|
|
|
|
Changelog for varstored-guard-24.19.2-1.4.xcpng8.3.x86_64.rpm :
* Wed Sep 18 2024 Benjamin Reis - 24.19.2-1.4- Add xapi-24.19.2-ipv6-reset-networking.XCP-ng.patch * Wed Aug 28 2024 Samuel Verschelde - 24.19.2-1.3- Add xapi-24.19.2-update-new-fingerprint-fields-on-DB-upgrade.backport.patch, backported from XAPI project- Add xapi-24.19.2-more-fingerprint-field-updates-fixes.XCP-ng.patch to complement the fix- Fixes an issue where new fingerprint fields are not populated, which under some circumstances makes pool join fail. * Wed Aug 14 2024 Benjamin Reis - 24.19.2-1.2- Add xapi-24.19.2-fix-ipv6-import.XCP-ng.patch * Tue Aug 13 2024 Benjamin Reis - 24.19.2-1.1- Rebase on 24.19.2-1- Drop xapi-24.11.0-sb-state-api.XCP-ng.patch- Drop xapi-24.11.0-don-t-generate-link-local-address-for-interfaces.patch- Drop xapi-23.31.0-fix-ipv6-import.XCP-ng.patch- * * * Upstream changelog * * *- * Tue Jul 16 2024 Ming Lu - 24.19.2-1- - CA-395626: Fix (server status report generation report)- * Tue Jul 09 2024 Ming Lu - 24.19.1-1- - Fixes: 99c43569a0 (\"Transition from exception-raising Unix.getenv to Sys.getenv_opt with\")- * Tue Jul 09 2024 Ming Lu - 24.19.0-1- - CP-47304: [Toolstack] - Add data model for anti-affinity group- - CP-47655: [Toolstack] - Associate/disassociate VM to/from anti-affinity group- - CA-391880: Update related field \'groups\' of VM when destroying VM group.- - CP-47302: VM start with anti-affinity- - CA-392177: Keep current group after reverting from snapshot- - CP-47656 Anti-affinity feature generate alert- - CP-48570: Load recommendations from config file when Xapi starts- - CP-48011: Xapi Support anti-affinity feature flag- - CA-393421: Special VMs cannot be added to VM groups- - CP-48625: Code refactoring- - opam: add psq to xapi dependencies- - CP-49665: Anti-affinity support for host evacuation- - CP-48752: Add UT for host evacuation with anti-affinity support- - CP-49953: Remove parse_uri, switch to using Uri module instead- - doc: remaining API docs- - doc: add XenAPI release info- - Printf.kprintf is deprecated, replace with Printf.ksprintf- - Fix misplaced inline attributes- - CP-50050 track CBT status for SMAPIv3 SRs- - CP-49953: Remove parse_uri, switch to using Uri module instead- - CI: Complete parallel Coveralls uploads: Finish when done- - CP-49116: Replace fingerprint in certificate DB with sha256 and sha1- - CA-392887: set_tls_config immediately after enabling clustering- - CI: Update endcover step to v2 to fix CI (#5763)- - CA-386173: Update the message of WLB authentication issue- - Revert \"CP-49953: Remove parse_uri, switch to using Uri module instead\"- - Fix a bug noticed by a quicktest run- - Eliminate unnecessary usage of List.length to check for empty lists- - Transition from exception-raising Unix.getenv to Sys.getenv_opt with- - Replace Hashtbl.find with Hashtbl.find_opt in trivial cases- - Refactor Hashtbl.find out of resources/table.ml- - Refactor Hashtbl.find out of xenopsd/xc/readln.ml- - Add a gate for Hashbtl.find- - CP-50135: Bump datamodel_lifecycle for anti-affinity- - IH-621: Add IPMI host power on support and remove DRAC- - opam: generate xapi-forkexecd with dune- - opam: remove unversioned opam dependencies- - opam: generate xapi-networkd using dune- - fe_test: print stacktrace on unit test failure- - fix(fe_test): make it compatible with fd-send-recv 2.0.2- - Fix indentation in C code- * Mon Jul 01 2024 Ming Lu - 24.18.0-1- - doc/README.md: Improve the Hugo Quick start guide for an easier start- - .codecov.yml: Remove scripts (Codecov is confused, we move scripts/ to python3/)- - CA-394444: Update task cancellation in `message_forwarding.ml`- - Hugo docs: Add dark mode support, theme variant selector and print- - Don\'t generate link-local address for interfaces- - Make `cluster-stack-version` show up in the CLI- - Update datamodel lifecycle- - Removed headers from the templates.- - Renamed files and reordered table of contents.- - IH-583 Create standalone implementations of systemd functions- - Fix failing builds by attaching package to the cram test- - CA-394883: fix race condition allocating task ids- - CA-394882: avoid error on tasks that are not ours- - CA-381119: use JsonRPC V2 for error replies- - CA-394169: Allow task to have permissions on itself- - CI: use new version of codecov action- - Merge .codecov.yml from feature/py3 to drop scripts checks- - CP-50055 Add Go SDK as a release package in XAPI- - CI: codecov is unstable, use coveralls- - CA-394921: Ignore unkown properties during Java SDK deserialisation- - CP-49446: expose SR health values to Python- - opam: record correct authorship for stdext packages- - IH-628: add new package clock for timekeeping- * Tue Jun 18 2024 Ming Lu - 24.17.0-1- - CP-48666: initialize a skeleton project for Go SDK- - CP-47347: Add mustache template for Enum Types- - CP-47351: generate Record and Ref Type Golang code for all classes- - CP-47348: generate Golang code of Enum Type for all classes- - CP-47362: generate file headers- - CP-48666: collect api errors- - CP-47364: generate api messages and errors of Golang code- - refactor: create an `Alcotest.testable` to check structure of generated JSON is wanted- - refactor: move `objects` and `session_id` from `Gen_go_helper` to `CommonFunctions`- - CP-48666: use dune rule to get the destination dir for the generated files- - CP-48666: generate all enums to a file- - refactor the way of getting enums- - CP-48666: refactor the JSON schema checking- - CP-48666: refactor `render_template` with an optional newline parameter- - CP-47361: generate mustache template for deserialize and serialize functions- - CP-47358: Generate convert functions Go code- - CP-48855: update templates (APIErrors, APIMessages, Record)- - CP-48855: adjust generated json for templates changed- - CP-48855: add templates for option and APIVersions- - CP-48855: render options- - CP-47355, CP-47360: generate mustache template for xapi data module class messages- - CP-47354: Generate messages functions Golang code for all classes- - CP-47354: add unit tests for `func_name_suffix` and `string_of_ty_with_enums`- - CP-48855: render APIVersion- - CP-48855: fix go lint var-naming warnings- - fix `StringOfTyWithEnumsTest` after merged- - CP-48855: it should be only one empty line at end of Go file- - CP-47356: expose `published_release_for_param` and `compare_versions` for usage of other modules- - CP-47358: Add unit tests for generating convert functions- - CP-47355, CP-47360: generate mustache template for xapi data module class messages- - CP-47354: Generate messages functions Golang code for all classes- - CP-47354: add unit tests for `func_name_suffix` and `string_of_ty_with_enums`- - CP-48855: update templates (APIErrors, APIMessages, Record)- - CP-48855: adjust generated json for templates changed- - CP-48855: add templates for option and APIVersions- - CP-48855: render options- - CP-48855: render APIVersion- - CP-48855: remove go lint var-naming warnings- - CP-47356: Support backwards capability for Go SDK- - CP-47361: generate mustache template for deserialize and serialize functions- - CP-47358: Generate convert functions Go code- - CP-47358: Add unit tests for generating convert functions- - CP-47354: Generate messages functions Golang code for all classes- - CP-47354: add unit tests for `func_name_suffix` and `string_of_ty_with_enums`- - CP-48855: render options- - CP-48855: render APIVersion- - CP-47357: Add a Go JSON-RPC client file- - CP-47357: fix review issues- - CP-47367 Add type checking for generated SDK Go files- - CP-49350: fix variable naming in Go SDK- - Set up Github Action for go SDK component test (#5588)- - CA-391381: Avoid errors for Partial Callables in observer.py- - xapi-tracing: bind its test to the package- - opam: generate xapi-tracing with dune- - opam: generate xapi-tracing-export with dune- - opam: generate rrdd-plugin with dune- - opam: generate xapi-rrd-transport-utils with dune- - opam: generate xapi-rrdd with dune- - opam: drop xapi-rrd-transport- - opam: drop xen-api-sdk- - Revert \"CP-47660 define anti-affinity feature\"- - Remove CVM and relevant test cases (#5655)- - opam: Fix metadata- - opam: de-templatise message-switch-core- - ocaml: remove unused bindings- - dune: enforce version +3- - Add `VM.set_uefi_mode` API call- - Go SDK: Misc fixes for on-going component tests (#5661)- - Add `VM.get_secureboot_readiness` API call- - Add `Pool.get_guest_secureboot_readiness` API call- - CP-49446: Update SR health to include new constructors- - doc: copy design documents from xapi-project.github.io- - doc: add info table to design docs- - doc: style design doc index- - CP-47928: Add component test for Go SDK- - CP-49647 use URI for create_misc- - CP-49647 use URI for dbsync_master- - CP-49647 use URI for export.ml- - CP-49647 use URI for import.ml- - CP-49647 use URI for importexport.ml- - CP-49647 use URI for rrd_proxy.ml- - CP-49647 use URI for sm_fs_ops.ml- - CP-49647 use URI for xapi_message.ml- - CP-49647 use URI for xapi_xenops.ml- - CP-49647 use URI for xapi_vm_migrate.ml- - CP-49647 use URI for xapi_host.ml- - CP-49647 use URI for cli_util.ml- - CP-49647 use URI for http.ml- - CP-49647 use URI for cli_operations- - CP-45235: Support for `xe-cli` to transmit `traceparent`- - doc: add design review links (historical)- - doc: RDP design: fix list nesting- - CP-48995: Instrument `XenAPI.py` to submit traceparent- - Update datamodel_lifecycle.ml- - CP-49768: Update GO SDK README file (#5671)- - CP-49249: Implement SMAPIv3 CBT Forwarding- - CA-393866: Add support for Infinity in Java SDK parser- - CA-393507: Default cluster_stack value- - Remove fix_firewall.sh- - CA-393119: Don\'t use HTTPS for localhost migrations- - CP-49828: Remove iovirt script- - CP-49129: Add unit test for parallel parsing.- - CP-49129: Make unit test run on alcotest.- - CP-49129: Replace `ocamlyacc` with `menhir`- - CP-49129: Drop global lock around sexpr parsing- - CP-49045: replace all uses of ocamlyacc with menhir which is thread-safe- - CP-49129: Update `quality-gate.sh` for `ocamlyacc`- - Link just qcheck-core, not qcheck- - Define qcheck-core dependency in opam packages- - Makefile: fix compatibility with the dash shell- - CP-49858: Fix phrasing in readme- - CP-49858: Add licence text on top of Go source files- - CP-49858: Unit test: licence template variable- - CP-49858: Remove template variables \'first\' and \'is_session_id\'- - CP-49858: Unit test: Update for changes on template variables- - rpm: remove `sexprpp` from public_name- - sexpr: add tests to the package- - xapi-rrdd: change tests to reduce amount of logs produced- - rrd-transport: generate opam metadata using dune- - http-lib: generate opam metadata using dune- - wsproxy: test with alcotest instead of ounit- - vhd-format-lwt: run tests using alcotest- - xen-api-client: run tests with alcotest- - xapi-sdk: add empty packge to be able to run tests for it- - CI: pin packages- - CP-49647 use URI for newcli.ml- - CP-49677 implement Http.Url using URI- - Update quality-gate.sh- * Mon Jun 10 2024 Pau Ruiz Safont - 24.16.0-3- - Bump release and rebuild- - Remove vm_anti_affinity tag and dependency on m2crypto * Wed Aug 07 2024 Yann Dirson - 24.16.0-1.3- Fix openvswitch-config-update not fully ported to python3 * Fri Jul 05 2024 Samuel Verschelde - 24.16.0-1.2- Require python2-pyudev instead of python-pyudev- It\'s best to require by the actual package name to avoid ambiguities, and we switched from python-pyudev to python2-pyudev in our repos * Fri Jun 21 2024 Benjamin Reis - 24.16.0-1.1- Rebase on 24.16.0-1- Drop xapi-24.11.0-disable-fileserver-option.XCP-ng.patch- Rebase changelog on upstream changelog- * * * Former XCP-ng 8.3 changelog * * *- * Wed Jun 19 2024 Benjamin Reis - 24.14.0-1.1- - Rebase on 24.14.0-1- - Drop xapi-23.3.0-filter-link-local-address-ipv6.XCP-ng.patch- - Drop xapi-23.31.0-fix-ipv6-get-primary-address.XCP-ng.patch- - Drop xapi-23.31.0-use-lib-guess-content-type.XCP-ng.patch- - Drop xapi-23.31.0-xapi-service-depends-on-systemd-tmpfiles-setup.patch- - Drop xapi-24.11.0-pci-passthrough.XCP-ng.patch- * Fri May 31 2024 Benjamin Reis - 24.11.0-1.5- - Add xapi-24.11.0-sb-state-api.XCP-ng.patch- * Thu May 16 2024 Benjamin Reis - 24.11.0-1.4- - Add xapi-24.11.0-disable-fileserver-option.XCP-ng.patch- * Mon Apr 22 2024 Benjamin Reis - 24.11.0-1.3- - Add xapi-24.11.0-pci-passthrough.XCP-ng.patch- * Thu Apr 18 2024 Damien Thenot - 24.11.0-1.2- - Add largeblock to sm-plugins in xapi.conf- * Wed Apr 03 2024 Benjamin Reis - 23.31.0-1.7- - Add xapi-23.31.0-use-lib-guess-content-type.XCP-ng.patch- * Mon Feb 26 2024 Guillaume Thouvenin - 23.31.0-1.6- - Add xapi-23.31.0-xapi-service-depends-on-systemd-tmpfiles-setup.patches- * Wed Feb 14 2024 Benjamin Reis - 23.31.0-1.5- - Add xapi-23.31.0-fix-ipv6-get-primary-address.XCP-ng.patch- * Wed Feb 14 2024 Yann Dirson - 23.31.0-1.4- - Rebuild with xs-opam-repo-6.74.0-1.2- * Thu Feb 08 2024 Benjamin Reis - 23.31.0-1.3- - Add xapi-23.31.0-fix-ipv6-import.XCP-ng.patch- * Tue Dec 12 2023 Benjamin Reis - 23.25.0-1.6- - Add xapi-23.25.0-extend-uefi-cert-api.patch- - Update xapi-23.25.0-update-xapi-conf.XCP-ng.patch- * Wed Oct 25 2023 Samuel Verschelde - 23.25.0-1.4- - Set override-uefi-certs=true in xapi.conf- - Update xapi-23.25.0-update-xapi-conf.XCP-ng.patch- * Fri Oct 20 2023 Samuel Verschelde - 23.25.0-1.3- - Don\'t require XS\'s fork of the setup RPM- - We chose to revert to CentOS\' version, as we don\'t share XenServer\'s view- regarding where to do changes to add users and groups, and we don\'t need- the added users and groups they put there yet.- * Thu Oct 05 2023 Samuel Verschelde - 23.25.0-1.2- - Add missing Requires towards nbd- * Wed Sep 27 2023 Samuel Verschelde - 23.25.0-1.1- - Update to 23.25.0-1- * Wed Sep 20 2023 Samuel Verschelde - 23.24.0-1.1- - Update to 23.24.0-1- - Remove patches merged upstream.