+2005-09-02 Mike Frysinger <vapier@gentoo.org>
+ * utils/rquotad/rquota_server.c(getquotainfo): use explicit
+ struture-member copying rather than memcpy, as the element
+ sizes are the same on all architectures.
+
+2005-08-26 Kevin Coffman <kwc@citi.umich.edu>
+ Add option to set rpcsec_gss debugging level (if available)
+
+ Changes to allow gssd/svcgssd to build when using Hiemdal Kerberos
+ libraries. Note that there are still run-time issues preventing
+ this from working when shared libraries for libgssapi and librpcsecgss
+ are used.
+
+2005-08-26 Kevin Coffman <kwc@citi.umich.edu>
+ Remove the rpcsec_gss code and rely on an external library instead.
+
+2005-08-26 Kevin Coffman <kwc@citi.umich.edu>
+ *utils/mountd/mountd.c:
+ mountd currently always returns AUTH_NULL and AUTH_SYS as the
+ allowable flavors in mount replies. We want it to also return gss
+ flavors when appropriate. For now as a hack we just have it always
+ return the KRB5 flavors as well.
+
+ *utils/mountd/cache.c:
+
+ When attempting to mount an NFSv4 pseudofilesystem (fsid=0) and the
+ actual exported directory does not exist on the server, rpc.mountd
+ doesn't check the directory exists (when fsidtype=1, i.e. using fsid,
+ but does check for fsidtype=0, i.e. using dev/ino). The non-existent
+ exported directory path with fsid=0 is written to the kernel via
+ /proc/net/rpc/nfsd.export/channel, which leads to path_lookup() to
+ return ENOENT (seems appropriate). Unfortunately, the new_cache
+ approach ignores errors returned when writing via the channel file so
+ that particular error is lost and the mount request is silently ignored.
+
+ Assuming it doesn't make sense to revamp the new_cache/up-call method to
+ not ignore returned errors, it seems appropriate to fix the case where
+ rpc.mountd doesn't check for the existence of an exported directory with
+ fsid= semantics. The following patch does this by moving the stat() up
+ so it is done for both fsidtype's. I'm not certain whether the other
+ tests need to be executed for fsidtype=1, but it doesn't appear to hurt
+ [Not exactly true: the comparison of inode numbers caused problems so
+ now it's kept for fsidtype=0 only].
+
+ Would it be also desirable to log a warning for every error, if any,
+ returned by a write to any of the /proc/net/rpc/*/channel files which
+ would otherwise be ignored (maybe under a debug flag)?
+
+ * gssd/mountd/svcgssd: Changes gssd, svcgssd, and mountd to ignore a
+ SIGHUP rather than dying.
+
+ * many: Remove the gssapi code and rely on an external library instead.
+
+2005-08-26 Kevin Coffman <kwc@citi.umich.edu>
+ * utils/exportfs/exports.man: Document the "crossmnt" export export option
+ * utils/gssd/krb5_util.c:
+ Add better debugging and partially revert the function
+ check for gss_krb5_ccache_name.
+
+ For MIT Kerberos releases up to and including 1.3.1, we *must*
+ use the routine gss_krb5_ccache_name to get the K5 gssapi code
+ to use a different credentials cache.
+
+ For releases 1.3.2 and on, we want to use the KRB5CCNAME
+ environment variable to tell it what to use.
+ (A problem was reported where 1.3.5 was being used, our
+ code was using gss_krb5_ccache_name, but the underlying
+ code continued to use the first (or default?) credentials
+ cache. Switching to using the env variable fixed the problem.
+ I cannot recreate this problem.
+
+ *utils/gssd/krb5_util.c:
+ Andrew Mahone <andrew.mahone@gmail.com> reported that reiser4
+ always has DT_UNKNOWN. He supplied patch to move the check
+ for regular files after the stat() call to correctly find
+ ccache files in reiser4 filesystem.
+
+ Also change the name comparison so that the wrong file is
+ not selected when the substring comparison is done.
+
+ *utils/gssd/krb5_util.c:
+ Limit the set of encryption types that can be negotiated by
+ the Kerberos library to those that the kernel code currently
+ supports.
+
+ This should eventually query the kernel for the list of
+ supported enctypes.
+
+ *utils/gssd/gss_util.c, utils/svcgssd/svcgssd_main_loop.c:
+ Print more information in error messages to help debugging failures.
+
+ *utils/svcgssd/svcgssd_proc.c: Increase token buffer size and
+ update error handling so that a response is always sent.
+
+ *utils/svcgssd/svcgssd_proc.c: Add support to retrieve
+ supplementary groups.
