Rename the developer's readme file to CODING as a home
for developer related information.
Change-Id: I8c2cf70258671387b926ef3d666f6476056ef06e
Reviewed-on: http://gerrit.openafs.org/10973
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Once upon a time, AFS used something called washtool as part
of the build system. Remove the remnant comment about it.
Change-Id: I566920b98c03d3cc65a6e2974a78a9247fd79842
Reviewed-on: http://gerrit.openafs.org/10968
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Allocate temporary vrequests to reduce the amount
of stack space used.
Change-Id: Ic14cc4f657f7c7e97ef396601bd6c8c7f91abe55
Reviewed-on: http://gerrit.openafs.org/11004
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Allocate temporary vrequests to reduce the amount
of stack space used.
Change-Id: I8c50a3af3028512003a02e46a2960b9b135213a5
Reviewed-on: http://gerrit.openafs.org/11003
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Do not ignore the return code from afs_InitReq everywhere it is
called. If afs_InitReq fails, the vrequest could not be initialized
for some reason.
Change-Id: Ibae9f93c1e20a9fcae812f047da14106e6717454
Reviewed-on: http://gerrit.openafs.org/11097
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
As of Fedora 17 and RHEL 7, depmod has moved from /sbin to /usr/sbin.
The full path to depmod is used in package scripts and as a dependency.
This hasn't caused problems in most cases because on an installed
system a link /sbin -> /usr/sbin is present and during ordinary package
installations yum/rpm correctly then figure out that /sbin/depmod is
actually provided. But in other situations, the dependency check is not
that clever and (incorrectly) fails.
Add a macro to the spec defining the full path to depmod, use the macro
rather than plain /sbin/depmod throughout the spec, and also pass it to
kmodtool when required to generate the kmod package scripts and
requirements.
FIXES 131860
Change-Id: I1f2e4f7100d244477c2cb9087d2f48bbcea27fdc
Reviewed-on: http://gerrit.openafs.org/11128
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Add param header files and other config info to provide
support for OpenBSD 5.4.
Change-Id: I56d2e716bd7fa4dee699f8d190cb4b60bb0f67a8
Reviewed-on: http://gerrit.openafs.org/11130
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Update afs_util.c to call afs_warnall in places where afs_warn and
afs_warnuser are called back to back with identical parameters.
Change-Id: I529344dea12149d8f18ec38bb17418c703f7d26b
Reviewed-on: http://gerrit.openafs.org/11006
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
In a Linux environment afs_warn and afs_warnuser both go to
the same spot, resulting in duplicated messages if both are
invoked back to back. Define a new function afs_warnall
for use when identical messages are directed to both warn
and warnuser. In a Linux environment it will do the right
thing and present only one copy of the message.
Change-Id: I1abdc63adc74fe5b08d3872d48698ec9dcc7a40c
Reviewed-on: http://gerrit.openafs.org/10943
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Restructure afs_warn.c to provide an afs_vwarn and afs_vwarnuser
that accepts a va_list rather than a variadic parameter
specification. afs_warn and afs_warnuser continue to be
variadic functions but now call afs_vwarn and afs_vwarnuser.
This is a preparatory change. A subsequent update will
further exploit afs_vwarn and afs_vwarnuser.
Change-Id: I8e740c4db311582bda6422e6600f1503dfbd0f5a
Reviewed-on: http://gerrit.openafs.org/10942
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
handleit(), being static, should be declared before usage.
Change-Id: I5cf9767ed2fc552f7a22c7570d0a4d256a4111b1
Reviewed-on: http://gerrit.openafs.org/11134
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Add a new vos release option called -force-reclone to force the
reclone of the release clone and a release to all of the remote
sites, regardless of the state of the VLDB flags on the remote
sites, but does not force full volume dumps when distributing the
volume.
Provide an alias -f for -force for compatibility with the original
IBM vos, in case scripts were written to use the old '-f' option,
and for users with muscle memory.
Change-Id: I0ebebc5e8099299781e8da57579d91848bb2ad19
Reviewed-on: http://gerrit.openafs.org/9020
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Make vlserver and volserver suppport a new command line parameter,
"-restricted_query admin". When this is on, the query RPCs that
are not needed for normal cache manager operations are restricted
to administrators listed in UserList. This is off by default.
