Release Notes: IBM Aspera Enterprise Server, Connect Server, Point-to-Point Client, and Desktop Client 3.7.3 for AIX

Product Release: April 12, 2017

Release Notes Updated: April 12, 2017

This release of IBM Aspera Enterprise Server, Connect Server, Point-to-Point Client, and Desktop Client for Solaris x86 provides the new features listed below. Additional sections cover system requirements and known problems.

NEW FEATURES

General

  • File checksums SHA-256, SHA-384, and SHA-512 can now be set in aspera.conf. (CIM-269)
  • Improved detection of potential Distributed Denial of Service attempts involving missing or slow SSL negotiation requests. The HTTP fallback daemon now automatically times out (after 20 seconds) connections that do not send a request or are too slow.
  • New access key authentication for ascp. Access keys provide an alternative to the security credentials of a node user or system user. Because an access key is restricted to its own storage (local or cloud), it allows access control and usage reporting to be segregated by storage. This offers significant benefits to multi-tenant service providers and enterprise installations with multiple departments. Access key authentication supports Aspera client products, such as Desktop Client, Point-to-Point Client, Enterprise Server, Connect, and Drive. It also supports Faspex, Shares, and Aspera Files. For details, see your product documentation.
  • Strict token authorization when using an Aspera web public key.
  • Server-side encryption-at-rest is now supported. The passphrase is set in aspera.conf. Client-side EAR is still available as before.
  • New aspera.conf options for SSL that can be used on both server and client:
    • <ssl_protocols> to specify which SSL protocols are allowed (examples: tlsv1, sslv3)
    • <ssl_ciphers> to specify SSL ciphers allowed (examples: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)

    The server can limit what SSL protocols it will accept, and the client can request a certain value. If the value is not allowed by the server, the transfer session is denied.

  • FASP transfers are more secure with upgraded OpenSSL (from 1.0.2i to 1.0.2j).
  • Users can now run asnodeadmin --db-update to migrate a non-local Redis db from Enterprise Server 3.5.6 and earlier versions. The local Redis db is automatically migrated and updated by the installer during upgrades.
  • Docroots can now be configured using $(home) for a user's home directory. This is also supported by asconfigurator.
  • When using a local URI docroot or destination (such as file:////data), for example when server-side encryption-at-rest is enabled, temporary partial files can now be created during ascp transfers by configuring <partial_file_suffix> in aspera.conf. (CIM-85)
  • Added support for tokens for parent paths in single path transfers. For example, a token built for /general also allows a transfer of a single file or directory named /general/other/subsidiary.
  • Special file permissions (setuid and setgid) are now supported in ascp and the Node API when the permissions are configured in aspera.conf. (CIM-201)
  • A new option in aspera.conf for client-side encryption setting frees users from having to specify a matching value at the command line (-T).
  • Added a client-side configuration option to define a per-user or global default of the SSH key (to help clients used to running ssh without specifying a key if $HOME/.ssh/id_rsa exists).
  • Added support for the hmac-sha2-256 and hmac-sha2-512 algorithms.
  • Added support for the diffie-hellman-group-exchange-sha256 key-exchange algorithm.
  • The option ascp --remove-empty-source-directory for the --remove-after-transfer feature can now be enabled in Aspera Central in the SOAP API; it removes the source directory itself.
  • It is now possible to preserve the UID, GID, and timestamps to the Aspera Central SOAP API with a job order.
  • New server-side configuration options for symbolic link handling, including allowing/disallowing link creation, copying, and following. Previously these options could only be set on the client side. For details, see "Server-Side Symbolic Link Handling" in the admin guide.
  • On the DBLogger, options for the persistent store (ignore_empty_filesignore_no_transfer_filesignore_skipped_files, and file_errors) are configurable inaspera.conf.
  • Java SNI support is now available for HTTPS requests.
  • License support is now available for multiple entitlements per computer.
  • asperanoded can be bound to a specific address.
  • Users can request that unsupported Windows characters in filenames and path names be converted to a user-specified Windows-safe character by setting the option in aspera.conf. If this option is not enabled, uploading or downloading a filename that contains an illegal character generates an error.
  • A man page is now available for asconfigurator.

