Prevent a TID allocated for IPC from being used for anything other than RAP.
Implement NetServerGetInfo instead of returning an error.
When looking for shares, go through root.afs first before trying to add a
mount point.
Update .cvsignore files for windows
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
cleanup uninitialized variables
====================
more dlls to be replaced
====================
When determining the full path of a UNC path, strip the server and
share names
if we are going to return CM_ERROR_NOSUCHVOLUME do it whenever the
server list is empty. If the server list is empty, allDown and allBusy
will always be set but there is nothing we can do.
* update winnotes
* add osi trace log entries to help diagnose issues with overlapped writes
from CIFS client
* fix osi trace log entries for freelance add mount to use osi_SaveLogString
* fix afscreds "Start Service" to automatically obtain tokens if kerberos
tickets are available
* update afscreds systray menu to use "..." after Remove Icon
* remove extra "." in wix installer resource
Change cm_ForceUpdateVolume to not try to perform an immediate update.
Just set the CM_VOLUMEFLAG_RESET flag. Calling cm_UpdateVolume calls
cm_connByMServers which then calls cm_Analyze which is how we ended
up having cm_ForceUpdateVolume called in the first place.
Don't fallback to SMB_AUTH_NTLM. Apparently, allowing SPNEGO to be
used each time prevents the failure of authentication when logged into
Windows with an external Kerberos principal mapped to a local account.
Change default security level to 'crypt'.
Add registry key for SMBAuthType.
Add configurable property for SMBAuthType.
Remove high security mode option from the UI.
Workaround UI bug where a text control would redraw twice, once properly, once without interpreting format codes when
there are two properties to replace.
Update the install notes to describe conflicts between SMB Authentication
and Windows machines configured with non-Windows Kerberos authentication
used to map to local accounts.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
More updates to smb auth vs external kerberos login
When all servers associated with a volume get into the CM_SERVERFLAG_DOWN
state, the error CM_ERROR_ALLOFFLINE would be returned by cm_ConnByMServers.
cm_Analyze was then supposed to be pausing for 5 seconds and then reset the
volume information. Unfortunately, although it called cm_ForceUpdateVolume,
cm_ForceUpdateVolume does not reset the CM_SERVERFLAG_DOWN state on the
servers. Therefore, when cm_ForceUpdateVolume calls cm_ConnByMServers it
would be given a CM_ERROR_ALLOFFLINE. In other words, there was no way
out of the state.
cm_Analyze will now reset the CM_SERVERFLAG_DOWN as well as setting the
server status to not_busy after its 5 second wait. This will allow
cm_ForceUpdateVolume to actually reset the volume information, and
refresh it if servers for the volume are newly accessible.
Also, added some missing locking calls in cm_Analyze.
In cm_ConnByMServers, change the error reporting to return CM_ERROR_ALLBUSY
only when all servers are busy or down; return CM_ERROR_ALLOFFLINE when all
servers are down; and only return CM_ERROR_NOSUCHVOLUME if the server list
for the volume is empty. In all other cases return CM_ERROR_TIMEDOUT.
the procedure used to obtain the profile directory failed in Domains
which were not Forests. If ADS_NAME_INITTYPE_GC fails, we must try
ADS_NAME_INITTYPE_DOMAIN which requires the Domain. Added a Domain
parameter to QueryAdHomePathFromSid. This was easy to obtain in
the NPLogonNotify since the logon domain is provided as a parameter.
Unfortunately, the domain provided to the winlogon event notification
routine is the user authentication domain, not the logon domain for
the local machine. Needed to create a GetLocalShortDomain function
which uses the IADsADSystemInfo COM interface to obtain the local
short domain. With this in place, we can now properly detect the
profile directory in all cases.
Document MaxLogSize in registry.txt
* Cleanup debug logging. In particular, allow the TraceOptions registry
value to be used as a bit flag as it was intended. Give each type of
debugging its own value instead of having each module test for the zero
bit.
* Modify the handling of the afsd_init.log file. This file originally
was replaced on each start. However, with auto-restart this causes
any error information from the previous halt to be lost. So it was
changed quite a while back to append forever. The problem with this
is that the file gets unreasonably large. Solution: add a new registry
value, MaxLogSize, which determins how large the file should be allowed
to become before truncation. The default is 100K. The magic value 0
means grow indefinitely.
* Update afslogon.dll. Cleanup logging. Fix some errors. Remove unused
variables. AND do not Forget Tokens on Logoff if the profile is located
in AFS space.
* Fix a bug introduced yesterday in cellconfig.c which caused problems
accessing the CellServDB file
* Update the NSIS installer to replace the CRTL DLLs instead of overwrite
them.
* Add new Startup Winlogon handler to initialize the TraceOption.
fstracing on a linux machine and trying to fs flush a file in the cache would trigger a hang on a machine with SMP kernel. fix it.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
fstracing on a linux machine and trying to fs flush a file in the cache would tr
igger a hang on a machine with SMP kernel. fix it.
TraceLogging is supposed to be activated for different purposes
with bit flags. The osi log and afslogon both used the same bit
flag. Bit 0 is now for afslogon; and Bit 1 is for osi log.
* Update Windows Notes files
* Modify logoff procedure to use a pioctl to check if an arbitrary path
exists within AFS
* Add a new registry value HKLM\Software\OpenAFS\Client CellServDBDir
which can be used to locate the CellServDB file in an arbitrary directory
Do not release the AFS Tokens at logoff if the user's profile was loaded
from AFS. In this case we must keep the AFS tokens because we have no
idea how long writing back the profile might take.
Add CIFS RAP support to the SMB server. This allows AFS to be queried
with NetGetShareInfo, NetGetServerInfo, etc. This allows the AFS SMB
server to be browsed using NET VIEW.
Fix afsshare.c to strip the MountRoot off the afs-path before inserting into
the registry
Fix smb.c to read the submounts out of the registry.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
fix submount extraction from registry
Do not perform a Cell Search when the name matches the SMB IOCTL filename.
This is a special name and is not to be treated as a cell. The failure
to find the name produces DNS queries as well as disk access.
Make sure that we do not alter the FD_SETSIZE on Windows.
On Windows this is an array of FD_SETSIZE. FD_SETSIZE does
not define the maximum socket handle value.
- Fix NTMakefiles in many directories to define WIN32_LEAN_AND_MEAN NOGDI
to avoid macro redefinitions
- update text files
- add "authentication cell" registry value for afscreds.exe
From asanka@mit.edu:
Network provider :
- If the user is logging into an AD domain, then look up the user's
profile path, find out which cell it's in and then authenticate to
that cell instead of the default cell.
- Domain specific registry keys
- A few fixes for handling UNICODE_STRINGs
smb3.c :
- Delete partial security context during negotiation
client_cpa :
- As per the SDK which says we must handle CPL_INQUIRE message, we do.
Also fixes a small bug where the icon isn't properly set when viewing
the Control Panel folder.
loopbackutils.cpp
- Don't bother setting the app data template, because we are setting
it in the MSI anyway.
install/wix/NTMakefile
- Add a configurable symbol AFSDEV_AUXWIXDEFINES which can be used to
customize a build of the msi.
install/wix
- Move afslogon.dll to SYSTEM32 directory
- Add registry keys to support WinLogon notifications.
- Rename afsdcell.ini to CellServDB and move it to the client directory.
- If there's already an afsdcell.ini in the Windows directory, copy
that over to the client directory instead.
- Add descriptions to AFS client and server services
Move afs_cpa.cpl control panel to the OpenAFS\Client\Program
directory and register it in the registry via the
HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\
key.
Add a Winlogon Event Notification handler to afslogon.dll to process
Logoff events. Upon Logoff call ktc_ForgetAllTokens() on behalf of
the logged off user.
Fix a filename wildcard matching error introduced a few versions back.
Windows XP SP2 adds a firewall which blocks all incoming ports by default.
This patch adds support to the AFS Client Service (but not the AFS Server)
to automatically open the firewall to ports in use by the application.
One of the new requirements of this functionality is the use of the
latest Platform SDK "Microsoft Platform SDK for Windows XP SP2".
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
For the XP SP2 SDK both the Core and Data Access SDKs are required