Change-Id: I2a23a4e99cabd46b19ed491a6520773731a5994e
Reviewed-on: http://gerrit.openafs.org/10927
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Fix a build error when configured with --enable-uss. The
added include defines the VolumeId which is needed by
the volser.h.
Change-Id: Ifbdaadf4de726ff1da54e93ba47124c5b5eb9cfb
Reviewed-on: http://gerrit.openafs.org/11084
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Fix a bug where get_credv5() is called twice, even if the first one
succeeded, in the aklog retry logic.
(This bug uncovers another bug where get_credv5_akimpersonate
crashes in the krb5 libs when get_credv5 is called back to back.)
Change-Id: Ie6cac3b4522946c87c30ad3cd6939738234800bf
Reviewed-on: http://gerrit.openafs.org/11133
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
It is not always clear to users whether BosConfig.new is noticed
during an automatic restart, or if it requires stopping and starting
the bosserver. Slightly reword the relevant text and add a small note
that a "general restart" does cause BosConfig.new to be noticed, so
this is explicitly clear.
Change-Id: Iab3eaff176305b0b2991a6636e70204b5072b1b0
Reviewed-on: http://gerrit.openafs.org/11076
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Define macro AFS_DBG_LOG_MAXLENGTH to 10240 and then use it to
enforce the 10MB trace buffer limit.
Change-Id: I98b759d9f51d24d402bfdc56570c0f0de93926a0
Reviewed-on: http://gerrit.openafs.org/11146
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
VS2013 spotted two cases where we do not set up the
Iosb.Status when we catch an exception from Cc.
Fix them.
Change-Id: I93b8a48863f22fd1dc2d7dba4d9de18454f35fe0
Reviewed-on: http://gerrit.openafs.org/11140
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
When fakestat is enabled for a mount point, the parent vcache
entry is not the right place to find the DataVersion of
the target volume root directory. This can lead to data
inconsistency since the revalidation checks rely on the parent's
DataVersion to determine if a file entry is still valid. If the
file was replaced or deleted remotely, the only callback we
get is for the parent directory, and in that case the client
will think the file entry is still valid and give back stale
data to the user.
If fakestat is enabled and we have a mountpoint, always use
the parent vcache pointer returned by FakeStat before using it
to either store (in the lookup and create ops) or compare
(in the revalidate op) the DataVersion.
FIXES 131855
Change-Id: I03c05c1dab39e663b74635700e80ba70861b1c2e
Reviewed-on: http://gerrit.openafs.org/11118
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Commit a1b5a1d422 left out a critical
part of the patch. The check for "retry < 2" when determining whether
retries should be skipped due to CM_REQ_NORETRY.
Change-Id: I9b750e2bab11d28813447b2ee92287b8dcfbbba3
Reviewed-on: http://gerrit.openafs.org/11131
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
afs_getattr returns EIO when afs is in the process of shutting
down. Be sure to unlock the locks taken before returning.
The bozon lock leak has been present since IBM AFS.
Change-Id: Id3e330c458996abf1519de6364060cc0b8828e6a
Reviewed-on: http://gerrit.openafs.org/11096
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
The "what date/time gets changed when and by whom" in Windows is badly
defined, but all filesystems support the semantic that if a date is set
using a specific file object (or the timestamp is set to the magic number
-1)
then other changes provoked by that file object will be ignored.
AFS redirector timestamp handling does not support this behavior.
For the LastWrite timestamp (other timestamps are pretty much advisory and
maintained on a best effort basis) the timestamp would be updated by a
write operation even after -1 is set via the file handle.
This patchset implements the -1 behavior for LastWrite. It also follows
the standard Windows practice of setting the LastWrite timestamp to be the
time of close of the handle that performed the write, not the time of the
write itself.
Finally, it should be noted that since RX*FS_StoreXXX operations update
the last write time on the server the client must restore the LastWrite
timestamp at handle close if -1 was specified.
Change-Id: Ica0c566fabb6b3046eb51f827402d622190daea8
Reviewed-on: http://gerrit.openafs.org/11110
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
The 'ComponentName' parameter to AFSSubstituteName() is a UNICODE_STRING
pointer. Its address should not be passed to AFSDbgTrace when used
in conjunction with a %wZ format.
