Remove extern time from OBSD/osi_machdep.h. It's in sys/kernel.h.
Suggested by irene.braun@ualberta.ca.
(cherry picked from commit c20d9c0eabb6f6186f21e2f5bd7e125c9a9aee37)
* Removed memory allocation functions only used on AIX and ancient
HPUX. If the performance penalty is noticeable, implement a wrapper
at the osi-level in the same manner as LINUX/FBSD (ie not sprayed
throughout the code).
* Removed all remnants of splnet()-style locking, it was not
sufficient for MP anyway which the real locks are. Affects only AIX
and HPUX.
* Drop the global locking in rxi_Alloc since the real locks do their
jobs, affects only AIX41 and up (ie. MP capable OS).
* Fix the non-kernel wrapper for osi_Alloc/Free on AIX to take void *
in the same manner as the rest of the functions. IMO this wrapper
shouldn't be necessary since you should never ever malloc() 0 bytes,
but since it's there I'd guess someone made stupid assumptions
somewhere...
* Restores MAXKTCTICKETLEN to 12000 on AIX
* Restores AFS_LWP_MINSTACKSIZE to 48k on AIX (might affect
server-stuff)
(cherry picked from commit 412854593cf368006c18e6c0dc607a9ecd76a0e0)
This patch applies all of the work done to add persistent cache support,
cache manager debugging, and a variety of bug fixes. A full description
will be committed within doc/txt/winnotes as part of a later commit.
(cherry picked from commit 0b90d69f8a44e6c7ba20553cfb7d5cf7072bab57)
Thanks to jaltman for pointing out some files I missed
(basically those in two-level deep directories).
(cherry picked from commit b0f773c41c68fd7833a669693d30b27a12f3ba8e)
Over last several years significant efforts have been made to work around
the inability to protect user tokens from use by inappropriate entities.
The tokens are associated with a given userid and session by a combination
of an SMB based ioctl and an authenticated/encrypted RPC. This has opened
the door for tokens to be borrowed by other users if they could connect
to the same SMB server with the identical userid. This was trivially
possible because the SMB connections were unauthenticated.
This patch adds two forms of authenticated SMB connections: NTLM and
Extended Security (aka GSS SPNEGO). By default Extended Security mode
is used. This patch has been tested on 2000 workstation, 2000 server,
XP SP1, and 2003 Server, and XP SP2 RC2. The Extended Security works on
all platforms except for XP SP2 RC2 regards of whether or not the machine
is part of a domain or not; and whether or not a local or domain account
is used.
On XP SP2 RC2, attempts to use negotiate Extended Security result in a
Logon Denied error from AcceptSecurityContext() and a substatus code of
0x7C90486A is logged to the Security Event log via the NTLM SSP.
The SMB AUTH NTLM mode succeeds on XP SP2 RC2.
Disabling SMB Authentication or specifying the use of NTLM mode may be done
via the registry.
Value : smbAuthType
Type : DWORD {0..2}
Default : 2
If this value is specified, it defines the type of SMB authentication
which must be present in order for the Windows SMB client to connect
to the AFS Client Service's SMB server. The values are:
0 = No authentication required
1 = NTLM authentication required
2 = Extended (GSS SPNEGO) authentication required
The default is Extended authentication
Integration of Heimdal MD4/MD5 code
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
Integration of Heimdal's MD4/MD5 code
====================
Integrate Heimdal's MD4/MD5 code
====================
Integrate Heimdal's MD4/MD5 code
====================
Integrate Heimdal's md4/md5 code
====================
Integration of Heimdal's MD4/MD5 code
krb5_des_decrypt() does not initialize the return value to 1, failure,
therefore it returns random success (0) values when ticket types of
DES-CBC-MD5 or DES-CBC-MD4 are used because we do not have checksum
functions for those types.
In order to support the large ticket sizes produced by Microsoft
Active Directory and allow the use of raw Kerberos 5 tickets as tokens
increase the size of MAXKTCTICKETLEN and MAXKRB5TICKETLEN to 4096
from 344 and 1024 respectively.
TICKET 2618
flexelint patches for prototype handling from Joe Beuhler
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
This patch adds a bunch of missing prototypes, makes various
corrections to global prototypes, and removes global declarations that
are not needed.
