Skip to content

Releases: xrootd/xrootd

v5.7.1

04 Sep 07:45
v5.7.1
ae3391f
Compare
Choose a tag to compare
  • New Features
    [Apps] Allow cconfig to write out combined config file (issue #1894)
    [Pss] Allow for API endpoints for fixed remote origins (issue #2068)
    [Server] Allow server to assume an arbitrary network identity (issue #1855)
    [cmsd] Allow a redirector to be configured read/only (issue #1764)

  • Major bug fixes
    [POSIX] Do not leak file pointer on open error (issue #2302)
    [Python] Fix memory leaks when creating Python objects (#2324)
    [Secgsi] Ensure correct certificate is used when passed via cgi with xrd.gsiusrproxy=... (issue #2292)
    [XrdCl] Fix too few arguments to formatting function

  • Minor bug fixes
    [POSIX] Suppress error message when tearing down client connections (issue #2288)
    [Secgsi] Fix code to follow documentation (issue #1817)
    [Seckrb5] Improve error messages and use const where needed (issue #1948)
    [Server] Allow more flexibility in adminpath permissions (issue #2276)
    [XrdCl] Fix hidden overloaded virtual compilation error (#2291)
    [XrdCl] Redact tokens in client logs (issue #2296)
    [XrdCl] xrdfs: Fix typos in command line help string (issue #2323)
    [XrdHttp] Fix CodeQL warning for overrunning write
    [XrdNet] Avoid network identity failures (issue #1772, #2159)
    [XrdPfc] Make sure direct vread requests conform to protocol limits (issue #2308)
    [XrdSecgsi] Fix potential double free in GetSrvCertEnt()
    [XrdSecztn] Fix potential use after free

  • Miscellaneous
    [CMake] Update CMake minimum requirement and supported versions
    [CMake] Update test.cmake options for coverage builds
    [Misc] Add SECURITY.md file describing XRootD security policy
    [Protocol] Allow kXR_query to return proxy origin value, for proxy servers
    [Protocol] Define readv limits
    [Protocol] Indicate whether or not server has a cache in kXR_Protocol response
    [Pss] Export the final origin url for subprocess use
    [Tests] Add new XRootD client/server test configurations
    [XrdApps] Replace pragma once with header guards
    [XrdClHttp] Conditionally load Davix grid module
    [XrdCl] Add flag to optionally suppress force disconnect error messages
    [XrdHttp] Apply keepalive when redirecting HTTP clients (#2290)
    [XrdNet] Make sure domain value is defined
    [XrdNet] Use lower case version of host names
    [XrdSys] Determine IOV_MAX at runtime
    [XrdSys] Dump coverage information on SIGTERM
    [XrdTpc] Replace pragma once with header guards
    [docker] Update CentOS 7 Dockerfile to use CentOS 7 Vault
    [systemd] Harden systemd service units for better security

ChangeLog, Issues and Pull requests

v5.7.0

01 Jul 15:46
v5.7.0
defecac
Compare
Choose a tag to compare
  • New Features
    [CMake] Move baseline required C++ standard to C++17
    [OSS] Add feature setting for Extended Error Text
    [Server] Add enhanced error message interface
    [Server] Add method to get sanitized env/cgi string
    [Server] Implement the kXR_seqio open option for sequential I/O
    [XCache] Add new only-if-cached cache control option using XrdPfcFsctl (#2104)
    [XrdApps,XrdPss] Add support for pelican:// protocol (#2177, issue #2171)
    [XrdCms] Add new load balancing algorithm with randomized affinity
    [XrdCrypto,XrdSecgsi] Update min/default RSA bits to 2048 (#2117, issue #2147)
    [XrdHttp] Add new option to allow for tpc unrestricted redirection (#2232, issue #2228)
    [XrdHttp] External handlers can now be loaded without TLS (#2253, issues #2099, #2123)
    [XrdMacaroons] Support negative directives in macaroons.trace option (issue #2224)
    [XrdOuc] Extend XrdOucGatherConf to do more boiler plate work and be extendable
    [XrdOuc] Provide method to get the last line from XrdOucGatherConf
    [XrdSciTokens] Implement ability to have token groups as a separate claim (#2176)
    [XrdSciTokens] New option to configure authorization strategy for tokens (#2205, issues #2121, #2254)
    [XrdThrottle] Add monitoring packet for IO, based on the throttle plugin
    [XrdThrottle] Improved handling of timing information on macOS (#2262)
    [XrdTpc] Add option to force the destination IP address on a HTTP-TPC (#2172)
    [XrdTpc] Add tpc.header2cgi configuration option (#2285, issue #2283)

