Subversion MultiSite Release Notes

Release: 4.0 Build: 0184

June 07, 2012

Issues Addressed

  • We've identifed and applied a fix for an additional scenario in which deleted folders where not being replicated, causing loss of sync between nodes. In this case the cause of the problem was the presence of a locked file located more than one directory deeper than the folder being moved or deleted. (NA-4650)

Release: 4.0 Build: 9930

May 15, 2012

Issues Addressed

  • Fixed a problem where creating, modifying or deleting an LDAP team when the LDAP daemon is in the middle of a run could cause the daemon to crash. (NA-4512)

  • Performing a partial synchronized stop - where only selected nodes are stopped no longer causes garbage collection to stop running once the stopped nodes are put back into replication.(NA-4505)

Release: 4.0 Build: 9336

March 14, 2012

Issues Addressed

  • Updated the underlying prevayler library to include a recent fix that better handles scenarios where a journal file is being applied to a prevayler snapshot and the replicator is restarted. (NA-4414)

  • Addressed an issue with locked files that have paths containing folder names that include plus characters. So-named folders could lead to the lock being incorrectly handled at remote nodes which could result in a loss of sync between repository replicas.(NA-4112)

Release: 4.0 Build: 9243

March 2012

Issues Addressed

  • Now when a replication group is activated, new nodes no longer have "Run on this node" enabled for the management of LDAP groups. So, by default changes made through Access Control will replicate only from the node on which the "Run on this node" check box is ticked. (NA-3144)

  • Fixed a deadlock that occurred whilst using the Authz notifier utility under heavy load. (NA-3579)

  • A drop in Subversion performance that resulted from increasing the number of users in Access Control has now been addressed. (NA-4385)

  • Fixed a problem that caused the MultiSite packager (used to create the install files for additional nodes) to fail if it is unable to create a temporary subdirectory in the selected packager directory. (NA-2952)

  • Fixed an Internet Explorer compatibility problem that stopped the repository repair tool from progressing past step 2. (NA-3841)

  • Fixed an error in the popup warning message that appears when adding a new node using a hostname instead of its IP address. The warning message no longer blocks the node creation from continuing. (NA-3592)

  • Fixed a problem that stopped the imports from backup.xml working if the file contained multi-layered groups. (NA-3901)

  • For customers using the Zeus load balancer, there's a new version of the health monitor script included with this release. It can be found in a new /svn-replicator/utils directory along with other supporting scripts and utilities. (NA-3601)

Release: 4.0 Build: 7824

November 17, 2011

Issues Addressed

  • Fixed a problem where replicator restarts triggered by spinning thread detection would fail if an Authz update was taking place at the same time. (NA-3550)

Release: 4.0 Build: 7797

November 2011

What's new

  • Authentication against multiple LDAP authorities is now supported, modelled on Apache's LDAP authentication. (NA-3511)

  • On the node Properties screen of the admin console, the SSH properties now remain editable after the creation of the replication group. (NA-3292)

  • It's now possible to limit the maximum file size of a commit via a setting on the Systems Settings page, on the System tab of the Admin Console. (NA-3516)

Issues Addressed

  • We now fail LDAP pre-replication authentication immediately if the password is blank, rather than depending on LDAP to reject the attempt. (NA-3456)

  • The Authz file editing logic has been improved to prevent problems caused by undeletable files in Windows. (NA-3508)

  • Fixed encoding of output text from html to XML as the messaging had resulted in the failure of users' scripts. (NA-2507)

  • Fixed a problem that resulted in some log messages being sent to the STDOUT instead of the STDERR. (NA-3305)

  • Fixed null pointer exceptions and spinning read-reactor threads caused by the use of a web application vulnerability scanner. (NA-3438, NA-3437)

  • Added support for multiple admin email addresses (comma separated within the email address field) so that a number of administrators can receive alert emails. (NA-3365)

  • Fixed typos in the provided init.d script. (NA-3363)

  • All access to the MultiSite's admin console now appears in the logs along with the user's IP address, suitable for auditing access. (NA-3362)

  • It's no longer a requirement to be in the lib directory in order to invoke java -jar. (NA-3335)

  • Improved handling of log file rotation, existing log files where not accounted for, so increased with each the replicator restart. Appended naming now works properly so that setup logs are rotated instead of sticking around forever. (NA-3329)

  • Groups can now be named using multibyte characters, further improving support for languages such as Russian or Japanese. (NA-3318)

  • The LDAP entry form is now more forgiving of errors and no longer blanks all entries when a submission fails due to an error. (NA-3298)

