Product Release: June 7, 2016
Release Notes Updated: June 8, 2016
Release 3.6.1 is an update of the Linux 64-bit versions of IBM Aspera Enterprise Server, Connect Server, Point-to-Point Client, and Desktop Client. It provides the new features, fixes, and other changes listed below. Release 3.6.1 includes IBM Aspera Sync 3.6.1.
- asperawatchd now supports domains (namespaces) in redis that distinguish the differentasperawatchd instances running on the same redis instance, which enables asperawatchd to start multiple asperawatchd instances using different users.
- A new procedure removes the --master option from asperawatchd and introduces a procedure to elect a leader among the running daemons. This helps to overcome the situation where the master instance crashes or loses the connection to the other instances.
- In async, there is support for periodic scan on remote.
- Support for an inclusion filter with Console smart transfers.
Note: This feature is not available in Console 3.0.6 (the current release).
- The option ascp --remove-empty-source-directory for the --remove-after-transfer feature can now be enabled in Aspera Central in the SOAP API; it removes the source directory itself.
- Transfers to Amazon S3 storage now have the capacity to set cache-control request headers. For more information, see the API Reference in the AWS documentation at the following URL (subject to change):
- Azure support now includes storage to blob pages.
- ascp now reads session_timeout_sec from aspera.conf.
- Support for Amazon KMS when uploading to S3 (pushes data directly to S3 and supports KMS encryption).
- Support for the multi-session threshold feature in node (file.json) transfers.
- Node API /transfers and /opt/transfers take a multi_session field to split a given transfer job between multiple ascp sessions, possibly over multiple nodes when using a cluster as an initiator. Functionality: this adds a default multipart aspera.conf configuration directive to use when one is not specified by the API call.
- Amazon's new Infrequent Access storage option is now available as a storage class, through docroot configuration.
- Support for full URIs in file lists and file-pair lists.
- Added support for the diffie-hellman-group-exchange-sha256 key-exchange algorithm.
- Added support for the hmac-sha2-256 and hmac-sha2-512 algorithms.
- Added a client-side configuration option to define a per-user or global default of the SSH key (to help clients used to running ssh without specifying a key if $HOME/.ssh/id_rsa exists).
- async now accepts external cookies, tags, and reports through management.
- A new option in aspera.conf for client-side encryption setting frees users from having to specify a matching value at the command line (-T).
- asperawatchfolderd support for aspera proxy (dnat/dnats).
- ascp forward proxy needs to support DNS names pointing to multiple proxies.
- The default read/write block size is now set to 256 K (262144 KB) in ascp.
- Support for cache-control metadata for S3.
- In Node API, the parameters iteration_token and after_time can now both be used with the APIs /ops/transfers and /events; the parameters can be used together or separately. The parameters are set in aspera.conf according to the following policy:
- If no value is available for count, use the value set in max_response_entries.
- If count is present, return the lower number of responses of count andmax_response_entries.
- Node API /files/browse now uses a configurable aspera.conf option to retrieve the preserved modification times for ascp uploads.
- Improved performance (by increasing the speed) when the system is deleting a large number of files in Azure.
- aswatchadmin now allows specification of the escape character when using --format.
- Console now reports the activity of the server node on the Activity Overview Page, in the Sync Jobs list, when async_activity_logging is set in aspera.conf.
- This release offers a new set of options reorganized by function, which can be used instead of the --tool option formerly used by aswatchadmin. The first command below is replaced by the second:
aswatchadmin --db-spec redis:localhost:31415 --tool=daemon --create /mnt
aswatchadmin create-watch /mnt --db-spec redis:locahost:31415
- The aspera.conf options for asperawatchd snapshot creation have changed.
- [Linux] Watchfolder now has an init.d script. It starts based on a setting in aspera.conf.
- There is a new Linux-only option to validate the system value setting that the max inotifywatches. If the aspera.conf value for server>watchd>:max_directories is larger than the system value, --validate will print an error and state that the verification failed.
ISSUES FIXED IN THIS RELEASE
(This release contains tickets created from two tracking systems; thus there are two different formats for ticket identifiers.)
