Releases: xrootd/xrootd
v5.7.1
-
New Features
[Apps] Allow cconfig to write out combined config file (issue #1894)
[Pss] Allow for API endpoints for fixed remote origins (issue #2068)
[Server] Allow server to assume an arbitrary network identity (issue #1855)
[cmsd] Allow a redirector to be configured read/only (issue #1764) -
Major bug fixes
[POSIX] Do not leak file pointer on open error (issue #2302)
[Python] Fix memory leaks when creating Python objects (#2324)
[Secgsi] Ensure correct certificate is used when passed via cgi withxrd.gsiusrproxy=...
(issue #2292)
[XrdCl] Fix too few arguments to formatting function -
Minor bug fixes
[POSIX] Suppress error message when tearing down client connections (issue #2288)
[Secgsi] Fix code to follow documentation (issue #1817)
[Seckrb5] Improve error messages and use const where needed (issue #1948)
[Server] Allow more flexibility in adminpath permissions (issue #2276)
[XrdCl] Fix hidden overloaded virtual compilation error (#2291)
[XrdCl] Redact tokens in client logs (issue #2296)
[XrdCl] xrdfs: Fix typos in command line help string (issue #2323)
[XrdHttp] Fix CodeQL warning for overrunning write
[XrdNet] Avoid network identity failures (issue #1772, #2159)
[XrdPfc] Make sure direct vread requests conform to protocol limits (issue #2308)
[XrdSecgsi] Fix potential double free inGetSrvCertEnt()
[XrdSecztn] Fix potential use after free -
Miscellaneous
[CMake] Update CMake minimum requirement and supported versions
[CMake] Updatetest.cmake
options for coverage builds
[Misc] AddSECURITY.md
file describing XRootD security policy
[Protocol] AllowkXR_query
to return proxy origin value, for proxy servers
[Protocol] Define readv limits
[Protocol] Indicate whether or not server has a cache inkXR_Protocol
response
[Pss] Export the final origin url for subprocess use
[Tests] Add new XRootD client/server test configurations
[XrdApps] Replace pragma once with header guards
[XrdClHttp] Conditionally load Davix grid module
[XrdCl] Add flag to optionally suppress force disconnect error messages
[XrdHttp] Apply keepalive when redirecting HTTP clients (#2290)
[XrdNet] Make sure domain value is defined
[XrdNet] Use lower case version of host names
[XrdSys] DetermineIOV_MAX
at runtime
[XrdSys] Dump coverage information onSIGTERM
[XrdTpc] Replace pragma once with header guards
[docker] Update CentOS 7 Dockerfile to use CentOS 7 Vault
[systemd] Harden systemd service units for better security
v5.7.0
-
New Features
[CMake] Move baseline required C++ standard to C++17
[OSS] Add feature setting for Extended Error Text
[Server] Add enhanced error message interface
[Server] Add method to get sanitized env/cgi string
[Server] Implement thekXR_seqio
open option for sequential I/O
[XCache] Add newonly-if-cached
cache control option using XrdPfcFsctl (#2104)
[XrdApps,XrdPss] Add support forpelican://
protocol (#2177, issue #2171)
[XrdCms] Add new load balancing algorithm with randomized affinity
[XrdCrypto,XrdSecgsi] Update min/default RSA bits to 2048 (#2117, issue #2147)
[XrdHttp] Add new option to allow for tpc unrestricted redirection (#2232, issue #2228)
[XrdHttp] External handlers can now be loaded without TLS (#2253, issues #2099, #2123)
[XrdMacaroons] Support negative directives in macaroons.trace option (issue #2224)
[XrdOuc] Extend XrdOucGatherConf to do more boiler plate work and be extendable
[XrdOuc] Provide method to get the last line fromXrdOucGatherConf
[XrdSciTokens] Implement ability to have token groups as a separate claim (#2176)
[XrdSciTokens] New option to configure authorization strategy for tokens (#2205, issues #2121, #2254)
[XrdThrottle] Add monitoring packet for IO, based on the throttle plugin
[XrdThrottle] Improved handling of timing information on macOS (#2262)