Ascp

  • Persistent ascp sessions (run with the --keepalive option) can now accept management control messages sent from a server to the remote machine.
  • The ascp management fields "User" and "ClientUser" now reflect the authorization and authentication methods.
  • The performance of the FASP protocol has been enhanced. Compared to prior releases, unencrypted CPU-bound transfers may see an increase of up to 100% in overall throughput; and encrypted CPU-bound transfers may see an increase in overall throughput of up to 20%.
  • A new FASP Manager API feature can be used to send an event when individual arguments, such as directories in persistent sessions, are completed.
  • Resume mode checks in Ascp now use a SHA-2-based MD5 checksum algorithm by default; to configure alternative algorithms, there is a new aspera.conf option.
  • ascp now reads session_timeout_sec from aspera.conf.
  • The command to resume ascp with the command-line argument k2 or k3 now works when a FIPS-140 compatible cipher is set.
  • The <file_create_mode> configuration in aspera.conf is now respected when the docroot is a file URI.
  • Ascp now features new complete include and exclude filter options to support glob and regular expression matching, equivalent to include/exclude options of async.
  • Ascp now includes a new asynchronous “in transfer” post-processing engine with Lua scripts. (This is the first version of this feature, and somewhat experimental.) A Lua interpreter engine is packaged with Enterprise Server, allowing for post-processing, validation, and authorization functions through embedded Lua scripts. Scripts execute asynchronously, and their progress is reported through a new validating state in the transfer session, without delaying completion of the file transfer or slowing the transfer pipeline.
  • Support for full URIs in file lists and file-pair lists.
  • Parallel (multi-session) transfers initiated from the command line can now use a URI for the filepath.
  • SSH private key strings can now be used to authenticate ascp transfers by setting a new environment variable, ASPERA_SCP_KEY.
  • A new ascp option, --dest64, can be used to indicate that the destination path is base64 encoded.
  • ascp now supports multiple private SSH key files (both DSA and RSA keys) that are called on the command line, specified with -i arguments. The keys are tried in order and the process ends when a key passes authentication or when all keys have been tried and have failed authentication.
  • A new transfer scheme, faux://, enables testing a transfer without reading from disk and/or writing to disk, eliminating the need to generate large test sets.
  • The default read/write block size is now set to 256 K (262144 KB) in ascp.
  • Many new and updated ascp arguments preserve timestamps; preserve OS X extended attributes (xattrs) and Windows Access Control Lists (ACLs), regardless of the type of file system storage; apply a local docroot; delete extraneous files at the transfer destination; delete source files after transfer; delete the root source directory after a transfer.
  • New capability for parallel uploads to S3 using the ascp option -C[1..N]. A new wrapper utility ascppar transparently initiates concurrent parallel transfers of a set of files or directories to S3. This is useful for maximizing speed on multicore machines (for example).