+
+
+2005-08-26 Kevin Coffman <kwc@citi.umich.edu>
+ * configure.in etc
+ Consolidate some of the Kerberos checking instead of repeating
+ the same things for MIT and Heimdal.
+ Also adds more checks to distinguish 32-bit from 64-bit
+ (mainly for gssapi.h)
+ Fix svcgssd Makefile so make TOP=../../ works correctly there.
+ Enable running a modern autoheader.
+ * utils/gssd/gss_oids.c: Use correct OID value for SPKM-3
+ * utils/gssd/gss_util.c: Fix build with older MIT releases that do not define GSS_C_NT_HOSTBASED_SERVICE
+ * utils/gssd/write_bytes.h, support/include/gssapi/gssapi.h:
+ Length of gss_buffer_desc is a size_t which is 64-bits on a
+ 64-bit machine. Kernel code expects 32-bit integer for length.
+ Coerce length value into a 32-bit value when reading from or
+ writing to the kernel.
+ Change gssapi.h to use datatype size values obtained from
+ configure rather than hard-coded values.
+ * utils/idmapd/idmapd.c: The EV_INIT check here was wrong, and was
+ causing idmapd to become unresponsive to server requests after
+ receiving a sighup.
+ * utils/idmapd/idmapd.c: Idmapd should flush the server id<->name
+ caches when its started.
+
+2005-04-12 G. Allen Morris III <gam3@gam3.net>
+
+ * All Makefile: added TOP as needed for easier compile.
+
+ * utils/nfsstat/nfsstat.c: added NFS V4 support; added the -m
+ option; Added -2, -3, and -4 options; changed -a option to -v
+ option; added long options; changed default output to not
+ show V2 NFS statistics unless used.
+
+ * utils/nfsstat/nfsstat.man: Documented above changes; changed
+ authors email address; added BUGS section.
+
+2005-04-07 Chip Salzenberg <chip@pobox.com>
+
+ * debian/changelog: Version 1.0.7-2.
+
+2005-04-06 Chip Salzenberg <chip@pobox.com>
+
+ * config.guess, config.sub: Update.
+
+ * support/rpc/svc_auth_gss.c (_svcauth_gss): Avoid using a cast as
+ an lvalue, as it is non-portable.
+
+ * support/nfs/exports.c (parseopts): Accept "acl" option to mean
+ ~NFSEXP_NOACL, and "no_acl" to mean NFSEXP_NOACL.
+ (putexportent): Report NFSEXP_NOACL as "no_acl", and ~NFSEXP_NOACL
+ as "acl".
+ * utils/exportfs/exportfs.c (dump): Report NFSEXP_NOACL as
+ "no_acl".
+ * utils/exportfs/exports.man: Document "no_acl".
+
+2005-03-14 NeilBrown <neilb@cse.unsw.edu.au>
+ Denis Vlasenko <vda@ilport.com.ua>
+ * support/export/client.c(client_init and client_gettype):
+ treat N.N.N.N as a special case of MCL_SUBNETWORK instead of
+ MCL_FQDN
+
+2005-03-06 G. Allen Morris III <gam3@gam3.net>
+ * support/nfs/cacheio.c(readline): Could not read lines greater
+ than 128 bytes. [1157791]
+ * utils/exportfs/exports.man: Added a SEE ALSO section and
+ fixed 2 typos. [1018450]
+
+2005-02-28 Trond Myklebust <trond.myklebust@fys.uio.no>
+ * utils/statd/rmtcall.c(statd_get_socket): If a port number is
+ explicitly given, make sure to try to bind to that.
+
+2005-01-11 Chip Salzenberg <chip@pobox.com>
+
+ * debian/changelog: Version 1.0.7-1.
+ * debian/nfs-common.default (NEED_IDMAPD, NEED_GSSD):
+ Disable by default, on advice of upstream.
+ * debian/nfs-kernel-server.default (NEED_SVCGSSD):
+ Likewise.
+
+ * utils/svcgssd/Makefile (predep): Symbolically link duplicated
+ source files.
+ (distclean): Remove symlinks to duplicated files.
+
+2004-12-17 NeilBrown <neilb@cse.unsw.edu.au>
+ Release 1.0.7
+
+ * config.mk, configure.in: update version number, run autoconf
+ * configure.in: require nfsidmap.h if gss is enabled.
+
+2004-12-10 NeilBrown <neilb@cse.unsw.edu.au>
+ Release 1.0.7-pre2
+
+ * config.mk, configure.in: update version number, run autoconf
+
+2004-12-10 Neil Brown <neilb@cse.unsw.edu.au>
+ * README : note dependancy on kerberos, libevent, and nfsidmap
+ * configure.in : fail if --enable-nfsv4 and libevent or
+ libnfsidmap are missing.
+ * configuyre.in: improve message if krb5 support is missing
+
+2004-12-06 Paul Clements <paul.clements@steeleye.com>
+ * support/include/ha-callout.h: get return status from waitpid
+ correctly.
+ * support/include/ha-callout.h: don't ignore SIGCHLD while waiting
+ for a callout to complete.
+ * utils/statd/statd.c(sigusr): print current start when re-reading
+ notify list due to SIGUSR1
+ * utils/statd/svc_run.c(my_svc_run): call change_state when
+ re-notifying clients.
+
+2004-12-06 Marc Eshel <eshel@almaden.ibm.com>
+ * utils/statd/svc_run.c(my_svc_run): allow loop to exit when in
+ MODE_NOTIFY_ONLY
+ *utils/statd/rmtcall.c(statd_get_socket): if a hostname is given
+ to statd with -n, prefer it's IP address to the default for
+ listening on.
+
+2004-12-06 Bruce Allan <bwa@us.ibm.com>
+ * utils/mountd/auth.c(auth_reload) Clear the "my_client" cache on
+ an auth_reload to avoid old data getting used.
+
+2004-12-03 NeilBrown <neilb@cse.unsw.edu.au>
+ Release 1.0.7-pre1 for testing
+
+ * config.mk, configure.in: update version number, run autoconf
+
+2004-12-03 Trond Myklebust <trond.myklebust@fys.uio.no>
+
+ * utils/statd/statd.c(main): ignore SIGPIPE
+
+2004-11-22 "J. Bruce Fields" <bfields@fieldses.org>
+
+ * tools/rpcdebug/rpcdebug.c: support aliases "nfsdebug" and
+ "nfsddebug" and update flag names.
+ * configure.in, nodist/* redhat/* nfs-utils.spec*: remove redhat
+ specific files (as no-one actually uses them, especially not
+ redhat), and the nodist /etc files (as they drift out-of-date, and
+ the debian directory provides a suitable example.
+ * utils/svcgssd_proc.c(get_ids): fix memory leak
+ * utils/svcgssd/svcgssd_proc.c: Rely on count of the number of
+ groups instead of using a special guard value to identify the end
+ of the list.
+ * utils/idmapd/idmapd.c: don't allow Default domain and anon-uid
+ or -gid to be specified on command line.
+ * utils/idmapd/idmapd.c: improve error messages
+ * utils/idmapd/idmapd.c: Reopen nfsd files on sighup. Allows us
+ to start up client side only (even when nfsd module not loaded),
+ and then sighup later after insmodding nfsd module.
+ * utils/idmapd/idmapd.c: Make sure we catch all errors on
+ daemonizing by waiting for child to report succesfull startup
+ using a pipe.
+ * utils/idmapd/idmapd.c: Let libnfsidmapd parse the idmapd.conf
+ file for the default domain, instead of doing that ourselves.
+ * utils/gssd/gssd_proc.c: Make sure we get an error when a gssd
+ downcall fails.
+ * utils/gssd/gssd_proc.c: We were forgetting to restore the euid
+ on certain failures, which meant gssd could get stuck in a state
+ where it didn't have permissions to read the files in rpc_pipefs
+ that it needed to.
+ * utils/gssd/gssd_proc.c: Use libnfsidmapd to map gss principals
+ to uids.
+ * debian/nfs-kernel-server.default: Document the NEED_SVCGSSD
+ variable in /etc/default/nfs-kernel-server.
+
+
+2004-11-22 NeilBrown <neilb@cse.unsw.edu.au>
+
+ * utils/exportfs/nfsd.man: corrected typo in .BR macro usage -
+ reported by Eric Raymond
+
+2004-10-19 "J. Bruce Fields" <bfields@fieldses.org>
+
+ * support/gssapi/* support/rpc/* utils/gssd/* utils/svcgssd/* etc
+ initial support for GSSAPI authentication
+
+2004-09-15 Neil Brown <neilb@cse.unsw.edu.au>
+
+ * utils/statd/monitor.c(sm_unmon_1_svc): is RESTRICTED_STATD, then
+ check IP address and force my_name to 127.0.0.1 to match
+ what happens in sm_mon_1_svc. This avoid spurious "erroneous
+ SM_UNMON" messages.
+ * utils/statd.monitor.c(sm_unmon_all_1_svc): likewise
+
+2004-09-15 "J. Bruce Fields" <bfields@fieldses.org>
+
+ * Assorted changes to support "gss/*" style authentication
+ * utils/idmapd: new idmapd daemon for nfsv4 username lookup
+
+2004-09-06 Trond Myklebust <trond.myklebust@fys.uio.no>
+ Neil Brown <neilb@cse.unsw.edu.au>
+
+ * utils/mountd/auth.c(auth_authenticate_internal): fix
+ uninitialsed variable problem (causes bad error messages).
+
+2004-09-06 Paul Clements <paul.clements@steeleye.com>
+ Neil Brown <neilb@cse.unsw.edu.au>
+
+ * utils/mountd/mountd.c(main): support --ha-callout (-H) for
+ specifying a callout program
+ * utils/mountd/rmtab.c: Call ha_callout on mount/unmount
+ * utils/statd/monitor.c: Call ha_callout on add/del client
+ * utils/statd/rmtcall.c: as above
+ * utils/statd/statd.c: handle --ha-callout (-H)
+ * utils/statd/svc_run.c: call notify_hosts is we have received a
+ sighup
+ * support/include/ha-callout.h: define ha_callout function
+
+
+2004-08-31 NeilBrown <neilb@cse.unsw.edu.au>
+ * utils/mountd/cache.c(cache_process_req): clear fd after
+ processing so as not to confused libc/sunrpc into thinking
+ it need to do something with that fd.
+
+2004-08-31 NeilBrown <neilb@cse.unsw.edu.au>
+
+ * debian/nfs-kernel-server.init(start,stop) mount the nfsd
+ filesystem, if available, before starting nfs services, and
+ unmount it afterwards.
+ * etc/nodist/nfs-server: ditto
+ * etc/redhat/nfs.init: likewise
+ * etc/redhat/nfs: add "MOUNT_NFSD" flag to control above.
+
+2004-06-08 NeilBrown <neilb@cse.unsw.edu.au>
+
+ * utils/exportfs/exportfs.c: Don't rmtab_read if new_cache, it
+ isn't necessary.
+ * support/nfs/cacheio.c(cache_flush): Change order in which caches
+ are flushed so that dependancies don't keep things in the cache
+ too long.
+
+2004-03-18 Chip Salzenberg <chip@pobox.com>
+
+ * debian/changelog: Version 1.0.6-2.
+
+2004-02-24 NeilBrown <neilb@cse.unsw.edu.au>
+ from "J. Bruce Fields" <bfields@fieldses.org>
+
+ * utils/mountd/cache.c: call auth_reload to make sure auth data is
+ current before responding to kernel upcall.
+
+2004-02-24 NeilBrown <neilb@cse.unsw.edu.au>
+ Based on patch from Greg Banks <gnb@melbourne.sgi.com>
+
+ * utils/exportfs/exports.man: Document fsid= option.
+
+2003-09-15 NeilBrown <neilb@cse.unsw.edu.au>
+
+ Release 1.0.6
+
+ * rules.mk: Add dep: rule when no OBJS, so "make dep" works in
+ support/include, and depend in "predep"
+ * support/export/Makefile, tools/rpcgen/Makefile,
+ utils/statd/Makefile: add "predep" rule so that "make dep" works.
+ * Makefile: allow a simple "make" to run ./configure and "make dep"
+ if needed.
+ * configure.in, nfs-utils.spec: Update version to 1.0.6
+ * run autoconf
+
+2003-09-12 Chip Salzenberg <chip@pobox.com>
+
+ * debian/changelog: Version 1.0.6-1.
+
+2003-09-12 NeilBrown <neilb@cse.unsw.edu.au>
+
+ * utils/mountd/mountd.c(main): Impose FD_SETSIZE as an upper limit
+ for RLIMIT_NOFILE
+ * utils/statd/statd.c(main): Ditto.
+
+ michael <michael@newdream.net> discovered that svc_setreqsize
+ in glibc can segfault if RLIMIT_NOFILE is bigger than
+ FD_SETSIZE, so a simple solution is to impose a hard limit.
+
+2003-09-09 Chip Salzenberg <chip@pobox.com>
+
+ * debian/changelog: Version 1.0.5-3.
+ * support/export/hostname.c (get_reliable_hostbyaddr): Fix crash
+ on invalid reverse DNS.
+ * utils/showmount/showmount.c (main): Fix inet_ntoa() parameter.
+ * tools/rpcgen/rpc_cout.c (print_header): Remove unused vars.
+ * tools/rpcgen/rpc_parse.c (def_union): Likewise.
+
+2003-08-22 Chip Salzenberg <chip@pobox.com>
+
+ * utils/statd/{log.h,log.c}: Rename log() to note() and L_* to
+ N_*, to avoid conflict with ISO C built-in log() function.
+ * utils/statd/*.c: Use note().
+