[XrdTpc] Add option to force the destination IP address on a HTTP-TPC (#2172)
[XrdTpc] Addtpc.header2cgi
configuration option (#2285, issue #2283) -
Major bug fixes
[Server] Fix buffer overrun inXrdXrootdProtocol::do_PgRIO()
(issue #2287)
[XrdCl] Ensure clean shutdown also when an error occurs (issue #2164)
[XrdClTls] Prevent concurrent calls toInitTLS()
(issue #2220)
[XrdCrypto] Fix buffer overrun in XrdCryptosslCipher::Finalize()
[XrdHttp] Always create directory path when opening dest file for HTTP TPC (issue #2241)
[XrdHttp] HTTP header parsing is now case-insensitive (#2266, #2286, issues #1964, #2259, #2273) -
Minor bug fixes
[Misc] Fixes for 64 bittime_t
on 32 bit systems
[Misc] Removeusing namespace std;
from all headers and source files
[Server] Avoid leaking token information when tracing file open
[XrdApps, XrdCl] Fix null pointer dereferences when response handler is nullptr
[XrdCl] Add errInternal to list of recoverable errors (issue #2210)
[XrdCl] Fix timeout handling for DeepLocate requests
[XrdCms] Pass sanitized CGI to cmsd server (issue #2247)
[XrdHttpTPC] Make sure we sleep the full amount needed (issue #2274)
[XrdHttp] Redactauthz
tokens from output to avoid leaking credentials in logs (#2284, issue #2222)
[XrdHttp] Reset HTTP request scitag during reset (#2244, issue #2243)
[XrdHttp] Return a 400 bad request if header line is not\r\n
terminated
[XrdOss] Fix check for option noDread inXrdOssDir::Readdir()
(#2215)
[XrdOss] Fix directories appearing as files when usingoss.rsscmd
(#2215)
[XrdPosix] Correct xml cache summary report (issue #2219)
[XrdSciTokens] Fix application of access rules when base path is/
[XrdSecgsi] Fail CA check whenprococol.gsi -ca:verify
is set
[XrdTls] EnableSSL_OP_IGNORE_UNEXPECTED_EOF
option if available (issue #2252)
[XrdTls] Restrict renegotiation for TLSv1.2 and earlier (issue #1689)
[XrdTpc] Force HTTP 1.1 for TPC transfers (#2216)
[XrdVoms] Allow VOMS config to use set variables (issue #2200) -
Miscellaneous
[CMake] Add new option to allow disabling server tests
[CMake] Allow overriding the default C++ standard (#1929)
[CMake] Conditionally append private include directory
[CMake] Enable XrdEc by default and use isa-l from the system
[DEB] Update packaging and add Ubuntu 24.04 to supported platforms
[Docs] Add XRootD icon and logos to use with doxygen
[Docs] Update doxygen configuration
[Server] HardenkXR_seqio
implementation
[Server] Pass thekXR_seqio
option all the way to the Oss plugin
[Tests] Complete migration to GoogleTest, remove CppUnit tests (#2189, issue #2051)
[Utils] Add sample shell script for third-party copy transfers
[XrdCeph] Migrate tests to GoogleTest and run with ctest
[XrdCeph] Better build system integration, now uses-DENABLE_CEPH=ON
option
[XrdCl] Uselong
for dirOffset inIndexRemote
[XrdCrypto] Avoid some repeated calls ofEVP_PKEY_check
[XrdHttp] Increase default read timeouts to 1min/5min
[XrdOuc] MakeXrdOucGatherConf.hh
a public header (issue #2214)
[XrdSciTokens] Warn if something goes wrong when parsing token groups
[XrdTpcTPC] Connect packet marking curl socket at socket creation (#2242, issue #2201)
[XrdTpcTPC] Improved curl error reporting to the client (issue #2067)
Full Changelog: v5.6.9...v5.7.0
v5.6.9
-
Minor bug fixes
[Python] Check list of files in prepare to ensure they are strings
[Python] Fix iteration over a file with Python3
[Python] Use int for 'force' in File::Stat (#2208)
[Utils] Correct comparison that wrongly missed reaping certain directives
[XrdCl] Fix logic error when upgrading connections to TLS
[XrdCl] Stop Poller before TaskManager (fixes rare crashes at shutdown)
[XrdHttpTPC] Fix 500 server response code if X-Number-Of-Streams > 100 (issue #2186)
[XrdSciTokens] Add stat permissions to create, modify and write operations (issue #2185)
