-
Notifications
You must be signed in to change notification settings - Fork 149
/
ReleaseNotes.txt
2679 lines (2437 loc) · 133 KB
/
ReleaseNotes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
======
XRootD
======
Release Notes
=============
--------------
Version 5.1.0
--------------
+ **New Features**
* **[XCache]** Make TLS substitution for net cksum selectable.
* **[XCache]** Support pgRead and checksums.
* **[Server]** New ztn security plugin to provide a SciTokens sentinel.
* **[Server]** Allow optional return of checksum in dirlist response.
* **[Server]** Allow additional ports to be associated with a protocol.
* **[Server]** Implement an internal nano-DNS for k8s setups (mostly for SSI).
* **[Server]** Allow internal application push of plugin library.
* **[Server]** Implement checkpointed file modifications (i.e. kXR_chkpoint).
* **[Server]** Enhance the StatPF() method.
* **[Xache]** Phase 1 of checksum integrity implementation (a.k.a pgread).
* **[Monitoring]** Implement extensive g-stream enhancements.
* **[XrdCl]** Don't enforce host verification for localhost, closes #1318.
* **[XrdCl]** Allow for roots/xroots protocol in metalinks.
* **[XrdCl]** Add write API that transfers data from a FD.
* **[XrdCl]** Add write API that takes ownership of the buffer.
* **[XrdCl]** Implement redirect collapsing.
* **[XrdCl]** Add stream TTL callback.
* **[XrdCl]** xrdcp: allow write recovery at a redirector.
* **[XrdCl]** Allow negative flags in redirect port.
* **[XrdCl]** Implement PgRead.
* **[XrdCl]** Substitute PgRead with Read if the former is not supported.
* **[XrdCl]** Add a switch for disabling IP shuffling.
* **[XrdCl]** Declarative API: implement Repeat, Replace, Ignore and Stop
directives.
* **[XrdCl]** Allow exxternal components to register new topics in XrdCl::Log.
* **[XrdCl]** xrdfs ls: add option to get checksum per entry.
* **[Python]** Expose the Prepare::Evict flag, fixes #1322.
* **[XrdZip]** Add general ZIP utilities.
* **[XrdSys]** Add kernel buffer utility.
* **[XrdZip]** Provide headers implementing LFH, CDFH, ZIP64EOCD, ZIP64EOCDL
and EOCD records.
* **[CMake]** Add suitable RUNPATH to build-tree library.
* **[CMake]** Add 'plugins' phony target.
* **[XrdSciTokens]** Add scitokens plugin.
+ **Major bug fixes**
* **[Server]** Make sure that alignment is a power of two for posix_memalign.
* **[Server]** Redo checksum changes to provide backward compatibility.
* **[Server]** Correct version checking to prevent false negatives.
* **[Server]** When requested fully verify supplied checksums in pgwrite.
* **[Server]** Fix memory leak of 64MB per checksum request. Fixes #1291
* **[POSIX]** Initialize pointer when object reused to prevent memory corruption.
* **[POSIX]** Correctly initialize serverless cache to avoid SEGV.
* **[TPC]** Do not hold lock when deleting a proxy autorm TPC job that failed.
* **[XrdHttp]** Prevent unterminated/corrupted headers from looping the server.
* **[PIP]** Convert egg-info into proper dist-info.
* **[XrdCl]** xrdcp: fix regression in recursive copy.
* **[XrdCl]** Use ntohll() for pgread offsets.
* **[XrdCl]** Correctly propagate TLS error message.
* **[SSI]** Prevent a buffer from being recycled twice leading to random errors.
* **[SSI]** Avoid race condition between Finished() and Event Dispatch (causes SEGV)
+ **Minor bug fixes**
* **[XrdCl]** Create file descriptors with XrdSysFD utility.
* **[XrdCl]** Make sure kXR_attrVirtRdr flag is set properly.
* **[XrdCl]** Make sure error message does not include a null-character.
* **[XrdCl]** Fix 'xrdfs ls -l' output parsing.
* **[XrdHttp]** URI-quote outgoing opaque data for HTTP-TPC.
* **[XrdHttp]** In http mode fail the read if any error comes from the socket,
including timeout.
* **[CMake]** Set rpath for pip build.
* **[Python]** Strip the leading v from __version__.
* **[POSIX]** Make sure to always return consistent stat() information.
* **[cmsd]** Correct write lengths to not write null bytes to env file.
* **[cmsd]** Correct parsing bug that results in an erroneous warning.
* **[Server]** Fix possible storage opverlay when dealing with TLS protocols.
* **[Server]** Fix esoteric truncation of long dirlist. Fixes #1340
* **[Server]** Do no terminate dirlist when a deleted directory is encountered.
* **[Server]** When requested fully verify supplied checksums in pgwrite.
* **[Server]** Prevent inadvertent double load of fixed protocol.
* **[PIP]** Fix WHEEL file (new line char).
* **[PIP]** Make sure pip list displays correct xrootd version.
* **[PIP]** Include the PKG-INFO in the root dir.
+ **Miscellaneous**
* **[Server]** Make sure atleast one export exists in the export list.
* **[Server]** Echo the command line into the log.
* **[SSI]** Allow server-side debug to be enabled via an envar.
* **[Xcache]** Allow origin location query to be refreshed.
* **[cmsd]** Ignore stacked plugin specifications as they are not supported.
* **[cmsd]** Correctly parse osslib when it have options.
* **[cmsd]** Display the name of the named pipe being waited upon.
* **[XrdSciTokens]** Add XrdSciTokens submodule.
* **[XrdHttp]** Bump the max size for an Http header line to 16K.
* **[XrdHttp]** Per request, use curl's escaping function to match EOS practice.
* **[XrdHttp]** Make "tlsreuse off" the default.
* **[XrdCl]** Force socket error on header integrity check failure.
* **[RPM]** Add client-compat and server-compat packages, based on XRootD 4.
* **[XrdCns]** Retire the component.
* **[XrdCl]** Report version in the logs when the client lib is initialized.
--------------
Version 5.0.3
--------------
+ * **Major bug fixes**
* **[Server]** Add missing return that breaks loading of the oss.statlib
* **[Server]** Prevent SEGV upon poller error on TLS links doing async I/O.
* **[Server]** Avoid SEGV when checksum response is invalid.
* **[TLS]** Avoid bad behaviour when authentication fails on a TLS connection.
+ * **Minor bug fixes**
* **[Server]** Report correct owner/group in extended status.
* **[XrdCl]** Fix group ownership print out in extended stat.
