* fix LogoffPreserveTokens to work in the correct direction
* modify behavior to avoid domain controller queries when integrated
logon is disabled or the logon account is local
* cell names must be treated as case insensitive
* smb logoff messages do not mean the user is logging off the machine.
do not use as an indication that tokens should be destroyed
* use the correct lock and avoid a deadlock when handling dead VCs
* add port numbers to Host addresses so we can distinguish clients behind
NATs
* make messages consistent with regards to case and punctuation of
"Host x.x.x.x:y"
* convert hex addresses to dotted notation
* remove all references to 'dead_vcp'; cleanup smb_vc_t's as soon as
we know they are dead
* add mx holds across the cm_cell_t updates
* add cm_FindSCacheParent() and remove duplicate code elsewhere
* add mx holds across scp->flags updates
* add cm_CleanFile()
* clear CM_SCACHEFLAG_CALLBACK when discarding callbacks
* fix smb fid wrapping. wrap at 0xFFFF instead of 0 because 0xFFFF
is -1 which is INVALID_HANDLE
* add missing mx holds around vcp->flags updates
*Includes the changes from STABLE14-windows-smb_fid_t-audit-20060125
as well:
"Further testing revealed that some smb_vc_t objects could not be freed
because the associated smb_fid_t objects never reached a zero refcount.
Additional auditing uncovered cases in which there were holds not being
released and others in which they were released to many times. This
patch fixes the problems and improves auditability by modifying the
behavior of the smb_IoctlXXX() functions to not release a reference
that was obtained by the caller. Now the caller releases the reference."
Fixup token deletion logic
Surround all references to smb_fid_t flags and other references
by obtaining and releasing the 'mx' lock.
FIXES 25829
the dynamic/system inode version of the linux client already keeps an
extra reference when the inode is on the vcache list. the inode/vnode
should not go away while we are trying to flush the dcache children.
Initial cut at an HTML conversion of the POD reference pages. Requires
Pod::Simple be installed (version 3.0 or later, probably). Also fix a POD
formatting bug in the afs(1) man page noticed while testing HTML output.
* re-enable LogoffTokenTransferTimeout and LogoffTokenTransfer.
Tokens are now destroyed at logoff based upon the values specified
here. Default is ON and 120 seconds. Setting this to OFF will
result in tokens never being destroyed. This will leak memory.
* protect global queues with mutexes and avoid a variety of race
conditions.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
rollback unintended commit
and jhutz@cs.cmu.edu
The size of h_maxSlots as computed based upon the value of
MAX_FILESERVER_THREAD is too small. It is possible for h_lwpIndex
(in the pthread case) to have produce the same Slot value for multiple
threads. In that case it is possible for the following to occur:
X: h_Hold_r(host)
X: H_UNLOCK
...
E: H_LOCK
E: Check h_Held_r(host); it is true, so don't hold
E: H_UNLOCK
X: H_LOCK
X: h_Release_r(host)
X: h_TossStuff_r(host) [called by h_Release_r]
X: H_UNLOCK
E: CheckHost(host)
The end result would be a crash due to a reference to a null field
in the host processed by CheckHost.
This patch is a bit of a hack in that it solves the problem by increasing
the number of slots for threads and does not determine the correct number
of threads the process should be allowed to produce.
There should never be a case where h_Enumerate calls CheckHost with a
host whose callback_rxcon that is NULL. However, due to a bug it ended up
being the case that it happened. An examination of the CheckHost code
showed that the check for the HOSTDELETED flag should take place before
a reference to callback_rxcon is obtained. If HOSTDELETED were set, the
code would simply release the reference immediately. However, the process
of obtaining and releasing the reference required dropping and obtaining
locks that would be a performance hit.
This patch:
(1) removes the rest of the dead logoff code that was originally
stripped of any meaning by DELTA
winnt-win2000-win98-afs-client-updates-20010623.
(2) gives new meaning to smb_TokenTransfer and smb_TokenTransferTimeout.
these variables now control how long a smb_username_t and its
associated cm_user_t and its cm_cellinfo_t (including tokens)
will be preserved after a logoff.
(3) adds logic to detect logoff conditions
(4) adds cm_CheckVCs(). This function probes the SMB client with a ECHO
response to determine if the associated SMB virtual circuit is still
valid. This is executed once every five minutes by smb_Daemon()
and whenever the machine's IP addresses change. This allows
abandoned VCs to be detected and the associated user credentials,
file handles, and locks to be cleaned up. This will also prevent
the exhaustion of the limited number of SMB sessions.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
and remember to mark the session dead so it can be re-used
The Integrated Logon hack of setting a token for a smb name different
than the one associated with the current smb session fails when smb
virtual circuits, sessions and username objects are properly reference
counted. When refcounts are not leaked the constructed smb_username_t
is destroyed immediately after the token is set since there are not
references to it from a current session.
The fix is to mark the smb_username_t object with a flag indicating that
it was created by the Network Provider. This flag prevents the destruction
when the refcount is zero so that it will be available at the time the
smb session is created (just a moment or two later.) During the binding
of the smb_username_t to the smb_vc_t the flag is cleared allowing the
tokens to be destroyed when the smb session is closed.
don't fclose(NULL) (found by ober@linbsd.org)
fflush after printf instead of before
add missing trailing newline in WARNING message
consolidate the logic to make it clearer
make tdate bigger (26 chars plus '\0'; not sure this is needed)
