[OpenAFS] Re: [OpenAFS-devel] OpenAFS 1.8.7 available

Stephen Quinney stephen@jadevine.org.uk
Fri, 15 Jan 2021 10:17:54 +0000


Thanks for the quick response from the OpenAFS team. Is there an
official Debian package available for 1.8.7?

Regards,

Stephen Quinney

On Thu, 14 Jan 2021 at 23:42, Benjamin Kaduk <kaduk@mit.edu> wrote:
>
> The OpenAFS Guardians are happy to announce the availability of OpenAFS 1.8.7.
> Source files can be accessed via the web at:
>
>        https://www.openafs.org/release/openafs-1.8.7.html
>
> or via AFS at:
>
>        UNIX: /afs/grand.central.org/software/openafs/1.8.7/
>        UNC: \\afs\grand.central.org\software\openafs\1.8.7\
>
> This release fixes a critical issue with the generation of Rx connection IDs
> (CIDs) for Rx clients started after 14 Jan 2021 08:25:36 AM UTC (Unix epoch
> time 0x60000000).  Unpatched systems will always use the fixed value of
> 0x80000002 as the CID, which causes connections to fail for multiple reasons.
> Client commands such as `vos examine` will time out if run after that
> time, cache managers started after that time will be unable to access files,
> fileservers started after that time will be unable to access the Ubik databases,
> and database servers started after that time will be unable to participate
> in a quorum or Ubik elections.  In particular, fileservers that restart,
> including due to a scheduled weekly restart, will not be able to register
> with the volume location service or verify group membership with the
> protection service.
>
> The fix causes the initial CID to be randomly generated (without dependence
> on the current time) and removes the faulty logic intended to detect signed
> integer overflow (which is not needed since the field in question is now
> an unsigned integer).
>
> Thanks to Jeffrey Altman of Auristor Inc. for tracking down the key issue.
>
> Bug reports should be filed to openafs-bugs@openafs.org.
>
> Benjamin Kaduk
> for the OpenAFS Guardians
>