[XrdSciTokens] Allow creation of parent directories if necessary (#2184)
[XrdSciTokens] Fix bug when scope includes basepath or/
(issue #2132) -
Miscellaneous
[Tests] Optimize cluster configuration to speedup tests
Full Changelog: v5.6.8...v5.6.9
v5.6.8
-
Minor bug fixes
[RPM] Create systemd tmpfiles at post-install step
[XrdCl] Only claim to be TLS capable if TLS initialization succeeds (issue #2020)
[XrdCl] Only consider an endpoint TLS-enabled if the connection is encrypted
[XrdCl] Remove duplicates from URL list to avoid undefined behavior
[XrdHttpTPC] Fix infinite loop when scitags packet marking is enabled (issue #2192)
[XrdPosix,XrdSecztn] Fix build on FreeBSD (issue #2090)
[XrdTls] Fix automatic renewal of server certificate with OpenSSL>=1.1 (issue #1678) -
Miscellaneous
[CMake] Use CTest module in test.cmake and optionally submit to CDash
[RPM] Install the client as dependency of main RPM
[Server] Fix clang compile warnings
Full Changelog: v5.6.7...v5.6.8
v5.6.7
-
Major bug fixes
[XrdCl] Fix crash at teardown when using copies with multiple streams (issue #2164)
[XrdSecsss] Fix buffer overrun when serializing credentials (issue #2143) -
Minor bug fixes
[XrdCl] Fix TPC initialization to take into account control stream (issue #2164)
[XrdPosix] Fix ordering of debug levels in pss.setop DebugLevel (#2183)
[XrdTpc] Properly handle creation of packet marking handles when socket is not yet connected (#2179) -
Miscellaneous
[XrdHeaders] Install XrdSfsFAttr.hh as private header
Full Changelog: v5.6.6...v5.6.7
v5.6.6
-
Major bug fixes
[XrdHttp] Fix PostProcessHttpReq to take into account User-Agent setting (#2173, fixes #2154) -
Minor bug fixes
[Server] Set TZ environment variable to avoid race conditions (issue #2107)
[XrdCl] Treat errOperationInterrupted as a recoverable error (issue #2169)
Full Changelog: v5.6.5...v5.6.6
v5.6.5
-
Major bug fixes
[XrdTpc] Fix potential segmentation fault when creating packet marking handle (issue #2161) -
Minor bug fixes
[XrdSecgsi] Fix compilation with GCC 14 (#2165)
[XrdSys] Include <byteswap.h> for BSD and GNU/Hurd (#2149) -
Miscellaneous
[Server] Align monitoring ID with HTTP (issue #2133)
[XrdCrypto] Skip check of our standard DH parameters (issue #2162)
[XrdHttp] Send User-Agent as part of monitoring info (#2154)
Full Changelog: v5.6.4...v5.6.5
Known Issues: HTTP transfers are failing due to #2154. A fix is being prepared and will be released in a new patch release soon.
v5.6.4
-
Major bug fixes
[XrdHttp] Fix segfault with macaroons (issue #2114)
[XrdPss] Fix segfault if pss.origin uses https protocol with no port (issue #2140) -
Minor bug fixes
[CMake] Fix include path in XRootDConfig.cmake (#2142)
[Headers] Fix header dependencies and missing includes/declarations (#2119)
[Server] Initialize pidFN to pidpath base directory if an error occurs
[XrdCl] Don't try to enable TCP_CORK in GNU/Hurd (#2115)
[XrdCl] Reapply fix for null-characters in error output (#2138, issue #1501)
[XrdEc] Fix alignment issues on SPARC (issue #2131)
[XrdHttp,XrdNet] Adapt Scitag min and max value to change in spec (#2139)
[XrdSciTokens] Initialize SecEntity.addrInfo to avoid SEGV (#2128)
[XrdTls] Switch from using a cert file to a cert chain file (issue #2126) -
Miscellaneous
[CMake] Install CMake config file into lib/lib64 rather than share (#2116)
[DEB/RPM] Rewrite packaging for Debian and RHEL based distributions
[Tests] Convert tests to GoogleTest and run without containers (#2055, CERN Summer Student Project 2023)
[Tests] Other fixes and improvements to tests (#2115, #2129, #2130, #2137, #2141) -
Known Issues
[XrdSciTokens] In this release, as in previous ones, using scitokens with the ZTN
protocol may grant more access than should be allowed by the token scopes (issue #2121).