* **[XrdPosix]** Fix _STAT_VER problem on Fedora rawhide.
* **[HTTP]** Align TPC cadir procesing with HTTP to avoid config issues. Fixes #1323
+ * **Miscellaneous**
* **[Server]** Correct TLS identification test for authentication protocol.
* **[Server]** Pass the environment+secEntity to checksm manager. Fixes #1294
--------------
Version 5.0.2
--------------
+ * **Major bug fixes**
* **[Server]** Avoid POSC deletion when file creation fails because it exists.
* **[HTTP]** Prevent secret key leakage if specified in the config file.
* **[Python]** Prevent deadlock in Python bindings from XRootD.client.finalize.
+ * **Minor bug fixes**
* **[OFS]** Correct missparsing '+cksio' option to avoid config failure.
* **[XRootD]** Correct flag reset code for esoteric ssq monitor option.
* **[XrdCl]** Fix memory leak in copy process.
+ * **Miscellaneous**
* **[Server]** Strip out explicit plugin version designation with nasty message.
* **[Server]** Tighten requirements to display config file.
* **[HTTP]** Honor the tlsreuse option.
* **[HTTP]** Avoid issuing confusing messages for improbable configs.
* **[TLS]** Really kill the session cache when asked.
* **[Xcache]** Correct regression that killed dca option.
* **[Utils]** Add SHA3 checksum to utils.
* **[XrdCl]** Utils::GetHostAddresses: use shuffle insted of random_shuffle.
* **[XrdCl]** xrdcp: short circuit file exists error.
* **[Debian]** Add XrdClHttp plugin to xrootd-client-plugins package.
* **[XrdVom]** Add symlink to libXrdHttpVOMS for backwards compatibility.
--------------
Version 5.0.1
--------------
+ **Major bug fixes**
* **[CMS]** Use correct adminpath for creating Unix socket. Fixes #1255
* **[HTTP]** Correctly handle certs relative to refcount to avoid SEGV.
* **[HTTP]** Escape pathnames in HTTP and XML responses.
* **[Xcache]** Add missing initializer to avoid malloc() abort.
+ * **Minor bug fixes**
* **[VOMS]** Correct use of undocumented API that caused hang w/ dbg. Fixes #1245
* **[GSI]** Use the storage deallocator that matches the allocator.
* **[TPC]** Fix potential null pointer dereference on Push.
* **[XrdOuc]** Fix XrdOucUtils::Sanitize not sanitizing the first character in
the string.
+ * **Miscellaneous**
* **[SSI]** Forward port LSST request scaler with auto-tuning.
* **[HTTP]** Enable session cache by default, provide http.tlsreuse directive.
* **[cmsd]** Reimplement affinity algorithm using verified LSST mechanism.
* **[CMS]** Allow redirect to local filesystem when using HTTP.
* **[Mon]** Rationalize UDP packet sequence numbers.
* **[Server]** Adding fbuff argument to monitoring to restrict maximum size of
fstream packet.
* **[XrdHttp/XrdVoms]** Pass parameters specified in the http.secxtractor down the
chain.
* **[XrdCrypto/XrdHttp]** Extract DN from user (proxy, multi-proxy) certificate and
properly handle the gridmap-file functionality when accessing
through HTTP.
* **[XrdHttp]** Add "required" parameter to the http.secxtractor and http.gridmap
configuration directives.
* **[xrootdfs]** Set XrdSecEntity.uid/gid in xrootdfs.
--------------
Version 5.0.0
--------------
+ **New Features**
* **[gsi]** Allow keywords for options that accept numeric values.
* **[gsi]** Add -authzcall option to better control authz usage.
* **[XrdSec]** Add support for x509 capabilities.
* **[PSS]** Allow http and https for forwarding proxies.
* **[Voms]** Allow Voms plugin to work for gsi and https.
* **[SSS]** Allow sss authentication protocol to clone credentials.
* **[Auth]** Allow authentication protocols to require TLS.
* **[Apps]** Add xrdpinls to list plugin version requirements.
* **[All]** Add hardware assisted CRC32C checksum based on Mark Adler's code.
* **[All]** Implement new thread-safe strerror() replacement.
* **[Server]** Provide option to reduce performance impact of usage tracking.
* **[Server]** Define method to get partition information; mostly for Xcache.
* **[Server]** Allow display of SecEntity for https and xroot.
* **[Server]** Add xrootd.tlsreuse directive for session cache control.
* **[Server]** Add command line options -a and -A for adminpath default.
* **[Server]** Add command line options -w and -W for homepath setting.
* **[Server]** Implement kXR_pgread and kXR_status.
* **[Server]** Allow XrdNetAddr to track socket dialect.
* **[Server]** Add ofs.ctllib directive for FSctl plugin.
* **[Server]** Provide a way to see the actual server config when running.
* **[Server]i** Provide fallback when an IPv6 address is missing a ptr record.
* **[Server]** Allow xrootd.fslib plugin to be generally stacked.
* **[Server]** Implement a stackable post authentication plug-in (sec.entitylib).
* **[Server]** Add getfile and putfile SFS interface.
* **[Server]** Allow plugin stacking for most OFS plugins.
* **[Server]** Add plug-in interface for performance reporting.
* **[Server]** Add Features(), getFile(), and putFile() methods to SFS.
* **[Server]** Implement simple g-stream monitoring for medium level repotring.
* **[Server]** Trivialize OFS plugin wrapping (breaks ABI).
* **[Server]** Add additional fields to he SecEntity structure (breaks ABI).
* **[Server]** Allow redirector to handle kXR_dirlist location resolution.
* **[Server]** Implement tcpmonlib directive for TCP socket monitring.
* **[XrdCl]** Introduce recovery mechanism for declarative operations.
* **[XrdCl]** Introduce policies for parallel operations (all, any, some, at least).
* **[XrdCl]** xrdcp: add --notlsok and --tlsnodata options.
* **[XrdCl]** xrdcp: enable roots and xroots as TLS protocols.
* **[XrdCl]** xrdcp: add new --tlsmetalink option.
* **[XrdCl]** xrdcp: add an option (--xattr) to preserve extended attributes.
* **[XrdCl]** xrdcp: allow roots/xroots protocol.
* **[XrdCl]** xrdfs: expose extended stat information (if available) in stat and ls -l.
* **[XrdCl]** Add support for extended attributes.
* **[XrdCl]** Log properly TLS events.
* **[XrdCl]** Monitor writev requests.
* **[XrdCl]** Make sure there is at least one data stream if server requests the
client to encrypt only control and send data unencrypted.