One set of added prototypes is commented out because it applies to
some printf-like functions that are implemented the way it used to be
done before varargs existed, and they need to be unprototyped or the
code will fail to compile. (There are a number of functions in the
OpenAFS code that need to be converted to use varargs...)
There is one place of note in src/WINNT/afsd/fs.c where typedefs for
afs_int32 and afs_uint32 conflict with afs/stds.h. I just added a
note to that effect.
Prototypes in src/WINNT/afsd/fs.c are incorrect for Windows NT. I
don't know whether the return type involved changes from platform to
platform -- they come from .xg files.
Some prototypes are now commented out or #ifdef'd to match the code
that uses them.
Some global variables conflict between modules and have been made static.
The bufferBlock variable was of two completely different types...
In src/config/stds.h, I changed the declaration of afs_intmax_t to
reflect the fact that the Windows platform supports 64 bit integers.
This may be incorrect semantically, but I believe it is needed for the
%llx format to match afs_intmax_t arguments (for printing of inodes
mainly, I believe).
There were two different declarations for the rxkad_stats structure --
I synced them up.
- Joe
Removed the conflicting typedefs from src/WINNT/afsd/fs.c
Removed the changes to src/config/stds.h. Added declaration of
AFS_64BIT_CLIENT to src/config/NTMakefile.i386_nt40 instead.
Do not remove unused variables which are defintions of data type
values. Instead comment them out to avoid space utilization and
warnings.
This patch mainly makes explicit some initializations that were implicit.
There are several places where it looks like the missing initialization
may be a bug, and I have inserted comments to that effect in the
relevant patches. Someone needs to look at them and supply
whatever is missing (if anything is).
In make_keyperm.c, an array was sized too large.
--
Joe Buehler
This massive patch contains changes in several significant areas for Windows:
- the ability to specify the mount point to be something other than /afs
- functionality to assist debugging of the NT Services
- support for languages other than English (NTLang.bat)
- revisions to the Build system to support separate trees for src, obj,
dest and free or checked; allow any MS compiler to be used
- updates to NSIS installer build
- mutex locking added to critical locations
- updates to IS5 directory tree creation
- update to afswsNetscape_config.sh
FIXES 1774
thanks to nneul@umr.edu for providing a script to do this.
gnu indent 2.2.9 options:
-npro -nbad -bap -nbc -bbo -br -ce -cdw -brs -ncdb -cp1 -ncs -di2 -ndj -nfc1
-nfca -i4 -lp -npcs -nprs -psl -sc -nsob -ts8
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
FIXES 1774
fix subst mistake
tkt_DecodeTicket didn't seem to check that ticketLen < MAXKTCTICKETLEN
didn't matter since no callers failed to check, but we should enforce this where the limit is
support for V6.0 and .Net complier, compile from either NT4.0 or XP
Source and object are separated into different directories. The directory
tree would look as follows:
Base from %AFSROOT% environment variable
%AFSROOT%\src\... - all source and generated source
%AFSROOT%\obj\checked\... objects from a checked build
%AFSROOT%\obj\free\... objects from a free build
%AFSROOT%\obj\dest\checked\... DEST folder from a checked build
%AFSROOT%\obj\dest\free\.... DEST folder from a free build
Before you start the build, you must build an object tree by issuing the
following:
nmake -f NTMAKEFILE mkdir
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
support for V6.0 and .Net complier, compile from either NT4.0 or XP
Source and object are separated into different directories. The directory
tree would look as follows:
make the libafsrpc libraries work with new fcrypt
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
readd missing statistics
make cm and ukernel compile with new stuff
====================
readd missing statistics
make cm and ukernel compile with new stuff
====================
make it work with ukernel macros
Added support to rxkad for servers accepting Kerberos V5 tickets and
truncated "proposal 2b" tickets. When used with an appropriate aklog
or krb524d (such as shipped with Heimdal and MIT Kerberos), this allows
the use of Kerberos V5 tickets (with DES session keys) to authenticate
connections to OpenAFS servers.
Fix includes for mbuf.h, if.h
auth/cellconfig.p.h:
Use (void *) for 2d arg to afsconf_ClientAuth(), since we have no def for
struct rx_securityClass at this point
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
More OpenBSD merge
prototypes
cleanup