  • There's now a 'last accessed' column displayed on the List users screen under the Security tab (subject the inclusion of Access Control product bundled with MultiSite). This has been added to help manage users licenses as it provides an administrator with an immediately guide to which users are no longer active. (NA-3296)

  • Consistency checker now lets you set the starting revision and supports incremented revision checks. (NA-3295)

  • It's now possible to use escape characters to include commas in usernames. See the clarification on what characters are acceptable for usernames (NA-3294)

  • On the node Properties screen of the admin console, the SSH properties now remain editable after the creation of the replication group. (NA-3292)

  • Fixed a problem where Access Control created invalid paths for repositories with locations that use multiple slashes. (NA-3291)

  • Fixed a problem that stopped group names that included plus symbols '+' from being editable. (NA-3290)

  • If an Authz file is deleted or corrupted, it's now possible to regenerate it using the Regenerate Authz file button, on the SVN Settings screen, under the Proxy tab of the admin console. (NA-3289)

  • Corrected the numbering of ACLs as they appear in the logs. (NA-3288)

  • Fixed a problem that could in rare cases zero the Authz file (NA-3287)

Release: 4.0 Build: 7620

Issues Addressed

  • Fixed null pointer exceptions and spinning read-reactor threads caused by the use of a web application vulnerability scanner. (NA-3258, NA-3385)

  • Fixed a problem where replicator restarts triggered by spinning thread detection would fail if an Authz update was taking place at the same time. (NA-3388)

Release: 4.0 Build: 7579

What's New

  • It's now possible to create and manage the membership of Access Control groups using LDAP. (NA-3261)

Issues Addressed

  • Resolved a problem which stopped the automatic restarts of the replicator in the event of an IOException being thrown while writing to a .journal file. (NA-3357)

  • To ensure that WD_JVMARGS environmental variable is set, regardless of how SVN MultiSite is started, it has been moved from the init scripts and is now set exclusively in the file. (NA-3333)

  • The sample init.d script for Debian has been fixed, removing some Windows character encoding and some problematic logic that caused problems using the script from startup. (NA-3332)

  • We now ensure that LDAP authentication failure generates a 401 (unauthorized) instead of a 403 (forbidden) error, which ensures that follow-on authentication attempts are not frustrated by client caching. (NA-3326)

  • Fixed a problem on Windows server where htpasswd file updates via LDAP pre-rep-authn caused the replicator to crash. (NA-3311)

  • The talkback script used for troubleshooting problems has now been fixed. (NA-3277)

  • The Authz Notifier utility now has improved Windows support. (NA-3272)

  • Fixed a problem where the deletion of folders containing locked files would cause the loss a sync between nodes. (NA-3270)

  • An offline mode has been introduced, allowing a node to sideline repositories that have become read-only from the replication group. Placing a repository offline removes the risk that delays in garbage collection could exhaust java heap. An offlined repository can only return to the replication group after running a repository repair.

    IMPORTANT - As part of this new feature, if you are upgrading from an earlier version of MultiSite we recommend that you tick 'Auto skip bypassable transactions' on the admin console System Settings screen, under the System tab. (NA-3265)

  • The repository repair tool now warns the user if repositories (other than the one being fixed ) are read-only. The user can then fix or sidestep this other repository, which might otherwise cause the repository repair procedure to get stuck. (NA-3262)

Release: 4.0 Build: 5974

What's new

  • Improved logging for LDAP authentication failure. (NA-2858)

  • Improved talkback script no longer prompts the user to enter information, even though there's no JAVA_HOME variable set (which automatically causes talkback to fail). (NA-2869)

Issues Addressed

  • When an authz file is updated via either Access Control or the authz_notifier, all connections to back-end Apache processes are closed to ensure that Apache re-reads the updated authz file under all circumstances. (NA-2862)

  • Introduced two further fixes to stop potential deadlock issues. (NA-2460) (NA-2455)

  • Fixed a java problem that could cause the write closer thread to get stuck while completing an EOF maker, resulting in any further EOFs getting added to the queue. (NA-2608) Note: this problem was previously masked by the deadlock identified in NA-2455.

