if the process we are in execs a child, it doesn't get our socket
Change-Id: Iaf1831866e0dcda0449e75d89c576557c61090dd
Reviewed-on: http://gerrit.openafs.org/5598
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
We can end up discarding a receive queue that's been soft acked,
effectively taking back soft acks we sent. Whilst the RX
documentation says that a client can drop soft acked packets at
will, our RX implementation assumes that if the final packet in
a call has been soft acked, we won't clear the queue. If a client
clears the queue in this situation, the call will hang.
What *should* happen is that we should take necessary locks,
confirm that we have not soft-acked all of the packets in a flow,
and then discard, or, if we're just going to discard, error the
call.
Change-Id: Ic8e358b8648c1a6f0154009093468531a9e3cf74
Reviewed-on: http://gerrit.openafs.org/5603
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
When ktc_GetTokenEx needs to get tokens via the legacy ktc_GetToken
interface, it was not extracting the viceid. Make it set the viceid so
the caller gets the correct id.
Normally this would require parsing the given client name. To reduce
the amount of times we store and extract the viced from the "AFS ID
%d" string, create a helper GetToken function that can store the
viceid directly, without storing it in a string.
Change-Id: Ib03a419aee6eaed3b253c4d5d575d4dd8d3b8ddc
Reviewed-on: http://gerrit.openafs.org/4482
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Rxkad tokens historically have forced odd lifetimes when the given
viceid is actually an AFS ID, and even lifetimes when it is not. Force
this when the new token-handling functions are used (so the viceid is
correctly interpreted by users of the old token format), by creating
rxkad tokens with token_importRxkadViceId.
Slightly reworked by Simon Wilkinson to provide a generic token
destructor function.
Change-Id: I9f6aa518b8ae51a3772b69a0722a28bff6b47128
Reviewed-on: http://gerrit.openafs.org/4481
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(Most of) the dafs binaries are called da(something). Update the
example in the dafileserver documentation so that we call the binaries
by the names that they are actually installed with on the system.
Change-Id: I05906758aa2b00ea7bc7f9be10414c8ad1a5a11a
Reviewed-on: http://gerrit.openafs.org/5654
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The ptserver database building scripts would check to see if the server
was running from a bosserver with the noauth flag set before performing
a database rebuild.
This means that you can't start ptserver normally, and then configure
the database using pts -localauth, which is the preferred method for
configuring new cells.
Remove the check for noauth. This is slightly risky, as it means that a
corrupt database could be completely erased upon restart. However, we
already check that the dbheader (65k) is entirely blank - which will
protect us against any single page corruption errors.
Change-Id: I45dbb53d7f80b0b307f88941cb1e061967fcac81
Reviewed-on: http://gerrit.openafs.org/5653
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Gerrit/5572 added conditionals on __FreeBSD_version >= 900044, which
is (approximately) when a bunch of kernel API renames happened.
(There has since been a dedicated version bump to 900045 a month
or two post-facto, but 900044 should be fine for now.)
However, 900044 is not 90004.
Change-Id: I566186a7b53fd3b605a0f531e241eaf54a96bba3
Reviewed-on: http://gerrit.openafs.org/5657
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The library support package keeps count of the number of times
the library code is active. When this goes to zero this means
that unload of the library can continue.
Although I cannot see it in the code it seems reasonable to assume
that at that stage the device object might go away so (and if it
doesn't do now it may in the future). This potentially renders it
unsafe to do anything after InflightLibraryEvent has been signalled.
This patch moves the logging up to above the decrement of the refcount.
Change-Id: I9493d970cec4a025ca9e4c5542e2d838c87f7817
Reviewed-on: http://gerrit.openafs.org/5601
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
we enforce locking by pid. when we are ukernel, MyPidXX is stupid.
don't bother.