Node API

  • REST-ful /files calls now return full filepaths for admin users.
  • Specific events can now be requested by id using the new /events/{event_id} call.
  • The Node API now supports file locking. ascp transfers respect the lock status while the file is checked out. File locking can be enabled on the server by setting the<files_filelock_enabled> option in the <server> section of aspera.conf to true.
  • The Node API now supports access keys for IBM Bluemix S3 storage and Google Cloud Storage.
  • A new Node API call returns usage data (bytes transferred in, transferred out, and total) listed by access key.
  • The files/{id}/preview call now supports "Accept:" headers containing MIME types as completely literal (literal1/literal2) or literal and wildcard (literal/*). For example, 'Accept: image/*' returns image/png. This preview feature only applies to Linux machines deployed as Files nodes.
  • The /ops/transfers API has been improved, including new support for setting transfer rates, bandwidth priorities, and pausing/resuming/canceling active transfers.
  • Transfer and bandwidth statistics are self-cleaning for large numbers of sessions.
  • Asperanoded includes improvements in the /info and / API response, such as support for content protection settings.
  • In Node API, the parameters iteration_token and after_time can now both be used with the APIs /ops/transfers and /events; the parameters can be used together or separately. The parameters are set in aspera.conf according to the following policy:
    • If no value is available for count, use the value set in max_response_entries.
    • If count is present, return the lower number of responses of count and max_response_entries.
  • The response to an ops transfer get request now includes job_state in the list of transfer sessions.
  • The status of files and transfers can now be reported by iteration token from the Node API. For example, if the user specifies an iteration token tohttps://node:9092/ops/transfers?iteration_token=1234, file and transfer information since iteration_token=1234 are displayed.
  • A new Node API call returns usage data (bytes transferred in, transferred out, and total) listed by usage_id.
  • A new Node API call returns verbatim the content of a file within the file size restriction set in aspera.conf.
  • A Node API /files/browse now uses a configurable aspera.conf option to retrieve the preserved modification times for ascp uploads.
  • The Node API now returns events for the creation, rename, and deletion of files using the Node API, in addition to file transfer events. (CIM-52)
  • Node API transfer jobs can be split into multiple ascp sessions to take advantage of multiple computers or multiple cores and I/O streams on a single computer. This is governed by two parameters: (1) the ascp option -C, which enables multi-session transfers (also known as parallel transfers) and specifies how many sessions to run per job, and (2) a new ascp option --multi-session-threshold=threshold which specifies whether to split large files equally between sessions, or have each session transfer full files. For cloud storage, file-splitting is currently supported for S3 only. For details, see the application's Admin Guide: Ascp Command Reference. A default multipart aspera.conf configuration directive to use when one is not specified by the API call.
  • Support for the multi-session threshold feature in node (file.json) transfers.
  • /ops token authorization now uses SHA-2 as the default checksum, rather than SHA-1.
  • Default and allowed SSL ciphers have been updated to eliminate support for 3DES and to align the defaults with hardened versions.
  • A new case-insensitive filter can return filename matches regardless of case to Aspera Files.
  • File modification events, including delete and rename, are now logged to redis/scalekv.
  • Asperacentral has a new raw options capability that allows users to authorize the use of raw format ascp options by configuring aspera.conf.
  • Users are now able to set a policy for retrying node-to-node transfers. These options are set in aspera.conf and the node API.
  • The access key and token secret of a Node API user are now passed on to Aspera Central, such that ascp is run with the environment variables associated with that user.
  • Users can now specify token lifetime using *_setup in the node API. Previously this was only possible using an astokengen option.
  • SSH private key strings are now are now supported in the Node API through a new JSON element, ssh_private_key.
  • A new asnodeadmin option --show-job-queue allows the node admin to view the current queue of transfers.
  • A new asnodeadmin option --show-transfer-log allows the node admin to view all transfers (ongoing, completed, failed, orphaned, and so on), except for those currently in the transfer job queue.