  • Major bug fixes
    [Server] Fix buffer overrun in XrdXrootdProtocol::do_PgRIO() (issue #2287)
    [XrdCl] Ensure clean shutdown also when an error occurs (issue #2164)
    [XrdClTls] Prevent concurrent calls to InitTLS() (issue #2220)
    [XrdCrypto] Fix buffer overrun in XrdCryptosslCipher::Finalize()
    [XrdHttp] Always create directory path when opening dest file for HTTP TPC (issue #2241)
    [XrdHttp] HTTP header parsing is now case-insensitive (#2266, #2286, issues #1964, #2259, #2273)

  • Minor bug fixes
    [Misc] Fixes for 64 bit time_t on 32 bit systems
    [Misc] Remove using namespace std; from all headers and source files
    [Server] Avoid leaking token information when tracing file open
    [XrdApps, XrdCl] Fix null pointer dereferences when response handler is nullptr
    [XrdCl] Add errInternal to list of recoverable errors (issue #2210)
    [XrdCl] Fix timeout handling for DeepLocate requests
    [XrdCms] Pass sanitized CGI to cmsd server (issue #2247)
    [XrdHttpTPC] Make sure we sleep the full amount needed (issue #2274)
    [XrdHttp] Redact authz tokens from output to avoid leaking credentials in logs (#2284, issue #2222)
    [XrdHttp] Reset HTTP request scitag during reset (#2244, issue #2243)
    [XrdHttp] Return a 400 bad request if header line is not \r\n terminated
    [XrdOss] Fix check for option noDread in XrdOssDir::Readdir() (#2215)
    [XrdOss] Fix directories appearing as files when using oss.rsscmd (#2215)
    [XrdPosix] Correct xml cache summary report (issue #2219)
    [XrdSciTokens] Fix application of access rules when base path is /
    [XrdSecgsi] Fail CA check when prococol.gsi -ca:verify is set
    [XrdTls] Enable SSL_OP_IGNORE_UNEXPECTED_EOF option if available (issue #2252)
    [XrdTls] Restrict renegotiation for TLSv1.2 and earlier (issue #1689)
    [XrdTpc] Force HTTP 1.1 for TPC transfers (#2216)
    [XrdVoms] Allow VOMS config to use set variables (issue #2200)

  • Miscellaneous
    [CMake] Add new option to allow disabling server tests
    [CMake] Allow overriding the default C++ standard (#1929)
    [CMake] Conditionally append private include directory
    [CMake] Enable XrdEc by default and use isa-l from the system
    [DEB] Update packaging and add Ubuntu 24.04 to supported platforms
    [Docs] Add XRootD icon and logos to use with doxygen
    [Docs] Update doxygen configuration
    [Server] Harden kXR_seqio implementation
    [Server] Pass the kXR_seqio option all the way to the Oss plugin
    [Tests] Complete migration to GoogleTest, remove CppUnit tests (#2189, issue #2051)
    [Utils] Add sample shell script for third-party copy transfers
    [XrdCeph] Migrate tests to GoogleTest and run with ctest
    [XrdCeph] Better build system integration, now uses -DENABLE_CEPH=ON option
    [XrdCl] Use long for dirOffset in IndexRemote
    [XrdCrypto] Avoid some repeated calls of EVP_PKEY_check
    [XrdHttp] Increase default read timeouts to 1min/5min
    [XrdOuc] Make XrdOucGatherConf.hh a public header (issue #2214)
    [XrdSciTokens] Warn if something goes wrong when parsing token groups
    [XrdTpcTPC] Connect packet marking curl socket at socket creation (#2242, issue #2201)
    [XrdTpcTPC] Improved curl error reporting to the client (issue #2067)

Full Changelog: v5.6.9...v5.7.0

v5.6.9

08 Mar 20:03
v5.6.9
619e93f
Compare
Choose a tag to compare
  • Minor bug fixes
    [Python] Check list of files in prepare to ensure they are strings
    [Python] Fix iteration over a file with Python3
    [Python] Use int for 'force' in File::Stat (#2208)
    [Utils] Correct comparison that wrongly missed reaping certain directives
    [XrdCl] Fix logic error when upgrading connections to TLS
    [XrdCl] Stop Poller before TaskManager (fixes rare crashes at shutdown)
    [XrdHttpTPC] Fix 500 server response code if X-Number-Of-Streams > 100 (issue #2186)
    [XrdSciTokens] Add stat permissions to create, modify and write operations (issue #2185)
    [XrdSciTokens] Allow creation of parent directories if necessary (#2184)
    [XrdSciTokens] Fix bug when scope includes basepath or / (issue #2132)