  • Added enhanced logging to capture more details for a situation that could result in excessive processor activity. (NA-2387)

  • Fixed a deadlock that occurred when invoking the Consistency Checker in situations where the admin console was under heavy load. (NA-2880)

  • For the purpose of troubleshooting problems it's now possible to redirect the output of the Authz Notifier Utility to STDERR. See the Knowledgebase for how: (NA-2922)

Release Notes 4.0 Build: 5876

Issues Addressed

  • Remote password changes are now improved, so that initial differences between the files on different nodes do not result in the files going out of sync. (NA-2659)

  • The htpasswd file is now overwritten on all nodes whenever a user is added, changed or removed, ensuring that the file remains in sync. (NA-2663)

  • Improved the log messaging for null pointer exceptions that are caused by restarting a replication group, but failing to perform a reset on all modes. (NA-2412)

  • Scheduler log now displays file sizes for proposals, making it easier to assess how long a out-of-date node will take to catch up. (NA-2620)

  • Removed redundant references to quarantine mode. (NA-2660)

  • The problem with the keystore being overwritten by the truststore file that appeared in build 5295 has been fixed. (NA-2661)

  • Error checking is now in place to stop changes to LDAP settings if any related repository password files are not being managed. (NA-2664)

  • Fixed a problem that caused LDAP authorities to be displayed out of order in some situations. (NA-2665)

  • Improved help text now added for the LDAP Authorities fields. (NA-2666)

  • Prewrite Access Control Lists can now be unhidden to make it easier to manage access rules. (NA-2696)

  • All deletion actions within the admin console now prompt the user for confirmation. (NA-2832)

  • Improved handling of traffic to stop occasional processing of out of order ADELETE commands. (NA-2724)

  • A warning is now displayed when an impending node IP change will invalidate the product license. (NA-2500)

  • The text input field for the LDAP URL is now larger, making it easier to use. (NA-2653)

  • Editing an LDAP authority now correctly reported as "authority edited" instead of "authority added". (NA-2657)

Known Issue

  • The admin console's documentation link only works after logging in. This issue will be fixed in the next release. (NA-2891)

Release Notes 4.0 Build: 5295

What's new

  • Added support for setting LDAP authority on a per-node basis. A radio button on Subversion settings screen of the admin console lets you set whether LDAP settings should be replicated. (NA-2603)

  • The user creation page password field is no longer mandatory. Forced entry of a password would be incompatible with the use of LDAP authentication. (NA-2612)

  • Added functionality that displays additional fields when using the RESTful API to read node settings. (NA-2209)

  • Activity ID and resource URI have been added to the WANdisco log file (SVNProxyServer-prefs.logs) to allow for easier tracking / matching against Apache logs. (NA-2406)

  • Added support for multiple admin email addresses (comma seperated within the email address field) so that a number of administrators can receive alert emails. (NA-2404)

  • A new screen has been added to the admin console that provides licensing details for the server. To view it, click on the System tab, then the menu link: "License Info". (NA-2427)

  • It is now possible to edit LDAP authority details, instead of deleting and creating them from scratch. (NA-2611)

Issues Fixed

  • Fixed a problem that made Access Control users and groups impossible to delete on versions of Windows that use non-Latin character sets. (NA-2635)

  • Fixed a problem that caused stalled queues that resulted in aborted proposals with the error message that includes "due to errors from SCM repository". (NA-2642)

  • When running multiple replicators on the same host authentication to the admin console is now handled on a per-session basis. (NA-2453)

  • Fixed a problem that resulted in Access Control rules not being followed after a fallback from LDAP to httpasswd. (NA-2615)

  • Corrected a small formatting error in the SVN-DAV header formatting. (NA-2631)

Release Notes 4.0 Build: 4851

What's new

  • Node name and address have been included in the transaction execution log. (NA-1590)

  • Authz changes can now be replicated through a bundled Authz Notifer Utility. (NA-2149)

  • The Authz notifier utility can now be run from outside the replicator's directory and by different users. (NA-2346)

  • The Authz notifier utility is now available through the admin console, license permitting. (NA-1562)

  • Added LDAP authority support to the admin console. (NA-2097)

  • System disk monitoring can now be controlled from the system tab of the admin console. (NA-2157)

  • Admin login now has improved support for LDAP authentication, valid Admin users are now listed on the screen for whichever LDAP server is used. (NA-2176)

  • Added the ability to replicate arbitrary files using the RESTful API. (NA-2316)

  • RESTful API now allows the definition of new repositories for SVNPath/SVNParentPath. (NA-2467)

  • RESTful API can now make specific nodes and/or repositories read-only. (NA-2317)

  • init.d script now available for Ubuntu and Debian Linux. (NA-2098)

  • We've added a setting within the prefs.xml file that allows you to tweak how much time is allowed for a replicator to make a connection with another replicator. (NA-1009)

  • Improved proxy log file naming system for greater efficiency. The proxy log file is now appended with the following dating format: yyyy-MM-dd.HH:mm:ss (NA-1967)

  • Added an optimization option that improves performance when handling commits of very large files. (NA-2247)