Sync

  • Sync is now documented for Solaris. Below are highlights of new Sync functionality. For more information, see the IBM Aspera Sync Admin Guide 3.7.3 for Solaris x86.
  • Sync now has a two-minute timeout, enabling it to exit gracefully in the rare cases when it does not receive a proper shutdown sequence.
  • The asyncadmin tool can now output file and session status when Sync is using a database with LMS (<async_db_spec> is set to sqlite::lms). When reporting data on a specific source-destination pair by name (using the -N pair_name option), if Sync is running then the output reflects the final state of the last async run and does not reflect any changes in the active sync.
  • Sync in bidi mode no longer reports conflicts due to directory modification times.
  • On machines with Unix-based operating systems, a new value, inode, is available for the --dedup option. In this mode, when two or more source files have matching inodes, a hardlink is created between them on the target and the target files have matching inodes.
  • Faster Snap database loading on subsequent syncs when many (100s) of filters are specified.
  • Faster execution of --dedup=copy on Windows machines that support Offloaded Data Transfers (ODX).
  • Sync with S3 is now fully supported and documented.
  • Improved Sync shut down process when a Sync session is stopped.
  • Bidirectional syncs between S3 buckets are now supported.
  • A new option, --cooloff-max=time, can be specified so that a one-time Sync waits for a file to stop changing within the cooloff interval before it synchronizes the file. With this option, the file is skipped after the cooloff-max time.
  • Sync sessions can now be filtered by setting the <filter> configuration in aspera.conf. Command-line filters are applied after aspera.conf settings. If filtering is not always wanted, then configure filters for one user. Sync sessions that are run by that user are filtered while sync sessions run by other users are not.
  • Aspera introduces access key authentication for Sync. Access keys provide an alternative to the security credentials of a node user or system user. Because an access key is restricted to its own storage (local or cloud), it allows access control and usage reporting to be segregated by storage. This offers significant benefits to multi-tenant service providers and enterprise installations with multiple departments. This also allows async to run on Aspera Files and for other Node v4 applications.
  • A new asyncadmin option prints file attributes (mtime, recursive mtime for directories, and checksum).
  • Sync now preserves POSIX attributes in the event that file attributes change but file contents do not (times, UID, GID).
  • The new recursive mtime option enables the exclusion of directories and files older than a configured timestamp.
  • The new --delete-delay option allows the delete operations in a unidirectional sync to be delayed until the end of the synchronization.
  • When using the --keep-dir-local or --keep-dir-remote options, locating the keep-dir under the same directory as the sync directory is no longer an error condition as long as the keep-dir has been added to the exclude list.
  • The Sync library now takes a license as a parameter. If the library doesn't get a license on initialization, it can still search for one on the disk, as it does currently.
  • async now accepts external cookies, tags, and reports through management.
  • Sync has the following new options:
    --local-mount-signature=signature_file
    --remote-mount-signature=signature_file
    Verify local/remote file system is mounted by the existence of this file. NOTE: Use of this feature will increase the time to synchronize deletes.
    --pending-max=number_of_files
    The maximum number of pending files to allow. Default is 2000.
    --compression=mode
    Specify method used to compress a file before transfer. mode can be zlib or none. The default value is none.
    --transfer-threads=number[:size]
    Specify intervals for dedicated transfer threads. number corresponds to the number of threads used to process files smaller or equal to the specified size. If no size is specified, infinity is used as an upper bound.
    --remove-after-transfer
    Remove source files after they are transferred correctly.
    --scan-interval=duration
    Enable periodic scans. duration defines the interval between periodic scans. durationmay be specified as DDd HH:MM:SS.mmm or NNw NNd NNh NNm NNs NNms NNus.
    --remote-scan-interval=duration
    Enable periodic scans on the remote machine.
  • Sync also has three new options for preserving timestamps:
    --preserve-access-time
    Preserve file access time.
    --preserve-modification-time
    Preserve file modification time.
    --preserve-creation-time
    Preserve file creation time (Windows only).

Watchfolder and Aspera Watch Service

Watchfolders and the Aspera Watch Service are now supported on AIX.

The Aspera Watch Service (asperawatchd) is a file system change detection and snapshot service optimized for speed, scale and distributed sources. It discovers changes (new files and directories, deleted items, and renames) in source file systems immediately as they occur, eliminating the need to scan the file system. It is automatically installed and started with the installation of Enterprise Server, Connect Server, Point-to-Point Client, and Desktop Client.

The Aspera Watchfolder service (asperawatchd) enables large-scale, automated file and directory transfers including ultra-large directories with over 10 million items and "growing file" sources. Watchfolders uses input from asperawatchd to automate file transfers from a source folder to a destination system. Watchfolders runs on the client side only and the recipient Aspera server endpoint does not need additional software components to support receiving data. Operators can specify local or remote post-transfer processing steps to be executed once the drop has been transferred. A valid, watchfolder-enabled license is required to use this feature.