- - Rework xapi-23.24.0-update-xapi-conf.XCP-ng.patch- - Rework xapi-23.24.0-update-db-tunnel-protocol-from-other_config.XCP-ng.patch- * Mon Aug 28 2023 Guillaume Thouvenin - 23.3.0-1.9- - Add xapi-23.3.0-Add-vdi_update-filter-to-some-tests.backport.patch- * Wed Aug 23 2023 Guillaume Thouvenin - 23.3.0-1.8- - Add xapi-23.3.0-Allow-a-user-to-select-on-which-SR-to-run-quicktest.backport.patch- * Mon Jul 31 2023 Benjamin Reis - 23.3.0-1.7- - Drop `ext4` from `sm-plugins` in `xapi.conf`- * Fri Jul 21 2023 Benjamin Reis - 23.3.0-1.6- - Rebuild for xs-opam-repo-6.66.0-1.2.xcpng8.3- - Add xapi-23.3.0-filter-link-local-address-ipv6.XCP-ng.patch- * Thu May 04 2023 Samuel Verschelde - 23.3.0-1.5- - Rebuild for blktap-3.53.0-1.xcpng8.3 and sm-3.0.3-1.1.xcpng8.3- * Mon Apr 24 2023 Benjamin Reis - 23.3.0-1.4- - Remove `/etc/xapi.conf.d` files, patch `xapi.conf` instead- * Thu Mar 16 2023 Samuel Verschelde - 23.3.0-1.3- - Rebuild for xs-opam-repo-6.66.0-1.1- * Mon Mar 06 2023 Benjamin Reis - 23.3.0-1.2- - Update xapi-23.3.0-update-xapi-conf.XCP-ng.patch to re-enable HTTP (prerequisite for HTTP to HTTPS redirect)- * Wed Jan 18 2023 Samuel Verschelde - 22.34.0-2.1- - Update to 22.34.0-2- - Drop xapi-22.20.0-redirect-fileserver-https.backport.patch, included in 22.34- * Tue Dec 20 2022 Samuel Verschelde - 22.32.0-1.1- - Update to 22.32.0-1- * Thu Dec 08 2022 Benjamin Reis - 22.31.0-1.1- - Rebase on latest XS 8.3 prerelease updates- - Drop two patches merged upstream- * Thu Dec 01 2022 Benjamin Reis - 22.20.0-1.2- - Add xapi-22.20.0-redirect-fileserver-https.backport.patch- * Wed Aug 31 2022 Samuel Verschelde - 22.20.0-1.1- - Rebase on CH 8.3 Preview- - Remove dependency to non-free packages again- - Remove dependency to new non-free package pvsproxy- - Remove patches merged upstream- - Keep other patches still necessary.- - Rediff xapi-22.20.0-fix-quicktest-default-sr-param.backport.patch- - Add patch xenopsd-22.20.0-use-xcp-clipboardd.XCP-ng.patch, migrated from retired repo xenopsd- - Rediff xenopsd-22.20.0-use-xcp-clipboardd.XCP-ng.patch and adapt paths- - Remove ptoken.py and accesstoken.py yum plugins and their configuration- - Add xapi-22.20.0-xenospd-dont-run-cancel-utils-test-as-unit-test.backport.patch to fix tests in koji * Thu Jun 06 2024 Ming Lu - 24.16.0-1- CA-393507: Default cluster_stack value * Thu May 23 2024 Ming Lu - 24.15.0-1- Rewrite fail function to support format and argument- Use fail instead of failwith if possible- Compute exe variable just once- Fix file descriptor leak in case safe_close_and_exec fails- Use /proc/self instead of /proc/%d and pid if possible- CP-48195: Instrument client side of `forkexecd`- CP-48195: Comment out `warn`.- CA-392453: Misc fixes to Java SDK- IH-568, fix(dune): avoid \"module unavailable\" errors when running dune build AATTcheck- IH-568, fix (dune utop): conflicting module names with compiler libraries- IH-568, fix (dune): allow all packages to be pinned- tracing: add missing locks on read- tracing: replace global ref with Atomic- CP-48195: Set `Tracing.observe` default to `false`- CP-48969: Reduce amount of logspam created by iostat- opam: update dependencies from the code- idl: bump datamodel_lifecycle- CA-389319: Wait and retry for GET_UPDATES_IN_PROGRESS- CA-392163 on start failure, clear a VM\'s resource allocations- CP-48195: Add unit tests for `tracing` library.- CP-48195: Remove code duplication.- CP-48195: Tracing -- Move `create`\\`set`\\`destroy`\\...- API docs in Hugo- xenopsd/scripts: Make pygrub wrapper use the libexec path- CP-48027: Corosync upgrade add `cluster_stack_version` datamodel change- CP-48027: Unittest file change for cluster_interface- CP-48027: Add FIST point to allow Corosync2 cluster- CP-48027: Add feature flag for corosync3- Add option to disable fileserver in XAPI conf- CA-392930: Fixed exception handling which prevents the user from reviewing certificates in PS 5.1 and connecting to the server.- Added Debug profiles to the Powershell project.- Avoids calling Unix.readlink twice- CA-392836,CA-392847: Lost the power state on suspended VM import- CP-49029: Instrument `xapi_session.ml` with tracing- CP-49635: Add FIST point for corosync upgrade- CP-49429 add IPv6 support for winbind/KDC- CP-49429 store KDC in xapi as URI * Tue Apr 30 2024 Rob Hoes - 24.14.0-1- CP-46576: Add standard http attributes- CP-47660 define anti-affinity feature- Detect automatically whether we are on cygwin.- Use templates to generate all the C files. CA-387885 (do not call internal headers from the public ones).- Removed erroneously ported recipe.- CP-47033: Protocol_{lwt,async}: process requests concurrently (optional)- CP-47033: Make message switch concurrent processing optional- CP-47033: Add test for concurrent message switch server- Remove mention of `dotnet-packages` in `sdk-gen`\'s README- CP-48768: Update Folder Structure section in PS SDK\'s READMEs- CA-391485: Avoid InterpolationSyntaxError by turning off interpolation- opam: add xapi-log to message-switch-core dependencies- Remove _t suffix for syslog_stdout_t type- CA-389929: xenopsd: fix Xen version comparison. 4.17 is > 4.2, not lower!- Add test for lock implementation in message_switch- Check elapsed time for timeout test- CP-47991: add CBT fields to the volume struct- CP-46576: Add standard network attributes- ocaml/idl: generate enum{_to_string,__all} functions- test: add tests for allowed VM operations- ocaml/xapi: use generated enum list instead of hand-maintained ones- Added github workflow to build and release the C SDK.- xenopsd: add mli to cli/xn and remove unused code- CP-48195: Split tracing library- CP-48195: Improvements to `tracing_export`- CP-48195: Add `with_tracing` helper function- PCI passthrough API- IH-553: Optimize Sexpr.escape- IH-553: Sexpr.escape should be a noop when nothing to escape- IH-553: Optimise SExpr.unescape- ci: remove warnings about outdated node versions- pyproject.toml update settings for pytest etc for running CI locally- pyproject.toml: Migrate pytype_reporter from scripts to python3- ci: do not comment on PRs after merging- ci: ignore pylint and pyflakes checks- test_observer.py: Add setUp() and tearDown() of mock modules- observer.py: Update error handling- ci: install observer.py dependencies- opam: delete xapi-stdext package- opam: fix xapi-squeezed metadata- opam: create package xapi-tracing-export- datamodel_lifecycle: bump- CA-391859: Failed to stop varstord-guard- Exposed methods to fetch the methods available in the API.- The github workflow artifacts for C contained unnecessary files.- CI: update to Ubuntu 22.04- ci(nopin): pinning is very slow and not necessary- ci(opam-dune-cache): cache dune builds from opam- ci(norm): we have enough space now- ci: separate workflows- Update README with different build instructions- ci: trim dune cache- Removed header because it does not look good on github.- Install xapi-tracing-export library- CA-392163 clear scheduled assignments on startup- tests: Allow the alcotest_suite to run- CA-371529 XSI-1329 remove license check for has-vendor-device- CA-371529 remote VCustom IDL data type- CA-371529 expunge create_from_record_without_checking_licence ...- CA-371529 Update quality-gate.sh- CA-371529 document changes in datamodel * Mon Apr 15 2024 Pau Ruiz Safont - 24.13.0-2- Bump release and rebuild * Tue Apr 09 2024 Pau Ruiz Safont - 24.13.0-1- Cleanup some unused code in forkexecd- Fix vm_lifecycle quicktest to use specified SR- message-switch: Print more complete time info in diagnostics- CA-390570: Py3 socket.sendto needs bytes instead of a string- CP-46179 Deterministic UUID for Back-Up VDI- CP-48385: Enhancements for xapi-guard cache- CA-378317 fix EBADF in waitpid_nohang- CA-384483: Can\'t export VDI to VHD file with base VDI- fileserver: use library to guess served files\' mimetype- CA-388624: Fix C SDK build on Fedora39- Minor forkexecd test changes- CA-390988: Prevent varstored-guard from shutting down while domains run- CP-46851: add parameter to skip device types on get_export_metadata * Mon Mar 18 2024 Rob Hoes - 24.12.0-1- xenopsd: fix config to match install location (#5444)- CP-47754: Do not report errors attempting to read PCI vendor:product- CP-47431: Replace patched `Newtonsoft.Json.CH` with `Newtonsoft.Json` in C# SDK- Add `.gitignore` to C# SDK source- Use correct naming in `FriendlyErrorNames.resx`- Generate `FriendlyErrorNames.Designer.cs` with templates- Add \'threads_per_core\' in \'Host.cpu_info\'- Filter out link IPv6 when migrating VMs- Xapi service depends on systemd-tmpfiles-setup- CP-47431: Use NuGet references in PowerShell SDK project- Add reusable workflow for generating and building all SDKs- Remove unused logic in `gen_powershell_binding.ml`- Store trace_log_dir in XS_EXPORTER_BUGTOOL_ENDPOINT of the observer.conf- Set traceparent trace flag to 01- Add service.name attribute as a default observer attribute.- Add the default_attributes to Dom0ObserverConfig Observers- Create a new python3 directory for python3-only scripts- fix: typo in doc- Update xapi-idl unittest data for cluster interface- CP-45496: Xapi writes host name/uuid to corosync.conf- Add feature flag- Replace use of `sdksanity` with reusable workflow for testing SDKs- Build and package C# and PowerShell SDKs when creating a release- Add and use `cleanup-xapi-environment` composite action- Misc changes to SDK actions- Use consistent artefact naming for SDK binaries- CP-46151: Productise the observer.py.- CP-46157: Add unit test for `observed_components_of`- opam: add hex to xapi dependencies- CP-45888: Java SDK updates- Split the API reference markdown into smaller files and use templates to generate it.- CA-389496: Avoid configuration conflicts for rotating xapi logs- CA-389840: Bug in parsing output of \'xen-livepatch list\'- CP-48430 Update the running_domains metrics to count the not paused state domains- fix typos: priviledges -> privileges- CA-390109: Use `$PROFILE` path to store and read known cert list- Fix typo in `XenServerPowerShell.csproj`- Github CI updates * Thu Feb 29 2024 Rob Hoes - 24.11.0-1- rrd_updates: output JSON in the same structure as XML- Exposed GFS2_CAPACITY in the known message types (for the purpose of providing user friendlier messages on the client side).- CA-389206: Revert incompatible CLI protocol changes for update calls- CA-383867: xapi-guard cache * Thu Feb 15 2024 Rob Hoes - 24.10.0-1- Improvements to the handling of update guidance:- CP-45565: Add new guidance fields to API and CLI- CP-45568: Do not enable host if its mandatory host guidance is pending- CP-45566: [1/4] Change to use new guidance format in updateinfo.xml- CP-45566: [2/4] Update evaluating guidances from new data structures- CP-45566: [3/4] Fixup handling pending mandatory guidances- CP-45566: [4/4] Update unit tests- CP-46747: Expose \'title\' field in updateinfo.xml to HTTP /updates- CP-45567: Set recommended and full pending guidance lists- CP-45567: Unit tests for livepatch failures- CP-45567: Add safety check in host.apply_updates- CP-45567: Set pending RestartVM for all VMs in the pool- CA-387034: RestartVM is added to pending guidances of shutdown VMs- CA-387033: Update xapi error document- CP-43875: Record the repository hash on the host object when updating- CP-45569: Add API Host.emergency_clear_mandatory_guidance- CA-387201: Pool.last_sync_date not reset if the user changes the update channel- CP-45570: Clear host update guidance- CP-45570: Clear VM update guidance- CP-45572,CP-45573: Split \'check_task_status\' function out- CP-45572,CP-45573: Split \'do_http_get\' function out- CP-44324: Block \"host.enable\" during \"host.apply_updates\"- CA-388107: Make sure VM is running when starting restart_device_models- CA-388351: Always apply livepatches even if host will reboot- CP-45573: Add \'xe host-updates-show-available\' CLI- CP-45572: Print update guidance in xe host-apply-updates- CP-45572,CP-45573: Refine to use \'command_in_task\' more- CP-46946: Bumped API version to 2.21 for update guidance improvement- CP-47012: change pending guidance in old xapi to recommended ones in new xapi- CA-388699: No async support on VM.restart_device_models- CP-47509: Expose RequestHeaders and ResponseHeaders in C# SDK.- Add Nile release * Mon Feb 12 2024 Rob Hoes - 24.5.0-1- Import xapi-project/stdext- CA-372059: refactor the type of host in `squeeze.ml`- CA-372059: delete the unused code- CA-372059: use `Opt.value` instead of `match` and use `find_opt` to find a domain- CP-46939: Add config options to disable http and https endpoints- GitHub CI: Enable Codecov for Python, add pytype and other CI checks- CA-372059: add an interface for squeeze.ml- CA-382640: open SHM with os.open to allow for RW/Creat- CP-46377: Splitting `xapi_observer.ml` in separete files- CP-46477: Add helper function `is_component_enabled`- CP-46377: Add env vars `TRACEPARENT` and `OBSERVER_CONFIG_DIR` to `sm_exec` calls- CP-46377: Define default env var path in `forkhelpers.ml`- CP-46377: Improve maintainabilty of `Dom0ObserverConfig`- CP-46377: Refactor `env_vars_of_observer`- Python2 os.fdopen() does not take keyword arguments, doh!- xapi-rrd: attach tests to package- add helper function for checking platform field- Xen-4.15+: CDF_NESTED_VIRT- Xen 4.15+: X86_MSR_RELAXED- Xen 4.16+: CDF_VPMU- Xen-4.16+: support max_grant_version field- Xen-4.17+: cpupool_id- [maintenance]: fix formatting after Xen-4.17 merge- ci: delete needless files from base image- fix(ci): use $TMPDIR instead of hardcoding /tmp in ocaml/libs/vhd- fix(ci): use /mnt for temporary files and dune cache- CA-388437: fix bond status reporting- datamodel_lifecycle: update cluster forum introduction versions- CA-388295: Revert the python3 changes for perfmon and hfx_filename- Refactor cluster_health flag checking- ci: remove action lint- CP-46155: Call smapi scripts via observer.py when smapi observer is enabled- Add support for Reverting changes to pytype_reporter.py- Update API doc for cluster_host- CP-46324: Send alert when a host leaves/joins the cluster- rrdd.py: Python3: Fix crash on failure contacting xcp-rrdd- CI: Unit-Test the crash-fix for rrdd.API.wait_until_next_reading()- Actually get the traceparent from debuginfo instead of trace_id- CA-385323: do not try to connect to xapi when creating sockets- CP-46631: Improved list of span attributes.- CP-46631: Remove code duplication- CP:46157: Add `observer_experimental_components` flag- xapi-guard: separate base types to its own module- doc: Add some information about xapi-guard- CA-388625: fix build of the Xen-API Java SDK- build: add sdk-build-java Makefile target- Make clear which drivers list we are getting * Wed Jan 31 2024 Andrew Cooper - 24.4.0-2- Rebuild against Xen 4.17 * Tue Jan 30 2024 Rob Hoes - 24.4.0-1- CA-388180 Correcting Domain CPU Usage Values- CP-46200 CP-45741 pass -std-vga to QEMU in the case of compute GPU- Added unit in the description of PIF_metrics.speed and bumped last_known_schema_hash.