* **[XrdCl]** Implement TLS encryption (roots/xroots). Use async TLS, handle want
read/write in an event-loop.
* **[XrdCl]** Ensure only one instance of DefaultEnv exists
* **[XrdCl]** Allow server to request encryption.
* **[XrdCl]** Make Socket class upgradeable to TLS.
* **[XrdCl]** Add support for local file rm.
* **[XrdCl]** Fail all handlers in pipeline on failure.
* **[XrdCl]** Implement extended attribute (xattr) support.
* **[XrdCl]** Add global on connect callback API.
* **[XrdCl]** Introduce PgRead/PgWrite interface.
* **[XrdCl]** Add envar (XRD_TLSFALLBACK) that makes the client fallback to root if
the server does not support roots.
* **[XrdCl]** Take into account connection specific CGI when selecting channel.
* **[XrdCl]** Set kXR_ExpTPC if connection is being established in context of TPC.
* **[POSIX]** Add methods to the cache mngt objecT to get status of a cached file.
* **[POSIX]** Add N2N pfn2lfn option -cachesrc to pass data source to the N2N.
* **[TLS]** Add peer certificate verification.
* **[TLS]** Make sure log notes the connection type.
* **[TLS]** Add hostname validation.
* **[TLS]** Use recommended ciphers add xrd.tlsciphers directive to override.
* **[TLS]** Implement crl/ca automatic refresh.
* **[TLS]** Add additional options for session caching.
* **[TLS]** Add tracing capability to the TLS stack.
* **[SSI]** Export request scaling interface.
* **[SSI]** Add generic Control() method for future use.
* **[SSI]** Simplify GetResponseData() to return void not enum (breaks ABI).
* **[SSI]** Add generalized option setting method, SetConfig().
* **[Proxy]** Report features.
* **[Proxy]** Allow proxy to forward xroots and roots protocols.
* **[XCache]** Optionally supply source and CGI to N2N cache plugin.
* **[XCache]** Provide monitoring summary statistics.
* **[XCache]** If needed, delay IO destruction internally in Detach. XrdScheduler
is now always available.
* **[XCache]** Provide confh backward compatibility for "pss.cachelib" directive.
* **[XCache]** Simplify summary statics gathering.
* **[XCache]** Autoconfig oss and cmsd using pfcache export attribute.
* **[Python]** Add xattr API.
* **[CMSD]** Add space trace option for tracing space utilization changes.
* **[FRM]** Allow frm_xfrd to split in/out copy allocation.
+ **Major bug fixes**
* **[VOMS]** Do not touch the Entity.name field; especially converting spaces.
* **[Server]** Add missing initializer to avoid TPC SEGV on busy systems.
* **[Server]** Accommodate changes in epoll handling in CentOS 7.10 plus.
* **[SSI]** Fix double delete due to extraneous code addition.
* **[XrdCl]** Use diffrent bit for mkpath and tpc delegation.
* **[XrdCl]** tpc: don't open non-root/xroot source.
* **[XrdCl]** Adjust # of strm queues when server requests additional data.
* **[PFC]** Make sure scheduler pointer is always valid.
* **[Proxy]** Remove offending CGI elements before passing URL.
* **[XrdHttp]** Fix MKCOL response when we have an EEXIST.
+ **Minor bug fixes**
* **[Acc]** Process compound capability rules as documented.
* **[gsi]** Fail server initialization when gsi did not initialize. Fixes #1042
* **[Proxy]** Properly handle non-xroot URLs.
* **[Proxy]** Correct version information.
* **[cmsd]** Make sure to return correct error when creation conflict occurs.
* **[Server]** Handle iovec's longer than IOV_MAX.
* **[Server]** Correct action determination for debug message to avoid strife.
* **[Server]** Use correct mechanism to determine DNS registration.
* **[Server]** Make space usage maintenance fully thread safe.
* **[Server]** Avoid duplicate usage update under certain conditions.
* **[XrdCl]i** xrdcp: don't create unwanted dir if --recursive switch was used.
+ **Miscellaneous**
* **[Acc]** Dynamically attach a sliced SecEntity as one of its object attributes.
* **[Utils]** Don't hide true error when loading a plugin w/o an alternate.
* **[gsi]** Make -trustdns default false (i.e. do not use DNS).
* **[gsi]** Remove built-in VOMS extractor and FunLite example.
* **[gsi]** Make -vomsat default "ignore".
* **[Server]** Implement exchange buffering for increased performance.
* **[Server]** Remove Solaris polldev support (reverts to using pollpoll).
* **[Server]** Turn off forwarding if authorization has not been enabled.
* **[Server]** Rationalize how pidfiles are created.
* **[Server]** Make sure loginid corresponds to the POSIX.1-2008 standard.
* **[Server]** Honor authentication protocol TLS requirements.
* **[Server]** Turn off IP address caching when dynamic DNS is enabled.
* **[Server]** Log unusual stat() errors affecting file availability.
* **[Server]** Manage reference counters in a more timely fashion.
* **[Server]** Fallback using known DNS name when reverse translation fails.
* **[Server]** Provide interface for checksum handler to report progress.
* **[Server]** Improve SFS wrapping and add "how to" documentation.
* **[Server]** Add appname to SecEntity attribute set.
* **[Server]** Assign a unique ID to each SecEntity instance.
* **[Server]** Make cksio the default for the ofs.osslib directive.
* **[Server]** Add checkpoint() method to XrdSfsFile.
* **[Server]** Add kXR_ItExists error for EEXIST errno don't use kXR_BadRequest.
* **[Server]** Remap kXR_BadRequest to EBADRQC.
* **[Server]** Change uses of ENOSYS to ENOTSUP for consistent meaning.
* **[Server]** Make all error code mappings consistent.
* **[Server]** Deprecate use of '-2' option in oss.statlib.
* **[Server]** Distinguish between authentication and authorization failures.
* **[Server]** Allow TLS session reuse for xroots protocol.
* **[SSS]** Update sss protocol for new SecEntity object.
* **[SSI]** Avoid SIGABRT when init fails. Fixes 751
* **[SSI]** Use exchange buffering to avoid using memcpy for improved peformance.
* **[XCache]** Provide config backward compatibility for "pss.cachelib" directive.
* **[XCache]** Switch from usage of XrdFileCache prefix to XrdPfc.
* **[XCache]** Cleanup statistics object and add additional fields.
* **[Proxy]** Refactor proxy server caching implementation.
* **[All]** Use thread-safe strerror() replacement, part 1.