#WAT-190 - Watchfolder does not retransfer changed files because it does not detect a change that happens after the cool-off of the file but before the completion of the drop.
#WAT-170 - async stops mid-transfer when using asperawatchd.
#WAT-168 - Local post-processing "transfer_delete" is executed for failed files.
#WAT-158 - The asperawatchd existing watch report is impaired.
#WAT-136 - On a watchfolder, timestamps are not preserved, even when they are specified in the configuration.
#WAT-119 - async noncontinuous mode does not sync files after a cancelled session.
#WAT-92 - In asperawatchfolderd, there is now an ability to reenable remove post-processing.
#WAT-86 - aswatchadmin now has a feature to test and set system values.
#WAT-64 - asperawatchd now supports namespaces in redis to distinguish the differentasperawatchd instances running on the same redis instance; this enables starting multipleasperawatchd instances using different users.
#WAT-51 - Watchfolder status is stuck in Processing when files are skipped by ascp.
#35378 - asperahttpd crashes when resuming an existing ascp transfer.
#35295 - A destination top-level directory does not have write access and the user is using the -t option to preserve times in their async.
#35253 - Alee logs show that alee reports 400 bad request when the redis database is empty or all the keys have 0.
- Use the KMS server side encryption (sse:kms).
- Use a server in a region where this is mandatory - like Frankfurt (eu-central-1).
#34419 - The user is unable to download encrypted files with an incorrect decryption passphrase. (This is stilll an issue when using HTTP fallback; see ticket #34811 in the Known Issues section).
#34228 - The error ERR cannot read content-protect parameters should display as a warning instead.
#34166 - Memory leaks in asperanoded result in system crashes.
#34139 - Delete-before-transfer is not working for a SMB\CIFS path.
#34124 - When transfers are initiated from Watchfolder Transfers, the Name field does not populate with data.
#34045 - When the docroot is set using the file :"///", CS (Linux) cannot be reached from the browser.
#33978 - Ability to check for sshkey path in $HOME/.ssh not functioning properly.
- The non-root user has a docroot set on aspera.conf.
- The remote endpoint is associated with an SSH private key.
- The remote host is a unmanaged node.
#33567 - When server-side encryption-at-rest (EAR) is configured for local storage usingfile:///<path> docroot, the aspera.conf chunk_size parameter must be set.
#33536 - When the database is configured on a remote machine, and db_host is set, ascpattempts to connect to the local database.
#33535 - asperawatchfolderd is not uninstalled on Linux.
#33313 - When using CLI to transfer and preserve XATTRs, XATTRs are not preserved with a file reporting as 0 KB.
#33233 - Basic tokens are stored and can be reused to make arbitrary transfers.
#33204 - A file name "\" causes a crash.
#33011 - asdelete fails to connect to the server.
Linux 64-bit: RedHat 6-7, CentOS 6-7, Fedora 16-20, Ubuntu 12-14, Debian 6-7, SLES 11-12 Kernel 2.4 or higher and libc version GLIB 2.3.4+
Browsers (for Connect Server clients): Firefox 27-48, Google Chrome 32-50
PREVIOUS RELEASE NOTES
Enterprise Server 3.6.0 Release Notes
Enterprise Server 3.5.6 Release Notes
Enterprise Server 3.5.5 Release Notes
Enterprise Server 3.5.4 Release Notes
Enterprise Server 3.5.2 Release Notes
Enterprise Server 3.5.1 Release Notes
Enterprise Server 3.4.6 Release Notes
Enterprise Server 3.3.4 Release Notes
Enterprise Server 3.3.3 Release Notes
Enterprise Server 3.3.0 Release Notes
Enterprise Server 3.1.3 Release Notes
md5: e8ffd4ea0948bd537ef22a76cdcc355f sha1: 1e1695a160d6e670b4e61be6686c68c233d010eb
md5: d5877107db8220b9cc16ea4f6416d9b2 sha1: ecc6d6746488e6390bed1ec9668d42cee96dd01e
md5: 2d314c6a308a29e2409e5c96320ecd15 sha1: 9d2894373cfcd61deaf023747606baa81660e880
md5: 8c2a412dabe32fcd09c21b509d7c1f03 sha1: 7ce6c62b36d2f2d7bb6bac6b377cc5dc52b114b0
md5: 9861167e4247eabddb2ef0799ce6ac30 sha1: d2a31375ced1cf4ef39ccd11a232119d214da349
md5: 361ceadb41204b3ba763cb7e751b16ac sha1: 4455d1afeced6884433edc00ad449f3deed2aa0b
(This release contains tickets created from two tracking systems; thus there are two different formats for ticket identifiers.)