- xapi.conf: fix setting name for custom UEFI certs- CA-388318: usb_reset.py: fixed byte issue * Thu Jan 25 2024 Rob Hoes - 24.3.0-1- xenopsd: avoid log message about vmdesc- CA-387456 serialise Pool.eject- fix(test): kill child process on test failure too- fix(test): use SO_REUSEADDR to rebind port when run in a loop- test: reduce sleep time- CA-387588: test(forkexecd): fix off by one in test resulting in MSG_CTRUNC- build: set a timeout for the tests- CP-46264 deprecate host.bios_strings[hp-rombios] entry- Refine the description and units of \'running_vcpus\' and \'running_domains\'- Update datamodel_lifecycle- Update API doc for cluster_host- CA-387560 add support for more systemd execution types- fixup! CA-387560 add support for more systemd execution types- fix(ci): remove 1024 fd limit for now- [maintenance]: enable generate_opam_files in dune-project- CA-386920 destroy VTPM at the end of a migration directly (#5379)- CA-387560 swtpm-wrapper: create PID file after socket- CP-45970 remove qemu_trad_image.py- CP-47043: Port usb_reset.py to python3- Add API fields for quorum info from clusterd- CP-46323: Expose quorum and cluster membership through the API- CP-46374: Add a minimal observer.py- CA-387698: datamodel: eliminate next_release- Revert \"Add mutex for concurrent processing of messages\"- CA-388064: Revert \"Protocol_{lwt,async}: process requests concurrently\"- Only start cluster watcher if cluster_health feature enabled * Tue Jan 16 2024 Rob Hoes - 24.2.1-1- Revert \"update mail-alarm and usb_scan to python3\"- CP-46238: Conditionally apply patch on xen-upstream only * Tue Jan 16 2024 Rob Hoes - 24.2.0-1- CP-45979 update link-vms-by-sr.py to python3- Fixed markdown links (brackets=>parentheses).- update mail-alarm and usb_scan to python3- Allow passing extra headers into the HTTP calls (useful for CP-33676). Renamed a couple of local parameters.- format with black- refactory doexec with xcp.cmd- CP-46122: Support PAX/POSIX tar on import- CP-47075 Toolstack: Dumping VM RRDD Data to an Accessible JSON File for Regular User- CP-45985: Update hfx_filename from python2 to python3- CP-45985: Update perfmon to python3- CP-45985: Update static-vdis to python3- CP-45985: Update xe-scsi-dev-map to python3- CP-45985: Remove unnecessary \"list()\" in loop- CP-45985: Add some unit tests for perfmon/static-vdis- CA-382035: Verify commandline items for service process in \"pid\"- CA-387699: Fix Protocol_async.with_lock bug spotted by Vincent * Wed Jan 10 2024 Rob Hoes - 24.1.0-1- CP-46804: Add function to get master\'s external certificate thumbprint- CP-46806: Add master\'s cert thumbprint to header when host_is_slave- fix(NUMA): \'default\' is a keyword in some SDK languages- build: add command to check that the C# SDK compiles- build: add SDK sanity test to CI * Wed Jan 10 2024 Rob Hoes - 24.0.0-1- CP-45974: Porting examples to python3- update print-custom-templates to python3- CA-386865: External auth plugin logs are not saved- CA-386866: Invalid cross-device link during extauth configure update- CA-385278: Add interface for flush spans and exit the export thread- CP-45981: Update xenopsd from python2 to python3- CP-46379: Set correct traceparent for `storage_smapiv1 *.ml` functions- ci(main): add a make install smoketest- CP-46378: Propagate `dbg` to `Sm_exec.exec_xmlrpc`- Rename \'override_uefi_certs\' with \'allow_custom_uefi_certs\'- Introduce new methods for custom uefi certs- Do not break symlink when no custom certificates are set- Do not fail when fullpath is given to extract certificates- Check for used UEFI certificates when updating vm platform- Always set pool.uefi_certificates- CP-46917 wait for DEMU \"running\" before unpausing- CP-46917 improve error handling- CP-47046 optimise rule emitter for xenopsd PVS Proxy setup- Protocol_{lwt,async}: process requests concurrently- Add mutex for concurrent processing of messages- CP-46379: Propagate `dbg` to `sr_ *` functions in `sm.ml`- CP-44533 Add running vCPU and running domain of host into rrdd- CA-384537 simplify reporting internal error (1/2)- CA-384537 simplify reporting internal error (2/2)- CA-384537 support NBD for CD device- CP-46149: Execute observer db_fn before the forwarders.- CP-46149: Add W3CBaggage module- CP-46149: Create Dom0ObserverConfig and SMObserverConfig- CP-46149: Use EnvRecord to format the env variables- Avoid using a hardcoded value for Tracing Bugtool- CA-385065 VM import with VTPM, don\'t block on power state- OIL: introduce internal_error(fmt) for error reporting- CP-44174: Add cpu_usage and memory_internal_free alarms for dom0 VM- CA-386457: fix environment variable loading of `$PERFMON_FLAGS` in perfmon.service- CP-46379: `Sm.vdi_generate_config` missing `dbg`- CP-46378: Propagate `traceparent` from `Sm.register`- CP-47153 add task list to bugtool- CP-38020: always initialize NUMA information on startup- CP-38020: drop numa-placement-strict- CP-38020: add HOST.set_numa_affinity_policy- CP-38020: introduce Host.numa_affinity_policy- CP-38020: add CLI interface for NUMA policy host field- doc(NUMA): move large comment to separate Hugo doc and update design- doc(NUMA): Dom0 and IONUMA are out of scope * Tue Dec 19 2023 Pau Ruiz Safont - 23.32.0-1- CP-46677: Decrease the cardinality of \"Export of VM\" span name.- CP-46677: Remove repeated code when creating a new span.- CP-46677: Improve function performance- Add VM migration walkthrough- Remove unused code for getting dom0 memory- CP-46379: Pass unchaged dbg to underlying function.- CA-384457: Add special case for End_of_file to sparse_dd_wrapper- Move squeezed docs from xapi-project.github.io- Moving Event handling docs from xapi-project.github.io- Add CLI architecture doc- Add storage docs- Add xcp-rrdd docs- Add redo-log doc- Update generated cluster test_data- Update doc on how to update generated test data- CP-44531 Toolstack: Add Dom0 CPU usage, total and free memory into rrdd- CP-46085: Add quorum info to `xcli diagnostics dbg`- CP-46379: Refactor \'with_dbg\' to handle exceptions.- CP-46379: Instrument \'storage_smapiv1.ml\' to create spans.- CA-386552 XSI-1534 Failed to disable pool HA after missing HA statefile- Make sure observer exporter is only created once- CA-386582: Always create exporting thread for observers- CA-386676: Start clusterd observer when it is already enabled- CP-46140 PVS IPv6 accept both IPv4, IPv6 for PVS Server- CP-46140 add pvs-setup, replacing setup-pvs-proxy-rules- CP-46379: Propagate \'traceparent\' to \'Sm. *\' functions- Add an overview of how XAPI handles a migration request- maintenance: reformat using ocamlformat 0.26.1- maintenance: ignore latest reformat commit in git blames * Mon Dec 04 2023 Rob Hoes - 23.31.0-1- maintenance: update opam metadata from xs-opam- CP-45847: Allow any value of trace flag for traceparent- CA-384936 attach static VDIs for redo-log (#5235)- CP-43578: Raise Error in tracing export when HTTP error occurs (#5230)- CA-385080: Finish trace locally for forwarded tasks- Add space between header name and value (#5238)- CP-45921: Make yum commands nonessential- CA-378591: Clear span tables when all observers are disabled- CP-46004: Finish eventgen span to remove spans table clutter- Add span table lengths to export span to help catch future issues.- Add tracing for xe calls in the CLI server- Update datamodel lifecycle- CP-45978 update /etc/xapi.d/plugins/power-on-host- CP-45978 update /etc/xapi.d/plugins/disk-space- CA-365486: repository-domain-name-allowlist could accept a full hostname- using xcp.cmd instead of popen- CA-384537 add logging to quemu_media_change- CA-384537 simplify qemu_media_change- CP-46168: Some py2->py3 update for xapi startup- Update DRAC.py for replacing subprocess.popen- CP-45981: Update xenopsd from python2 to python3- Revert \"CA-379472 increase startup timeout for block_device_io\"- CA-384148 enable logging for redo_log_alert- CA-384148 remove lock in Redo_log.startup- CA-385315: document the certificates\' fingerprints hash algorithm- formatting with black- using the shared lib xcp.cmd instead of subprocess.popen- CP-45977: Update scripts/extensions from python2 to python3- CP-42559: Add RBAC info to C# SDK XML docs- CP-42559: Add RBAC info to Java SDK docs- CP-42559: Add RBAC info to C SDK docs- CP-42559: Hide internal roles from SDK docs- Remove special handling for `get_all_records` messages in C# SDK- xe pif-list: include host-uuid (#5263)- xe pif-list: fix displaying of MAC- CP-45978 update /etc/xapi.d/plugins to python3 for xs9- format with black- ci: create final releases- ci: Simplify release workflow- ci: set up configure appropriately on release- ci: Avoid unnecessary workaround- Advanced changes for python3 syntax:- Improves Code Readability- Change type of observer components to use variant- Enhance debug message in tracing module- Expose `flush_spans` from tracing.ml- Refactor typeCombinator as a single module- Add xapi-clusterd as an observer component- CP-45469: Distributed tracing for xapi-clusterd- Add xenopsd docs from old site- Add live-migration diagram for xenopsd- Remove old xenopsd docs from ocaml/xenopsd/doc- Adjust quality gate for List.hd from 320 to 318- Simplify scanning /sys/block// stats for iostat- CA-365059: Clear source pool messages after migrating VM- Revert \"CP-45981: Update xenopsd from python2 to python3\" * Fri Nov 10 2023 Rob Hoes - 23.30.0-1- Use .ndjson extension for tracing files to denote newline-delimited JSON- CP-41844: Add xs-trace, an executable to submit trace files to an endpoint- CP-41844: Add support for compressed files to xs-trace- CP-41844: Add unit tests to xs-trace- Replace duplicate functions rmrf and rmtree with rm_rec from Xapi_stdext_unix.Unixext- CP-41844: Address PR comments and fix xs-trace tests by ensuring server is ready- xapi-types/ref: add pretty-printer- xapi-types/ref: optimize of_string for real references- CP-45571: Add VM.restart_device_model function (API/CLI)- CP-45741 VCS support, adjust args for qemu, demu- CA-380551: bump minimum HA SR size to 4GiB- CA-380551: xha_statefile: factor out checking for a VDI of given size or available free space- CP-44561: When setting attributes on an Observer, preserve defaults- CP-43901: Block pool member startup if it has a higher xapi version- Update datamodel lifecycle- CP-45304: Remove UUID from span name system.isAlive:- CP-46045 define VTPM feature- CA-380551: HA: assert that the HA SR is big enough for BOTH the statefile AND the redo log- [maintenance]: mark warning 5: ignored partial application as an error in release mode- Add timeout to gpumon client- CP-27910: expose json flag for /vm_rrd in the datamodel- CA-384967: Fixup xcp-networkd service name- CA-384979 replace XenMotion with storage live migration (#5237)- CA-384882: Revert \"CA-365059: Clear source pool messages after migrating VM\" * Tue Oct 31 2023 Rob Hoes - 23.29.0-1- CA-375396: Ignore removed fields when redoing writes * Mon Oct 30 2023 Rob Hoes - 23.28.0-1- Only count VDIs on tested SRs- CA-371002: Reformat checking template with match/with- CA-371002: Do a usual import when a default template cannot be found- Remove old and unused script- CA-381044: Raise error when pool.set_update_sync_enabled is called with true and empty repos- Choose size of batch VM evacuation- xapi.conf: match the default value for override-uefi-certs- CP-40123: encode the dumped JSON in rrdd as utf-8- CP-43652: Remove tracing debug lines generated by xenopsd- CA-383987: Ensure tracing request Host header is correct by not using a fixed host name- Fix suspend-image-viewer binary- CP-44367 - Allow SDK Consumers to create a custom implementation for JsonRpcClient- CA-383987: Only include valid Hosts and Ports in tracing Host header- CA-365059: Clear source pool messages after migrating VM- CP-45938: Fixup xs9 failure due to python2 stuff- XSI-1457: Limit number of sectors to coalesce * Mon Oct 16 2023 Rob Hoes - 23.27.0-1- Python\'s XenAPI: Update metadata- CA-382596: Updated initialization script to work with PS 7 paths on Windows, and PS paths on Linux.- CP-45579: Restored support for building the PowerShell module against .NET Framework 4.5 or above.- Add some more documents from xapi-project.github.io- Do not attempt to start snapshots or templates- jemalloc: avoid bottlenecks with C threads- [maintenance]: commit lifecycle changes- CP-43755: Pam: avoid sleep(1) call when multithreaded- CP-43755: Split internal and external auth locks- CP-43755: Locking_helpers: introduce Semaphore- CP-43755: xapi_session: switch to using Semaphore instead of Mutex- CP-43755: Datamodel_pool: introduce local_auth_max_threads and ext_auth_max_threads- CP-43755: Increase default max threads for PAM from 1 to 8- fix(dune): gen_lifecycle depends on git describe output, which is outside of the normal source and build dependencies- CP-43755: commit lifecycle changes- CP-44320 scaffolding for NVidia Virtual Compute Service (VCS) * Wed Oct 11 2023 Rob Hoes - 23.26.0-1- Install suspend_image_viewer- CA-379459 protect Redo_log.startup, shutdown with a lock- CA-379459 use database lock, add logging- Updated the PowerShell Readme.- CP-45006: Define volume.compose API for SMAPIv3.- forkexecd: handle invalid rpc messages more gracefully- maintenance: relax message-switch\'s bounds on mtime- CP-44271: Remove python build/install from source code- CP-44271: Conditionally run python test- Initial hugo config- Hugo theme basics- Docs: initial content- Rename suspend_image_image_viewer -> suspend-image-viewer- Updated docs links.