* **[CMake]** Move to CMake 3.
* **[Protocol]** Remove unused kXR_attn subcodes.
* **[Protocol]** Define the asyninfo response structure.
* **[Protocol]** Add TLS-specific bits for anonymous get/putfile.
* **[XrdCl]** When selecting channel take into account protocol (root vs roots).
* **[XrdCl]** Use XRootDStatus instead of Status for internal workflows.
* **[XrdCl]** Make sure TLS err msg are propagated to the end user.
* **[XrdCl]** Log socket upgrade to TLS at Info level.
* **[XrdCl]** Filter out xrdcl.* parameters from tpc.scgi.
* **[XrdCl]** Widely apply PIMPL idiom.
* **[XrdCl]** Review public headers.
* **[XrdCl]** Simplify Channel abstraction.
* **[XrdCl]** Remove OpenFlags::Append.
* **[XrdCl]** Clear SSL error queue after every authentication routine.
* **[XrdCl]** Preserve xrdcl.* cgi elements on redirect as they are important for
the internal workflow.
* **[RPM]** Remove xrdstagetool, xrd, xrdcp-old and xprep.
* **[RPM]** Don't build/install cns.
* **[RPM]** Remove old XRootD client.
* **[RPM]** Remove XRootD 3.x.x compat package.
* **[RPM]** Add symlink libXrdFileCache.so -> libXrdPfc.so.
* **[XrdMacaroon]* When possible, use the built-in chaining featured in Xrootd 5.
* **[XrdTpc]** Have HTTP-TPC reuse the SFS from the environment.
* **[TPC]** Honor client's source protocol specification server-side.
* **[Plugins]** Make sure underlying msgs get passed along. Fixes #1015
* **[XrdHttp]** Use the framework to handle OpenSSL contexts.
* **[TLS]** Always configure with session cache disabled.
--------------
Version 4.12.4
--------------
+ **Major bug fixes**
* **[XrdCl]** Fix regression in recursive copy (introduced in f6723e00).
* **[VOMS]** Do not touch the Entity.name field; especially converting spaces.
* **[VOMS]** Fix improper collection of multi-VO cert attributes.
* **[RPM]** Refine xrootd-voms obsoletes/provides for vomsxrd.
* **[RPM]** Remove libXrdSecgsiVOMS-4.so from xrootd-libs pkg.
* **[pfc] Make sure v4 does not try to read v5 cinfo files.
* **[XrdHttp]** Shutdown the connection in the case of an unrecognized HTTP
first line.
+ **Minor bug fixes**
* **[Server]** Make sure to sanitize username in the HTTP bridge.
* **[Server]** Make sure loginid corresponds to the POSIX.1-2008 standard.
+ **Miscellaneous**
* **[Debian]** Add XrdClHttp plugin to xrootd-client-plugins package.
* **[XrdHttp]** Add "required" parameter to the http.secxtractor and http.gridmap
configuration directives.
* **[XrdCrypto/XrdHttp]** Extract DN from user (proxy, multi-proxy) certificate and
properly handle the gridmap-file functionality when
accessing through HTTP.
* **[Protocol]** Add flag to say locate is for dirlist.
* **[XrdCl]** Apply kXR_compress & kXR_4dirlist to deep locate if done in context of
dir list.
--------------
Version 4.12.3
--------------
+ **Major bug fixes**
* **[RPM]** xrootd-voms pkg obsoletes xrootd-voms-plugin.
* **[Python]** Make sure XrdVersion.hh is generated correctly during pip install.
--------------
Version 4.12.2
--------------
+ **Major bug fixes**
* **[XrdHttp]** Added protection against a NULL bridge instance.
* **[XrdHttp]** Avoid the reqstate to go below zero in case of strange headers.
* **[XrdVoms]** Set the prox field to "xrdvoms" as the extractor.
* **[XrdVoms]** Fix various option parsing problems.
* **[XrdVoms]** Backport a clean patched VOMS version from R5.
+ **Minor bug fixes**
* **[Docs]** Make the xrdmapc help text and manpage match the code.
* **[Docs]** Fix empty xrdmapc manpage.
* **[CMake]** Fix XRootD config module.
+ **Miscellaneous**
* **[Server]** Allow specification of whether or not dirlist is locally handled.
* **[XrdVoms]** Replace git sub-module with full-fledged component of xrootd core.
* **[XrdVoms]** Simplify the gropts parameter.
* **[XrdVoms]** Rename XrdSecgsiVOMS-4.so to XrdVoms-4.so, create XrdSecgsiVOMS-4.so
symlink for compability.
--------------
Version 4.12.1
--------------
+ **Major bug fixes**
* **[XrdXrootdVoms]** Fix run-time lib dependencies.
+ **Minor bug fixes**
* **[xrdcp]** Don't create unwanted dir if --recursive option was used and the
source is a file.
--------------
Version 4.12.0
--------------
+ **New Features**
* **[Server]** User redirector to find directory to be listed (R5 backport).
* **[XrdCl]** More effective error recovery policy when the source is a metalink.
* **[xrdcp]** Implement bandwidth limiting (--xrate option).
* **[xrdcp]** Implement ability to continue interrupted transfer (--continue).
* **[xrdcp/Python]** Add an option (--zip-mtln-cksum) to use the checksum from
a metalink with files extracted from ZIP archives.
* **[xrdcp/Python]** Automatically infer checksum type if asked to.
* **[xrdcp/Python]** Add an option (--rm-bad-cksum) to automatically remove
destination file if the checksum check failed.
+ **Major bug fixes**
* **[Server]** Correct sequencing of an async close to prevent a SEGV.
* **[Server]** Add missing initializer to avoid TPC SEGV on busy systems.
* **[Server]** Initialize the XrdAccEntityInfo structure.
* **[XrdHttp]** Fix MKCOL response when we have an EEXIST.
* **[XrdHttp]** Periodically reload verify cert store.
* **[XrdHttp]** Disable session cache.
* **[XrdCl]** Don't set on-connection handler for local files.
* **[XrdCl]** Don't set the stream error window for auth errors.
* **[XrdCl]** Fix race condition resulting in dangling pointer to SidMgr.
* **[XrdCl]** Make Channel operations thread-safe in respect to ForceDisconnect.
+ **Miscellaneous**
* **[Deb]** Refine debian packaging.
* **[CMake]** Repleace XRootD find module with config module.
* **[RPM/CMake]** Don't build XrdCns.
* **[Packaging]** Add xrootd-voms and xrootd-voms-devel packages equivalent
* **[Packaging]** Add additional private headers for vomsxrd.
to the vomsxrd packages.