Change-Id: I12ead951b1ae376e42da12b21e32f65e736375ab
Reviewed-on: http://gerrit.openafs.org/11090
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
The signed int tktLen is checked against a maximum size, then passed
as the unsigned size_t argument to memcpy. So we need to make sure it
isn’t negative.
This doesn’t appear to be exploitable: tktLen comes from the kernel,
which should have previously validated the length within the SETTOK
pioctl.
This bug was found with STACK <http://css.csail.mit.edu/stack/>.
Change-Id: I781bd300cad3d725d3517e7f6ac9e6423c417087
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reviewed-on: http://gerrit.openafs.org/11109
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
vos convertROtoRW leaves the older RW copy on the original fileserver,
although it is no longer in the VLDB. Provide the user with some hints
regarding clean up.
Change-Id: I5f6fcf7d5a516b59438d84e60f163a567d3a64fd
Reviewed-on: http://gerrit.openafs.org/9408
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Tested-by: Ken Dreyer <ktdreyer@ktdreyer.com>
The volscan-main and volinfo-main source files are in the source
tree, not the object tree; refer to the objects in the Makefile
as dependencies, so that they will be picked up properly. The
objects will be made just fine by the implicit .c.o rule.
Change-Id: Ieec4b32cfbe5d260e1560a08d4ed8162720f9222
Reviewed-on: http://gerrit.openafs.org/10988
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
our indentation did not match our braces so we would never read all the
objects in each unixuser hash chain. add the missing braces
Change-Id: I001b55f0d43639124b06758095664a31e8230db6
Reviewed-on: http://gerrit.openafs.org/11094
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
If the readonly file attribute is set on a file, refuse to process
writes, truncations or overwrites. The afsd_service will do so
and this can lead to data corruption.
At the same time, writes from the redirector to afsd_service must
not be denied because of the readonly attribute. That check was
performed during the CreateFile. Otherwise, a new file can be
created with the readonly attribute and then not be writable.
Change-Id: I921a11eb8c1a3e642d60c23fc905b3febc0f0761
Reviewed-on: http://gerrit.openafs.org/10985
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
If during the processing of a network provider request the Logon
Session AuthenticationId is zero and the AFSGetAuthenticationId()
function is unable to obtain the current thread's AuthenticationId,
then fail the request.
Change-Id: If2aeba836d762f4f1b982d954fac720863a05c1f
Reviewed-on: http://gerrit.openafs.org/10900
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
The prior behavior of AFSSetBasicInfo() was to let the caller
set whatever it wanted as the new file attributes regardless of
the attributes that are supported by AFS. In doing so, reparse
point and directory attributes could be cleared, and other values
could be set even though they would be lost as soon as the
DirectoryCB object was garbage collected.
New behavior:
1. return STATUS_INVALID_PARAMETER if reparse point attribute
would be altered
2. return STATUS_INVALID_PARAMETER if directory attribute would
be altered.
3. successfully modify readonly attribute
4. ignore all other attribute values
Change-Id: Ic678960101ef99cdad0c0e84b21c9d65c6831ca8
Reviewed-on: http://gerrit.openafs.org/11073
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
If we extend the file prior to defrring the write *and* the write
is set up FILE_WRITE_TO_END_OF_FILE then we have to convert the
FILE_WRITE_TO_END_OF_FILE to an absolute position since we have
already moved the FCB->Header.FileSize.
Change-Id: Ibe1a5d616490a3db152818cbd6bb24d5af251c5f
Reviewed-on: http://gerrit.openafs.org/11069
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
To improve readability add a bWriteToEndOfFile variable which
stores the value of
liStartingByte.LowPart == FILE_WRITE_TO_END_OF_FILE &&
liStartingByte.HighPart == -1
Change-Id: I6594196a6c8c3ab41561ffdbd3eddf3d34b410de
Reviewed-on: http://gerrit.openafs.org/11068
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
There is nothing to be gained by posting a synchronous write.
Let it hang out in CcCopyWrite until there is enough memory
unless the write became synchronous after a deferral in which
case it can be deferred again.
Introduce bWait variable which is set to the result of
IoIsSynchronousWrite( Irp).
This change is being introduced after further analysis of the
FastFat example.