- CP-45175: Enable the OVMF debugging port by default- [maintenance]: use full cmdline for vhd unit test runner- fix(runtest): clean up after unit test- Fix indentation issues in rrdd.py before py3- CP-45338: futurize rrdd.py- Publish new Hugo-based docs- CA-381047: Add observer capability to bugtool- CP-44563: Add compress_file function and compress tracing files with zstd when compress_tracing_files flag set- CP-45214: Fix tracing HTTP request not working with Jaegers FQDN by flushing instead of closing the sending stream- Do not fetch random SR in empty list- CA-383491: Run pygrub in deprivileged mode when invoked from XAPI (upstreamed patch from 23.25.0-2) * Thu Sep 28 2023 Alejandro Vallejo - 23.25.0-2- CA-383491: Addresses XSA-443 - CVE-2023-34325- Run pygrub in depriv mode to protect against priv escalation * Thu Aug 31 2023 Rob Hoes - 23.25.0-1- CP-43977: Fallback un-recognized guidance as RebootHost- xapi-aux: log error when reading ip type in inventory- xapi-aux: filter out all link-local addresses- CA-378966: Prepare ip monitor watcher to read more lines- CA-378966: Detect state network interface changes- network_monitor_thread: reuse named parameters- xxhash(maintenance): add dependency to ctype stubs- maintenance: use ounit2 instead of ounit- maintenance: prepare mtime usage for 2.0- CA-381856: preserve host.last_software_update on pool join- CP-44988: remove API: host.apply_recommended_guidances- fixup: update lifecycle for \"host.apply_recommended_guidances\"- Move helpers to determine the client of a call from Context to Http_svr- Improve logging at start of HTTP handler- CA-381587: log when HTTP Basic auth is used, and by who- CP-33044 replace gpumon shutdown with NVML detach/attach- CP-42949: Ensure storage RRDs are created without tapdev in kernel- Install python3 variant of xapi-storage alongside python2 * Fri Aug 18 2023 Rob Hoes - 23.24.0-1- CA-379459 make shutdown mutex per redo_log- CA-381133: Set pending_guidances based on recommended guidance- CA-381133: Make {host;VM}.recommended_guidances internal-only- CA-381133: Remove usage of host|VM.recommended_guidances- CA-381133: Remove now-unused recommended_guidances fields- Change argument of resort_guidances * Tue Aug 15 2023 Rob Hoes - 23.23.0-1- CA-381503: bump qemu filesize limit * Tue Aug 15 2023 Rob Hoes - 23.22.0-1- Removed class which became obsolete after the removal of the Proxy_ * classes.- Corrections to the unmarshalling of raw API hashtables.- Removed code generating methods and parameters for XML RPC.- Fixed a couple of code smells. Renamed internal method to reflect removal of proxy classes.- Added message override (preserving it for the cases where DMC has been switched off via a feature flag).- Further corrections to Marshalling so the Powershell module can create API objects from hashtables.- CA-379112 make PBD.plug wait for scan results- CA-379112 add logging- CA-379112 update comments in message_forwarding.ml- CA-380789: Not get power_state from snapshots with suspend VDIs- Revert \"CA-380580: cross-pool migration: no CPU checks for halted VMs\"- Revert \"Cross-pool live migration: move CPU check to the target host\"- Revert \"Add VM_metrics to metadata export\"- Revert \"Add VM_metrics to metadata import\"- CA-380581: Remove lock on downloading updates from remote repos- CA-379459 protect redo_log.shutdown with a lock * Thu Aug 03 2023 Pau Ruiz Safont - 23.21.0-1- Allow a user to select on which SR to run quicktest- Added messages raised by v6 and SM.- CA-380368: Replaced < ad > with < and >. Improved the type description.- CA-380389: Version of deprecation/removal for repository.up_to_date not documented correctly- Add option to redirect stderr to stdout to execute_command_get_output *- CA-380178: xenopsd: Fix vTPM manufacture logging- CA-380178: Increase swtpm startup timeout- Add `vdi_update` filter to some tests- CA-379472 log more block_device_io messages to info- CA-379472 increase startup timeout for block_device_io- CA-379112 log details of insufficient SR size * Wed Aug 02 2023 Pau Ruiz Safont - 23.20.0-1- CA-375992 remove stale swtpm chroots after boot- CA-379472 more redo_log debugging- CA-379350: Use up-to-date vTPM UUIDs when creating device models- maintenance: make code easier to follow with aesthetic changes * Thu Jul 27 2023 Rob Hoes - 23.19.0-1- CA-379472 add debugging to redo_log- Fix logging of CPU pool-level changes- CA-380580: cross-pool migration: no CPU checks for halted VMs * Thu Jul 20 2023 Rob Hoes - 23.18.0-1- CP-42016: Add parameter \"--newest-only\" to \"reposync\" command- CP-42014: Add last_update_sync to pool datamodel- CP-42013: Do not apply recommended guidances automatically- CA-376144: handle host.apply_recommended_guidances first on pool coordinator- CA-375147: UPDATES_REQUIRE_SYNC when toolstack restarted on coordinator- CP-42810: Periodic update sync- CP-40204, CA-366396: Add \"host.latest_synced_updates_applied\", remove \"repository.up_to_date\"- CA-376145: Reset pool.last_update_sync on pool coordinator change- CA-378757: remove \"EvacuateHost\" from recommended guidance- CP-43545: expose `issued` and `severity` from updateinfo- CA-378778: Calculate host guidance correctly- CA-380043: VM recommended guidances is not set correctly * Thu Jul 20 2023 Rob Hoes - 23.17.0-1- CP-43942 Remove \"Portable SR\" pseudo-feature- opam: update metadata from xs-opam- xapi_pgpu: make update_pgpus less scary- vhd: use supported ocaml runtime function names- xapi_guest_agent: use infix function for path concatenation- maintenance(xapi_message): don\'t log scary messages- Add VM_metrics to metadata export- Add VM_metrics to metadata import- opam: sync with latest metadata- ci: update main workflow to setup-ocaml v2- Cross-pool live migration: move CPU check to the target host- Document parameters in Stunnel_cache API- ci: try to reuse dune cache as much as possible- CP-27910: factor out reposnse behaviour from host rrd handler- CP-27910: allow exporting vm rrds and unarchives in json- CP-27910: set content type headers for rrd endpoints- maintenance(http-lib): Disallow invalid values in accept datatype- http-lib: port tests to alcotest- http-lib(fix): Prefer more specific mimetypes in Accept- http-lib(feature): Make API more ergonomic- IH-393: Use Accept header in xcp-rrdd endpoints- http-lib: make all tests belong to the package- CA-379928: enable more logging for redo_log_usage- [maintenance]: reformat redolog_usage following logging change- CA-377945: toolstack restart: ensure xapi is stopped first, started last- Offload VM CPU Policy checks to Xen * Mon Jul 17 2023 Edwin Török - 23.16.2-2- Bump release and rebuild * Wed Jul 12 2023 Rob Hoes - 23.16.2-1- CA-379929: move json dump out of the rrdd plugin directory- xcp-rrdd: remove hardcoded version on http requests- Revert \"CA-375992: clean up previous sandbox when creating one\" * Tue Jul 11 2023 Rob Hoes - 23.16.1-1- Install cohttp-posix * Tue Jul 11 2023 Rob Hoes - 23.16.0-1- CA-373074 Added contents of update_getty script to run after Gencert is started- CP-43551: Dump host_rrd latest data to /dev/shm/metrics/host-dss- CA-378837 log results from Host.get_vms_which_prevent_evacuation- Disable Python 2.7 on Github CI- CP-40214: * */ *.py: raise (AnyException()): Remove optional parentheses- CA-379173 handle race condition in stunnel_cache- CP-40214: ocaml/xapi-storage/python/xapi/ * *.py: modernize -f except,print- Add HTTP Strict Transport Security header- CP-43574: Add host load data source- CP-40214: ocaml/xapi-storage/python/examples/ * *.py: Update except- .gitignore: Ignore the *.bak backup files of the Python modernize tool- CP-40214: xapi-storage/python/xapi/storage/api/volume.py: use long()- Make tracing library independent of xapi-idl- Add a debuginfo library- Context: use Debuginfo library- Task_server: use Tracing type and Debuginfo- Tracing debuginfo: use newline separator for XML-RPC to work- VM.migrate_send: properly pass on tracing data- Storage_mux: wrap all calls with Debug.with_thread_associated- Set up tracing and logging for SXM operations- Set up logging and tracing for SMAPIv1- scripts/plugins/extauth-hook-AD.py: Skip init logging on import- CP-43565: xapi-expiry-alerts: a new library to generate expiry alerts- CP-43777: Install xapi-expiry-alerts and ezxenstore- ci: Break long line in yaml- Add cpuid library- Introduce functions in CPU feature sets in xenopsd- xenopsd: change type of reported CPU feature-sets to an abstract type- xapi: switch CPU feature sets to the abstract type and don\'t interpret them- Remove CPUID tests from xapi and add to xenopsd- Update quality gate- CA-378931: usb_reset: Fix mount call parameters- CA-375992: clean up previous sandbox when creating one- CP-42019: Update wording for expiry message- CA-379472 add debugging to redo_log * Mon Jun 19 2023 Rob Hoes - 23.15.0-1- xenops_sandbox: separate chroot instantiation from fs creation- xenops_sandbox: expose less of chroot module- xenops_sandbox: fix mistake in guard\'s parameter name- xapi-idl: rename varstore interfaces- xapi-guard: do not use a static version- git: ignore another formatting commit for blames- xapiguard_cli: run its tests as part of varstored package- Tidy up class members in the file.- Removed cyclical assignment. Reordered assignments.- CP-43400: Expose ServerCertificateValidationCallback in the Session.- Deprecated the Session constructors requesting the \'timeout\' parameter. Added Property to set this instead.- CA-354436: pool.is_slave took a long time to respond- Update lifecycle- CA-378222: assert_sr_can_host_statefile has to take available space into consideration- CA-378229: flush database immediately on redo log enable- [maintenance]: drop redundant \'true\' and factor out anonymous function- [maintenance]: use phantom type parameter to enforce RO operation on redo logs- [maintenance]: simplify Redo_log.flush_db_exn- [maintenance]: split Redo_log.enable on whether it is RO or not- [maintenance]: redo_log hide redo log type- [maintenance]: drop internal functions from interface- CA-378304: check max_file_size limit after writing to tracing file- CA-378035: set nbd client timeout to 60 seconds- CA-378323: prevent find writing to stderr if /var/log/dt not present- CA-378455: Ensure TPM contents are base64-encoded on migration- maintenance (suspend_image_viewer): avoid duplication * Fri Jun 09 2023 Rob Hoes - 23.14.0-1- CP-41837: Create tracing library- CP-41839 Added TracerProvider modules to tracing- CP-41840: Add function to convert span to zipkin json- CP-41841: Export trace json files to http- CP-41841: Export trace json files to dom0 log endpoints- CP-42362: Only export finished spans and implement span garbage collector- CP-42361: Use XenAPI configuration list in TraceProvider to switch between HTTP/dom0 log export- CP-42441 Added SpanKind to Spans- CP-41841 Added conversion between Spans and W3C Traceparent headers- CP-42441: Capture exceptions from failed operations in span tag- CP-42609 Service name is set dynamically depending on the service- CP-42607 Created set, create, destroy functions for TracerProviders- CP-42854 Add Unit Tests for Tracing Library- CP-41842 Created Observer class with IDL functions to manage Open Telemetry providers- CP-41842 Added CLI for Observer commands- CP-41842 Added initialisation of Tracing library for Xapi- CP-41842 Added Tracing Library calls to Xapi_observer to link to the library- CP-41842 Added Attribute validator in library and in xapi_observer- Instrument tracing in Xapi- CP-41841 Added traceparent header to http_svr- CP-41841 Populate traceparent header in rpc and retreive it in context.ml- Nested tasks in startup sequence- Trace xenopsd operations- Xenopsd: nest parallel tasks- Xenopsd: always use task for import_metadata- Trace SM ops and link from xenopsd- CP-42606 Add Management interface to Xenopsd- CP-42608 Added mechanism to manage components in other Daemons- CP-42608 Added set_components to register and unregister changed components- Fix errors in message forwarding- CP-41843: Add /var/log/dt to bugreport- Link up xapi/xenopsd tracing for live migration- xenopsd: include traceparent header in requests to a remote xenopsd- xenopsd: add received traceparent header to task- Remove unused module definitions- CP-42553: Periodically delete old files and files beyond a size limit- Add error identifier to attributes to mark a span as having an error- Add more endpoint valdiation for URLs- Added tracing to rpc calls using make_remote_rpc- Remove filters and processors from TracerProvider and rename tags to attributes- Remove service_name as a TracerProvider and Span field and set it as a library level constant- Added SpanLink to spans- Added SpanEvent to spans- Use w3c format to serialise spans going into xenopsd to avoid bloat- Moved Attribute fields on Spans and TracerProviders to being a StringMap- Updating Zipkin to export events (annotations) and to include remoteEndpoint- Fixing Quality gate- CP-42825: Add XAPI Alcotest unit tests- CP-42553 Write spans in files up to 1mb then flush to logs- Trace Export operations in the library- Add Attributes to Tracing in the library- Batch all Traces in one export call to improve perfomrance- CP-42999: Return new \"preview\" in return of v6 \"get_version\"- CA-377824 fix FD leak in xenopsd- CP-43518: tap-ctl stats: treat `tap` key as optional in returned object * Thu Jun 08 2023 Rob Hoes - 23.13.0-2- Bump release and rebuild * Wed Jun 07 2023 Rob Hoes - 23.13.0-1- xenopsd: use HVM memory model for PVH guest not using shim- maintenance: small simplifications and reformattings- squeezed: Be aware of PVH domains- CP-42739: Bump Java SDK to JDK 11 (LTS)- opam: move vhd-format metadata to root directory- [maintenance]: delete xen-gnt-unix dependency- [maintenance]: avoid building bytecode versions of executables- libs/vhd: run make format- squeezed: fix link to architectural drawing- CA-376879: VLAN PIF created in pool.join is shown as disconnected (#5026)- CP-40775 remove VTPM check from VM.clone- CP-40775 remove VTPM check from VM cross-pool migration- CP-40775 remove VTPM check from VM.checkpoint- CP-40775 update quality gate- CP-40775 remove VTPM check VTPM.create wrt HA- CA-376864: prefer use of NBD path for static VDIs on SMAPIv1- redo-log: bump default size to 4GiB- xapi-guard: initialize Logs- xapi-guard: do not use a static version- xapi-guard: refactor serve_forever_lwt- xapiguard_cli: install- xenopsd: plumb through vtpm uuid to suspend/restore- swtpm-wrapper: do not spawn additional logger- swtpm-wrapper: be explicit on when to manufacture a new vTPM- swtpm-wrapper: unix+http scheme support- xapi-guard: add minimal REST interface for swtpm- CP-42726: Create socket whenever swtpm starts up- swtpm_guard: spawn with correct gid- xenopsd: drop reading/writing