Be more agressive about trying to establish a connection to the SMB
server if it fails. This requires adding a new dll: secur32.dll
(cherry picked from commit d2d84479cfc9288cfa2c6d7c012ad0418229d225)
perform a bit more error checking and logging when loading mountpoints and
symlinks from the registry
(cherry picked from commit 38ed975350a879cd2a8d45c3e71aa2ed49e8b664)
Fix a memory overwrite condition caused when the BackConnectionHostNames
key does not exist
(cherry picked from commit a8d0ca81a8d79b65e265ebf67ae6b9ddc868cac6)
FIXES 16432
need AssertionFailed in libafsrpc. ndon't need casestrcpy in libafsauthent
(cherry picked from commit d8e6630fffbbc6635c49c8c6d45a4550144e7f94)
Output the error number and not just the text string when reporting
failures from CreateFile.
(cherry picked from commit b208926c260105159bdf03bf219966a341e76197)
If the desired cache size is greater then 700MB auto disable the
signature verification check in order to prevent fragmentation of
memory.
(cherry picked from commit 9ba17afadb859bf9e3ef912aa1a4c120b7998eb5)
There is currently a maximum cache size of 1.3GB. The limit is imposed
by the largest contiguous block of unused memory within the 2GB process
space which can be assigned to the memory mapped file. Unfortunately,
when the executable digital signature verification code is activated
Windows sees fit to further segment the process memory which in turn
reduces the size of the maximum cache file to less then 800MB. If
larger cache sizes are desired, a new registry value should be set:
HKLM\SOFTWARE\OpenAFS\Client (DWORD) "VerifyServiceSignature" = 0x0
Setting this value will disable the runtime verification of digital
signatures on afsd_service.exe and the afs dlls which it loads. It
will not disable the the version number check on those same files.
The signature verification is not a security messure and is only meant
to enhance the ability to afsd_service.exe to detect potential
destablizing mixtures of DLLs from incompatible distributions.
(cherry picked from commit f8ce184140b2f54bd2d82d4f62b47b5387225419)
Switch the Trust Provider used to verify the validity of executables
and libraries to the Software Publisher Trust Provider.
Add code (with Asanka's help) to extract the certificate details and
log them to afsd_init.log. Ensure that if files are signed that all
of the files are signed by the same entity.
Add a number of missing prototypes
Correct conversions from time_t to long or short.
(cherry picked from commit 852a0518624c13e45a4d0f2561b171687e07b9cc)
in the freelance root.afs volume, instead of creating a mountpoint when
a name is evaluated and it is a partial representation of a cellname,
create a symlink.
(cherry picked from commit 1a050671c9af89857a31cd41e13c64e95ae7a8e3)
Add support for WinVerifyTrust(). If afsd_service.exe is a digitally
signed executable, make sure that all of the associated binaries not
only have the same file version number but are signed as well.
(cherry picked from commit a3c06afa0b7a9a94248af080bc5208291c08e08f)
replace the registry population scheme with cm_freelanceAddMount
based on the CellRootName
(cherry picked from commit a688328e8524f7232bfc294ea02b4d87d7172656)
Implement new functions: cm_freelanceMountPointExists and
cm_freelanceSymlinkExists. Use them along with other validity checks
in cm_freelanceAddMount and cm_freelanceAddSymlink to ensure that name
collisions do not occur and that empty strings are not valid file names.
A symlink may not have a name which would resolve to a valid cell name.
Doing so would prevent access to the cell.
(cherry picked from commit 3c487ecb59c0bace3a417245f639f7e3388ae5dc)
replace all direct manipulations of the cm_scache_t refCount field
with calls to cm_{Hold,Release}SCache[NoLock]().
add missing call to cm_HoldScacheNoLock in freelance Mount Point
re-initialization code.
experiment a bit more with "special folders". ensure that checks
for "desktop.ini" are case insensitive.
(cherry picked from commit 976465c87e027a3721a464324cf1d83c522dd996)
Install registry values to force a mapping from afsdsbmt.ini file updates
via the old profile API to the new HKLM\Software\OpenAFS\Client\Submounts
key.
(cherry picked from commit 081993a6274866507bfa3969a7b692a24e6491e1)
Fix the version info data stored in the resource block to
use the same language identifier as is advertised.
(cherry picked from commit 487bf88c403cbe0ae93b92556623913962b4b871)
Fix the afs_freelance.ini import code.
Check both the Client install directory and the %WINDIR% directory
for afs_freelance.ini
(cherry picked from commit 50ca88be2a8dcce74ba9386d0161c39e46e1d57c)
fix a deadlock situation if an Obtain Tokens dialog is produced
by an expiration event and the user chooses to cancel instead of
obtain new credentials.
(cherry picked from commit 06edeed70c9b3c7a2b8909c2069e720c97478799)
some software network adapters use instances of lo but are real network adapters
. allow them to be advertised. the modified functions are called only in the pro
cess of collecting a list to advertise.
at the same time, make sure we mask 127.0.0.1.
i wonder if that's a mistake.
(cherry picked from commit aa204b0a4b586a3bfec532c16bd64a5964f092f5)
When you have a 64bit big endian machine with a 64bit off_t in the stat
the salvager won't work.
Malloc takes an "unsigned long" and a implicit cast will be almost
always zero :-).
(cherry picked from commit c0dd32748f5a64676ddbc7897d1a622e0f250cd7)
FIXES 15962
We currently try fairly hard to make stat() on a volume root return the
same vnode number as is listed for the mount point by readdir(). This
behaviour is desirable; in fact, getcwd would not work otherwise.
However, we are _not_ careful about making readdir list correct inode
numbers for "." in a volume root or ".." in a directory whose parent is
a volume root. This means that applications which examine these entries
will still see inconsistent inode numbers. Clearly, it would be more
desirable to report consistent inode numbers in all cases, instead of
only in some cases.
The attached patch, written while I was tracking down some NFS
translator problems (which ultimately proved to be unrelated), makes
readdir return consistent inode numbers for volume roots. We are
running this on a few machines and have seen no problems, but it has not
been extensively tested.
(cherry picked from commit c3d9ed3cb553747b9b317fc4794755ba98afc24b)
FIXES 15973
add get/put refs to all callback rxconn usages to preclude any possibility of race
(cherry picked from commit 08af3229f3c4d961e5d662e049476229fbb11767)
FIXES 15960
don't reset root mtime, solaris 9 wants it to be the same across multiple calls
(cherry picked from commit 884335d78318aca00293245c9d481fd285ceba59)
some software network adapters use instances of lo but are real network adapters
. allow them to be advertised. the modified functions are called only in the pro
cess of collecting a list to advertise.
at the same time, make sure we mask 127.0.0.1.
i wonder if that's a mistake.
(cherry picked from commit 27fbf495163784c7d9a88001441b671f446ce547)
FIXES 15726
cleanup from dread-do-validation; change to using dcache and not just fcache
(cherry picked from commit 10c1abfa31273ebf99c5eaf401cb8c5b9e8df0dd)
from peter tripician via chas. update so largefile support stands a chance of working
(cherry picked from commit 6dce8ba4e23c6482856aaf35cb5dc5168ef054cc)