Other Changes

  • The pre/post variable TOKEN is no longer valid.
  • Activity bandwidth logging is no longer enabled by default.

SYSTEM REQUIREMENTS

Server

  • Solaris x86: 10
  • The Connect Server web UI also requires perl 5.10 and updating the Apache user path. See "Product Setup" in the admin guide for more information.

Client Browsers for Connect Server Web UI

  • Windows: Microsoft Edge, Internet Explorer 8-11, Firefox 27-51, Chrome 32-56
  • Mac OS X: Safari 6-9, Firefox 27-51, Chrome 32-56
  • Linux: Firefox 27-51, Google Chrome 32-56

PACKAGE INFORMATION

Enterprise/Connect Server

aix: aspera-entsrv-3.7.3.140763-aix-6.1-ppc32-release.sh
md5: e0b00d7babda4bb9a20061a6e78426d6
sha1: cd31bf21e8e417ce07e47dfff423436592ba00d7

Point-to-Point

Solaris x86: aspera-scp-p2p-3.7.3.141832-solaris-10-32.pkg
md5: 55c4a519a3888a2318145fda76b48e6c
sha1: de7a7abe4cfe84999230904040c415e258d4d473
aix: aspera-scp-p2p-3.7.3.140763-aix-6.1-ppc32-release.sh
md5: 2536f67036f584ddf422e7a3ec8c46ed
sha1: 043620d1aa0fd7624a3fe959e24a31b604a26a2e

Client

Solaris x86: aspera-scp-client-3.7.3.141832-solaris-10-32.pkg
md5: a7b734b1d0f60295dd351a5187134116
sha1: 154dc4b1b860c3a5193b40cb65e03c9282a20fe2
aix: aspera-scp-client-3.7.3.140763-aix-6.1-ppc32-release.sh
md5: 7cd1507601cb24273017f7393f772530
sha1: 4a4ee65b656f36acaa869cd402d69fea38f657fd

KNOWN ISSUES

Note: This release contains tickets created from different issue-tracking systems. For this reason, the list below uses two different formats for issue numbers.

General

ATT-245 (#22726) - Successful transfers may log the error, Failure Event: -34 - libssh2_channel_wait_closed() invoked when channel is not in EOF state, particularly downloads in FIPS mode. The error can be safely ignored. (CIM-329)

ATT-98 - If the server side has inline validation configured, the server does not honor a session timeout if a transfer includes a skipped file.

ES-249 - The aggressiveness setting is being applied to Vlinks, rather than only the network rate controller. (CIM-399)

ES-216 - If the Aspera Connect Plug-in is unable to connect to the server by SSH, a misleading error message, "Failed to authenticate," is reported rather than indicating that it is a connection problem. (CIM-72)

ES-215 - If the Aspera Connect Plug-in is unable to connect to the server by SSH, no fallback is attempted. (CIM-320)

ES-188 - Transfers through Aspera Forward Proxy are rejected if the node user password contains an @ symbol. (CIM-290)

ES-118 (#21517) - Folders created in the Connect Server web GUI may have permissions different from those specified in aspera.conf.

ES-42 - When retrieving the entitlement status using alee-admin status, confusing error messages are returned even if the entitlement has been registered successfully.

#35952 - asunprotect cannot decrypt a re-protected file.

#34811 - The user is unable to download encrypted files with an incorrect decryption passphrase when using HTTP fallback.

#32934 - If the Internet accountability software Covenant Eyes is installed, some HTTP fallback transfers appear to complete but then lose connection with the server and subsequently attempt to retransfer. Covenant Eyes captures the entire HTTP transmission before forwarding it to the server. If the file is so large that this process takes longer than about 20 seconds, the server times out and cancels the session. Workaround: Reduce the probability of timeout by increasing the server timeout length. Set Session Activity Timeout in aspera.conf by running the following command:
$> asconfigurator -x "http_server;session_activity_timeout,time_in_seconds"

#32517 - Retransfer requests are unencrypted when transfers are encrypted. This can cause transfer failures in some scenarios, such as a network device dropping the retransfer request because it detects a bit sequence it considers malicious.