Change-Id: Iddefd5d63edd6cc35a3c8112cb2cfbf3d47031aa
Reviewed-on: http://gerrit.openafs.org/5597
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
we need a format string; currently here we have none, which is no good
Change-Id: Ib097100383dba9d56056b96c5322734abb765f9d
Reviewed-on: http://gerrit.openafs.org/5591
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
we could in case of multiple splits end up using a stale open
vnode for a directory; attempt to close and thus force-reopen
any fdhandles backing ihandles.
Change-Id: I50ff39873b523b05287c7a183d84e6f16eb7cd90
Reviewed-on: http://gerrit.openafs.org/5553
Reviewed-by: Hartmut Reuter <reuter@rzg.mpg.de>
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Upstream decided to rename the kernel functions that implement
syscalls to have a sys_prefix (including afs3_syscall!).
We use a couple of them, so we need to conditionalize accordingly.
Unfortunately, __FreeBSD_version was not bumped with the change,
so we use something close to it and hope it's close enough.
Change-Id: I228805a813af70b30f94f659e4da602210a6d6df
Reviewed-on: http://gerrit.openafs.org/5572
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Add the new -pidfiles option to the man page. Add a few other missing
options as well.
Change-Id: I2d72ec9948edb4dce4c6b6d974915d4ac7560b0b
Reviewed-on: http://gerrit.openafs.org/5587
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Patchset 4251e386aa converts to
using Heimdal. The conversion undid the introduction of the
abstraction function fetch_krb5_error_message() which is
implemented in src/util. Restore the use of fetch_krb5_error_message()
and modify src/util/krb5_nt.c to use the Kerberos Compat SDK
interface.
Change-Id: I67fe7a309727f67a1da3705e1e485e64747c325c
Reviewed-on: http://gerrit.openafs.org/5571
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
we need to free this, but while the pointer is still good
Change-Id: I5afa3505b764c5bf72811f60f63e29c80a29c5af
Reviewed-on: http://gerrit.openafs.org/5562
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Do not treat the output of NetbiosName() as a wide_t when
it is a char*.
Change-Id: Iba4f1f30f1de4a9c3ded2f1e440ca9e4bc014379
Reviewed-on: http://gerrit.openafs.org/5549
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Add runtime options to aklog_dynamic_auth. Commit
3a541eb11d changed the behavior of
aklog_dynamic_auth to be more friendly to the CDE screenlocker, but
forced the use of UID-based PAGs.
Since some users like to use real PAGs and don't care about the CDE
screenlocker, made this behavior a runtime decision instead.
Change-Id: I28264e2e80258f962d02ed9a6a40c4d789179c06
Reviewed-on: http://gerrit.openafs.org/4484
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Make aklog_dynamic_auth use the new SetTokenEx method of storing
tokens.
Change-Id: I843ecd206ef4673ff9e5df5419daa9ee5b31f060
Reviewed-on: http://gerrit.openafs.org/4483
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Redesign the AFS Volume Tab to report:
. Volume name
. Volume ID
. Cell
. Server
. Availability
. Quota
. Partition Info
. Replica Server List
Properly handle multiple selections to report the volume info
of the parent object and not the actively selected object.
When a mount point is selected, display the volume information
for the target volume.
Remove file server from AFS tab.
Modify the AFS tab to better handle multiple selections including
mount points.
Extend many gui2fs functions to implement a poor man's "follow"
option. This really should be done with the pioctl 'literal'
capability but this is an improvement. The pioctl modifications
will require a major redesign of gui2fs.c and all of the dialogs.
Change-Id: Ib009beb81d841fb3bbbd35b1eb0faec2c40eaf4e
Reviewed-on: http://gerrit.openafs.org/5531
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
In a few different places, moving libutil before libafshcrypto_lwp
caused a variable definition to have a trailing \ on the last line of
the definition. This can confuse make (at least, the HP-UX make) to
think the next following definition is also part of the current
definition. Remove the trailing "\"s.