  • Miscellaneous
    [Tests] Optimize cluster configuration to speedup tests

Full Changelog: v5.6.8...v5.6.9

v5.6.8

23 Feb 16:26
v5.6.8
d39a456
Compare
Choose a tag to compare
  • Minor bug fixes
    [RPM] Create systemd tmpfiles at post-install step
    [XrdCl] Only claim to be TLS capable if TLS initialization succeeds (issue #2020)
    [XrdCl] Only consider an endpoint TLS-enabled if the connection is encrypted
    [XrdCl] Remove duplicates from URL list to avoid undefined behavior
    [XrdHttpTPC] Fix infinite loop when scitags packet marking is enabled (issue #2192)
    [XrdPosix,XrdSecztn] Fix build on FreeBSD (issue #2090)
    [XrdTls] Fix automatic renewal of server certificate with OpenSSL>=1.1 (issue #1678)

  • Miscellaneous
    [CMake] Use CTest module in test.cmake and optionally submit to CDash
    [RPM] Install the client as dependency of main RPM
    [Server] Fix clang compile warnings

Full Changelog: v5.6.7...v5.6.8

v5.6.7

06 Feb 08:48
v5.6.7
5b5a1f6
Compare
Choose a tag to compare
  • Major bug fixes
    [XrdCl] Fix crash at teardown when using copies with multiple streams (issue #2164)
    [XrdSecsss] Fix buffer overrun when serializing credentials (issue #2143)

  • Minor bug fixes
    [XrdCl] Fix TPC initialization to take into account control stream (issue #2164)
    [XrdPosix] Fix ordering of debug levels in pss.setop DebugLevel (#2183)
    [XrdTpc] Properly handle creation of packet marking handles when socket is not yet connected (#2179)

  • Miscellaneous
    [XrdHeaders] Install XrdSfsFAttr.hh as private header

Full Changelog: v5.6.6...v5.6.7

v5.6.6

25 Jan 10:12
v5.6.6
de37caa
Compare
Choose a tag to compare
  • Major bug fixes
    [XrdHttp] Fix PostProcessHttpReq to take into account User-Agent setting (#2173, fixes #2154)

  • Minor bug fixes
    [Server] Set TZ environment variable to avoid race conditions (issue #2107)
    [XrdCl] Treat errOperationInterrupted as a recoverable error (issue #2169)

Full Changelog: v5.6.5...v5.6.6

v5.6.5

22 Jan 14:59
v5.6.5
8f8498d
Compare
Choose a tag to compare
  • Major bug fixes
    [XrdTpc] Fix potential segmentation fault when creating packet marking handle (issue #2161)

  • Minor bug fixes
    [XrdSecgsi] Fix compilation with GCC 14 (#2165)
    [XrdSys] Include <byteswap.h> for BSD and GNU/Hurd (#2149)

  • Miscellaneous
    [Server] Align monitoring ID with HTTP (issue #2133)
    [XrdCrypto] Skip check of our standard DH parameters (issue #2162)
    [XrdHttp] Send User-Agent as part of monitoring info (#2154)

Full Changelog: v5.6.4...v5.6.5

Known Issues: HTTP transfers are failing due to #2154. A fix is being prepared and will be released in a new patch release soon.

v5.6.4

11 Dec 11:06
v5.6.4
730df73
Compare
Choose a tag to compare
  • Major bug fixes
    [XrdHttp] Fix segfault with macaroons (issue #2114)
    [XrdPss] Fix segfault if pss.origin uses https protocol with no port (issue #2140)

  • Minor bug fixes
    [CMake] Fix include path in XRootDConfig.cmake (#2142)
    [Headers] Fix header dependencies and missing includes/declarations (#2119)
    [Server] Initialize pidFN to pidpath base directory if an error occurs
    [XrdCl] Don't try to enable TCP_CORK in GNU/Hurd (#2115)
    [XrdCl] Reapply fix for null-characters in error output (#2138, issue #1501)
    [XrdEc] Fix alignment issues on SPARC (issue #2131)
    [XrdHttp,XrdNet] Adapt Scitag min and max value to change in spec (#2139)
    [XrdSciTokens] Initialize SecEntity.addrInfo to avoid SEGV (#2128)
    [XrdTls] Switch from using a cert file to a cert chain file (issue #2126)

  • Miscellaneous
    [CMake] Install CMake config file into lib/lib64 rather than share (#2116)
    [DEB/RPM] Rewrite packaging for Debian and RHEL based distributions
    [Tests] Convert tests to GoogleTest and run without containers (#2055, CERN Summer Student Project 2023)
    [Tests] Other fixes and improvements to tests (#2115, #2129, #2130, #2137, #2141)

  • Known Issues
    [XrdSciTokens] In this release, as in previous ones, using scitokens with the ZTN
    protocol may grant more access than should be allowed by the token scopes (issue #2121).