Change-Id: I0942975a142b0413e52076ee94977401c1d00dc9
Reviewed-on: http://gerrit.openafs.org/11067
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Setting the file position information on a file is not a data
changing operation. Do not perform a readonly volume check.
Change-Id: I5dccff569b39187c2891d4339f18db8c54c029a7
Reviewed-on: http://gerrit.openafs.org/11066
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Callers of rx_EndCall in various parts of the code handle errors a bit
differently from each other. The correct way to use rx_EndCall is
almost always some form of:
code = rx_EndCall(call, code);
This will cause the call to abort with 'code' if the call is not
already aborted, and will return the abort code for the call (or 0 if
the call ended successfully). It is thus impossible for 'code' to
start out with a non-zero value in the code snippet above, and end up
with a value of 0 after the code snippet.
Most code follows this pattern, because this is how the
rxgen-generated client RPC wrappers are written. So for any non-split
Rx call, this is how the error precedence works.
However, some code (mostly for Rx split calls), needs to handle
calling rx_EndCall itself, and some code appears to think it is
possible for rx_EndCall to return 0 when we already had a non-zero
error. Such code tries to ensure that we don't ignore an error we
already got by doing something like this:
code2 = rx_EndCall(call, code);
if (code2 && !code) {
code = code2;
}
However, this is not correct. If a call gets killed with an abort code
partway through executing an RPC, and the client tries to end the RPC
with e.g. EndRXAFS_FetchData, the client will get an error code of
-451 (RXGEN_CC_UNMARSHAL). The actual error code is in the abort code
for the call, but with the above 'code2' snippet, we can easily return
an error of -451 instead, which will usually get interpreted as some
unknown network-related error.
This can manifest as a problem in the unix client, where if a
FetchData call fails due to, for example, an "idle dead" timeout, we
should result with an error code of RX_CALL_TIMEOUT. But because of
the above issue, we'll instead yield an error of -451, causing the
server to be marked down with the following message:
afs: Lost contact with file server ... (code -451) ...
So, fix most rx_EndCall callers to follow the 'code = rx_EndCall(call,
code);' pattern. Not all of the changes here are to "wrong" code, but
try to make all of the rx_EndCall call sites look more consistent.
There are a few exceptions to this pattern, which warrant some
variations:
- A few instances in src/WINNT/afsd/cm_dcache.c do seem to want to
record the original error before we ran rx_EndCall, instead of
seeing the rx abort code. We still return the rx_EndCall-returned
value to the caller, though.
- Any caller of RXAFS_FetchData* needs to read a 'length' raw from
the rx split stream. If this fails, we need to abort the call, but
we don't really have an error code to give to rx_EndCall. Failure
to read a length indicates that the server is not following
protocol properly, so give rx_EndCall RX_PROTOCOL_ERROR in these
instances. The call should already be aborted by this point, so
most of the time this code will be ignored; it will only make a
difference if the server tries to end the call successfully without
sending a length, which is indeed a protocol error.
- Some Rx clients can encounter a local error they don't want to send
to the server via an abort, so they just end the call successfully,
and only use the rx abort code if they don't already have a local
error. This is in a few places like src/butc/dump.c and
src/volser/vsprocs.c.
- Several places don't care what the error from rx_EndCall is, such
as various call sites in server-side code.
The behavior of the Windows client w.r.t rx_EndCall was changed a bit
into its current behavior in commit
a50fa631ca (ticket 125018), which just
appears to be wrong. This was partially reverted by commit
ae7ef5f5b9 (ticket 125351), but some of
the other call sites were unchanged. The Unix client appears to have
been doing this incorrectly for at least FetchData calls since OpenAFS
1.0.
To make it hopefully more clear that rx_EndCall cannot return 0 if
given a non-zero error code, add an assert to rx_EndCall that asserts
that fact.
FIXES 127001
Change-Id: I10bbfe82b55b509e1930abb6c568edb1efd9fd2f
Reviewed-on: http://gerrit.openafs.org/10788
Reviewed-by: D Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Merge fix for OpenAFS-SA-2014-001 into master, along with the fix
for the RX denial of service issue.
Change-Id: I499e7202c9278d21f2d8628d497755e6c593abb2
Remove the ancient and unmantained src/BUILDNOTES readme file.
Change-Id: I652fded2526dbe97f6f87ef7263a2b39038486d5
Reviewed-on: http://gerrit.openafs.org/10971
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
We report 'fake' values for free space, free file nodes, etc for the
'AFS' filesystem, since these values are not meaningful for AFS
itself. Currently we report about 9G of free space for most platforms,
and a few different values for a few others. Raise all of these to
2^32-1, so that trying to copy over 9G of data into AFS does not fail
for those applications that check the destination free space with
statfs(2). Note that one such application is KDE 4.8.x.
Consolidate all places that do this, and put the 'fake' value in one
place, AFS_VFS_FAKEFREE, along with the relevant comments.
Related issues reported by Lars Schimmer, Richard Brittain, and
others.
Change-Id: Ia15175da32744e11f62489c29bedfe1f5560d2b4
Reviewed-on: http://gerrit.openafs.org/9688
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Markus Koeberl <markus.koeberl@tugraz.at>
Tested-by: Markus Koeberl <markus.koeberl@tugraz.at>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Commit f43c2f4412 introduced
rx_waitingForPacket. Given its current usage, I can't see any
functionality.
It looks like this might have been the result of merging a renamed
rx_waitForPacket from another development branch?
Change-Id: I47fc7a2b25cbfcd59ea4ad1606b734bb9d4ceecc
Reviewed-on: http://gerrit.openafs.org/10981
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
If pr_IdToName fails for some reason, tnames won't be available.
Change-Id: I5270ba0ecf3cfad9bfb909c97b27473d96ca1307
Reviewed-on: http://gerrit.openafs.org/10952
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Currently, one could simply query from 0 to 'pts listmax' to determine
all the usernames in a cell. The -restrict_anonymous option will block
access to almost all of the unauthenticated RPC's. PR_NameToID is still
open since aklog still needs access to this RPC. An "attack" against
this RPC would have to scan a much larger key space to determine valid
usernames in a cell.
Change-Id: I7e475bc004f08d28d195c199804befa89f0ceb0c
Reviewed-on: http://gerrit.openafs.org/10951
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Gergely Risko <gergely@risko.hu>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
AFSFetchStatus is rather large and is in the stack twice. Allocating with
osi_AllocSmallSpace will save about 160 bytes of stack.
Change-Id: I13ac31814d9d5975f245ba8c66a7befac471503e
Reviewed-on: http://gerrit.openafs.org/10964
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Range check the statsVersion argument of the GetStatisitics64 RPC to
avoid a buffer overflow in the fileserver, or a huge memory allocation,
by a rogue client.
FIXES 131803
Change-Id: Ib084ca28cbe350d846fa5978d489e523aaae299b
Currently we rxi_Delay whenever RXS_CheckResponse fails for any
reason. This can result in disastrous performance degradations if a
client keeps sending "bad" responses, since rxi_Delay'ing here will
delay the Rx listener thread. This means we cannot receive any packets
for about a second, which can easily cause us to drop a lot of
incoming packets.
Instead, send the abort after 1 second by scheduling an event. This
will retain existing behavior from the point of view of the client
(it will get the abort after 1 second), but avoids hanging the Rx
listener thread.
FIXES 131802
Change-Id: Id8f9fc46902ae3cf019dd0ece0a96133b9b9d07c
Take the functionality in rxi_SendConnectionAbort that schedules a
delayed abort, and split it out into a new function,
rxi_SendConnectionAbortLater. This allows callers an easy interface to
send such a delayed abort with their own delay.
This commit should incur no change in behavior; it is just code
reorganization.
Change-Id: I6503cf6ebb3e664d95b8792f2311ea14ee63c11d
We should actively be discouraging the use of the kaserver and related
utilities.
The src/kauth/ directory will still be compiled, just not installed.
(If we stopped compiling it, it would likely bitrot very quickly so
as to become unbuildable, and having it still build seems a reasonable
goal given our obligations with respect to compatibility with IBM
AFS for the use of the AFS name.)
Change-Id: Ib710af3e177223d85cd9c6099ce75e700b6a2958
Reviewed-on: http://gerrit.openafs.org/10962
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Fix malformed merge error left over from
commit 4f9ec8396d
where we converted strcat to strlcat.
Change-Id: Ibae3e09c8a659f4b084256b18ee5774f11fe9f8f
Reviewed-on: http://gerrit.openafs.org/10963
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