Change-Id: I235f95813e303bc3805b5d9fc8d7861e812613e2
Reviewed-on: http://gerrit.openafs.org/5523
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
We don't care about non-vicepX partitions, so move part of the UFS
"logging" check into VCheckPartition. This API should probably redone
so the "am I a vicepX partition" check is done completely separately,
but for now, this will do.
Change-Id: Ib2df2079a392d7ed1a8c2aded34f2a7265215ecd
Reviewed-on: http://gerrit.openafs.org/5514
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Over time the FSSYNC code has collected examples where the partition
path is passed rather than the partition name. In Unix this is the
same (/vicepX), but on windows the path is the DOS device (C:).
This checkin changes FSSYNC client code to always use the partition
name.
This checkin does not address FSSYNC server or SALVSYNC.
Change-Id: I3c5b63103ab0cbd6c2c6c73b9dc737eca22b7d4c
Reviewed-on: http://gerrit.openafs.org/5521
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Add registry keys and values to enable use of the overlay
handlers for symlinks and mount points.
Add registry keys and values to enable use of the property
sheet handlers.
Correct registry keys for the Folder background context menu
handler.
Change-Id: Icac560fc6ffcec6bcc41f64adeae3ee2e5884fdb
Reviewed-on: http://gerrit.openafs.org/5530
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
MIT's krb5_get_error_message() ignores the context and can
be called with a NULL context. Heimdal's version does not.
Change-Id: I31801b0e0044e5e724298404645517e4425b0f09
Reviewed-on: http://gerrit.openafs.org/5508
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Heimdal disables DES by default. Enable DES-CBC-CRC by
calling krb5_enctype_enable() so that the active profile
does not require
[libdefaults]
allow_weak_enctypes = 1
Change-Id: I75d7b6bd7269081c7b1fcaafe05074dcdcc9a7e0
Reviewed-on: http://gerrit.openafs.org/5501
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Build OpenAFS for Windows against the Secure Endpoints
Kerberos Compatibility SDK instead of the in tree
Kerberos for Windows SDK.
The compatibility layer is available from:
http://github.com/secure-endpoints/heimdal-krbcompat
The SDK location must be specified with the
KERBEROSCOMPATSDKROOT environment variable.
The benefits of building against the Kerberos Compatibility
SDK are:
* Heimdal 1.5.1 or later assemblies will be used
if available
* MIT KFW 3.2.x will be searched for if Heimdal 1.5.1
is not installed
Version 1.0 of the SDK is supported.
Change-Id: I393e20d8bfb9ee1ca749cc54ecc1341927abaf82
Reviewed-on: http://gerrit.openafs.org/2867
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
When we serialize host information for DAFS during shutdown, we have
no guarantee that the host is in a valid state when we look at it.
This can result in a host being saved to disk when we are waiting for
the host to respond to an RPC, and so the information about the host
is invalid. For example, we can save a host that has the
HWHO_INPROGRESS flag set, and when it is restored later, this can
cause odd behavior since the flag is set but no thread is actually
waiting for the host to respond.
So instead, during state serialization, try to determine if a host may
be in an invalid state, and simply skip the host if it may.
Change-Id: I755640ea4ce607245ae98cc7455472ef781271e7
Reviewed-on: http://gerrit.openafs.org/5528
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Host entries with HWHO_INPROGRESS set or ALTADDR unset do not have
valid state, since those flags indicate that the fileserver was in the
middle of identifying the host when the host struct was serialized.
Skip entries from the on-disk host data that have such invalid flags
set when restoring state, so we do not load invalid data.
Change-Id: I26b88256679f4596598e6e3e6b68af7e8e5e387d
Reviewed-on: http://gerrit.openafs.org/5527
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The CB, FE, and host serialization structures were just using the
relevant indices to determine whether or not an entry mapping and old
index to a new index was populated with actual data. For host
structures, this really isn't sufficient, since our index can be 0,
and the structure is calloc'd, so the index in the structure could
also be 0.