of vTPM state through the file- vTPM smoke test- CP-40775 remove assert_ha_vtpms_compatible- CP-40775 remove assert_ha_vtpms_compatible - update quality gate * Tue Jun 06 2023 Pau Ruiz Safont - 23.12.0-2- Bump release and rebuild * Thu May 25 2023 Rob Hoes - 23.12.0-1- Check if user if root before continuing with test- CA-377169 block VM.checkpoint of running VM with VTPM- Update quality-gate- ocaml-vhd: fix unit tests- ocaml-vhd: Cstruct.len -> Cstruct.length- ocaml-vhd: Split off function for VHD creation from Raw_input.vhd- ocaml-vhd: Add Hybrid_raw_input to VHD- vhd-tool: Remove unnecessary values from match- vhd-tool: Remove unnecessary parameter from write_stream- vhd-tool: Extend documentation in impl.ml- vhd-tool: fix progress bar- Make NBD disconnect robust to the device being gone- CP-43131: Make gvt-g support configurable- CA-333441, CA-377454 create /var/lock/sm/iscsiadm- CP-31856: Option to use NBD to attach disks to the control domain- CP-33338: call vhd-tool with source-format nbdhybrid for NBD sources- Install rrdd.py into the build output- Make session errors look less scary in the logs- Update rrdd to send v2 protocol data- CA-377456 unblock cross-pool migration with VTPM when halted- Set PIF\'s IPv6 Gateway when in DHCP/Autconf- CP-42182 Set Makefile to install rrd-cli- xapi-rrdd: test rrd_cli- editorconfig: correct setting for Makefile is tab, not tabs- database: document values of exceptions- maintennce: avoid future warnings- maintenance: add reformat commit to ignored revs- CP-42533: vhd-tool: add hybrid NBD-to-VHD exporter- CP-42533: vhd-tool: add nbdhybrid as a supported source format- CP-42533: vhd-tool: wire up nbdhybrid to vhd- CP-43387: Fix VDI delta copy with NBD datapath connection- CP-42064: Move NbdClient module from Xapi_vbd to Attach_helpers- CP-42064: Fix storage migration for NBD-backed storage * Tue May 09 2023 Pau Ruiz Safont - 23.11.0-1- CA-376297: Test that mirage-crypto accepts all valid RSA keys- CP-42642: Support share server certificate file to group users- CP-42835: Allow changing DNS servers when HA or clustering enabled- CA-375358: Parse output of yum upgrade to get RPMs to be updated/installed- Add comments for RPM version comparison functions- CA-375358: Add redundancy in getting latest updates/installations- xapi_blob: don\'t verify connection when sending between pools- ocamlformat: reformat using ocamlformat 0.22.4- ci: publish XenAPI releases to PyPI- ci: reduce code run with permissions to release to PyPI- xapi-cli: Have a consistent interface for vtpms\'s vm- Move writing init complete to the end of startup sequence- CA-374989: Avoid using get_record on cross-pool migration- `rrdd-plugin`: do not write payload if page count is 0- CA-376894 update VM allowed ops after deleting VTPM- Fix a few auto formatting differences- [maintenance]: varstored-guard depends on alcotest-lwt for tests- [maintenance]: remove xapi-types to http-svr dependency- [maintenance]: xapi-guard: drop inotify dependency- [maintenance]: xapi-guard: make unit tests run on Mac OS- [maintenance]: allow building some libraries on macOS- [maintenance]: repeat test errors at the end- [maintenance]: xen-api-client: avoid name clash on Util module- xen-api-client: add http+unix URI- xen-api-client-lwt: introduce a SessionCache- [maintenance]: update xen-api-client-lwt examples to use the SessionCache- [maintenance]: tweak xen-api-client-lwt examples- maintenance: add undeclared dune dependencies- CP-40528 VTPM snapshot, revert, clone- CA-376993 disable test_clustering (revert this!)- ci: do not attempt to install xapi-database- Revert \"CA-376993 disable test_clustering (revert this!)\"- spec: specify SPDX licenses- spec: changes in library files packaged * Wed Apr 19 2023 Rob Hoes - 23.10.0-1- Xen libraries are are now taken straight from the xen package instead of through xs-opam- Import ezxenstore into the xen-api repo- CP-39863 add allowed VTPM ops for VMs- CP-42455 Revert disable DMC- CA-376319: Ensure that nbd_client_manager cannot block forever.- CA-376326: rrdd_proxy: compare the localhost uuid with a uuid instead of a ref- CA-376326: rrdd: return 404 instead of just failing- ezxenstore: make tests exclusive to it- CA-376294: Extract hostname from FQDN- CA-376294: Update log message about compressed netbios name- CP-39935 catch and log unexpected exceptions during import- CA-376448: explicitly validate refs in PVS_cache_storage.create * Fri Mar 24 2023 Rob Hoes - 23.9.0-2- Bump release and rebuild * Fri Mar 24 2023 Rob Hoes - 23.9.0-1- CA-343683 Added lock to disk writing in Networkd to avoid writing to disk with incomplete configuration details- ci: nosetests are only located in scripts- python: port tests to pytest- ci: setup python tests in the yml definition- CA-375705: fix total order on Ref.compare- CA-375705: unit test for total order on Ref.compare- CP-39935 implement VTPM export- CP-39935 Implement VTPM import- CP-39935 Update quality-gate.sh for VTPM- CP-39935 improve full restore- xapi_vtpm: do not reuse name for get_contents- CP-41574: Add telemetry configuration data- CP-41574: Expose repository proxy password access to API- CP-41574: Update DB schema- CP-41574: Updated datamodel_lifecycle.ml for new added fields- CA-375359 improve \"pool_total_session_count\" RRD description- CP-30367: xenopsd: add support for PVH- CP-30367: XAPI: allow PV and PVH kernels in /var/lib/xcp/guest too- CA-375359 & CP-42286: Rename `sessions per second` to `sessions/s`- CP-41796 enable HTTPS migration by default- CP-41796 prevent changes to https_only in CC_PREPARATIONS=true * Wed Mar 08 2023 Rob Hoes - 23.8.0-1- CA-375427: Make DP.destroy idempotent again- CA-364049: Tell external auth plugins to use python3- CA-375634: Move probe-device-for-file to Python 3 * Fri Mar 03 2023 Rob Hoes - 23.7.0-1- CP-40847: synchronize read-only uefi-certificates field for both host & pool * Thu Mar 02 2023 Rob Hoes - 23.6.0-1- [maintenance] Makefile: add a rule to write out a compile_flags.txt- CA-375274: xenctrlext: fix wrong number of arguments to interface_open and unshadow- CA-375273: xenctrlext: fix race conditions- [maintenance] direct_copy_stubs.c: uerror is available in caml/unixsupport.h- [maintenance] vhd-tool/direct_copy_stubs: fix setting of O_DIRECT flag- [maintenance] add .editorconfig: use spaces instead of tabs in C files- CA-375106: tuntap_stubs.c: raise Unix.error instead of failwith- CA-375276: xenctrlext_stubs.c: xc_get_last_error is not thread safe, use just errno which is- [maintenance] xa_auth_stubs.c: move free inside the blocking section- CA-375280: xe-toolstack-restart: stop and start all services at once- python/XenAPI: Replace import six.moves with stdlib imports- Allow to use a CIDR for VIFs IPv4 and IPv6 allowed IPs- CP-41730: Limit ldap query timeout for subject information- python/setup.cfg: Fix deprecated dash-separated key- python: Use xapi\'s versioning scheme for XenAPI package- ci: use official gh cli for release workflow- CP-40388: Rename SMAPIv3 feature VDI_ATTACH_READONLY- CP-40388: define VDI_ACTIVATE_READONLY in Smint- CP-40388: store SR feature table upon mux registration- CP-40388: store attach mode (rw/ro) with datapath in mux- CP-40388: Add VDI.activate_readonly to the storage interface- CP-41675: add new field override_uefi_certs to xapi.conf- CP-41675: xapi-start behaves according to field override-uefi-certs in xapi.conf- CP-41672: wipe the contents of the pool.uefi_certificates during upgrade- CP-40847: CP-42007: make pool.uefi-certificates field read-only- CP-41675: fix idempotent behaviour of Helpers.FileSys.rmrf- CP-42007: platform:secureboot=auto means platform:secureboot=true always- CP-42007: separate error msg from exception generation * Fri Feb 17 2023 Rob Hoes - 23.5.0-1- ci: fix docs upload of xapi-storage- CP-42173: xenctrlext: stop using xentoolog bindings- Remove log spam about leaked VDI locks at startup- Fix storage_smapiv1_wrapper log name- Storage mux: filter out duplicates in SR.list- CA-375256: Fix storage initialisation on xapi startup * Fri Feb 10 2023 Christian Lindig - 23.4.0-2- CP-40650 Remove vtpm feature restriction (i.e., enable feature) * Fri Feb 10 2023 Rob Hoes - 23.4.0-1- Reorganise the storage API layer in xapi and xapi-storage-script * Wed Feb 08 2023 Pau Ruiz Safont - 23.3.0-1- CA-374989: add default values for removed fields- CA-374989: Revert \"CP-40357: Purge all removed fields from the database and clients\"- CA-374989: Bump datamodel version * Thu Feb 02 2023 Pau Ruiz Safont - 23.2.0-1- Stop generating classes for the XmlRpcProxy.- CP-33338: write physical-device-path to xenstore for nbd devices- maintenance: commit calculated changes for datamodel_lifecycle- CP-39806: use updated C function names for ocaml 4.14- CP-40065: Delete VTPM contents when VM is deleted- CP-40065: Add VTPMs to the database garbage collector- CP-41812: Add total_sessions_count RRD- CP-41818: Branding and copyright updates for the SDK * Mon Jan 30 2023 Pau Ruiz Safont - 23.1.0-2- Bump release and rebuild * Mon Jan 30 2023 Pau Ruiz Safont - 23.1.0-1- CA-374872: error when `BOND_MEMBERS` is not in `management.conf` * Fri Jan 27 2023 Pau Ruiz Safont - 23.0.0-1- xcp-rrdd: add interface for rrdd_server- CA-374274: Provide more information when datasource is not found- CA-362358: Filter out new files when refreshing directory of certificates- Filter out new.pem in cert_distrib- Support bond at firstboot- CP-41444 Added actions_after_softreboot field to VM for Xenopsd soft_reboot- xenopsd: use uuid instead of deprecated uuidm functions- message-switch: conform to new APIs in jst libs- xapi-storage-script: conform to new APIs in jst libs- xen-api-client: conform to new APIs in jst libs- stream_vdi, import: conform to new APIs in tar- gencert: conform to new APIs in x509- xapi-guard, xen-api-client: conform to new APIs in conduit- message-switch, vhd-tool: drop io-page-unix- nbd: change ocaml-nbd usage- session_check: add action name in the error returned- datamodel_lifecycle: update latest APIs * Thu Jan 26 2023 Pau Ruiz Safont - 22.37.0-1- CA-374238: prevent copying of removed fields when reverting snapshots * Mon Jan 23 2023 Pau Ruiz Safont - 22.36.0-1- Makefile: install and uninstall xapi-schema using dune- install xapi-schema libraries as part of xapi-datamodel-devel * Thu Jan 19 2023 Pau Ruiz Safont - 22.35.0-1- CP-40357: Enable computation of correct API lifecycles- CP-40357: Patch invalid lifecycles- CP-40357: Statically parse all the datamodel lifecycles- CP-40357: separate schema modules into xapi-schema package- database / idl: reduce code complexity- CP-40357: Change comment on failure to load db row- CP-40357: Avoid loading removed fields into the database- xapi_version: extract \"git_id\" from version- CP-40357: Remove oss_deprecation_since:None- CP-40357: Integrate state into the datamodel\'s lifecycle- CP-40357: Purge all removed fields from the database and clients- CP-40357 (idl/json): Only show latest entity change in a release- CP-41450: The SDK sample code has moved to a different repo.- Stop installing internal headers. Create dll symlink for cygwin.- opam: synchronize opam metadata with xs-opam- xapi-storage{,-script}: explicitely use python2 instead of python- Add new bias_enabled field to pool datamodel- Make bias against scheduling vms on pool master configurable- Switch from Xenctrl.hvm_check_pvdriver to Xenctrl.hvm_param_get- Corrected repo link in the README.- ci: avoid github API deprecation warnings- xenctrlext_stubs: fix xfm_open parameter mismatch- CP-40946 Make ATTACH_READONLY consistent with other features- CA-373776 Added unhandled exception handler to nbd to log errors instead of the messages being printed to the host console- CP-41366: Rename Citrix Hypervisor to XenServer- Fix extra `/` in https redirection- CA-373785: Deny HTTP requests on website_https_only- maintenance: use generated datamodel_lifecycle * Tue Dec 13 2022 Rob Hoes - 22.34.0-2- Bump release and rebuild * Mon Dec 12 2022 Rob Hoes - 22.34.0-1- Update lifecycle for pool.migration_compression- CA-373551: register for host events rather than task in events_from_xapi * Thu Dec 08 2022 Rob Hoes - 22.33.0-1- CP-40404: Add C# NuGet specs in its csproj- CP-40404: Move C# SDK samples to .NET 6.0- CP-41213: swtpm-wrapper should not fiddle with cgroups- CP-40404: Do not specify assembly info in `AssemblyInfo.cs`- CP-40404: Build C# SDK to .NET Framework 4.5- CA-372785 make with-vdi more robust- CP-40404: Replace deprecated module manifest member with `RootModule`- Fix missing `Reference` value in PS SDK cmdlets output- Modify Xenctrlext to use its own libxc handle- CP-40404: Do not specify PS SDK assembly info in `AssemblyInfo.cs`- CP-40404: Update Powershell and C# SDK READMEs- CP-41348: Convert swtpm-wrapper to Python 3- Redirect fileserver towards https- CA-371790: Restrict the permissions on pool tokens- Xenctrl: drop interface_close- CP-41279: add migration_compression pool option * Fri Nov 18 2022 Rob Hoes - 22.32.0-1- CA-342527: Remove unnecessary list traversals on rbac.check- xapi/rbac: Remove the non-\"efficient\" code path- xapi/rbac_audit: do not audit rrd_updates- CA-371780: Reduce cost of merge_new_dss- rbac_audit: refactor module- CA-372128: DB performance optimisations- CA-140252: fix flag handling- CP-40190: vTPM - Fix xenopsd to indicate correct state file format to swtpm-wrapper.