#WAT-174 - Watchfolder uses excessive memory when watching 10 million files.
#WAT-169 - [Watchfolder] When using top_level_dirs drop detection with x top level directories, 7(x)+ drops are created. The drop count continually increases.
#34674 - When Japanese language is set on the ES GUI, it doesn't respect aspera.confsettings; all docroot settings are set to false, and the other settings fail with attached Japanese errors.
#35453 - Parallel transfers do not work when a client and a server have different installed release versions of Enterprise Server.
#35421 - Shares console becomes unreponsive during a command that takes a long time to run.
#34811 - The user is unable to download encrypted files with an incorrect decryption passphrase when using HTTP fallback.
#33374 - The unimplemented function error does not appear when the user attempts to create a symbolic link to a file on cloud storage (S3) from the Node API. (Symbolic link capability is onlyn available on local storage.)
#33229 - The client is no longer able to browse a file on cloud storage using a /files/browseAPI request.
#33214 - Transfers to and from cloud storage (S3) with an authorization token are failing.
#33212 - There is a missing vlink_init line in the ascp client log for an upload vlink (cookie) set on the client.
#33206 - /ops/transfers shows queued transfers as failed, then completed.
#33202 - Node API allows the user to move a file in cloud storage into a directory with a/files/rename request.
#32941 - ascp fails transfers with the --no-read --no-write option using pvcl.
#32934 - HTTP fallback transfers appear to complete but lose the connection and Connect Server attempts to retransfer. This behavior has been observed only when there is an installation of the Internet accountability software Covenant Eyes, which intercepts and captures an entire HTTP transmission. If the file is large enough and takes more than about 20 seconds, the server generates an inactivity timeout and cancels the session. Workaround: Use asconfigurator to increase the timeouts.
#32892 - An xattrs metafile is not deleted when a file with xattrs is overwritten by a file withoutxattrs.
#32890 - ascp fails to copy metafile file from metafile to metafile.
#32680 - When a remote source does not exist, ascp leaves behind an orphan directory.
#32669 - When a directory is linked from a subdirectory, it does not appear in the search result.
#32627 - When a filename is just a dot and an extension, (for example, .pdf), then it is reported as a file with content_type "application/pdf". It could also be reported as a Unix hidden file named "PDF".
#32553 - When the FASP Session log source file list exceeds 500 bytes and contains multibyte UTF-8 characters, the output is truncated in a manner that creates an invalid UTF-8 sequence.
#32517 - Retransfer requests are unencrypted when transfers are encrypted. This can cause transfer failures in some scenarios, such as a network device dropping the retransfer request because it detects a bit sequence it considers malicious.
#32080 - An error message spams the log file used by asperanoded each time the console attempts to check the node for the status. A second error can occur when the end user fills in a docroot but doesn't have a valid system user; this results in an error that also spams the log file used by asperanoded.
#31791 - The user is unable to transfer files with the file extension .aspx. Workaround: Copy theaspera.conf to each source user to override the setting.
#31712 - For both AWS and Softlayer Swift storage, /files returns modified_time for files but not for folders.
#31423 - An ascp transfer of a file on a full disk is reported as successful by both the sender and the receiver.
#30690 - ascp fails with an inaccurate message, "Error: failed to authenticate" when a server is configured to only accepts cipher that are no longer supported.
#30542 - /files PUT (file rename) should be fixed to involve only one PVCL operation but still return the proper 409 code when there is a destination conflict, and PVCL needs to return proper error codes stating that the move operation failed because of a destination conflict.
#30365 - In the Sync Job Detail page for pull operations, the size for pending files is reported as 0 Bytes. Transfer sizes are reported correctly after the transfer completes.
