Windows authorization group "AFS Client Admins" is now
+ created and populated with the members of the "Administrators"
+ group. The group is used to determine which accounts on the
+ machine may be used to modify the AFS Client Configuration via
+ the UI and command line tools. afs_config.exe, fs.exe,
+
+ * Modify the WinLogon Logoff Event Handler to query NT4 domain
+ controllers for the remote profile path if Active Directory
+ services are not available.
+
+ * Fix aklog.exe to not add the AFS ID to the username
+
+ * PTS registration of new users to foreign cells has been added to
+ afscreds.exe
+
+ * The cm_Daemon thread is used to perform checks for
+ down servers, up servers, volumes, callback expirations,
+ lock maintenance and token expiration. Due to a gaff in
+ larger integer division the thread never performed any
+ work. Instead the current time computation would always
+ be less then the trigger times. This had an adverse affect
+ on the client's ability to maintain communication with servers,
+ keep volumes up to date, and flush user tokens and acls
+ when they have expired. This was broken when the 1.3 branch
+ was modified to support VC7 which no longer included
+ largeint.lib
+
+ * An initialization problem with the Freelance code was
+ detected while fixing the callbackRequest. The cm_rootSCachep
+ object is obtained during afsd_InitDaemons() but the callback
+ information is incomplete. The callback information will not
+ be obtained until cm_MergeStatus is called from within
+ cm_GetCallback. Unfortunately, cm_SyncOp did not properly
+ test for the conditions under which the callback information
+ must be obtained.
+
+ * Reports have been filed indicating that callbacks were
+ being lost. An examination of the code indicated that the
+ cm_server_t objects were not being properly reference
+ counted by the cm_scache_t and cm_callbackRequest_t objects.
+ In particular, the cm_server_t objects may have been freed
+ from beneath the cm_conn_t objects.
+
+ All of the reference counting is now done via the functions:
+ cm_GetServer
+ cm_GetServerNoLock
+ cm_PutServer
+ cm_PutServerNoLock
+ this improves the ability to track the referrals.
+
+ Each cm_BeginCallbackGranting Call now allocates a reference
+ to the cm_server_t. The cm_EndCallbackGrantingCall either
+ frees the reference or transfers it to the cm_scache_t
+ cbServerp field. These are then appropriately tracked
+ through the cm_Analyze call.
+
+ * Ensure that the dnlc hash table is the same size as the
+ dir name hash table (as per original author's note).
+ Increase the dnlc CM_AFSNCNAMESIZE to a multiple of 8
+ for compatibility with 64-bit systems.
+
+ * fix smb_ApplyV3DirListPatches to properly apply the hidden
+ attribute to dotfiles when the infoLevel < 0x101 and
+ cm_SyncOp has failed.
+
+ * Fix the Freelance registry initialization code. There
+ was a possibility that some systems could end up with
+ garbage in the registry during a clean install.
+
+Since 1.3.66:
+ * file and directory names beginning with "." will now be given the
+ hidden attribute when the volume access is anonymous. this matches
+ the behavior when the volume access is via an authenticated user.
+
+ * Added a change monitor to the HKLM\SOFTWARE\OpenAFS\Client\Freelance
+ key. When a change occurs mark the root.afs data as invalid and
+ for it to be reloaded on the next access. This allows administrators
+ to modify the mount point list without restarting the service.
+
+ The freelance client used to provide a fake modification time for
+ the root.afs volume data and its mount points of 7/09/2001 14:24 EDT.
+ Added code to extract the last modification time of the Freelance
+ registry key and use that instead. The time now represents the
+ most recent mount point change.
+
+ * PTS registration of new users to foreign cells has been added to
+ aklog.exe
+
+ * Additional Cache Control and Credential Manager options have been
+ added to the WiX installer. See deployment guide for details.
+
+ * The CachePath setting is now optionally a REG_EXPAND_SZ type
+
+ * The WiX installer has been upgraded. Version 2.0.1927.1 is now
+ required.
+
+ * The loopback installation code may have had a problem updating the
+ %ETC%\HOSTS file which could have resulted in a premature failure.
+ Work around code has been added for the case where the file cannot
+ be deleted.
+
+ * The default max chunksize was increased from 15 (32K) to 17 (128K)
+ because Windows sends 64K blocks when using overlapped writes.
+
+ * The default number of server threads was increased from 4 to 25 to
+ better handle overlapped writes.
+
+ * The "AfscredsShortcutParams" registry value was not being properly
+ loaded by afscreds.exe. Therefore, the default value was always being
+ used instead of the value set by the installer.
+
+ * Windows XP provides downgrade attack detection to prevent an attacker
+ from being able to force the use of NTLM simply by disrupting
+ communication with the KDC. This attack cannot exist between the
+ Windows CIFS client and the AFS Client Service. Therefore, when a
+ downgrade has been detected the afs pioctl library will force the
+ establishment of a new CIFS connection using NTLM.
+
+ * A locking error was discovered surrounding all references to volume
+ server lists within the cm_cell.c source file.
+
+ * The logged into Windows username was incorrect on Terminal Server
+ machines.
+
+ * A new registry value "NonPersistentCaching" was added to the service
+ parameters key. When set to a non-zero value, the afs cache is stored
+ in the Windows paging file. There are two limitations to choosing
+ this option:
+ 1. when persistent caching is implemented it won't work with
+ this flag set since there will be nothing to persist.
+ 2. with this flag set the initial paging allocation cannot be
+ changed while the service is running
+
+ * An initialization bug was discovered in aklog.exe which affected users
+ who have a domain name for their afs servers which could not be mapped
+ to a realm
+
Since 1.3.65:
+ * afs_config.exe now validates cell names against DNS in addition
+ to the CellServDB file.
+
+ * In order to allow the freelance client to connect to a volume with ID
+ equal to 1 on the default cell we changed the fake root.afs volume ID
+ once again. This time we choose 0xFFFFFFFF. In addition, we change
+ the cell ID of the fake root.afs volume from 1 to 0xFFFFFFFF as well.
+ It will now be impossible for a volume ID to match that of another
+ cell unless the client is connected to 0xFFFFFFFD cells. That should
+ be enough room for growth.
+
+ * Fix "fs mkmount" command to work with UNC paths and when
+ started from non-AFS drives. It is now possible to create a mount
+ point in the freelance fake root.afs volume with the command
+
+ fs mkmount \\AFS\all\<directory-name> <volume-name> <cellname>
+
+ For example,
+
+ fs mkmount \\AFS\all\openafs.org root.cell openafs.org
+ fs mkmount \\AFS\all\.openafs.org root.cell openafs.org -rw
+
+ * The algorithm used to re-attempt access to the servers associated with
+ a volume has been altered to properly address the case in which all
+ servers have been marked down. The previous algorithm did not reset
+ the server's down flags so the servers were never actually retried.
+ This caused a problem with active volumes if the network connectivity
+ was lost as could be the case with a network cable removal, wireless
+ drop, or laptop hibernation. With the fix volume access is restored
+ almost instantenously when network connectivity becomes available.
+
* Support for SMB/CIFS browsing has been added to the AFS Client Service
SMB server. It is now possible to use "NET VIEW \\AFS" to obtain a
listing of AFS submounts and freelance mount points. Support for
user's profile is not loaded from within AFS. If the profile
was loaded from AFS we can't release the tokens since the Logoff
event is triggered prior to the profile being written back to
- the its source location.
+ the its source location. This is now performed in an XP SP2
+ safe manner.
* Windows XP SP2 Internet Connection Firewall interoperability
has been added.
builds as well as CHECKED (aka DEBUG) builds
* Sites which have a volume ID of 0x20000001 assigned to their
- root.afs volumes have been experiencing problems with accessing
- the root.afs volume of their cell when Freelance mode has been
+ root.cell volumes have been experiencing problems with accessing
+ the root.cell volume of their cell when Freelance mode has been
active. This was because 0x20000001 was assigned to the fake
root.afs volume created by freelance. The fake volume id is
now set to 0x00000001 to prevent conflicts.
This should be the end of the "Server paused or restarting messages"
- * Fix "fs mkmount" command to work with UNC paths and when
- started from non-AFS drives
-
* Add support for arbitrary UNC paths to the pioctl() support.
This enables the fs commands as well as the AFS Shell Extension
to work correctly when UNC paths are being used.
git://git.openafs.org / openafs.git / blobdiff