- CP-40747: Add certificate checking options to sparse_dd and vhd-tool- CP-33044 define attach/detach IDL calls for gpumon- CA-371780: Port xcp-rrdd tests to alcotest- CA-371780: Reduce overheads in update_rrdds- CP-40823 Edited Vdi.t in xapi/storage_impl.ml to record vm- CP-40823 Created tests to the modules in storage_impl- CP-41028: enable certificate checking for storage migrations- CP-40190: Prevent SWTPM from filling dom0 root partition- xenopsd: define uncaught-exception handler- CA-369444: Ensure xenopsd still starts if VM state upgrade fails- CA-371419: Always log exceptions when responding with 500 Internal Error- CA-369690: Prioritize loglines when backing up RRDs- CA-369690: Reduce logging produced by xmlrpc_client- Debug: remember previous log names per thread in a stack- Do not log out session in xapi events loop to re-register VMs- Enable HTTPS for storage migration on the source * Thu Nov 17 2022 Christian Lindig - 22.31.0-2- CP-33044 install gpumon-cli * Tue Nov 01 2022 Rob Hoes - 22.31.0-1- CA-370575: [XSI-1310] Driver disks / supp packs applied at host- CA-370947 increase robustness of with-vdi script- CA-364194: Add a comment on static-vdis for a timeout enhancement- CA-364194: add timeout parameter to script callers in xapi- CA-364194: Allow creation of statefiles to time out- CA-370578 use subsystemId in NVidia GPU matching- maintenance: explicitely declare direct dependencies- ci: add xapi-log and xapi-open-uri- idl/json_backend: Process unreleased versioned releases- ocaml/idl: make gen_lifecycle compatible with gitless spec building- idl/json_backend: order releases from latest to oldest- CA-370082: Block multiple definitions of certificate-chain in xe cli- maintenance: avoid traversing lists twice when reading cli params- exit with error if add_vswitch_port fails- Revert `uuidx` rename in `gen_powershell_binding.ml`- xapi-idl: make storage-test be part of a package- opam: update metadata- xenopsd/dbgring: don\'t mention xenmmap dependency- CA-371759: check certificates in xsh- CP-40490: Require --force parameter to destroy VTPMs- xapi-cli-server/cli_ops: reuse --force message- xapi: group import error and cause into the same line- CP-39134: xapi-guard: do not hardcode rpc function - allow for unit testing- CP-39134: xapi-guard: separate code into own library for testability- CP-39134: basic unit test for xapi-guard- CP-39134: xapi-guard: add unit tests for bad values- CP-39134: varstore-guard: use inotify to wait for the apperance of the socket- Maintenance: xapi-guard: use Lwt.Syntax instead of Lwt.Infix- CP-39134: add shutdown unit test- CP-39134: quality gate fixups- xapi-guard/test: Count file descriptors- CP-41033: install XenAPI to Python 3- CP-41033: update XenAPIPlugin for Python3- idl/ocaml_backend: do not generate empty docstrings- idl/gen_server: Remove custom functions- CA-352073: gen_server: Serialize lists in [ ... ] form- CA-352073: Prepare to reuse defaults unmarshalling code- CA-352073: Ensure all serialized calls can pass rbac checks- CP-41033: further updates to XenAPIPlugin for Python3 * Wed Oct 12 2022 Rob Hoes - 22.30.0-1- CP-40402: Move C# and Powershell SDK Generation to .NET- opam: Update Alpine deps for xapi- CP-40754: Sync host.https_only fields on startup- CA-370140: shut down swtpm after qemu- CP-40755: Allow memory+storage+vGPU migrate to use HTTPS only- Update JSON backend for modern xapi releases- CA-368579: Mitigations against DoS attacks by unauthenticated clients (now upstream, replacing patch queue) * Wed Oct 12 2022 Rob Hoes - 22.29.0-1- CP-40753 host.set_https_only updates firewall using firewall_port_config_script helper- CP-40753 Added change to the firewall-port script to modify the RH-Firewall-1-INPUT chain- Update Makefile (un)install targets * Wed Oct 12 2022 Rob Hoes - 22.28.0-1- Revert \"Add a fallback system for auth files belonging to RPMs\"- Rename Uuid module to Uuidx- Move good_ciphersuites from Xcp_consts to Constants- Move logging lib from xapi-idl to its own package- Move Open_uri from xapi-idl to its own package- Add HTTPS support to open-uri- idl: update datamodel_lifecycle after tag- xenopsd/xc: Print all information in Service_failed exceptions- CP-39744: simplify vm_platform.sanity_check parameters- CP-39744: Block BIOS VMs with vTPM attached from booting- CP-40775: share function raising not done for vtpm exceptions- CA-370858: disallow VM exports with VTPMs attached * Wed Oct 12 2022 Rob Hoes - 22.27.0-1- Add a fallback system for auth files belonging to RPMs- CA-370084: Test pem with DOS line endings- Update lifecycle for VTPM datamodel- xapi-cli-server: change vm record to show \"vtpms\"- CA-370731: remove obsoleted copies of ca certs in the db- CA-370731: Allow pool to recover from duplicate ca certs- CP-33973 disable DMC; fix unit test- CP-40767 CP-40429 Migration Compression - define Zstd.Fast, more- CP-40749 Added https_only field- CP-40750 Added set_https_only function- CP-40751 Added and implemented Pool.set_https_only- CP-40752 Added CLI functionality for a pool level getter and setter- configure.ml: inject version number here- xapi-xenopsd.opam: declare zstd as dependency- maintenance: Remove obsolete version-gathering methods * Fri Oct 07 2022 Rob Hoes - 22.26.0-2- CA-368579: Mitigations against DoS attacks by unauthenticated clients * Fri Sep 09 2022 Rob Hoes - 22.26.0-1- Introduce vTPM * Mon Aug 22 2022 Rob Hoes - 22.25.0-1- XenAPI.py: Simplify and fix UDSTransport implementation- CP-40375: Allow cert clients to perform VM.shutdown and VM.start_on- CP-37225: Added unmarshalling code for Ocaml\'s Set(Set string) for C.- Fix quicktest\'s -default-sr parameter- CP-40392 compress vGPU migration stream- CA-369599: ignore invalid references on eject- maintenance: factor out Ref.to_option and Helpers.ignore_invalid_ref * Mon Aug 08 2022 Pau Ruiz Safont - 22.24.0-2- Bump release and rebuild * Fri Jul 29 2022 Rob Hoes - 22.24.0-1- CP-39894: move xenopsd\'s daemon modules from device to service- xenopsd/xc/service: add licensing header- CP-39894: move all varstored starting code to service module- CP-39894: move vgpu starting code to service module- CP-39894: Replace is_pidfile and pid_path with pid_location- CP-39894: tweak Service.Qemu interface- CP-39894: Use pid_location for file and xenstore cleanups- CA-366479: Remove Qemu\'s pidfile on domain shutdown- Factor out Throttle module- Update datamodel_lifecycle.ml only when changed- ci: generate releases from tags, upload XenAPI python lib- CHCLOUD-717: Spawn a thread to run xe-toolstack-restart- CP-40155 Parallelize Host.evacuate- CP-37091: Updated samples and fixed some code issues in the Java SDK.- CP-37225: Added unmarshalling code for Ocaml\'s Set(Set string) for C# and PS.- Removed dependency on 3rd party libraries from the PS module project.- CP-37091: Fixed some code issues in the PowerShell SDK.- CA-368910: Allow destruction of PVS_cache_storage if SR is already gone- CA-368437 remove duplicate keys from SM.features- CA-368806: Workaround pbis get wedged- CP-40175: Strip metadata of non-applicable livepatches- CA-347473: Minor memory leak from unloaded Xen livepatches (#4762)- CA-367236 replace Ezjsonm with Yojson * Wed Jul 06 2022 Rob Hoes - 22.23.0-1- CP-40027 VM migration introduce /services/xenops/migrate-mem- CP-39640/CP-39157 Add stream compression for VM migration- Add matching Synchronisation point 1-mem ACK log on receiver- Allow VBD.plug to dom0 again * Tue Jul 05 2022 Pau Ruiz Safont - 22.22.0-1- CA-365946: Block VIF and VBD hotplug into dom0- Update datamodel lifecycle- CP-39805: Adapt xenopsd\'s cli to new cmdliner- CP-39805: Adapt rrd tools to new cmdliner interface- CP-39805: Adapt xapi-storage-cli to new cmdliner- CP-39805: Adapt vhd-tool to new cmdliner- CP-39805: Adapt xcp_service to new cmdliner interface- CP-39805: Adapt xapi-guard to new cmdliner- CP-39805: Adapt message-switch to new cmdliner- CP-39805: Adapt xapi-gzip to new cmdliner- CP-39805: Adapt nbd to new cmdliner- CP-39805: Adapt idl clis to new cmdliner and rpclib- CP-39805: Adapt xcp_service to new cmdliner- CP-39805: Adapt xapi-idl binaries to new cmdliner- CP-39805: Adapt xapi-storage(-script) to new cmdliner- maintenance: consolidate idl\'s cli client argument parsing- CP-39805: update tests to be compatible with rpclib +8.1.2- xapi-idl: clients now better report cli errors- maintenance: make gzip rules compatible with the dune cache * Mon Jun 27 2022 Rob Hoes - 22.21.0-1- xenopsd/xc: do not log error when querying for migrability- CP-39996: Generate and push docs to xapi-storage- CP-39806: remove code without a stable formatting- CP-39806: avoid opening Threadext modules- CA-365604: Support external user ssh into dom0 with name in unicode- CA-367979: Bugfix - Wrong format of livepatch in returned updateinfo- CA-368069: Got wrong kernel base build_id- CP-39877: define activate_readonly method for SMAPIv3- Remove unused xenopsd/Makefile and qemu-dm-wrapper- CA-367979: Bugfix - Add RebootHost guidance wrongly when a livepatch failed- CA-367979: Bugfix - Add new unit test for livepatch failure case- CA-367979: Return changed guidance from host.apply_updates- CA-367979: Bugfix - Remove RebootHostOnLivePatchFailure after a completion of update- Refine unit test of eval_guidance_for_one_update * Wed Jun 08 2022 Rob Hoes - 22.20.0-1- CA-367738: Short-circuit auth of HTTP requests without auth header- CA-365905 (XSI-1215): Create a temporary file in the target download folder (...)- CA-355432: Fixed generation of method overloads.- CP-39884: generalise interface to gzip/zstd-like tools- CP-37091: Do not use a loop for only one iteration.- CP-36245: Refine merge_livepatches function- CP-32574: Apply livepatches- CP-38583: add Host.last_software_update field with data/time- maintenance: make xapi-xenops-tests more granular- maintenance: move tests for platformdata together- Use file type for is_raw_image()- XenAPI.py: define how to build package in pyproject.toml- xapi: avoid spawning processes- Added Repository Update Unit Tests * Wed May 18 2022 Rob Hoes - 22.19.0-1- libs/uuid: run tests only in the uuid package- CP-39805: Avoid deprecated bindings in mtime- Datamodel: replace some recent rel_next entries- CA-366801: xsh: fix XAPI blob sync and EBADF- CP-38688 introduce Message.destroy_many() API/CLI call- Upgrade VM runtime state when xenopsd restarts- CA-367120: Missing net new RPMs in picking up metadata from updateinfo- CA-367120: Add un-installed packages into accumulative update list- CA-367120: Add debug logs for outputs of YUM/RPM command lines- CP-38688 make Message.destroy_many() async, too- XSI-1246/CA-367232: Daily license re-apply fails is HA is enabled- Filter input dns when reconfiguring a pif IP(v6)- CA-366309: ignore HA when checking update readiness * Tue May 10 2022 Christian Lindig - 22.18.0-2- CP-39640 add zstd dependency for suspend/migration stream compression * Wed Apr 27 2022 Rob Hoes - 22.18.0-1- CA-366014: pass -dm qemu to UEFI qemu too- CP-39551: avoid warnings in xapi- Don\'t use --force in gzip decompress- CP-34028: Replace Uuidm with Uuid wherever possible- CP-32574: Life-patch support part 1- CA-366098: Raise internal xenopsd error on task timeout * Wed Apr 20 2022 Rob Hoes - 22.17.0-1- Add binary xapi_gzip for testing Xapi_compression- CA-366430: do not wipe PK.auth/dbx.auth * Tue Apr 19 2022 Rob Hoes - 22.16.0-1- CA-366428: Add temporary feature \'Internal_repo_access\' to allow update in mix mode- Add `9pfs` backend to vbds- Sync varstore certificates in XAPI with those on disks- CP-39551: avoid warnings- Fixes regarding DNS management in IPv6- ci: fix testing of xapi-xenstored in newer opam\'s sandboxes * Wed Apr 13 2022 Rob Hoes - 22.15.0-1- CA-364138 XSI-1217: fix FD leak, Unix.EMFILE- CA-365900: Clean up remanent stunnel client proxy- CA-359978: Flush IP addresses when switching from static to DHCP- CA-355588: users in pool admin group which contains # can not ssh into dom0- CP-35846: Restrict access to internal yum repo server (members only) * Fri Apr 01 2022 Rob Hoes - 22.14.0-1- CA-363700: update xenopsd platformdata if rtc-timeoffset changes- CA-365474: Synchronize trust roots at startup- Make Xapi_compression.compress more polymorphic * Mon Mar 28 2022 Rob Hoes - 22.13.0-1- CA-365130: print exception on backup failure- CA-365130: Print the name of signals in FE exceptions- CA-365121: pool join: require common xapi versions- CA-364021: reload certificates offered after emergency-reset-server-certificate- CA-365438: Retrieve updateinfo.xml.gz file path from repomd- CA-365438: Retrieve group file path from repomd- CA-365516: CLI: protect cmdtable population with mutex- CP-33973: disable DMC- Fix and extend bugtool plugins * Wed Mar 23 2022 Rob Hoes - 22.12.0-2- Add dependency on pvsproxy to xcp-networkd * Tue Mar 15 2022 Rob Hoes - 22.12.0-1- CA-364630: Add [post|put]_services_xenops to client auth permission list- CA-364450: Fix YUM repo config for repo metadata checking- CP-39209: Add new field \'gpgkey_name\' in repository object- CA-364138: log when about to stop varstored and varstore-guard- CA-365279: Client-cert auth: use CAfile- CP-39375: Remove RPM gpgcheck in reposync- CA-365112: Permit pool admin username with space to ssh login- Fist point of cert exchange: keep all operations- maintenance(ocaml): remove warnings- maintenance: avoid using Cstruct.len- maintenance: replace Lwt_unix.yield usages- maintenance: dedicate a test binary for repository test_repository_helpers- maintenance: remove most usages of Re.Str * Thu Mar 03 2022 Rob Hoes - 22.11.0-1- CP-38450: Add pool.set_wlb_enabled permission for client auth- REQ-403 add cert checking for clusterd * Mon Feb 28 2022 Rob Hoes - 22.10.0-1- CA-363903: Winbind does not rotate keytab file- CA-363903: Enable UPN format in hcp_users- CA-363903: Rotate machine password on Closest KDC- CA-362704: Hide proxy_username and proxy_password for repo proxy- CA-362704: Remove credential related info from remote repository conf file * Mon Feb 21 2022 Rob Hoes - 22.9.0-1- CP-39031 keep more xapi version details for Host.software_versions- CP-38462: Recognise ethtool-advertise on PIFs- CP-38763: Enforce kerberos protocol talking with DC * Tue Feb 15 2022 Rob Hoes - 22.8.0-2- Bump release and rebuild with OCaml 4.13.1 compiler. * Mon Feb 14 2022 Rob Hoes - 22.8.0-1- CP-38610: Automatically record the versions of new datamodel elements- Update lifecycles for existing API elements- Update version comparison for numbered versions- Replace rel_next with actual versions- CA-363633: Always take the generation-id directly from xapi * Wed Feb 09 2022 Rob Hoes - 22.7.0-1- xenopsd: explicitly clean VM state if VM_restore failed during VM_receive_memory- CA-363207: SSH access failing when using AD groups with spaces in name- XSI-791/CA-343760: Make reboot equal to shutdown+start for CPUID changes- CA-362924: Fix typo when syncing repository fails- XSI-1175 make message limit configurable- Maintenance: reformat with new ocamlformat version- CA-363391: fix wake-on-lan script- Use Filename to concat varstore dir and file- CA-363154: Use repoquery to get available updates- CA-363154: Remove usage of \'yum list updates\'- CA-363154: Ignore errors in repo update- CA-363154: Use repoquery to get installed packages * Thu Feb 03 2022 Rob Hoes - 22.6.0-1- CA-361209: When using WoL find the remote physical PIF- CA-361209: add vlan references to PIF\'s cli records- REQ-403 Enable TLS verification by default- REQ-403 make cron job for cert rotation conditional- Fixes to prepare for OCaml upgrade * Wed Jan 26 2022 Rob Hoes - 22.5.0-1- CP-38850 add xapi.conf option for cert-expiration-days- nbd: include the test binary into xapi-nbd package- ocaml/tests: workaround opam\'s sandbox on db upgrade test- use TMPDIR on tests if possible- CP-38892: add role.is_internal field- Update API version; record yangtze schema version * Tue Jan 11 2022 Rob Hoes - 22.4.0-1- Merge varstored-guard * Mon Jan 10 2022 Rob Hoes - 22.3.0-1- Merge sm-cli * Mon Jan 10 2022 Rob Hoes - 22.2.0-1- Merge xapi-nbd * Mon Jan 10 2022 Rob Hoes - 22.1.0-1- Merge wsproxy * Mon Jan 10 2022 Rob Hoes - 22.0.0-1- fix (http-svr): allow : in passwords when using basic auth- maintenance (http-svr): simplify base64.decode usage * Fri Dec 17 2021 Rob Hoes - 21.4.0-1- xapi/import: report duplicate mac seeds on import as such- Add `ignore_vdis` to `VM.snapshot` method- Fix description of configure_repository_proxy- CP-38759: Add pool.disable_repository_proxy- CP-38701: Restrict client-cert role- CA-361988 execute cluster host_resync always locally * Fri Dec 10 2021 Edwin Török - 21.3.0-3- Add coverity macros * Tue Dec 07 2021 Edwin Török - 21.3.0-2- CP-38218: obsolete xsi{f,o}stat by installing xapi-rrd2csv * Fri Dec 03 2021 Rob Hoes - 21.3.0-1- add setter for `Task.result` & `Task.error_info`- Use stunnel proxy to access internal YUM repo- Enable to set a `Task`\'s `resident_on` field.