Add a flag explicitly stating whether or not the structure has been
filled in, to make this unambiguous.
Change-Id: Ia69e25fa73e10dc10cf3ddf08bb4feb2c9958674
Reviewed-on: http://gerrit.openafs.org/5526
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Make sure we are passed valid statistic index numbers, so passing in a
bad index doesn't result in writing over random memory.
Change-Id: I29ed03b59df937e6f95fba44209a03db23613a8d
Reviewed-on: http://gerrit.openafs.org/5525
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Use the xfer indices for the xfer-related data, not the op indices, so
we don't try to fill in data beyond the actual storage for the stats.
Change-Id: I075d4eb9439d9bd603489f0aa90b3c18c3959de3
Reviewed-on: http://gerrit.openafs.org/5524
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Add the ability to specify a procedure that will be called after
the end of each RPC for a service. This is similar to the
existing afterProc, except that it gets called after the RPC
has ended (after EndCall).
rx_SetPostProc and rx_GetPostProc are provided to set and retrieve
a postProc for a specified service.
Change-Id: I52e70323c5d35c9c0d70d9b9bbb05ff56a6edcad
Reviewed-on: http://gerrit.openafs.org/5529
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Unlike the afs_set_acl_dlg the PropACL sheet only uses a single
ComboList to maintain both the positive and negative ACEs but
uses two CStringArrays to separately store the positive and
negative ACEs. Two entries in each array are used to store
an ACE. The %2==0 entry is the pts name and the %2==1 entry is
the permission list. This needs to be taken into account when
manipulating the negative entries since the array count for the
normal entries is twice the number of ACEs.
Negative entries were prefixed with '=' instead of '-'.
The Remove button was not hooked up and was not enabled or disabled
under all appropriate conditions.
Change-Id: I3bbfd9e82c8796554482b876d31ec53d8f9ac91f
Reviewed-on: http://gerrit.openafs.org/5518
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
The afshcrypto.rc file was provided but it was never compiled
nor linked to the dll.
Change-Id: I41138c53a5b53417d880ae748c7f8e8248daedce
Reviewed-on: http://gerrit.openafs.org/5517
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
The afsroken.rc file was provided but it was never compiled
or linked to the dll.
Change-Id: Id64ccd06b85c444f2009ef21f1fc65fb14f1bf01
Reviewed-on: http://gerrit.openafs.org/5516
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Checkins b71a2daa and 5247fa38a moved us from using a FILE*
to using an FDi_t. However, lurking inside the dump code we
see a use of _filelength() which is a MS-Crtl API.
This checkin replaces this call with one to the WIN32 API
GetFileSizeEx.
Change-Id: I6ecc25a52d083f918bd8d92670b05f12e58e4015
Reviewed-on: http://gerrit.openafs.org/5511
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
The header afs_assert.h no longer exists after commit
cac7424272. Remove all remaining
references to afs_assert.h in the tree.
Change-Id: I708a399d4389d2f96d93ce3caf9c8b96e38bdf64
Reviewed-on: http://gerrit.openafs.org/5513
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
we already have this data; if we can output it, do so.
Change-Id: Ibc445a152e4e1e61be50003dd8683d2a4b32d190
Reviewed-on: http://gerrit.openafs.org/5510
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
none of the web enhancements break base functionality,
and they are strictly more functionality; just turn them on everywhere
Change-Id: I462d3571d055f1d8ec19bdd0132b935bacd435c0
Reviewed-on: http://gerrit.openafs.org/5509
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
There is significant confusion between the partition name (/vicepX)
and the containing volume (C:) in the windows code. A review of
the uses in FSYNCH found a downright wrong comment (as checked in
the debugger).
Change-Id: I9cf6e965c9efee18b608a622b83639f25e410ce5
Reviewed-on: http://gerrit.openafs.org/5512
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