#31791 - Files with the file extension .aspx are not transferred. Workaround: Edit the resume_suffix setting in aspera.conf on the client.

#30690 - ascp fails with an inaccurate message—Error: failed to authenticate—when the server is configured to accept only unsupported ciphers.

#28683 - If a global docroot is enabled, asp-check.sh reports the root user as insecure.

#28679 - In some cases, the fallback server cannot accept additional connections, possibly due to too many 'incomplete' requests.

#27056 - ascmd does not respect server-side symlink configuration.

#23246 - Warnings are not generated about files skipped due to the source base setting.

#23070 - If a transfer of several files is interrupted, the retries generate a no such file error for any already-transferred files.

#22998 - If the overwrite setting in the server's aspera.conf is deny, a destination file with the same name as the transfer file is still overwritten.

#21629 - Connect Server aspera-dirlist.pl does not accurately reflect file permissions for user actions.

ascp

ATT-349 - The ascp bandwidth test option -wf is invalid in v3.7.2+. (CIM-516)

ATT-226 - If a URL docroot is configured, ascp reports incorrect bytes for the sessions involved in a multi-session transfer.

ATT-205 - ascp transfer fails with an internal memory error if <network_rc><module> is set to air in the <bandwidth> section of aspera.conf.

ATT-189 - In rare cases, ascp keeps running after encountering a disk read error. (CIM-233)

ATT-185 - ascp does not reconnect to Redis database when asperanoded is restarted.

ES-267 - Under rare conditions, ascp transfers to cloud object storage may be reported as successful even though Trapd reports and error and the content is not in the storage. (CIM-475)

ES-177 - The range_low value of a -@ argument is not respected.

#35010 - If the source path in an ascp transfer is a file named \ , the file is not transferred and an error is generated, but the folder than contains the file and all other files in that folder are transferred.

#33094 - The ascp option delete-before-transfer is not supported for URI storage.

#32890 - During an ascp transfer using the --preserve-xattrs= metafile --remote-preserve-xattrs=metafile options, the metafile is not transferred.

#32680 - The option to create a directory (ascp -d) may create a directory at a destination before an expected session failure.

#32553 - When the FASP Session log source file list exceeds 500 bytes and contains multibyte UTF-8 characters, the output is truncated in a manner that creates an invalid UTF-8 sequence.

#31423 - It is possible for an ascp transfer of a file on a full disk to be reported as successful by both the sender and the receiver.

#28939 - If command line ascp neglects to specify a destination host, then the failed transfer (error: "no remote host specified") gets recorded in SQLite with client_node_id NULL, instead of being populated with the uuid of the node. This causes an issue with Console.

#25865 - Allowing symbolic links to be copied also allows access to locations outside the docroot.

A4

A4 is not yet supported on Solaris.

Node API

ES-248 - While a transfer of many files are in process, Node API reports skipped files as complete. The counters are correct once the transfer is complete. (CIM-398)

NODE-257 - Reports sometimes fail if the Node API temporarily reports an impossibly large value for bytes_transferred.

NODE-244 - A POST request containing an invalid value for "storage_class" returns the wrong error message, "Invalid value for server_side_encryption".

NODE-236 - Transfers with a status of "waiting" cannot be canceled.

NODE-177 - [Unix-based OS] ascp transfers and asperanoded may fail when trying to transfer many (millions) of small files because the Redis db exceeds available number of file descriptors.Workaround: Increase the maximum number of file descriptors from the default of 1024 to a larger value, such as 1,000,000, by running the following command:

$ ulimit -Sn 10000000

NODE-170 - The file event "file.created/modified" is not generated for files with 0 bytes.

NODE-139 - The --token-key-length option in asnodeadmin allows invalid token key lengths.

NODE-137 - A Node API /ops/transfers call reports the incorrect values for files_completed and files_failed.