- CA-361151: Ldap does not work for cross domain 1-way trust- CA-361151: remove \'winbind offline logon = Yes\'- CA-361221: utf8_recode: use Uutf.{Buffer.add_utf_8,String.fold_utf_8} instead of Uutf.{encode,decoder}- CA-361221: utf8_recode: avoid allocations if string is all utf8- CA-361220: Do not leak xsclient thread- CA-361220: xenopsd: introduce TASK.destroy_on_finish- CA-361220: xenopsd: avoid space leak in VM.import_metadata_async- CP-35957: Update datamodel_pool for pool.configure_repository_proxy- CP-35957: Add repository proxy configurations in syncing * Thu Nov 25 2021 Rob Hoes - 21.2.0-2- Bump release and rebuild * Thu Nov 25 2021 Rob Hoes - 21.2.0-1- Introduce session.client_cert field- CA-360754: exclude client-cert sessions from revalidation- CA-360951: Failed to lookup workgroup from domain as DNS cache * Wed Nov 24 2021 Edwin Török - 21.1.0-2- Bump release and rebuild * Tue Nov 23 2021 Rob Hoes - 21.1.0-1- Fix typo in message name- CA-360997: Don\'t reject imports if the host\'s major version is larger * Fri Nov 19 2021 Rob Hoes - 21.0.0-1- Import message-switch, xcp-idl, xapi-storage, xapi-storage-script * Tue Nov 16 2021 Rob Hoes - 1.331.0-1- CA-359869: Make Sysfs.list robust against disappearing devices- CA-360634: Change the allowed role of host.apply_updates to pool operator- CA-360485: Fix SR-IOV capability detection- CA-359714: update-precheck: fix uninitialised variable- CA-360577: Add RBAC checking for client cert HTTPs requests * Wed Nov 10 2021 Rob Hoes - 1.330.0-3- Bump release and rebuild * Mon Nov 08 2021 Christian Lindig - 1.330.0-1- CA-359975: set the IP in /etc/issue on first boot- Copied README from last draft, and actually signning the commit this time- Making comment start with an uppercase- CP-38309 make TLS more explicit in clusterd interface * Wed Oct 27 2021 Edwin Török - 1.329.0-1- vhd-tool: stress test compatibility with python3- vhd-tool: Adapt stress-test to alcotest 1.0- CP-38046: Add token in pool.sync_updates to support repository client authentication * Thu Oct 21 2021 Rob Hoes - 1.328.0-1- Merge xcp-networkd * Thu Oct 21 2021 Rob Hoes - 1.327.0-1- CA-356541 migration debug msg: ensure host is defined- Replace ETCDIR by ETCXENDIR everywhere in scripts/ * Tue Oct 19 2021 Rob Hoes - 1.326.0-1- Merge xenopsd and squeezed * Wed Oct 13 2021 Rob Hoes - 1.325.0-1- stunnel/gencert services: use Wants rather than Requires * Wed Oct 13 2021 Rob Hoes - 1.324.0-1- CHCLOUD-109: Remove checking on \'description\' field in updateinfo- CA-357075: Handle error from get_cluster_config call during RPU- CA-359835: Enable \'Updates\' feature in rolling pool update * Mon Oct 11 2021 Rob Hoes - 1.323.0-1- Maintenance: remove warnings- CA-359214: Only restart stunnel if the config file has changed * Fri Oct 01 2021 Rob Hoes - 1.322.0-1- XenAPI.Session: raise exception on attempted forwarding of python magic methods- CA-358904 REQ-403 cross pool migration must not use cert checking- CA-356358: enable clustering daemon before attempting RPC call to fetch pems- CA-358326 log cron job for cert refresh in syslog- Remove old-style xva import code (finally)- xe: remove prefix-match workaround- CA-357785: Stop metrics binaries from logging to stdout- maintenance: remove option to daemonize metric collectors- CA-359226 add fist point to backdate new certs during testing * Wed Sep 22 2021 Rob Hoes - 1.321.0-1- Merge tapctl and vhd-tool- Upgrade to dune 2.0 * Tue Sep 21 2021 Rob Hoes - 1.320.0-1- CA-358904 REQ-403 cross pool migration must not use cert checking- CA-359076: avoid DB calls when starting management server- CP-38206: Merge xen-api-libs-transitional * Fri Sep 17 2021 Rob Hoes - 1.319.0-1- CA-358898: handle IPv6 state when management disabled * Thu Sep 16 2021 Rob Hoes - 1.318.0-1- CP-35393: Introduce client_certificate_auth- CP-34726: Use a separate service and port for the client cert auth- CP-34727: configure unix socket for client certificate auth- CP-36249: Reconfigure management server when en/disabling client certificate auth- CP-37692: Introduce RBAC role for client-auth sessions- Use port 443 for client certificate auth (again)- Duplicate cipher options in stunnel SNI service- Change role for repository-related calls to pool-operator- CP-37598: Add feature flag to restrict updates from a repository- Fix missing xenopsd diagnostics from bugtools- Fix handling of web-dir parameter- CA-356959: Decide user account locked out by lockoutTime- CA-358568: Password expired could not show on XenCenter- CA-358816: Updated subject name in DC does not get updated in pam * Mon Sep 13 2021 Rob Hoes - 1.317.0-4- CA-358445: move %pre section to xcp-rrdd subpackage * Mon Sep 06 2021 Rob Hoes - 1.317.0-3- CA-358445: add rrdmetrics group (missing in xcp-rrdd merge) * Fri Sep 03 2021 Rob Hoes - 1.317.0-2- Bump release and rebuild * Thu Sep 02 2021 Rob Hoes - 1.317.0-1- CP-37370 add certificate-refresh to cron.daily- CP-37370 revert this for release: use cron.hourly * Wed Sep 01 2021 Rob Hoes - 1.316.0-1- Specsavers: merge xcp-rrdd- CP-37590: Replaced negative language within `FriendlyErrorNames.resx`- CP-37590: Replaced negative language within `datamodel_errors.ml`- CP-37590: Remove useless override in C# SDK generation- Amend typos in errors datamodel- Undo TLS verification change from v1.315.0, which was incomplete * Thu Aug 26 2021 Christian Lindig - 1.315.0-1- Enable TLS verification by default * Wed Aug 25 2021 Christian Lindig - 1.314.0-1- CA-357025 enable TLS cert checking for pool and WLB together * Wed Aug 25 2021 Christian Lindig - 1.313.0-1- Add datamodel option to log Db.X.destroy calls- CA-356441: reload-or-restart sshd to apply sshd configuration- REQ-403 CA-356724 unix time serial number to xapi-pool-tls.pem- Stunnel.reload: wait 5s by default- CA-355657 wait before serving refrehed SSL cert- Fix issue #4491: USB device reset for Privileged VMs (with PCI device attached) is not working due to bad argument \'-r\'- CP-36863: Expose local YUM repository only on TLS interface- CA-357151 REQ-403 add joiner\'s ca certs to db- CA-357151 REQ-403 consistent output about ca certs- CA-356854 REQ-403 ejected hosts come back with verification enabled- REQ-403 revert me! FIRSTBOOT_ENABLE_TLS_VERIFICATION=false- CP-37866 add Host.tls_verification_enabled field- CA-354374: Update pool_cpuinfo and pool_features after the ejected host having been destroyed- CP-37898: Make winbind encryption types configurable- CA-357417 REQ-403 ensure valid cert alerts are not deleted * Mon Aug 09 2021 Edwin Török - 1.312.0-4- Re-enable upgrade-pbis-to-winbind * Mon Aug 02 2021 Rob Hoes - 1.312.0-3- Temporarily revert upgrade-pbis-to-winbind requirement * Thu Jul 29 2021 Rob Hoes - 1.312.0-1- Merge winbind feature branch- REQ-403 change type of cert generated during cert refresh * Thu Jul 29 2021 Rob Hoes - 1.311.0-1- CP-37571 REQ-403 add fist to Cert_distrib.exchange_certificates_in_pool * Thu Jul 29 2021 Rob Hoes - 1.310.0-1- REQ-403: failed_login_alert_freq- Add explicit package to dune tests- REQ-403 concurrency fixes pt 4- Revert \"REQ-403 concurrency fixes pt 4\"- maintenance: add copyright to cert_distrib files- REQ-403 use pool ops rather than cert distrib mutex- REQ-403 replace exchange_certificates_on_join lock- REQ-403 remove exchange_certificates_among_all_members lock- REQ-403 replace exchange_ca_certificates_with_joiner lock- REQ-403 replace copy_primary_host_certs lock- REQ-403 pool ejectees should remove trusted ca certs- ci: run format on future feature and lcm branches- configure: work around read-only /tmp found in opam\'s 2.1.0- CA-356977 REQ-403 fix broken external auth for Host.reset_server_certificate * Mon Jul 19 2021 Rob Hoes - 1.309.1-1- Revert \"Remove unused function\"- qualitygate: expect 1 instance of \"==\" * Mon Jul 19 2021 Rob Hoes - 1.309.0-1- Import xen-api client- CP-36098 don\'t refresh certs if any host offline- quality-gate: error if somebody used physical equality- REQ-403 define how to generate cluster certificates- REQ-403 give cluster daemon pem information- CP-36097 REQ-403 write_pem API impl- CP-36097 REQ-403 cluster must have a pem file before enabling tls verification- CP-36097 REQ-403 cluster pems never expire- CP-36097 REQ-403 use result monad rather than exceptions in selfcert- CP-36097 REQ-403: maybe restart cluster daemon on cert refresh * Thu Jul 08 2021 Christian Lindig - 1.308.0-1- CA-355629 use hostname for CN in host cert * Mon Jul 05 2021 Rob Hoes - 1.307.0-1- CP-36098 introduce host-refresh-server-certificates- CP-36098 add path argument to Gencertlib.Lib.install_server_certificate- CP-36098 new API: host.refresh-host-certficate- CP-36098 introduce pool op cert_refresh- CA-355657 XSI-1037 reduce load during bugtool- Maintenance: fix unixpwd warnings about loosing const qualifier- Maintenance: fix indent in unixpwd- CA-341715: control-domain-params-init: skip on upgrade- CA-355625 reload Stunnel instead of restart after cert change- CA-355625 remove dead code- CA-341715: fix control-domain-params-init- REQ-403 copy_primary_host_certs API call- REQ-403 am i missing certs thread- REQ-403 only exchange certs between primary and joiner during pool.join- REQ-403 best effort distribution of joiner\'s pool certs to all hosts- REQ-403 check for missing certs only when db connection established * Fri Jun 25 2021 Edwin Török - 1.306.0-1- REQ-403 update_ca_bundle lock- Only add XAPI message for VM when migration is live and intrapool * Thu Jun 24 2021 Edwin Török - 1.305.0-1- Remove unnecessary scope restriction Result- CA-354414 perform best effort Pool.eject cleanups- REQ-403 cert_distrib lock- CA-355571: Include accumulative updates for updates description and guidances- CA-355571: Refine precedence between guidances- CA-355571: Unit Tests: Include accumulative updates for updates description and guidances- CA-355571: Unit Tests: Refine precedence between guidances- Add more messages to a VM lifecycle * Fri Jun 11 2021 Rob Hoes - 1.304.0-1- CA-354260 REQ-403: check certs haven\'t expired before installing them- CA-354834 log ref, uuid when adding CA cert- Fix update-ca-bundle.sh hangling of deleted certs- CP-37014 verify TLS-based RPC before enabling it- CA-354834 log ref, uuid when adding CA cert- CA-355179: Support epoch in RPM- CA-355179: Support epoch in RPM: Update unit tests- CA-355179: Support epoch in RPM: Add unit tests- CA-355180: Improve parsing output of \'yum list updates\'- Added missing release date and restored as yet unreleased versions in the API docs.- Build the doc-json target as part of the install target. Restructured output.- Remove pool.slave_network_report- Audit log: extend suppression to calls with _ separators- CP-36178: Add basic precheck function for updates- Removed rel_honolulu as it contained no API changes. Updated last_known_schema_hash.- fixup! CA-355179: Support epoch in RPM- Fix SDK build * Thu May 27 2021 Rob Hoes - 1.303.0-1- CA-354689 don\'t fail if host cert to be removed doesn\'t exist- Maintenance: reformat code- xapi_pool_helpers: refactor call_fn_on_hosts- C# SDK: Fixes to generated code:- CP-35955: Datamodel: Add pending_guidances for host- CP-35955: Datamodel: Add pending_guidances for VM- CP-35955: Bump up last_known_schema_hash- CP-35955: Add absolute guidances in pending_guidances- CP-35955: Clean up pending guidances- CA-355039: Support single guidance from one update in updateinfo.xml- Adapt xe-reset-networking for IPv6 * Thu May 20 2021 Rob Hoes - 1.302.0-1- CP-35348 cover alerts for internal and CA certificates- xapi-cli-protocol: make unit-tests runnable- fix: cli protocol tests cannot depend on xapi-cli-server- xe-enable-ipv6 edits net.ipv6.conf.