#29787 - When the docroot is not configured, the HTTP error code 500 ("Internal Server Error") is returned.
#29255 - Download from SoftLayer of a file larger than 62GB is unsuccessful. Workaround: Do not use time-stamp preservation with SoftLayer.
#29187 - For content in cloud storage, the Node API does not display all the files in the docroot directory. Workaround: Use the /files/info request to browse the docroot directory when content is in cloud-based storage.
#29172 - When using --file-list or --file-pair-list with SoftLayer, some files may not be transferred. Note: This issue is due to a defect in Swift 1.12. Correcting it depends on its correction in Swift and the Swift upgrade on SoftLayer.
#29138 - For files in S3, the node daemon does not return the correct file modification time.
#29078 - When an access key is created using the standard node user authorization, the access key inherits that node user and its associated system user. Afterwards, asnodeadmin can be used to associate a new system user to the node user, but the new system user is not updated for the access key.
#29043 - Under serious WAN impairment, hotfolder push transfers with a prepost script intermittently report an assh error approximately 10-15 seconds after Transfer Statistics are reported to the log. This delay in process shutdown can hold the handle to the filelist such that subsequent ascp processes fail.
#29038 - The default checksum behavior with S3 (as with any cloud storage) is "none". An existing file on S3 is considered identical to the local file when their sizes are equal. Therefore the file on S3 is not overwritten, even when the content of S3 differs from the content of the local file. Using overwrite=always does not overwrite the file.
#28939 - If command line ascp neglects to specify a destination host, then the failed transfer (error: "no remote host specified") gets recorded in SQLite with client_node_id NULL, instead of being populated with the uuid of the node. This causes an issue with Console.
#28887 - When a file or directory is moved using the --exclude command, the old file or directory is not removed from the remote side.
#28820 - The following operations attempted in a Limelight directory fail or are unacceptably slow: copy/paste file, rename file, delete folder.
#28747 - Connect Server security: Encryption over HTTP is not enforced, and must be set on the server by an administrator.
- In aspera.conf set the chunk size to some value greater than 5 MB; for example:
<chunk_size>67108864</chunk_size> <!-- 64 MB -->
- In /opt/aspera/etc/trapd/s3.properties:
- Set the upload part size (default 64 MB) to the same value as the chunk size.
- Use a ONE_TO_ONE gathering policy:
#28683 - asp-check.sh docroot warning message: If global docroot is enabled, asp-check.shreports the root user as insecure.
#28679 - In some cases, the fallback server does not respond.
#28288 - When the FIPS mode in aspera.conf is set to true, ascp fails with the error message, "ascp.exe: failed to authenticate, exiting.", without prompting the user for a password.
- Stop node.
- At the command prompt, issue the command ulimit -S -n 2048.
- Restart node in the same command-line shell (the limit is shell-specific).
- Send in the same /files/delete request as you did before; the head and everything in it will be removed.
Data::Dumper perl module
#27908 - When asperacentral has database errors, it continues to allow new transfers.
#27879 - always_set_home does not work if the user's home directory does not exist.
#27823 - The user's Faspex Server goes down with an "Transfer Server errors detected" error message. An error, "trying to read events from a parser that already reported an error before" appears. Workaround: move the central-store.db to allow re-creation.
#27311 - Sync: An apply-local-docroot pull copies local docroot path into docroot path.
#27056 - There is no ascmd support for server-side symlink configuration.
#27007 - Aspera clients on UNIX systems will use the HTTP_PROXY and HTTPS_PROXY environment variables when configured to use a FASP proxy. These variables are not used in HTTP Fallback.
#26618 - The ascmd process does not exit properly on newer versions of SLES (SUSE Linux Enterprise Server).
#26281 - At approximately 100 (or a similarly high number) of concurrent uploads to s3, intermittent transfer session failures occur.
#26185 - During an upload to S3 storage, an error may result if ascp reports a successful file transfer before the transfer to S3 completes.
#25915 - When the sync function is set to continuous, overwriting an existing file on the initiating node may result in the deletion of the previous version of the file on the responding node. Workaround: Perform the sync manually to recreate the deleted file.