* **[Python]** Support PyPy.
--------------
Version 4.11.3
--------------
+ **Major bug fixes**
* **[Server]** Avoid SEGV when skipping over large if/else/fi blocks.
* **[XrdHttp]** Fix curl speed limit to be really around 10KB/s.
* **[xrootdfs]** Make sure xrootdfs_create() checks return code of
xrootdfs_do_create().
* **[XrdHttp]** Change the default ssl cipher.
* **[XrdHttp]** Enable elliptic-curve support for OpenSSL 1.0.2+.
* **[XrdHttp]** Use Mozilla cipher list only with OpenSSL 1.0.2+.
+ **Minor bug fixes**
* **[XrdCl]** When xrdcp reports an error refine the message so it is
clear whether the erros comes from the source or destination.
* **[XrdCl]** Make sure on error local redirect is not retried infinitely.
* **[XrdXrootdConfig]** Fixed wrong segsz parameter.
* **[XrdHttp]** Give a chance to map the issuer name in the case of a proxy
certificate (needed to accommodate systems that do user
mapping, e.g. eos)
* **[XrdHttp]** Fix the logic for determining SecEntity.name.
* **[XrdHttp]** Don't overwrite SecEntity.name after the gridmap phase.
* **[xrootdfs]** Make sure xrootdfs_create() does check the return code of
xrootdfs_do_create().
+ **Miscellaneous**
* **[XrdSecgsi]** In the case of delegation, give client a chance to
use XrdSecGSISRVNAMES to limit where it is being
redirected to.
* **[Python]** Make rpath relative to the module.
* **[Debian]** Proper Debian pkg naming.
* **[XrdCl]** Use glibc semaphores for rhel>=7.
* **[Server]** Export pointers to Acc, Ofs, and Sfs plugin into the XrdEnv.
* **[XrdMacaroons]** Use env ptrs to get authorize obj.
--------------
Version 4.11.2
--------------
+ **Major bug fixes**
* **[Proxy]** Remove offending CGI elements before passing URL.
* **[Server]** Accommodate changes in epoll handling in CentOS 7.10 plus.
* **[SSI]** Fix double delete due to extraneous code addition.
* **[XrdOuc]** Prevent seqv in XrdOucString::replace().
* **[XrdHttp]** Fix escape code for \r.
* **[XrdHttp]** Fix: the url quoting function was swapping the quoting of
CR and LF.
* **[XrdHttp]** Fix the "100 Continue" response.
* **[XrdHttp]** Prevent the logic that looks for the /n from getting confused
by lines containing zeroes.
* **[XrdTpc]** Properly forward existing opaque info to the OFS layer.
* **[XrdTpc]** Properly format redirection URL when OFS layer returns also opaque
information.
* **[SSI]** Avoid SIGABRT when init fails. Fixes 751
+ **Minor bug fixes**
* **[Python]** Use right bdist_wheel.
* **[XrdCl]** Report last error if metalink runs out of replicas, fixes #1071
+ **Miscellaneous**
* **[CMake]** Add XROOTD_PLUGIN_VERSION to FindXRootD.cmake.
* **[XrdCl]** TPC: use separate cgi element (tpc.dlgon) to mark user intension
to delegate.
* **[Server]** Use new tpc.dlgon CGI token to drive tpc redirection.
* **[CMake]** Add option to build only client libraries.
* **[XrdHttp]** If a gridmap file has been configured, XrdHttp now prefers the
already mapped username to the non-mapped one that's coming from
a security extractor plugin.
--------------
Version 4.11.1
--------------
+ **Major bug fixes**
* **[XrdSys]** Avoid deadlock on poller stop, fixes #1095
* **[XrdCl]** Recreate env r/w lock after forking.
* **[XrdCl]** Use diffrent bit for mkpath and tpc delegation.
+ **Minor bug fixes**
* **[Server]** Use correct mechanism to determine DNS registration.
* **[XrdCl]** Reflect server added cgi in tpc.scgi.
* **[XrdCl]** tpc: don't open non-root/xroot source.
* **[XrdCl]** Set the tpckey to 'delegate' if delegating.
* **[XrdCl]** Install priv headers in correct dir.
* **[CMake]** Link to ${UUID_LIBRARIES} instead of uuid.
* **[Python]** Change pkg name to xrootd.
+ **Miscellaneous**
* **[Server]** Allow redirect differentiation for delegated and undelegated TPC.
* **[TPC]** Assume delegation if the tpc.scgi token is present.
* **[RPM]** drop default 'all.export /tmp' in standalone cfg
* **[RPM]** Package SsiLib and SsiShMap with client.
--------------
Version 4.11.0
--------------
+ **New Features**
**[Server]** Add support for multi-vo credentials.
**[Python]** Set rpath for bindings to correct xrdcl.
**[Python]** Expose XrdCl::Env in Python.
**[Python]** Add version attribute to xrootd module, closes #1027
**[Python]** Add cat API to FileSystem, closes #1047
**[XrdCl]** Add unique uuid to open message. closes #1037
**[XrdCl]** Support zcrc32 when extracting a file from ZIP archive.
**[XrdCl]** Support decompression (inflate) of files in ZIP archives.
**[XrdCl]** Select the least loaded stream for next data chunk.
**[XrdCl]** xrdcp: adjust the number of parallel chunks in real time
proportionally to the number of connected data streams.
**[XCache]** Allow up to 512 MB blocksize.
**[CMake]** Add Find XRootD CMake module.
**[CMake]** Add FindLibUuid module.
**[XrdCms]** Add XrdCmsRedirLocal as ofs.cmslib plugin.
+ **Major bug fixes**
**[Xcache]** Make sure direct cache access is actually accessible.
**[Xcache]** Fix missing mode setting in the data space.
**[GSI]** Fix SAN check logic due to cut-paste error.
**[GSI]** Fix faulty SAN wildcard check and make message clearer.
**[Python]** Correctly handle install --user.
**[XrdCl]** Fix dirlist response parsing, closes #1038
**[XrdCl]** Sign endsess if instructed to do so by server, fixes #1045
**[SSI]** Make sure the request sessN pointer is always valid.
+ **Minor bug fixes**
**[TPC]** Make sure to include source CGI in a delegated transfer.
**[XrdCl]** Respect target checksum vs preset source checksum.
**[XrdCl]** Stat local file without opaqueinfo.
**[XrdCl]** xrdcp -S option should set the number of additional data streams.
**[XrdCl]** Avoid overflow of worker jobs size.
+ **Miscellaneous**
**[Misc]** Allow client to indicate it supports local files.
**[UPS]** Disable python bindings.
**[XCache]** Mark File is in sync for the final sync.
**[Xcache]** Enhance security of the pss.dca directive.
**[RPM]** Move xrdmapc to client package.
**[XrdCl]** Adjust xrdcp defaults.
--------------
Version 4.10.1
--------------
+ **Major bug fixes**
* **[XrdCl]** Make TPC check bogus-response proof.