{ all | default }.disable_ipv6- Maintenance: replace deprecated Listext.assoc- Set IPv6 parameters in check_network_reset- cert_distrib: refactor go method- CP-36866: Generalize code for certificate distribution- CP-36866: block pool join when ca certificates might conflict- CP-36866: Distribute CA certificates on join * Mon May 17 2021 Rob Hoes - 1.301.0-1- Centaurus repository APIs: merge from feature/centaurus/master-1 * Mon May 10 2021 Rob Hoes - 1.300.0-1- CP-35523: Always accept requests from the unix socket * Fri May 07 2021 Rob Hoes - 1.299.0-1- CP-35523: Block access to the website on port 80 * Thu May 06 2021 Rob Hoes - 1.298.0-1- CP-36744: Allow users to reenable tls cert checking- CA-329462 Cluster.create should clean up if it fails- ci: quality-gate shell script- CA-353388: Control debug level by debug_stunnel env variable- CP-36658 remove certs of host when it is ejected- CA-349123: Tweak previous hotplug fix- CA-353553 add API error for when NVidia GPU is misconfigured- CA-353747 accept RSA and EC private key headers in PEM- CA-353747 add negative test case- CP-34467: Exchange certificate when a hosts joins a pool- CP-34467: simplify certificate distribution * Tue Apr 27 2021 Rob Hoes - 1.297.0-1- CP-34467: Pre-join checks for TLS verification- CA-353309: Create correct filters for uninstalling ca certs- CP-34467: Avoid Not_found error when getting remote pool- CP-36750: Block enabling TLS verification on pool ops- Enable to choose a migration network in `VM.pool_migrate`:- CA-349123: Fix metadata race in VBD/VIF plug * Thu Apr 22 2021 Rob Hoes - 1.296.0-1- REQ-403: Display expiry for certificates on the cli- CA-341715: Sync certificates after bringing up mgmnt IF- CP-36690 at startup, sync host certs with DB- CP-36690 fix update_certificates at startup * Wed Apr 14 2021 Rob Hoes - 1.295.0-2- Bump release and rebuild * Wed Apr 14 2021 Rob Hoes - 1.295.0-1- CP-36509 update db for xapi_ssl.pem on startup if changed- CP-36509 simplify cert decoding- CP-36509 add MLI for certificates_sync module- fixup! CP-36509 simplify cert decoding- CP-36099 REQ-403 add type:host_internal to cert db schema- CP-36099 REQ-403 add host_internal cert type to db utils- CP-36099 REQ-403 only produce alerts for `host certs- fixup! CP-36509 simplify cert decoding- REQ-403 file system helpers- REQ-403 declare cert related files/folders in xapi_globs- CP-36510 REQ-403 distribute certs during Pool.enable_tls_verification- CA-353011: Clean up certificates from unknown hosts- CP-34469 on pool eject, remove host certificates- XSI-995 handle case where pci doesn\'t exist in VM.power_state_reset * Thu Apr 01 2021 Rob Hoes - 1.294.0-1- CP-36100 extend update-ca-bundle to handle pool certs- maintenance: reformat- REQ-403: remove deprecated host cert (un)install calls- CA-36099 REQ-403 add name and type to certificate db record- CP-36099 REQ-403 comment about cert locations- REQ-403 CP-36099 remove / add certs to db when un / installing them- REQ-403 CP-36099 initialize rng- CP-36100-3 Use explicit config for TLS Stunnel verification- CP-36100-3 set TLS verification default at Xapi startup- CP-36100-3 verify VNC connections as a pool-level connection- CP-36100-3 change name of Stunnel.verification_config- CP-36100-3 make ~verify_cert:None more explicit- CP-36100-3 count verify_cert:None in Makefile- CP-36100-3 persist TLS emergency flag- README file was left out of the package.- CP-36100: format code around rrdd commands * Fri Mar 26 2021 Rob Hoes - 1.293.0-2- Bump release and rebuild * Fri Mar 12 2021 Rob Hoes - 1.293.0-1- Merge xen-api-sdk repo to \'ocaml/sdk-gen/\' from commit \'e278e5de021b0f354d2a98810cf77ad3a1b7de40\'- CP-36113: Added targets for compiling the SDK generator and generating the SDK source code.- Keep the java library and samples version in sync.- Added the xen-api-sdk package to the tests.- Auto-formatted files. * Wed Mar 10 2021 Konstantina Chremmou - 1.292.0-2- CP-36113: Merged the SDK into xapi. * Mon Mar 08 2021 Rob Hoes - 1.292.0-1- Initialise Mirage RNG on startup * Fri Mar 05 2021 Rob Hoes - 1.291.0-1- CP-36096: Generate two certificates at startup- CP-36096: serve the new certificate for xapi:pool clients- CA-352329: Revert original formatting of lists in xapi-cli-server- xapi-cli-server: Consolidate formatting on comma-separated lists- xapi-cli-server: consolidate formatting of semicolon-separated lists * Tue Mar 02 2021 Rob Hoes - 1.290.0-1- When creating bonds, use primary_member\'s primary_address_type- When creating tunnels, use transport_PIF\'s primary_address_type- When creating vlans, use tagged_PIF\'s primary_address_type- make format- When creating sriov networks, use physical_ref\'s primary_address_type- CA-352111: Do not output on cronjobs unless there\'s an error- xapi-cli-server: clean up imports and comments- xapi-cli-server: be consistent when showing list of references- xapi-cli-server: be consistent when showing lists- REQ-403 CP-33822 add IP address as SAN in self-signed certs- CP-36096: Move helper_hostname to xapi_aux- CP-36096: Move functions that collect hostnames and ip to xapi-aux- CP-36096: Hostnames for certificates are gathered consistently- CP-36096: Allow any number of IPs in SAN- CP-36096: Move format conversion of mgmt IP to the edge- CP-36096: generate x509 extensions when the issuer is- CP-33822: Use Unix.gethostname instead the hostname binary- maintenance: restrict the usage of read_localhost_info- Replace gethostbyname by getaddrinfo to support IPv6- CA-265116 rename and deprecate Pool cert functions- CA-265116 rename and deprecate Host cert funtions- CA-265116 use new names for cert functions- REQ-403 CP-34468 add Host.reset_server_certificate- REQ-403 add module to split PEM files- REQ-403 use Pem.parse_file- REQ-403 introduce path to CA certificates- REQ-403 CP-33822 enable_tls_verification- REQ-403 CP-34461 emergency disable tls verification- REQ-403 CP-34461 tls verification health check- CP-34942: Update pem library for angstrom 0.14.0+- REQ-403 CP-35584 deprecate wlb_verify_cert- CP-35761: Add feature flag for TLS certificate checking- REQ-403: add logging to cert related handlers- CA-351391: Make certificate alerts ignore CA certs- REQ-403 bump schema version- CP-34643: Reduce usage of Listext- maintenance: avoid warnings for unused names- CP-32669: Remove vendored PCI library * Tue Feb 23 2021 Rob Hoes - 1.289.0-1- CP-36094 add SNI to stunnel server config- Revert \"CA-342527: Avoid traversing lists when possible\"- CP-34472 expose User-Agent from a context- CP-34472 throw the correct error on auth failure- CP-34472 ensure auth error is thrown correctly- CP-34472 add ability to record login failures- CP-34472 actually record login failures- CP-34472 generate failed login alerts- REQ-403 CP-34472 include IP address in login fail alerts- REQ-403 CP-34472 use UTC in failed login alerts * Tue Feb 16 2021 Rob Hoes - 1.288.0-1- CA-342527: remove argument logging of VMPP messages- CA-342527: Avoid traversing lists when possible- xapi: remove unused json module- maintenance: detect schema updates which are missing version bumps- ci: count usages of List.hd- Remove usage of List.hd in gencert * Fri Feb 05 2021 Rob Hoes - 1.287.0-2- Bump release and rebuild * Tue Jan 26 2021 Rob Hoes - 1.287.0-1- Support IPv6 in vncproxy- ci: check whether code in PRs is formatted- XSI-804 ensure HVM boot params consistent- maintenance: default hvm boot policy constant- CA-351323 XSI-828 fix snapshot metadata lookup * Tue Jan 26 2021 Rob Hoes - 1.286.0-1- CA-343646: generate certificate alerts- CA-343646: Avoid using API when no alerts are going to be modified- maintenance: format code with ocamlformat- Allow migration on IPv6-only host * Wed Jan 06 2021 Rob Hoes - 1.285.0-2- Bump release and rebuild * Mon Jan 04 2021 Christian Lindig - 1.285.0-1- CP-34602: test get_server_localtime and message.get_since- Add ipv6 addresses to this_is_my_address- Wrap IPv6 addresses when creating URLs- Continue fixing console location in IPv6- CP-34643: Replace deprecated usages of pervasiveext * Wed Dec 16 2020 Christian Lindig - 1.284.0-1- CA-350253: cli_operations: use `set []` when clearing if available- CA-320523: records: implement setting of the map for `xenstore-data` * Wed Dec 02 2020 Christian Lindig - 1.283.0-1- CP-34942: update dmidecode parser for angstrom 0.14- CA-348700: Block VDI.copy if on-boot=reset * Fri Nov 27 2020 Christian Lindig - 1.282.0-1- Fix IPv6 console location * Fri Nov 20 2020 Christian Lindig - 1.281.0-1- ci: unpin packages on cleanup * Wed Nov 18 2020 Edwin Török - 1.280.0-3- Re-enabled automatic ocaml dependency generator * Wed Nov 18 2020 Edwin Török - 1.280.0-2- CA-349027: be explicit about the choice of sendmail implementation * Thu Nov 12 2020 Christian Lindig - 1.280.0-1- CA-332779: Update power_state first in force_state_reset_keep_current_ops- CA-332779: Avoid VM.remove in maybe_cleanup_vm- CA-347560: Call VM.import_metadata_async for MD updates * Tue Nov 10 2020 Christian Lindig - 1.279.0-1- CP-35021 VM.suspend - assert support for NVidia cards- CP-35021 introduce new API error for vGPU suspend * Thu Nov 05 2020 Christian Lindig - 1.278.0-1- CA-347543 use /usr/bin/pool_secret_wrapper only if CC * Thu Oct 29 2020 Christian Lindig - 1.277.0-1- CP-35210: log why a private key or certificates failed to validate- CP-32138: rely on systemd to have wsproxy available- maintenance: update github actions dependency- maintenance: Schedule weekly run for 1.249-lcm- ci: do not cache unversioned packages, update versiones ones- CA-347611 Revert \"CA-332779: Update power_state first in force_state_reset_keep_current_operations\"- CA-347611 Revert \"CA-332779: Avoid VM.remove in maybe_cleanup_vm\" * Thu Oct 22 2020 Christian Lindig - 1.276.0-1- CA-332779: Update power_state first in force_state_reset_keep_current_operations- CA-332779: Avoid VM.remove in maybe_cleanup_vm- CP-35026 tell stunnel to provide inet address info- CP-35026 utils for extracting IP addresses- CP-35026 add client field to Context.t- CP-35026 pass client info to the debug module- maintenance: format * Wed Oct 21 2020 Christian Lindig - 1.275.0-1- CA-333441 - restarting ISCSI daemon after setting initiator IQN- CA-333441: Do not fail the startup sequence if the iSCSI initiator cannot be set- maintenance: allow tests to run in a sandbox- fix: update ocamlformat metadata to work with 0.15.0- maintenance: format code with ocamlformat * Thu Oct 15 2020 Christian Lindig - 1.274.0-1- fix: correctly show add_to_sm_config to logs * Mon Oct 12 2020 Christian Lindig - 1.273.0-1- Revert \"CA-333441 - restarting ISCSI daemon after setting initiator IQN\" * Thu Oct 08 2020 Christian Lindig - 1.272.0-1- CP-34942: update for rpclib 7 compatibility- CP-34942: adapt to message-switch usage of result- CP-34942: update for rpclib 8 compatibility- CA-333441 - restarting ISCSI daemon after setting initiator IQN- opam: add jobs for build and tests for all packages * Mon Oct 05 2020 Christian Lindig - 1.271.0-1- CA-333441 - restarting ISCSI daemon after setting initiator IQN- Delete unimplemented HTTP action definitions- Remove misleading comment on expose_get_all_messages_for- CA-262525: add missing parameters to HTTP actions- Add 2 new methods to the `Host` object * Wed Sep 16 2020 Christian Lindig - 1.270.0-1- Branding for the Stockholm release.- CA-332605 Fixed Bad error message for vcpu/cores-per-socket- maintenance: make call_script interface cleaner- maintenance: reintroduce missing PSR unit tests- maintenance: remove AATT list concats in suite_alcotest- maintenance: remove reference to unused file- maintenance: Remove travis CI- maintenance: remove unused pool op valid assert from mli- define rel_next- REQ-819 CA-34357 add PSR feature flag- REQ-819 CA-34873 remove genptoken & genptoken.service- REQ-819 CP-33774 PSR orchestration- REQ-819 CP-33777 expose code to generate ptoken as a library- REQ-819 CP-33777 real implementation- REQ-819 CP-33777 store list of pool secrets rather than only one- REQ-819 CP-33780 add pool secret rotation fistpoints- REQ-819 CP-34357 add designate_new_master to pool operations- REQ-819 CP-34357 block PSR if any pool operations are in progress- REQ-819 CP-34379 don\'t proceed with rotation if PSR state is inconsistent- REQ-819 CP-34873 generate pool secrets optionally via script- REQ-819 CP-34936 don\'t log result from pool_secret_wrapper- REQ-819 make PSR and HA mutually exclusive- REQ-819 rel_next -> rel_stockholm_psr * Wed Sep 16 2020 Ben Anson - 1.269.0-2- REQ-819 CP-34873: remove genptoken services * Mon Sep 14 2020 Christian Lindig - 1.269.0-1- CA-344268: Fix timing issue in PBIS available check- CA-265116 clarify doc for CA Cert Revoc. Lists- CP-33823 replace generate_ssl_cert with OCaml code for more control * Mon Sep 14 2020 Christian Lindig - 1.268.0-1- CA-322708 - VM must not be allowed to start during storage migration * Tue Sep 08 2020 Christian Lindig - 1.267.0-1- XSI-795 CA-343951 fix Nvidia version parsing * Wed Sep 02 2020 Christian Lindig - 1.266.0-1- CA-343769 get CC_PREPARATIONS from xs-inventory- Do not lose backtrace in RBAC * Fri Aug 28 2020 Christian Lindig - 1.265.0-1- XSO-974: add full lifecycle to VM.last_booted_record- maintenance: formatting- maintenance: remove occurences of !=- maintenance: remove occurences of \' == \'- maintenance: ensure all fistpoints work as expected- Remove duplicate line from xapi.service- CP-33121: open listext from its own library- CP-33121: open xstringext from its own library- CP-33121: open unixext from its own library- CP-33121: open threadtext from its own library- CP-33121: open pervasiveext from its own library- CP-33121: open date from its own library- CP-33121: Remove all open Stdext- CP-33121: Stop depending on stdext * Mon Aug 17 2020 Christian Lindig - 1.264.0-1- CA-341155: Fix console refresh when starting management server- Remove Xapi_mgmt_iface.rebind- CA-342171 fix get_server_localtime- CA-343230 improve bewildering HTTP 403 error- CA-343230 assert (rather than assume) that update VBDs are attached- xapi_mgmt_iface: restructure- xapi_mgmt_iface: hide himn_addr ref from the interface- Remove Xapi_network.detach call from Xapi_vlan.destroy- Clear the HIMN state if the network is detached- CA-342551: Avoid replacing certificate alerts * Wed Aug 12 2020 Christian Lindig - 1.263.0-1- Improve HA parameter derived from timeout (#4169)- CA-343117: host-backup: Include /boot/efi in the tarball * Thu Jul 30 2020 Christian Lindig - 1.262.0-1- CA-319021 fixed resident_on field update issue- maintenance: make format- maintenance: do not link to system OCaml when using opam * Fri Jul 24 2020 Christian Lindig - 1.261.0-1- merger rrd2cvs into xapi- CP-34439: ensure rrd2csv compiles alongside xapi- CP-34439: tidy rrd2csv after merging into xapi * Tue Jul 21 2020 Christian Lindig - 1.260.0-1- CA-338596: Upload files limit should deal with the dot style- CA-338608: Limit xe client to download files specified in the args- opam: update dependencies- ci: add github actions * Fri Jul 17 2020 Rob Hoes - 1.259.0-2- Remove the patches, which have now been upstreamed. * Thu Jul 16 2020 Christian Lindig - 1.259.0-1- CP-33121: Remove unused dependency on stdext\'s fun module | |