#25913 - Aspera Drive attempts to sync a file that is still uploading to Shares, resulting in a file error.
#25865 - Allowing symbolic links to be copied also allows access to locations outside the docroot.
#25832 - Hot Folders: When creating or modifying hot folders, some controls in the File Handling tab do not work correctly: The option for resuming incomplete files does not work, but is still necessary to enable options for checking whether files at the source and files at the destination are the same.Selecting Compare File Attributes only checks whether the files are the same size. Selecting Compare Sparse File Checksums actually compares full checksums.
#25791 - Azure: Concurrent upload fails with the error Data transfer stalled, timed out.
#25636 - To use a larger chunk size to transfer big files to AWS S3 storage, some users modify the memory settings in the trapd initialization script, asperatrapd_init.sh. If you do so, be sure to preserve the script manually during upgrades to prevent it from being overwritten.
#25467 - async can now be used with a cloud storage.
#25127 - HTTP fallback temporary files (*.haspx) are not filtered out by the Node API.
#25083 - When hot folder transfers fail due to lack of permissions, the hot folders tab gives no indication that the failures are due to insufficient permissions.
#25042 - In the server-side aspera.conf, the none option for file checksum reporting is no longer supported; only md5 and sha1 are supported. The any option means allow the checksum format to be whichever format the client requests. On the client side, the none option is still available, as a command-line option. A setting of any on the client side results in an error with the message "ascp: unknown file checksum type any".
#24918 - When shares are added to or removed from a user while the user is connected to Shares in the Enterprise Server desktop app, the remote file browser is not updated. The list of shares displayed in the remote file browser bar is not refreshed until you disconnect from Shares and reconnect to it. In the case where a share has been removed, the user will be unable to perform certain actions and it will not be clear that this occurring because the user is no longer authorized for the share.
#24805 - For a synced directory, while all of the files and subdirectories under the source folder will have ACL preserved at destination, the ACL for the source folder itself will not be replicated to the remote destination folder.
#24780 - Both --preserve-acls and --remote-preserve-acls need to be specified in order for the target side of the pull to apply the acls.
#24549 - Drag-and-drop with the Linux version of the desktop client is not supported. Attempting a drag-and-drop upload does nothing. Attempting a drag-and-drop download causes the mouse cursor to display a plus sign, suggesting incorrectly that the feature is available.
#24390 - HTTP Fallback upload operations fails with the message "Failed to create HTTP session on server!".
#23954 - Sync: When the --preserve-acls or --preserve-xattrs option is used, async will not preserve the acl or xattr when either file acl or xattr is modified and (a) file content is unmodified or (b) file content is unmodified and the file is renamed.
#23876 - On S3, when always overwrite is set, files are missing at the destination.
#23583 - Certain option values for asperacentral job submission are case-sensitive.
#23503 - Akamai: Uploads of zero-byte files appear to be successful, but no file is present at the destination.
#23434 - Node API: Files that start with "._" are not returned by the Node API browse action.
#23400 - async 1.5 permits the root directory to be synced on Linux.
#23246 - Warnings are not generated about files skipped due to source base setting.
#23070 - If a transfer of several files is interrupted, the retries generate a no such file error for any already-transferred files.
#23004 - Console does not draw a line between the involved nodes for an async transfer. This issue occurs when using two managed nodes with two interfaces on two different networks.
#22998 - If the overwrite setting in the server's aspera.conf is deny, a destination file with the same name as the transfer file is still overwritten.
#22905 - On S3, when copying a file with ascp, if a slash is appended to the destination -- for example, /path/ -- the file is renamed path/. Because of the trailing slash, it appears to be a directory, but is actually a file.
#22848 - On S3, uploading a file to a non-existent destination path, and without the -d option, creates the destination path anyway.
#22741 - When the --file-checksum feature is enabled, transferring ES 3.3.3 to ES 3.3.0, the file is corrupted at the destination with additional characters appended to the end.
#22633 - Sync does not support large xattr/ResourceForks.
#22619 - In the Node API, file searches now follow symbolic links.
#22618 - The behavior of the Node API paths filter changed with Enterprise Server 3.4. It now returns only the directory matching the filter, not the directory's content.