Full Changelog: v5.6.3...v5.6.4
v5.6.3
XRootD 5.6.3 is a bugfix release which includes the following fixes:
-
Minor bug fixes
[CMake] Export project version in CMake config (issue #2094)
[CMake] Find only XRootD matching XRootDConfig.cmake installation path
[Python] Do not use PEP517 by default, not supported on CentOS 7
[Server] Call tzset() early to ensure thread-safety of localtime_r() and mktime() (issue #2107)
[Server] Correct maximum exp/act value in XrdNetPMark::getEA
[Server] Create environment file within adminpath (issue #2106)
[Server] Fix incorrect patch for authfile parsing (issue #2088)
[Tests] Skip server checksum query test on unsupported filesystems (issue #2096)
[XrdCl] Return an error if xrdfs rm fails to delete any file (issue #2097)
[XrdCms] Try to load blacklist even if some entries are invalid (issue #2092)
[XrdEc] Wait for pipeline including XrdCl::AppendFile() to finish (issue #2050)
[XrdHttp] Fix parsing of chunked PUT lengths (#2102, #2103) -
Miscellaneous
[CMake] Add extra debugging messages in XRootDConfig.cmake
[CMake] Handle components using more standard method
[Misc] Fix spelling errors reported by lintian (#2087)
[Python] Convert pyxrootd installation instructions to rst
[Server] Export ptr to full TLS context into the Xrd env
[XrdCeph] Align CMake requirement with main CMakeLists.txt
[XrdHttp] Implemented HTTP TPC Packet Marking (#2109)
[XrdHttp] Parse headers provided by the client in case-insensitive way when matching header2cgi keys (#2101)
[XrdHttp] Promote SciTag header if packet marking has been configured on the server (#2101)
[XrdSciTokens] Use configured CA path in SciTokens plugin if supported (#2095, #2112)
[XrdTpc] Differentiate error messages for push/pull TPC transfer modes (issue #2060)
Full Changelog: v5.6.2...v5.6.3
v5.6.2
XRootD 5.6.2 is a bugfix release which includes the following fixes:
-
Major bug fixes
[XrdHttp] Fix chunked PUT creating empty files (issue #2058) -
Minor bug fixes
[CMake] Update Findlibuuid.cmake to use correct include paths
[Python] Fix inclusion of markdown README file in documentation (#2057)
[Server] Align code with actual documentation for auth idspec (issue #2061)
[XrdCl] Fix flag check for append in XrdClZipArchive
[XrdCl] Fix promotion of root:// URLs to use TLS encryption (issue #2078)
[XrdHttp] Correct chunked response for GET with a byte range (issue #2076)
[XrdHttp] Refactor read issuing during GET and fix read vector too long (issue #1976)
[XrdSciTokens] Fix logic error in user mapping (issue #2056)
[XrdSciTokens] Update maximum header size and line length in INI files (issue #2074)
[XrdSecgsi] Fix crash of xrdgsitest when proxy is not already set
[XrdSecztn] Fix template for default ZTN token location (issue #2080)
[XrdTls] Change the thread-id returned to openssl 1.0 to improve performance (issue #2084)
[XrdTls] Insert CRLs containing critical extensions at the end of the bundle (issue #2065) -
Miscellaneous
[CMake] Always compile XrdOssCsi (compiled only with GCC before)
[CMake] Hide build output for isa-l to not confuse CTest
[CMake] Run tests in parallel and fail build when tests fail
[Python] Allow build customization via environment variable (issue #2062)
[Python] Check for Development.Module with CMake 3.18 and above
[Server] Add initialiser in one of the XrdScheduler constructors (#2081)
[Server] Default ffdest as per current pmark specification
[Server] Export readv comma separated limits via XRD_READV_LIMITS envar
[Server] Implement Linux epoll maxfd limit (#2063)
[XrdClHttp] Add pgWrite support to the HTTP client plugin
[XrdHttp] Refactor request statemachine for HTTP GET requests (#2072)
[XrdTls] Refactor CASet and CRLSet to open the output file only once before the processing -
New Contributors
- @pllopis made their first contribution in #2063.
- @AngeloGalav made their first contribution fixing a bug in commit 3aa91c8.
Full Changelog: v5.6.1...v5.6.2