  • Setup script has been changed to allow installation to directories with different names, so long as it includes "-replicator" within it. Previously, the replicator needed to be installed to a directory called "svn-replicator". (NA-2160) (NA-2041)

  • Talkback script has been altered so that the file list of the systemdb is exported to a separate file so as not to swamp the other log information. (NA-2295)

  • Clarification made to the problem transaction screen where Subversion proposal filenames where sometimes being confused for transaction IDs. (NA-2334)

  • Additional warning now displays on the admin console when a repository repair is started. (NA-2337)

  • Improved encryption for the dummy passwords placed in the htpasswd file for LDAP users. (NA-1685)

  • It's now possible to limit each log entry to a single line by using the following procedure: (NA-2108)

  • Reset logs now include record the servers time zone. (NA-2161)

  • Log timestamp now includes an adjustment factor for Greenwich Mean Time (GMT). (NA-2201)

  • Synchonized stops are reported in the log (at the INFO level). (NA-2220)

  • Created a unique exit code (code 110) for critical disk monitor shutdowns. (NA-2286)

Issues Fixed

  • Check-ins larger than 2GB (Gigabytes) are now supported. (NA-1506)

  • Changes to the Subversion server port on the admin console now correctly appear on other admin console screens. (NA-2106)

  • Fixed a problem where replicator settings (client port) changes in the admin console were lost on a restart. (NA-1816)

  • Users who are imported without a password will be unable to login or change their password. An administrator will need to manually set a password for them. (NA-2382)

  • LDAP admin login check has been updated so that specific attributes are checked for before authentication is attempted against the configured LDAP authorities. (NA-2390)

  • RESTful API now uses HTTPS if the replicator has been set up to use it. (NA-2363)

  • The deletionqueue.ser file is now generated in the config directory instead of the current working directory. (NA-2321)

  • Fixed a problem whereby users imported via the LDAP plug-in who were later removed, were not showing up as being available to import again. (NA-1651)

  • Users are no longer able to bypass bypassable transactions via the admin console dashboard unless they are logged in. (NA-2185)

  • Fixed an issue in the HTTP Parser when dealing with HTTP chunked input. Under certain circumstances (when an incoming request contains a sequence of special characters) the request was truncated and sent on to Apache. Apache would never return from these requests until the connection timed out. (NA-2547)

  • Fixed a problem that resulted in the svn-security/tmp directoy being missed during garbage collection, potentially leading to the consumption of excessive amounts of disk space. (NA-1655)

  • Fixed a problem with the setup's Apache config parser that resulted in some settings being missed. (NA-1757)

  • Fixed a problem that resulted in a 409 error from pre replication triggers. (NA-1913)

  • Previous passwords are now properly obscured at the end of a user password change. (NA-2232)

  • Fixed a problem that stopped locked files from being deleted during garbage collection. (NA-2223)

  • Added better handling of changes to replication groups that use SSH. (NA-2163) (NA-2164)

  • Fixed a bug in that resulted in null point exceptions. (NA-2292)

  • init.d scripts no longer hang when launched via SSH on Red Hat 4.4 (NA-2456)

  • MD5 sum is now correctly garbage collected after a reset. (NA-2521)

  • Fixed a problem with the reset now link for the local node during a replication group activation so that it no longer uses SSH. (NA-2165)

  • Fixed an issue that stopped the originating node for unbypassable transactions from displaying on the dashboard. (NA-2035)

  • System alert emails are now correctly sent after a node is shutdown or reset via the admin console. (NA-2167)

  • Fixed a problem that displayed the change admin password link to non-admin users. (NA-2231)

  • Fixed an issue with email settings errors being reported if starting the replicator or talkback script from a location other than the install directory. (NA-2383) (NA-2159)

  • Logging now correctly refers to pre-replication hooks instead of pre-commit hooks. (NA-2454)

  • Fixed a problem where the consistency checker columns were re-ordered on a screen refresh. (NA-2384)

  • Fixed a problem that caused the Authz Diff Notification emails to be sent multiple times. (NA-2251)

  • Introduced additional logging for getOpaqueLockToken. (NA-2104)

  • When a transaction is determined to be non-bypassable, the names of all the nodes at which it is known to have failed will be logged. (NA-2119)

  • The password field's character length now matches the maximum allowed password length. (NA-2172)

  • Improved messaging on the Admin Console for why failed proposals can't be retried. (NA-2401)

  • Logging has been changed so that a GSN of -1 is not reported for incomplete transactions. (NA-2430)

Issues Fixed

  • Known limitation: Import files that contain none-ASCII characters will not work. All files should use UTF-8 encoding. (NA-2032)