--------------
Version 4.10.0
--------------
+ **New Features**
* **[POSIX]** Add methods to the cache mngt objecT to get status of a
cached file.
* **[Server]** Add xrd.network dyndns option for dynamic DNS handling.
* **[Server]** Properly handle dynamic DNS environments.
* **[Server]** Add evict option to the prepare request.
* **[Server]** Allow better handling for proxy caching clusters.
* **[Server]** Allow configurable posc sync level.
* **[Server]** Implement framework for a kXR_prepare plug-in.
* **[XrdCl]** Implement streaming dirls, closes #225
* **[XrdCl]** Retry policy changes: see details in #950.
* **[XrdCl]** Add switch/flag to enforce zip archive listing.
* **[XrdCl]** Preserve tried/triedrc cgi info on redirect for kXR_locate
request, #closes #944
* **[XrdCl]** Implement prepare evict and expose in xrdfs.
* **[XrdCl]** Expose prepare abort and query prepare.
* **[XrdCl]** Add tpc.scgi if delegation is being used.
* **[Python]** Expose chunked dirlist API in Python.
* **[Python]** Support globbing.
* **[XrdClHttp]** Add XrdClHttp submodule.
* **[XCache]** Implement write-queue number of blocks / threads config
options. (#963)
* **[CMake]** Add switch for XrdCl builds only.
+ **Major bug fixes**
* **[XrdCl]** Allow to cancel classical copy jobs.
* **[XrdCl]** Fix race condition in error recovery.
* **[XrdCl]** Prevent race condition between Request T/O and socket read.
* **[XCache]** Check for errors during XrdOssFile::FSync - do not write
cinfo file if it fails.
* **[XCache]** Deny write access to a file in initial Prepare() call,
fixes #663
* **[XCache]** Review and correct error handling in POSIX and XCache,
implement XCache::Unlink()
* **[XrdTpc]** Always query dual stack for HTTP TPC.
* **[XrdTpc]** Do not include authz header in the filename.
* **[XrdTpc]** Add curl handle cleanup on redirections or errors.
* **[XrdHttp]** Include provided opaque information in the redirection.
* **[XrdHttp]** Fix digest names returned to clients.
* **[XrdHttp]** Fix opaque info handling on redirections.
* **[XrdMacaroon]** Fix macaroon authorization config.
* **[XrdSecgsi]** Make proxy cache path aware.
* **[XrdSecgsi]** XrdSecProtocolgsi::Encrypt - set IV correctly and report
correct size.
+ **Minor bug fixes**
* **[XrdCl]** Use DirList with Locate and Merge flag in xrdcp
* **[XrdCl]** Index substreams with right index.
* **[XrdCl]** Make sure there is no race condition while loading sec
protocol.
* **[CMake]** Enable by default rpaths on MacOSX.
* **[Server]** Use correct directory path creation flag in kXR_open
(compatible).
* **[Server]** Require localroot to exist and be a directory for default N2N.
* **[Server]** Avoid SEGV when given an empty directory continuation.
* **[SSI]** Close loophole between internal "provision" and Finished()
calls.
* **[POSIX]** Correct pfn to lfn translation for the simple case.
* **[FRM]** Ignore the space assignment directive.
* **[XCache]** Cache::LocalFilePath() only try to fill output pfn buffer if
it is non-null.
* **[Python]** Make sure pip install fails if install script fails.
* **[Python]** Check dependencies on pip install, if some are missing list
them and raise an exception.
+ **Miscellaneous**
* **[XrdCl]** Enhance redirect back-trace output.
* **[Python]** Respect pip python version when installing xrootd, fixes #955.
* **[Python]** Respect pip --user switch, fixes #952
* **[CMSD]** Allow redirect when limit exceeded in sched directive.
* **[Packaging]** Add support for Ubuntu disco.
* **[Packaging]** Discontinue support for Ubuntu artful.
* **[XrdCeph]** Replace XrdCeph source code with a submodule.
* **[XCache]** More reasonable defaults for pfc.writequeue parameters.
* **[CMake]** Declare CMake options, fixes #995
* **[CMake]** Set -Werror for debug and CI builds only.
-------------
Version 4.9.1
-------------
+ **Major bug fixes**
* **[POSIX]** Fix VMP issues with POSIX preload library causing SEGV.
* **[POSIX]** Additional hardening of POSIX functions for Xcache.
* **[XrdCl]** Make sure local destination path is not scrambled,
fixes #925
* **[XrdCl]** Fix memory leak in AsyncSocketHandler.
* **[XrdCl]** Fix recursive copy.
* **[XrdCl]** Make sure released SID is valid object.
* **[XrdCl]** Correctly calculate the offset of the last file in ZIP64.
* **[Server]** Liberalize character set allowed in login name (fixes
EOS issue).
* **[Server]** Save the proper ReqID for async responses on close.
* **[Server]** Handle waitresp sequencing to avoid early bridge
termination.
* **[XrdHttp]** Only consider running plugins for new requests.
* **[XrdHttp]** Handle clients that request multiple checksums.
* **[XrdHttp]** Do not accept more data than specified in the HTTP
request.
* **[XrdHttp]** Fix high memory usage caused by cached XrdHttpProtocol
objects.
* **[XrdSecgsi]** Fine tune message bucket content.
* **[XrdSecgsi]** Make sure options for proxy saving to file are honored.
* **[XrdSecgsi]** add missing entries in gsiClientStesp and gsiServerSteps.
* **[Python]** Ensure Python module doesn't deadlock/segv on exit,
fixes #330
* **[XrdMacaroon]** Create macaroon with proper caveats and path.
* **[Proxy]** Improve handling of failures during opening of local data
and cinfo files.
* **[Proxy]** Fix memory leak - block was not freed when writing to
disk failed.
* **[XrdTpc]** Only use Curl's low-speed-limit with libcurl v7.38
and later.
+ **Minor bug fixes**
* **[Server]** Fix bridge waitResp issues to allow merge of pull #902.
* **[Server]** Further simplify tracing, especially for var persistece.
* **[Server]** Fix strlcpy for Group null-string in XrdOfsTPC.
* **[XrdMacaroon]** Log user caveats with macaroon generation.
* **[XrdMacaroon]** Allow admin to customize default macaroons authz.
* **[XrdMacaroon]** Set the macaroons.onmissing default.
* **[XrdMacaroon]** Interact with json-c appropriately for request.
* **[XrdMacaroon]** Ensure we delete macaroon object after use.
* **[XrdHttp]** XrdHttp does not support chunked encoding; respond
appropriately.
* **[POSIX]** Fix string scoping issues in debug messages.
* **[XrdSecgsi]** Downgrade error msg from key file issues to DEBUG.
* **[XrdSecgsi]** Improve buffer content dumps for debugging purposes.
* **[XrdCl]** Use correct flag to remove handler in inqueue.
* **[XrdCl]** Log properly kXR_waitresp, closes #852
* **[XrdCl]** Fail ZIP extraction if file is compressed.
* **[XrdHttp]** Don't assume that a header "Depth: 1" means that the
resource is a directory.
* **[Python]** Expose parallel copy jobs in python bindings.
* **[Python]** Expose multi-source download in python.
+ **Miscellaneous**
* **[XrdHttp]** Add support for chunked encoding in uploads.
* **[XrdHttp]** Implement RFC 3230 digests for GET requests.
* **[Packaging]** Add xrootd-fuse deb package, closes #831
* **[XrdCl]** Add more descriptive error message on XrdCl::CopyProcess:run,
closes #849
* **[XrdCl]** Add special logs for future debugging of BNL problem.
-------------
Version 4.9.0
-------------
+ **New Features**
* **[XrdCl]** Provide operation pipelining API.
* **[XrdCl]** Redirect traceback dump.
* **[XrdCl]** Allow specifying plug-ins on protocol level
* **[XrdCl]** Pass # streams to TPC destination.
* **[XrdCl]** Enable proxy delegation.
* **[XrdCl]** Enable state redirection for local files.
* **[XrdCl]** Add an API to close connection.
* **[XrdCl/Server]** Implement TPC-Lite for delegated TPC copy.
* **[XrdCl/Server]** Implement kXR_writev operation.
* **[Server]** Allow tpc requests at destination endpoint to be redirected.
* **[Server]** Add &I=<iptype> to 'u' login monitoring record.
* **[Server]** Allow spaces in id's via acc.spacechar.
* **[Server]** Allow space preassignment of file creation paths.
* **[Server]** Identify type of IP connection in monitoring (&I=4|6 in
'u' record).
* **[Server]** Enable use of delegated credentials for 3rd party copy.
* **[Server]** Allow callbacks for close() and opague() requests.
* **[Server]** Allow the CKS manager to run on the redirector.
* **[Server]** Allow config continuation to files in a directory.
* **[Server]** Add 'query confg start' to find server start time.
* **[SSI]** Add ability to spread requests to increase parallism.
* **[SSI]** Add monitoring capabilities to SSI.
* **[SSI]** Properly handle Finished() calls prior to response posting.
* **[XrdSsi]** Provide summary monitoring information to report stream.
* **[TPC]** Allow number of streams to use to be passed to the server.
* **[TPC]** Support Http TPC.
* **[XrdHttp]** Added XrdHttp cipherlist filter string config option.
* **[XrdHttp]** Map Xrd error codes to HTTP status codes
* **[XrdHttp]** Add plumbing necessary for RFC3230 digest requests.
* **[XrdSecgsi]** Use hostname, not reverse DNS, for address comparison.
* **[XrdSecgsi]** Allow XrdSecGSITrustDNS setting to disable use of all
DNS lookups.
* **[XrdSecgsi]** Add option to save delegated proxies as credentials.
* **[XrdSecgsi]** Improved checking of CA expiration.
* **[XrdSecgsi]** Review proxy delegation mechanism.
* **[XrdSecgsi]** Support signing of server DH public parameters.
* **[XrdCrypto]** Allow XRootD client to accept subjectAltNames.
* **[XrdMacaroons]** Macaroons plugin for XRootD.
* **[Proxy]** Implement new options in pfc.diskusage for better control
of purging.
* **[Proxy]** Support origins that only talk http.
* **[Proxy]** Add 'pss.tid' CGI element to all outgoing URL's.
* **[Proxy]** Implement new options in pfc.diskusage for better control of purging.
* **[POSIX]** Implement Cache Context Management plugin.
* **[XrdApps]** Implement xrdqstats command to display summary monitoring.
+ **Major bug fixes**
* **[XrdCl]** Handle properly seerver disconnect.
* **[XrdCl]** apply TPC timeout to the 2nd sync, fixes #800
* **[XrdCl]** Parse correctly CDFH ZIP64 extension.
* **[XrdCl]** Correct ownership of virtual redirect msg.
* **[SSI]** Do not leak memory when a fatal error occurs. Fixes #775
* **[SSI]** Avoid race condition between Finish() and SetResponse().
* **[Server]** Avoid SEGV when the close operation fails.
* **[Server]** Fix SEGV when using delegation and VOMSFUN with raw creds.
* **[POSIX]** Avoid SEGV due to race condition between open() and close().
* **[POSIX]** Correct regression that broke POSIX preload.
* **[Proxy]** Support multiple IO objects working with the same file.
* **[Proxy]** Fix incorrect rc check when processing Fstat() (disabled progbar).
+ **Minor bug fixes**
* **[Server]** Follow protocol spec when returning file compression info.
* **[Server]** Fix checksumming on filesystems that don't support fattr.
* **[XrdOfs]** Prevent double-parsing of parameters for ofs.ckslib.
* **[XrdCl]** Correctly set path in case of state redirect.
* **[XrdCl]** Correct handling of --infiles option. Fixes #779
* **[XrdCl]** Don't read past buffer when parsing protocol response.
* **[XrdHttp]** Fix error codes in the case of PUT and MKDIR.
* **[XrdHttp]** Support mv for files with spaces.
* **[XrdHttp]** Return correct content-range header.
* **[Secsss]** Pass correct parameters when registering an ID. Fixes #689
+ **Miscellaneous**
* **[XrdCl]** Delete channel on TTL.
* **[Server]** Do not allow badly formed CGI to pollute subsequent tokens.
* **[TPC]** Do not take case into account for hostname matching.
* **[TPC]** Allow source protocol to be transmitted to server via tpc.spr CGI.