#33374 - Symbolic link capability is only available on local storage but an unimplemented function error does not appear when the user attempts to create a symbolic link to a file on cloud storage (S3) from the Node API.

#33229 - Users cannot browse a file on cloud storage using a /files/browse API request.

#33206 - /ops/transfers erroneously shows some queued transfers (which are farther down in the queue) as failed before they have completed.

#32669 - When a directory is linked from a subdirectory, it does not appear in the search result for a /files/search request in the Node API.

#32627 - When a filename is just a dot and an extension, (for example, .pdf), then it is reported as a file with "content_type"=>"application/pdf" or a hidden file named PDF; for example:
{"id"=>"27", "name"=>".pdf", "size"=>12, "content_type"=>"application/pdf", "type"=>"file", "modified_time"=>"2015-09-10T15:24:01Z", "access_level"=>"edit", "permission_count"=>0}

#31712 - For both S3 on AWS and Softlayer Swift storage, /files returns modified_time for files but not for folders.

#30542 -/files PUT (file rename) should be fixed to involve only one PVCL operation but still return the proper 409 code when there is a destination conflict, and PVCL needs to return proper error codes stating that the move operation failed because of a destination conflict.

#29848 - When <write_allowed><read_allowed>, and <dir_allowed> are all set to false inaspera.conf, Node API calls to URLs such as /files/browse are returning response code 500 Internal Server Error: instead of another code that better indicates that access to the resource is denied.

#29787 - When the docroot is not configured, the HTTP error code 500 ("Internal Server Error") is returned.

#29187 - For content in cloud storage, the Node API does not display all the files in the docroot directory. Workaround: Use the /files/info request to browse the docroot directory when content is in cloud-based storage.

#29138 - For files in S3 storage, the Node API does not return the correct file modification time.

#29078 - When an access key is created using the standard node user authorization, the access key inherits that node user and its associated system user. Afterwards, asnodeadmin can be used to associate a new system user to the node user, but the new system user is not updated for the access key.

#28219 - asperanoded fails to delete a directory name containing backslashes. Workaround:
  1. Stop node.
  2. At the command prompt, issue the command ulimit -S -n 2048.
  3. Restart node in the same command-line shell (the limit is shell-specific).
  4. Send in the same /files/delete request as you did before; the head and everything in it will be removed.
Note: Prior to the command in Step 2 above, you can find out the current limit by running the following command: ulimit -a | grep "open files".

#25127 - HTTP fallback temporary files (*.haspx) are not excluded by the Node API.

#23434 - Files that start with "._" are not returned by the Node API browse action.

#22619 - In the Node API, /files/search follows symbolic links.

#20002 - Inconsistent behavior regarding symbolic link following: /files/browse doesn't follow the links and reports links and their target (final type and next name), while /files/inforeports symbolic links as files or directories.

#18659 - Searching with very long pathnames (over 520 characters) results in an "insufficient buffer space" error.

#18368 - Files with a backslash in the filename are not displayed in the list when the user browses the remote source on the new package page.

Watchfolder and Aspera Watch Service

WAT-501 - Some ascp sessions started by a Watchfolder may not stop running after synchronization is complete when many (50) large (1000 files of 2 KB to 1 MB) Watchfolders are started at the same time.

WAT-314 - asperawatchfolderd must be running in order to delete a Watchfolder.

WAT-200 - Recently finished Watchfolder drops are not stored and are lost if asrund is restarted.

WAT-174 - Watchfolder uses excessive memory when watching 10 million files.

WAT-169 - When using top_level_dirs drop detection with x top level directories in Watchfolder, 7(x)+ drops are created. The drop count continually increases.

WAT-159 - If one file in a Watchfolder transfer fails or a drop is aborted, the other files in the package will be reported as aborted but ascp is not stopped and the transfer continues.

#33877 - Aspera Enterprise licenses that are watchfolder-enabled don't display watchfolders as an enabled component.

Sync

Async on Solaris does not support continuous PUSH or BIDI modes.