Full Changelog: v5.6.3...v5.6.4

v5.6.3

27 Oct 12:59
v5.6.3
bfb2280
Compare
Choose a tag to compare

XRootD 5.6.3 is a bugfix release which includes the following fixes:

  • Minor bug fixes
    [CMake] Export project version in CMake config (issue #2094)
    [CMake] Find only XRootD matching XRootDConfig.cmake installation path
    [Python] Do not use PEP517 by default, not supported on CentOS 7
    [Server] Call tzset() early to ensure thread-safety of localtime_r() and mktime() (issue #2107)
    [Server] Correct maximum exp/act value in XrdNetPMark::getEA
    [Server] Create environment file within adminpath (issue #2106)
    [Server] Fix incorrect patch for authfile parsing (issue #2088)
    [Tests] Skip server checksum query test on unsupported filesystems (issue #2096)
    [XrdCl] Return an error if xrdfs rm fails to delete any file (issue #2097)
    [XrdCms] Try to load blacklist even if some entries are invalid (issue #2092)
    [XrdEc] Wait for pipeline including XrdCl::AppendFile() to finish (issue #2050)
    [XrdHttp] Fix parsing of chunked PUT lengths (#2102, #2103)

  • Miscellaneous
    [CMake] Add extra debugging messages in XRootDConfig.cmake
    [CMake] Handle components using more standard method
    [Misc] Fix spelling errors reported by lintian (#2087)
    [Python] Convert pyxrootd installation instructions to rst
    [Server] Export ptr to full TLS context into the Xrd env
    [XrdCeph] Align CMake requirement with main CMakeLists.txt
    [XrdHttp] Implemented HTTP TPC Packet Marking (#2109)
    [XrdHttp] Parse headers provided by the client in case-insensitive way when matching header2cgi keys (#2101)
    [XrdHttp] Promote SciTag header if packet marking has been configured on the server (#2101)
    [XrdSciTokens] Use configured CA path in SciTokens plugin if supported (#2095, #2112)
    [XrdTpc] Differentiate error messages for push/pull TPC transfer modes (issue #2060)

Full Changelog: v5.6.2...v5.6.3

v5.6.2

15 Sep 13:02
v5.6.2
0231985
Compare
Choose a tag to compare

XRootD 5.6.2 is a bugfix release which includes the following fixes:

  • Major bug fixes
    [XrdHttp] Fix chunked PUT creating empty files (issue #2058)

  • Minor bug fixes
    [CMake] Update Findlibuuid.cmake to use correct include paths
    [Python] Fix inclusion of markdown README file in documentation (#2057)
    [Server] Align code with actual documentation for auth idspec (issue #2061)
    [XrdCl] Fix flag check for append in XrdClZipArchive
    [XrdCl] Fix promotion of root:// URLs to use TLS encryption (issue #2078)
    [XrdHttp] Correct chunked response for GET with a byte range (issue #2076)
    [XrdHttp] Refactor read issuing during GET and fix read vector too long (issue #1976)
    [XrdSciTokens] Fix logic error in user mapping (issue #2056)
    [XrdSciTokens] Update maximum header size and line length in INI files (issue #2074)
    [XrdSecgsi] Fix crash of xrdgsitest when proxy is not already set
    [XrdSecztn] Fix template for default ZTN token location (issue #2080)
    [XrdTls] Change the thread-id returned to openssl 1.0 to improve performance (issue #2084)
    [XrdTls] Insert CRLs containing critical extensions at the end of the bundle (issue #2065)

  • Miscellaneous
    [CMake] Always compile XrdOssCsi (compiled only with GCC before)
    [CMake] Hide build output for isa-l to not confuse CTest
    [CMake] Run tests in parallel and fail build when tests fail
    [Python] Allow build customization via environment variable (issue #2062)
    [Python] Check for Development.Module with CMake 3.18 and above
    [Server] Add initialiser in one of the XrdScheduler constructors (#2081)
    [Server] Default ffdest as per current pmark specification
    [Server] Export readv comma separated limits via XRD_READV_LIMITS envar
    [Server] Implement Linux epoll maxfd limit (#2063)
    [XrdClHttp] Add pgWrite support to the HTTP client plugin
    [XrdHttp] Refactor request statemachine for HTTP GET requests (#2072)
    [XrdTls] Refactor CASet and CRLSet to open the output file only once before the processing

  • New Contributors

Full Changelog: v5.6.1...v5.6.2