* **[TPC]** Set envars XRD_TRACEID, XRDTPC_SPROT, and XRDTPC_TPROT
* **[Proxy]** Avoid auth failure due to URL cgi directives.
* **[Proxy]** Add method to cache to get local file path of cached file.
* **[Proxy]** Fix wrong logic in cache purge algorithm.
* **[Proxy]** Resolve conflicts in URL rewriting.
* **[POSIX]** Avoid unnecessary cache open requests.
* **[XrdCrypto]** Replace C-style string manipulation with C++ equivalent.
* **[Secgsi]** Implement stricter version of RFC2818 (host name check) for
client.
* **[Secgsi]** Enable use of an unique IV in enc/dec cipher operations.
* **[XrdHttp]** Break XrdHttp into a module and a utility library.
* **[XrdHttp]** Expose query string in external req handler.
* **[XrdThrottle]** Update the throttle plugin to propogate underlying
errors.
* **[XrdThrottle]** Improve chaining behavior of throttle plugin.
* **[RPM]** Use OPENSSL_NO_FILENAMES flag.
* **[Docs]** Update Doxyfile, closes #743
* **[All]** Place protocol definition under a modified BSD license.
* **[All]** FreeBSD compatibility patch.
-------------
Version 4.8.6
-------------
+ **Major bug fixes**
* **[XrdCl]** Make sure released SID is valid object.
* **[XrdCl]** Handle properly server disconnect.
-------------
Version 4.8.5
-------------
+ **Major bug fixes**
* **[XrdCrypto]** add protection against missing extension.
* **[XrdCl]** Ensure DeepLocate counter doesn't overflow, fixes #758
* **[XrdCl]** Fix recursive copy, fixes #792
* **[XrdCl]** Correctly classify errno while reading/writing to
a socket.
* **[XrdCl]** Fix local checksum double I/O problem.
* **[XrdHttp]** Fix callback of protocol plugin after bridge delay.
* **[XrdHttp]** Obey the `Connection` request header.
* **[XrdHttp]** Reset filesize when the XrdHttpReq object is used.
* **[XrdHttp]** Do not increment reqstate when headers are incomplete.
* **[Proxy]** Fix incorrect rc check when processing Fstat().
+ **Minor bug fixes**
* **[XrdCl]** xrdfs ls: fix formatting issue,fixes #823
* **[XrdCl]** If stream is broken delete the in-message.
* **[XrdCrypto]** fix signatures of Export methods.
+ **Miscellaneous**
* **[XrdCl]** Expose kXR_cancel flag in FileSystem::Prepare, closes #699
* **[XrdCl]** Specify file for extraction from ZIP archive also
through opaque info.
* **[XrdCl]** Document xrdcp/xrdfs return codes, closes #628
* **[XrdCl]** Explicitly log request retries, closes #690
* **[XrdCl]** Remove redundant stat from ZIP open sequence.
* **[XrdCl/XrdSec]** Add CGI to specify 'sss' keytab.
* **[XrdSecsss]** Add possiblity to inject an endorsement string into an
SSS SecEntity object.
-------------
Version 4.8.4
-------------
+ **Major bug fixes**
* **[XrdCrypto]** Use consistently time_t.
* **[XrdCl]** Treat empty redirect response as error.
+ **Minor bug fixes**
* **[XrdCl]** Use NEED2SECURE macro properly.
+ **Miscellaneous**
* **[XrdSecgsi]** Improving checking of CA expiration.
* **[XrdCl]** Improve TPC key generation, fixes #662
-------------
Version 4.8.3
-------------
+ **Major bug fixes**
* **[XrdCl]** Release SIDs on PostMaster::Send() failure.
-------------
Version 4.8.2
-------------
+ **Major bug fixes**
* **[Proxy]** Make sure to use N2N even when only localroot specified,
fixes #650.
* **[Proxy]** Fully support third party copy in proxy servers.
* **[Server]** Correct faulty logic for sendq backlog warning message.
* **[XrdCl]** Correctly handler error/wait response to endsess request.
* **[XrdCl]** MsgHandler must not be enqueued in InQueue on virtual
redirect, fixes #682
* **[XrdCl]** Add ZIP64 support, fixes #402
* **[XrdHttp]** Always have OpenSSL read/write data through the XrdLink
object.
+ **Minor bug fixes**
* **[Net]** Optimize formatting corresponding to RFC 1178 and RFC 3696.
* **[XrdHttp]** Fix HTTP PUT flags, fixes #637.
* **[XrdHttp]** Close file handle for simple HTTP reads.
* **[All]** Fix compilation with gcc 8.
* **[CMake]** Make sure plugins are declared as MODULEs, fixes #653
* **[SSI]** Ruggedize server-side SSI interactions.
* **[SSI]** Prevent request ID conflicts with reusable resources.
* **[XrdCl]** Validate URLs comming from metalinks.
+ **Miscellaneous**
* **[Server]** Correct lock handling in commit 2c169141.
* **[Server]** Make endsess more reliable.
* **[Server]** Make sure no temporary opens occur during error recovery.
* **[Server]** Add method to get logging mask.
* **[XrdHttp]** Support HTTP chunked transfer encoding.
* **[XrdHttp]** Allow parsing of unknown HTTP verbs.
* **[XrdOss]** Improve XrdPosix 'rename' POSIX compliancy
* **[Proxy]** Make sure to pass through TPC requests in otgoing proxies.
* **[Proxy]** Support progress bar during TPC transfers.
* **[Proxy]** Do not fail a TPC fstat() due to bad timing.
-------------
Version 4.8.1
-------------
+ **Major bug fixes**
* **[XrdCl]** Try all IP addresses in case posix connect fails.
* **[XrdCl]** Fix checksuming in xrdcp for local files.
* **[Py]** Make sure FileSystem::Copy returns a tuple, fixes #633.
* **[Py]** Make sure empty strings are not converted to None.
* **[SSI]** Unbind the request prior to teardown.
* **[SSI]** Avoid SEGV when generating a request for a new TCP
connection.
* **[SSI]** Fix race condition that can cause a SEGV during parallel
execution.
* **[SSI]** Allow zero length requests to be passed to servers.
Fixes #640
* **[SSI]** Make sure to avoid object refs after Finished() is called
to avoid SEGV.
+ **Minor bug fixes**
* **[XrdPosix]** Fix various memory related issues.
* **[XrdCrypto]** Fix various small issues.
* **[Server]** Fix overlapping string copy. Fixes #643
* **[XrdCl]** Provide compatibility between root://localfile and file://.
-------------
Version 4.8.0
-------------
+ **New Features**