ES-92 - Sync reports incorrect counts for 'deleted_paths', 'deleted_bytes', and 'cumulative_deleted_bytes'.

ES-50 - When using local storage for Sync with Files on Unix-based systems, Sync fails if the access key storage does not start with "/". For example, data/storage fails but /data/storage is successful.

WAT-523 - Meta-attributes are not preserved in sync sessions that use the --dedup=copy option.

WAT-465 - Sync hangs following a TCP impairment that produces a libssh2 timeout or error.

WAT-362 (#24812) - If a file's size decreases during a continuous Sync push, the file remains pending and is never synced.

WAT-288 (#27311) - An --apply-local-docroot pull copies the local docroot path into the same path. For example, /home/user1/sync is copied into /home/user1/sync.

WAT-287 (#32064,#32883) - When syncing a directory in continuous bidi mode, Sync keeps running with one pending file rather than complete and go idle.

WAT-9 - When the scan-file-rename option is used with asperawatchd, moved files should be detected and renamed at the destination, not deleted and replaced by a transferred, renamed file.

#29038 - Using overwrite=always when syncing with cloud storage does not overwrite the file. The default checksum behavior with S3 (as with any cloud storage) is "none". An existing file on S3 is considered identical to the local file when their sizes are equal. Therefore the file on S3 is not overwritten, even when the content of S3 differs from the content of the local file.

#28887 - When a file or directory is moved by using the --exclude command in Sync continuous mode, the old file or directory is not removed from the remote side.

#28817 - The Sync log entry for SYNCERROR_DELAY does not include information that describes the file name and path.

#27621 - Sync reports conflicts due to the presences of hidden, temporary, or transient files (such as temporary files created by Microsoft Office products).

#25915 - When the sync function is set to continuous, overwriting an existing file on the initiating node may result in the deletion of the previous version of the file on the responding node. Workaround: Perform the sync manually to re-create the deleted file.

#24805 - For a synced directory, ACL is preserved at destination for all of the files and subdirectories under the source folder, but the ACL for the source folder itself is not replicated to the remote destination folder.

#23954 - When the --preserve-acls or --preserve-xattrs option is used, async does not preserve the acl or xattr when either file acl or xattr is modified and (a) file content is unmodified or (b) file content is unmodified and the file is renamed.

#23004 - Aspera Console does not draw a line between the involved nodes for an asynctransfer. This issue occurs when two managed nodes are used with two interfaces on two different networks.

#22633 - Sync does not support large xattr/ResourceForks.

#22044 - asyncadmin reports all sessions are locked after the last actual running session.

#21014 - When creating a file with vi during a sync, the swap file is in conflict.

#20906 - async can't create a watch on an unreadable directory; therefore, it does not get notified when permissions change. In addition, async treats an unreadable directory as "skip" rather than reporting an error or conflict.

#20347 - Async reports errors and conflicts for deep directory depth when the sync is from Linux to Windows.

#19945 - asyncadmin creates SHM and WAL files for read-only operations. Once asyncadmin is run as the root, async run by the user does not have permission to access the existing SHM and WAL files and thus async fails. This is due to a bug in SQLite.

#16911 - Characters in the async session option that are not preceded by a "-" or "--" are ignored, therefore failing to trigger an error message. Any session options specified (such as -lor -a) after the string of characters not preceded by a "-" or "--" are also ignored. The session still runs using the default values, but does not notify the user that the command line settings have not been applied.

#13761 - If file names contain "\" or new line, async will try to transfer but fail, causing the internal transfer queue to become full and the synchronization to stall (or hang after all the other files have completed).

#13645 - When a directory is renamed during transfer, Sync continues running and never completes.

PRODUCT SUPPORT

For online support resources for Aspera products, including raising new support tickets, please visit the Aspera Support Portal. Note that you may have an existing account if you contacted the Aspera support team in the past. Before creating a new account, first try setting a password for the email that you use to interact with us. You may also call one of our regional support centers.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk