Release Notes - Version 3.5

Key features and changes

TeamDrive Host Server Version 3.5 is the next major release following after version 3.0.013.

Note

Please note the the version numbering scheme for the Host Server has been changed starting with version 3.5. The first two digits of the version string now identify a released version with a fixed feature set. The third digit, e.g. “3.5.1” now identifies the patch version, which increases for every public release that includes backwards-compatible bug or security fixes. A fourth digit identifies the build number and usually remains at zero, unless a rebuild/republishing of a release based on the same code base has to be performed (e.g. to fix a build or packaging issue that has no effect on the functionality or feature set).

Version 3.5 contains the following features and notable differences to version 3.0.013. See Release Notes - Version 3.0.013 for a detailed description of the change history for that version.

Host Server Functionality

  • Security enhancement: Files can now be published with an expiration date after which an auto task on the Host Server will automatically remove the published files again. Additionally, published files can now be protected by a password. This functionality requires support on the TeamDrive Client side, which is implemented in versions 4.1 of the TeamDrive Client. For entering the password in a html page, a few templates were added. The templates could be customized and will not overwritten when updating to a newer Host Server version.
  • Security enhancement: A request for a published file no longer returns the actual file directly, except in the case where the request comes from tools like wget or curl. Instead, the document returned is an HTML file containing JavaScript calls that load the actual file using a temporary URL. This solves a potential security problem in which URLs of published documents can be inadvertently disclosed to unintended recipients in the following scenario: A TeamDrive user publishes a document that contains URLs pointing to a third-party website (e.g. a PDF or office document). The user, or an authorized recipient of the published URL, clicks on a hyperlink embedded in the document. At that point, the referrer header discloses the document’s publish URL to the third-party website. Someone with access to that header, such as the webmaster of the third-party website, could then access the link to the published document. (HOSTSERVER-316)
  • A new Client/Server protocol, supporting parallel polling of Spaces for increased throughput/performance, batched delete operations (e.g. emptying the Trash) and “soft” locking of files. These features require support on the TeamDrive Client side, which is scheduled to be implemented in future versions of the TeamDrive Client.
  • Performance improvement: The Host Server now uses a database table instead of action files in the Space Volume’s file system for signalling actions like uploading or deleting files to the object store. As a result, s3d no longer has to perform a full scan of all Space Volumes to look for new or changed files. (HOSTSERVER-284) Additionally, the MD5 digest of a file is also stored in this table, so s3d does not need to perform a recalculation of the checksum before uploading the file to the object store. During an upgrade from a previous version, any remaining action tag files in the file system will be imported into the database. Afterwards, the server setting ImportS3tagFiles should be set to False.
  • The S3 daemon s3d now only performs a full scan of all Space Volumes once per day by default, looking for old files to be transferred to the object store. The age of these files is set via the settings variable MaxFileAge. The maximum file age should be set long enough to ensure that no file that may still be in the process of being uploaded by a Client will be sent to the Object Store, otherwise the Client would have to restart the upload from scratch.

Administration Console

  • Security improvement: Added support for managing multiple user/administrator accounts. There are 2 types of users: Superuser and Administrator. Only the Superuser may manage other users. The Administrator may view all users and only update his own user account. (HOSTSERVER-366)
  • Security improvement: Disabled auto completion on the login form. (HOSTSERVER-379)
  • Security improvement: The complexity of entered passwords is now indicated. (HOSTSERVER-374)
  • Security improvement: it is now possible to enable two-factor authentication via email. If enabled, the user is required to enter a security code provided via email in addition to his username and password.
  • Security improvement: On login, the user will get an error if he has another logged in session. To proceed, the user must check the checkbox titled: “Close my other login sessions”. (HOSTSERVER-376, HOSTSERVER-377)
  • Security improvement: The following events are now logged at the “notice” level: login, logout, failed login attempts and changes to user accounts.
  • Security improvement: the amount of search results (e.g. Spaces, Depots or users) is now limited to a maximum defined by the MaxRecordsDisplayed setting, which can only be changed by the Superuser.
  • Administration: It is now possible to change a Depot’s status (e.g. enabled, disabled, deleted)
  • Administration: Added support for viewing selected server log files and the Host Server API log. (HOSTSERVER-348, HOSTSERVER-243)
  • Administration: It is now possible to track and display modifications made to Space Depots (e.g. via API calls coming from the Registration Server or via the Host Server Admin Console). (HOSTSERVER-388)
  • Administration: When creating a new Space Volume via the Administration Console, the system now checks if the directory actually exists on the file system before creating the Volume. (HOSTSERVER-349)
  • Usability: References like Depot Names, Volume names and owners in the Space list are now clickable, to improve the quick navigation between pages. (HOSTSERVER-390)
  • Usability: Objects like Spaces or Depots that have been marked as deleted are now hidden in result lists by default. They can be made visible again by changing the setting ShowDeletedObjects from false to true. (HOSTSERVER-442)
  • Usability: Administration Console now better visualizes errors like missing Space Volumes.
  • Usability: Units displayed for disk space or traffic usage now use the correct units (e.g. MiB, or GiB), to avoid confusion caused by conversions between different units. Space and traffic levels are now displayed in percent instead of absolute units.

Administration / Installation

  • Administration: The Host Server’s log levels have been aligned with the ones used by the Registration Server and the Yvva Runtime Environment. Valid log levels are: 1 (Error), 2 (Warning), 3 (Notice), 4 (Trace), 5 (Debug). In production mode the default log level is 3 (Notice). Setting the log file name to syslog will now send log output to the local syslog service. You can add an optional “Log Identity after a colon in the log file name, for example: syslog:my-log-id. The default Log Identity is name of the program, e.g. s3d or tshs.
  • Administration: The central log file /var/log/td-hostserver.log is the central log location for all Yvva-based components (e.g. the Host Server API, Administration Console or td-hostserver background service); the log files used in previous versions (e.g. /var/log/mod_yvva.log, /var/log/p1_autotask.log, /var/log/pbvm.log) will no longer be used.
  • Administration: TSHS now supports the additional commands disable-s3-host, enable-s3-host and delete-s3-host that allow for disabling/removing the synchronization of objects to an S3-compatible object store. Calling disable-s3-host marks a host entry as “disabled”. Calling delete-s3-host deletes a host entry unless the entry is referenced by a file. In this case the entry will be marked as deleted. If an entry is marked as disabled or deleted, no further data will be uploaded to the object store. However, accessing existing objects from the object store will continue to work. Calling enable-s3-host will re-enable the synchronization of objects to the object store, including the upload of all objects that have been uploaded to TSHS while the object store was marked as disabled. If a disabled or deleted host is marked as current, then TSHS will generate an error on each write attempt.
  • Administration: Added an auto task that can be enabled to send out notification emails if a Space Volume’s disk utilization reaches a configurable level.
  • Administration: Added an auto task that removes published files that have reached their expiry time.
  • Administration: Added an auto task that can be enabled to delete API log entries older than 30 days from the hostapilog table.
  • Installation: TSHS now supports reading options from a configuration file. The default is /etc/tshs.conf. The default options that were previously stored in the TSHS init script /etc/init.d/tshs have now been moved to the configuration file instead. (HOSTSERVER-303)
  • Installation: Optionally configure email support (required when using two-factor authentication). (HOSTSERVER-437)
  • Installation: The initial Host Server setup process now asks for both a user name and password for the Superuser account. (HOSTSERVER-438)
  • Installation: Host Server 3.5 now requires Yvva Runtime Environment version 1.2 or later. This version is included in the Host Server’s yum package repository and will be installed automatically.
  • Installation: The distribution now contains the tool mys3, which can be used to interact with an S3 compatible object store.

API

  • Changes to a Space Depot performed by the API functions addusertodepot and deleteuserfromdepot are now added to the Depot’s change log.
  • The MD5 checksum value calculated over API requests no longer needs to be passed in lowercase when submitting the request. (HOSTSERVER-426)
  • For debugging purposes, erroneous API requests are now logged to the API requests table as well. (REGSERVER-465)

Change Log - Version 3.5

3.5.7 (2016-08-29)

Note

The Host Server version 3.5.7 requires YVVA runtime version 1.3.8 or later.

Note

Updating the Host Server on CentOS 7 with “yum update” might update the apache to a newer version. This update could re-install the deleted “conf”-files in the folder /etc/httpd/conf.modules.d/ and will prevent starting the apache. Please follow the modified instruction to disable all modules in the “conf”-files instead of deleting them as described in Apache 2.4 (CentOS 7)

  • Fixed the “back” button after clicking on a link in the Admin Console.
  • Fixed restore function: it was possible that an incorrect log offset was calculated after restore (HOSTSERVER-632).
  • Organised the settings into groups in the documentation (HOSTSERVER-630). The same grouping is used in the Admin Console in Host Server 3.6.
  • The Depot document returned with SERVERFLAGS= contained an invalid terminator. This caused the document to be incorrectly interpreted by the Client and Registration Server (HOSTSERVER-631).

3.5.6 (2016-07-13)

  • Fixed the traffic reset task. If the setting StatisticRest is blank, then the trask does not run. A quick workaround for this bug is to set the variable to “0”. This must be done directly in the database, on the table pspace.Setting, column Value (HOSTSERVER-623).

3.5.5 (2016-06-09)

  • Added missing yvva compatibility to td-hostserver background task configuration file

3.5.4 (2016-06-07)

Note

The Host Server version 3.5.4 requires YVVA runtime version 1.3.6 or later.

  • Fixed a bug that could result in the TeamDrive Client reporting traffic limit reached, when EnforceTrafficLimit is set to False (HOSTSERVER-621).
  • Added support for CentOS 7 with Apache 2.4
  • Fixed the link in to Volumes in the Host overview page (HOSTSERVER-619).
  • Fixed dialog used to set the owner of a Depot (HOSTSERVER-616).
  • Minor API documentation fix: the position of the <etl> tag has been changed, and the order of tags in reply’s now matches the order returned by the server (HOSTSERVER-496).
  • Admin Console: The Storage and Transfer columns incorrectly showed “MiB MB” as units (HOSTSERVER-612).
  • The Host Server was incorrectly setting the Volume full Status bit on Spaces, when the Depot disk limit was reached (HOSTSERVER-611). This error will be corrected automatically.
  • Fixed a bug that prevented long running MD5 checks from working correctly.
  • An error in the TDP version 3 prevented files from being deleted when the depot was full (HOSTSERVER-610).

3.5.3 (2016-02-02)

  • Fixed lost password functionality in admin web interface (HOSTSERVER-604).
  • Added the DownloadContentType setting which may be used to specify the content type of encrypted data returned by Host Server (HOSTSERVER-602).
  • API function “deletespace” no longer returns an error when deleting a Space that has already been deleted. However, the API also does not return an error if the Space does not exist at all, or if the Space is in another Depot. In these cases, the delete call is just ignored (HOSTSERVER-429).
  • Fixed a bug in mod_pspace: if a recently published file was deleted and then published again, the result could be that the file on the server has 0 bytes (HOSTSERVER-601).
  • The tags <disclimit> and <trafficlimit> in the “setdepot” call are now optional.
  • Added <etl> tag to the “getspacedata” API-call. The “Traffic Limit Reached” bit will also be removed from the status returned by this call (HOSTSERVER-411).

3.5.2 (2015-12-08)

Host Server Functionality

  • Fixed bug in schema definition for FileSize column in PublicFile table
  • Fixed bug with comparison of timestamp to DATE value in the database because of daylight savings time corrections (HOSTSERVER-578).
  • Fixed TD3 Protocol crash in loadSpaces() (HOSTSERVER-580).
  • Fixed return of .tdsv files
  • Fixed disk usage calculation error in case of host server is connected to an object store (HOSTSERVER-576).
  • Fixed duplicate object store log files processing in case of identical or missing S3ToProcessPath and S3ProcessedPath (HOSTSERVER-586)
  • Fixed adding external traffic in API-call “getspacedata” (HOSTSERVER-587)
  • Fixed retrieval of public file where name comtains reservied URL characters (HOSTSERVER-581)
  • Correctly log last.log.lock when reading and writing log files and if no maximum len is given, return the entire log
  • Fixed error when adding MOVE action to database –> Illegal mix of collations (HOSTSERVER-589)
  • Fixed TD3Protocol: Empty reply for getblob (HOSTSERVER-595)
  • Fixed exclude “Error getting size from ...” in case of zero download for object store access log processing (HOSTSERVER-593)
  • Corrected RepositoryChanges table duplicate constants
  • S3Daemon: Fixed error ‘The Content-MD5 you specified did not match what we received.’ It was possible that the checksum value stored in the database did not match that of the actual file (HOSTSERVER-591).
  • S3Daemon: Fixed problem with multipart uploads. If an attempt to transfer a zero length file to S3 it would fail but would try again later so it was stuck in an endless loop (HOSTSERVER-588).
  • Added Functionality to move space from one depot to another. The host Admin Console now provides a “Move...” button which can be used to move Spaces to a selected Depot. A new API function, movedepotspaces(), allows the same function to be performed via the API (HOSTSERVER-546). Client version 4.1.2 required to update the new space owner correctly.

3.5.1 (2015-10-09)

Documentation

  • Fixed description of Background Tasks
  • Added ssl configuration hint in case of upgrading a server to version 3.5
  • Added description for the html templates for password protected published files

Host Server Functionality

  • Usability: Added a default html template folder to avoid conflicts with customized html templates (HOSTSERVER-572)
  • Administration: Fixed divide by zero error in case of depot size and traffic limit are zero (HOSTSERVER-570)
  • Administration: German translation is disabled. Only english web interface is supported (HOSTSERVER-569)
  • Administration: The new background task for API log cleanup will be created with status enabled instead of disabled. The usage could be controlled using the setting “APILogEntryTimeout” (HOSTSERVER-568)
  • Usability: Added html template “url-invalid.html” for expired or invalid token in case of access a published file (HOSTSERVER-567)
  • Security improvement: Limit access to allowed log files (HOSTSERVER-564)
  • S3 daemon: Added bandwidth limitation for the S3 daemon (HOSTSERVER-563)
  • Administration: Added filter (<, >, =) for Space-IDs and Depot-IDs (HOSTSERVER-562)
  • Administration: Added setting “APILogEntryTimeout” to define a period in days for deleting api logs (HOSTSERVER-561)
  • Administration: Fixed truncated “Add New Admin User”-Button (HOSTSERVER-560)
  • Administration: Fixed access to ping.xml (HOSTSERVER-558)
  • Administration: Fixed s3d.log file name for log file display (HOSTSERVER-557)
  • S3 daemon: Fixed crash in case of multipart upload (HOSTSERVER-556)
  • Administration: Fixed displaying info text for “TimeDiffTolerance” setting (HOSTSERVER-553)

3.5.0 (2015-09-21)

  • Initial public release