#22044 - Sync: asyncadmin reports all sessions locked after the last actual running session.
#21978 - ES is unable to view logs as superuser.
#21629 - Connect Server aspera-dirlist.pl does not accurately reflect file permissions for user actions.
#21604 - Extremely large socket buffer value causes overflow, resulting in an error when creating a UDP socket.
#21014 - When creating a file with vi during a sync, the swap file is in conflict.
#20906 - async can't create a watch on an unreadable directory; therefore it does not get notified when permissions change. In addition, async treats an unreadable directory as "skip" rather than reporting an error or conflict.
#20617 - The SOAP API does not return an error when invalid values are passed into any of a number of parameters. Instead of returning an error, a transfer is either created with a default value, or the bad value is passed to ascp where it will fail.
#20576 - Target Rate must be in the range 0 – 100 if TargetRateAsPercentage is yes; however, setting a target rate greater than 100 does not return an error. (Note that rate percentage is a deprecated feature.)
#20002 - Inconsistent behavior regarding symbolic link following: /files/browse doesn't follow the links and reports links and their target (final type and next name), while /files/inforeports symbolic links as files or directories.
#19945 - asyncadmin creates SHM and WAL files for read-only operations. Once asyncadmin is run as the root, async run by the user does not have permission to access the existing SHM and WAL files and thus async fails. This is due to a bug in SQLite.
#18913 - Sync db logging: cancelled or stopped jobs are reported as "completed" in fasp sessions status.
#18780 - An async push conflict occurs when a new file is renamed quickly.
#18659 - Searching with very long pathnames (over 520 characters) results in an "insufficient buffer space" error.
#18530 - fasp and Sync now accept and verify SSH remote-host keys.
#18368 - Files with a backslash in the filename are not displayed in the list when the user browses the remote source on the new package page.
#17243 - An S3 download fails when a filename contains square brackets or a caret.
#17231 - On Linux, an async pull does not restore access time on the source side.
#16911 - Characters in the async session option that are not preceded by a "-" or "--" are ignored, therefore failing to trigger an error message. Any session options specified (such as -lor -a) after the string of characters not preceded by a "-" or "--" are also ignored. The session will still run, using the default values, without notifying the user that the new settings have not been applied.
#16390 - Unicode filenames appear incorrectly in pre-processing and post-processing email notifications.
#13761 - If filenames contain "\" or new line, async will try to transfer but fail, causing the internal transfer queue to become full and the synchronization to stall (or hang after all the other files have completed).
#13645 - When a directory is renamed during transfer, Sync continues running and never completes.
#11550 - If preserve_attributes is set to none on the server side, when downloading a single file with the -p option, the file has an invalid atime value.
#9126 - Sync logs events at a fast rate. The log destination must have room for large log files.
#8620 - Enterprise Server for Linux fails to install if the dependency perl-CGI is not installed. Workaround: Install perL(CGI), then rerun the Enterprise Server installation. For example, to install perl(CGI) on Fedora, run yum install perl-CGI.
#8538 - If a file fails to be renamed from .partial after it transfers, the transfer is still considered successful and the session will continue (with additional files being renamed successfully). The receiver side logs an error message, but no error is logged on the sender side. Successful transfers that were not properly renamed from .partial should be manually renamed.
#8534 - IPv6 requires ascp to have the -6 option, which is currently disabled on the server side if the user is configured for aspshell.
#8412 - Backslashes in filenames is not supported.
#7643 - When uploading a single file without a -k option, there is still a .haspx file created on the destination. When the user cancels the transfer and start the same command line again, the transfer is always resumed (by HTTP fallback) instead of starting over.
#6448 - When your regional and language options are set to language standards and formats that do not use "." to represent the decimal point, values are displayed inconsistently using both "." and the native character to represent the decimal point.
#6443 - If admin A creates a new hot folder and exits the desktop client, and then admin B exits, the new hot folder created by admin A created is lost.
For on-line support resources for Aspera products, including raising new support tickets, please visit the Aspera Support Portal. Note that you may have an existing account if you contacted the Aspera support team in the past. Before creating a new account, first try setting a password for the email that you use to interact with us. You may also call one of our regional support centers.