xvp - Previous Releases
This page lists details of previous releases of xvp. For information
about the current release, return to the
Main Page.
Note: All releases prior to 1.3.0 have a security
vulnerability in xvpweb: all users of xvpweb are strongly encouraged
to upgrade to 1.3.0 or later.
Changes in release 1.3.3, 19 January 2010:
- Bug fix: OTP REQUIRE could fail although OTP ALLOW worked.
- Bug fix: xvp and xvpweb failed to append domainname to hostname
when connecting to XenServer hosts.
- Updated xvp.conf man page to clarify how domainname is used.
- Tidied up /etc/init.d/xvp for Red Hat based distributions.
Changes in release 1.3.2, 11 December 2009:
- Bug fix: xvpweb no longer hangs if a host was recently shutdown.
- Added RPM and init.d support for openSUSE.
- Viewer updated to not run out of memory with openjdk.
- README now mentions the need for cURL support in PHP
- VMs with duplicate names are now allowed, provided in different
pools.
Changes in release 1.3.1, 5 December 2009:
- Bug fix: if xvpvewer specified wrong vm name label or UUID when
connecting to a non-multiplex port, this was not rejected.
- Bug fix: signals sent to xvp master process failed to signal child
processes if master was running in background (so couldn't disconnect
clients on exit or dump current connection information).
- Incompatible change: new rights option in xvpweb, "control",
needed in order to have shutdown/reboot/reset buttons enabled: "write"
now allows keyboard/mouse input but not these buttons.
- It is no longer necessary to set
short_open_tag =
Off in the php.ini file for xvpweb.
Changes in release 1.3.0, 1 December 2009:
This release is backward-compatible with previous releases, except
that the format/schema for the user authentication file/database in
xvpweb has changed, and you must update these if you use them.
Full list of changes:
- Security fix: xvpweb now uses encrypted one time VNC passwords:
previous releases exposed VNC passwords in plain text to the
browser.
- Added "Security Considerations" section to the README file.
- Added support for new XVP security type in RFB protocol, allowing
client programs to identify username and to select specific target
console (the latter being a prerequisite for multiplex support).
- Introduced ability for xvp to multiplex client connections using a
single port, and updated xvpviewer, xvpweb and xvpdiscover to
match.
- Console connections from xvpweb to xvp can now be tunnelled over
the existing HTTP or HTTPS connection: see the Tunnelling Guide for details.
- xvpweb can now give users different rights: "list", "read" or
"write", on a per user/pool/group/vm basis, with "list" prohibiting
boot and console access, "read" giving read-only console access
(i.e. no buttons or keyboard/mouse input), and "write" giving full
access.
- Added new manual pages: xvpweb(7) and xvpusers.conf(5).
- Removed references to non-existent css/print.css in xvpweb.
- Replaced XenServer host icon in xvpweb with a prettier one.
Changes in release 1.2.5, 19 November 2009:
- Fixed handling of XML special characters in passwords, etc.
- Re-badged to refer to xvpsource.org.
Rebuild of xvpweb RPM, 17 November 2009:
- The xvpweb-1.2.4-1.noarch.rpm was inadvertently built with an
obsolete Java compiler, causing mouse-wheel scrolling in the console
Java applet not to work. This has now been rebuilt correctly as
xvpweb-1.2.4-2.noarch.rpm.
Changes in release 1.2.4, 5 November 2009:
This release fixes some password encryption/decryption bugs in xvp
and xvpdiscover. There are no functional changes to xvpviewer or
xvpweb.
- 16-character XenServer passwords no longer give
SESSION_AUTHENTICATION_FAILED errors.
- XenServer passwords whose encrypted form contain zeroes no longer
give SESSION_AUTHENTICATION_FAILED errors.
- Passwords longer than 8 characters passed to "xvp -e" or longer
than 16 to "xvp -x" now raise an error instead of being quietly
truncated, with similar checks also added to xvpdiscover.
Changes in release 1.2.0, 22 October 2009:
- When using explicit port numbers in xvp.conf (without leading
":"), the range of permitted ports is now 1024 to 65535, not 5900 to
5999.
- Virtual machine names in xvp.conf may now contain spaces (but in
that case, must be enclosed in double quotes).
- Virtual machines may now be specified by UUID instead of name
label, and in this case xvpweb updates its display to reflect name
changes automatically as they happen.
- A new tool "xvpdiscover" is included, to probe a pool to discover
the hosts and virtual machines it contains, and output a file in
xvp.conf format, that can then be used by xvp and xvpweb.
- The xvpweb package now knows it depends on the php-mcrypt
package.
- Fixed errors generated by xvpweb about undefined variables,
invalid DATETIME values, and calls to scalarval() on non-objects.
- Host and VM name columns in web display are now wider to allow for
longer names without breaking the layout.
- RPM installation, removal and upgrade now do the right things with
chkconfig and service condrestart.
Changes in release 1.1.2, 21 May 2009:
- Added mouse-wheel scrolling support to xvpviewer.
- Web front end now recognises Ubuntu and uses penguin icon for it.
- This version has been confirmed to also work with XenServer 5.5,
when built using libxenserver 5.0 or libxenserver 5.5.
Changes in release 1.1.1, 13 May 2009:
- Reconnect timeout for xvp (-r option) now defaults to 10 seconds.
- xvp now reports shutdown/reboot/reset failure back to xvpviewer, logs
- details of reason, and xvpviewer displays a failure box.
- xvp now ensures ha_always_run is false prior to VM shutdown, to prevent
- shutdown failing for HA-protected VMs, and web interface now sets
- ha_always_run back to true to true after booting if restart priority is
- "Protected" or "Restart if possible".
- Web front end now handles (R) correctly in operating system bubbles,
- and quotes and ampersands in pool and group names.
- Some documentation corrections, including clarifying the difference
- between per-user web passwords and per-VM VNC passwords.
Changes in release 1.1.0, 27 April 2009:
- Added optional DATABASE keyword to config format.
- Added xvpweb package.
Changes in release 1.0.1, 21 April 2009:
- Added RFB extensions to request VM shutdown, reboot and reset.
- Added xvpviewer package.
Changes in release 1.0.0-2, 9 April 2009:
- Fixed bug in logrotate script.
Changes in release 1.0.0-1, 3 April 2009:
Return to Main Page