The cell string within a ktc_principal is only 64 characters long.
Be careful not to overflow it.
Caught by coverity (#985829)
Reviewed-on: http://gerrit.openafs.org/9350
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 77aa6c65b7)
Change-Id: I7e0411ce635d481cf1618c2eabf79dfb85fcd069
Reviewed-on: http://gerrit.openafs.org/11037
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If the kernel gives us bogus data back from the VIOCGETTOK pioctl,
we might overflow the cell string when copying in to it. Use
strlcpy to avoid this (unlikely) occurrence.
Caught by coverity (#985768, #985769)
Reviewed-on: http://gerrit.openafs.org/9349
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 362728d2d6)
Change-Id: I839c330a232525ddccc7957ead785c7ed9beec88
Reviewed-on: http://gerrit.openafs.org/11036
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
readlink doesn't NUL terminate its return string, so it is up to
us to do so.
Caught by coverity (#985739)
Reviewed-on: http://gerrit.openafs.org/9347
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 2fac53522e)
Change-Id: I9d47a6a7cbc86fba3f68f7e47c5d7a0fb924781f
Reviewed-on: http://gerrit.openafs.org/11035
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
The base array has VL_MAX_ADDREXTBLKS elements. Use this when
checking for an array overflow, rather than VL_ADDREXTBLK_SIZE.
Caught by coverity (#985600)
Reviewed-on: http://gerrit.openafs.org/9346
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 6a54bf7358)
Change-Id: I056432a1bf85b175ee4fc307d0662d072724b272
Reviewed-on: http://gerrit.openafs.org/11034
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
PackageIndex++ returns the pre-index value of PackageIndex, so the
error statement isn't run when PackageIndex == MAX_PACKAGES. This
means we go on to overflow all of the arrays that are MAX_PACKAGES
in size.
Caught by coverity (#985583, #985584, #985585, #985586,
#985587, #985588, #985589)
Reviewed-on: http://gerrit.openafs.org/9325
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit a1d8109c8f)
Change-Id: I5278bff5fe6be1bf127b240f7752c69385a9da24
Reviewed-on: http://gerrit.openafs.org/11033
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
The ubik connections array is NULL terminated, so we have to
ensure that there is enough space for the trailing NULL. As the
array is MAXSERVERS elements long, this means that we can only
store MAXSERVERS-1 connections in it.
This problem will never be encountered by the correct code, as
the number of hosts returned from afsconf_Open is capped at
MAXHOSTSPERCELL (currently 8). MAXSERVERS is currently 20. However,
fix the bug in case we increase MAXHOSTSPERCELL at some point in
the future.
Caught by coverity (#985576)
Reviewed-on: http://gerrit.openafs.org/9322
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit c0fba6eab5)
Change-Id: I1e2556df6867ebb7b6b311e54a0271fb6fe631fd
Reviewed-on: http://gerrit.openafs.org/11032
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Include the ResidencyRpc in the list of fs operation numbers that
can be display by xstat_cm_test.
Caught by coverity (#989029)
Reviewed-on: http://gerrit.openafs.org/9320
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 64630d07b8)
Change-Id: If14fb4e6929ea667b2dde18b381ab5c59c6bf8db
Reviewed-on: http://gerrit.openafs.org/11031
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Make sure that we initialise the nbulkentries structure to 0 before
we start work, so that if the failure handler is called, it doesn't
try to free garbage.
Caught by coverity (#985980)
Reviewed-on: http://gerrit.openafs.org/9317
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit bf78bf2c11)
Change-Id: I24536b0bec47f381eee7cfcbe1feb89c373cca0f
Reviewed-on: http://gerrit.openafs.org/11030
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If an array is n elements long, accessing element array[n] is an
overflow. Fix various places where we apply loop bounds incorrectly
using the NUM_CM_STAT_ENTRIES constant.
Caught by coverity (#985571, #985573)
Reviewed-on: http://gerrit.openafs.org/9316
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 3beca62928)
Change-Id: Icb2221409d7cd62a7efa229697eeb16146ad3ddd
Reviewed-on: http://gerrit.openafs.org/11029
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If an array is n elements long, accessing element array[n] is an
overflow. Fix various places where we apply loop bounds incorrectly
using the NUM_FS_STAT_ENTRIES constant.
Caught by coverity (#985570, #985571, #985572)
Reviewed-on: http://gerrit.openafs.org/9315
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 4ea1c8440a)
Change-Id: I028fcb13716ba60266635a1f04f2dda083cba1a3
Reviewed-on: http://gerrit.openafs.org/11028
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
The Lookup and Residency fs stats counters were missing from the
fsOpNames array. Add them in - Lookup has been missing since the
IBM release, Residency was missed when the MR-AFS code was merged.
This is still rather fragile, as there's no guarantee that
AFS_STATS_NUM_FS_RPC_OPS matches the number of elements in this
array. However, this is now correct until someone breaks it again...
Caught by coverity (#985569)
Reviewed-on: http://gerrit.openafs.org/9314
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 74d0d0d5e6)
Change-Id: Iac7275fd9dd9a2fa5fe163ba96a15d32d4e5d05e
Reviewed-on: http://gerrit.openafs.org/11027
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
The code currently does
fgets(cmdbuf, ... );
cmdbuf[strlen(cmdbuf - 1)] = '\0';
in order to remove new lines from cmdbuf. Coverity thinks there's
a danger of strlen(cmdbuf) being 0, and thus the strlen being negative.
That shouldn't happen, but if fgets hits EOF midway through a line, we
might get a string that doesn't have a trailing '\n', and end up
removing the wrong character. Tidy this up by checking that the string
isn't 0 length, and that the character we're zapping is a newline.
Caught by coverity (#985430)
Reviewed-on: http://gerrit.openafs.org/9310
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 8f51502e5f)
Change-Id: Ie165c8e50c4071c07fffa220601c8b5e92ccf815
Reviewed-on: http://gerrit.openafs.org/11026
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If afs_NewCell fails, then we can end up releasing a lock on a
section of memory that we have already freed. As this only happens
if the memory we're operating on is newly allocated and not yet
visible to anyone else, it is safe to release the lock before
starting to tidy things up.
Caught by coverity (#986054)
Reviewed-on: http://gerrit.openafs.org/9298
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 816b0c7673)
Change-Id: I7976f00431e4dc96642b45fc7563485a5087c938
Reviewed-on: http://gerrit.openafs.org/11025
Reviewed-by: Nathaniel Filardo <nwfilardo@gmail.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
When we call _StatCleanup on a stored statent structure, it
deletes the mutex, and frees the structure itself. This means it
can't be called with a locked structure as the mutex deletion
will fail, and then we'll try to reference freed memory when we
later unlock that mutex.
Fix this by unlocking the mutex before calling _StatCleanup. This
is safe because the only reference to the structure visible to other
threads must have been deleted by the time we reach this point.
Caught by coverity (#986058, #986059)
Reviewed-on: http://gerrit.openafs.org/9297
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ce20f1f151)
Change-Id: Id89df6302002224ec2f871f18711e781990f73d3
Reviewed-on: http://gerrit.openafs.org/11024
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Fix the check for requiring group lines before any membership lines. Do
not clear flag indicating the presence of a group after reading each
line. (This error was caught by the pt_util-t unit test.)
Fix for commit 12ced70c95
Reviewed-on: http://gerrit.openafs.org/9832
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 9c391e7f7d)
Change-Id: I6414f78d7611c61628aaacb4ae41111dbeec0d89
Reviewed-on: http://gerrit.openafs.org/11148
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If we have an input file which contains a group membership line
(with a leading space) before any group definitions occur, pt_util
would use stack garbage as the group to create these members in.
Avoid this by requiring the presence of a group line before any
membership lines.
Caught by coverity (#92180, #986000, #92248)
Reviewed-on: http://gerrit.openafs.org/9296
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 12ced70c95)
Change-Id: I1ad524ed701e78ebe5b2e990168782a75d69613b
Reviewed-on: http://gerrit.openafs.org/11023
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If there isn't sufficient data in the input line to satisfy sscanf,
fail with an error, rather than continuing with potentially corrupt
data.
Reviewed-on: http://gerrit.openafs.org/9295
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 62a10e063b)
Change-Id: I7b9cff1d106538496c6d554291710f73fd6b5370
Reviewed-on: http://gerrit.openafs.org/11022
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
krb_write_ticket_file uses a fixed length buffer to store the name
of the ticket file, but copies into this from an environment variable.
Remove the fixed length buffer, and use a mixture of the variable
itself, and dynamically allocated strings.
Caught by coverity (#985909)
Reviewed-on: http://gerrit.openafs.org/9294
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit a332ce9d0e)
Change-Id: Idcf442323b13cc4daa893917ede6492616ba1aeb
Reviewed-on: http://gerrit.openafs.org/11021
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Refactor the code which returns a failure from afsconf_Open into
a single section, rather than having multiple copies through out
the routine.
Reviewed-on: http://gerrit.openafs.org/9293
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit a5324a6bb6)
Change-Id: I03f963b717c8095914dd994d7d5612bf57148ce7
Reviewed-on: http://gerrit.openafs.org/11020
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If we fallback to the .AFSCONF file in the user's homedirectory,
the results of getenv("HOME") are copied into a fixed length string,
without checking for overflows.
Instead of risking this, just use asprintf to dynamically construct
a string, and free it when we are done.
Caught by coverity (#985905)
Reviewed-on: http://gerrit.openafs.org/9292
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 41d9ea697b)
Change-Id: I5b8664328dd0d397cbe459ff1e7667e63afc31e2
Reviewed-on: http://gerrit.openafs.org/11019
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Get rid of a buffer overflow in the bos_util utility, by just
printing the key from the 'tbuffer' string, rather than copying
it into 'x' which is too small for it.
Reviewed-on: http://gerrit.openafs.org/9291
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit debf43714b)
Change-Id: If8b075691defeded972d0eff29b7fb594680e433
Reviewed-on: http://gerrit.openafs.org/11018
Reviewed-by: Nathaniel Filardo <nwfilardo@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
readlink fills the buffer passed to it with a non-terminated string.
It can legitimately fill the whole of this buffer. So, if we require
a string to be NUL terminated, we must give readlink one less than
the string length so that the termination character can be safely
appended.
Caught by coverity (#985611)
Reviewed-on: http://gerrit.openafs.org/9290
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ddc3704335)
Change-Id: Ic3aa9f767b3dce988e32ce670763791f17e72aa2
Reviewed-on: http://gerrit.openafs.org/11017
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Before freeing curr_fsData, check that it is non-NULL, rather than
checking prev_fsData in error.
Caught by coverity (#985289)
Reviewed-on: http://gerrit.openafs.org/9284
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 5a61e826fa)
Change-Id: Ie63e90f8873f4fbe8afc7abee160a090920add4d
Reviewed-on: http://gerrit.openafs.org/11015
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
When using pt_util's ubik shim, if we're creating a new ubik label
make sure to zero the whole structure before writing it out to disk.
Otherwise we get a shorts worth of stack garbage in the resulting
file.
Caught by coverity (#986010)
Reviewed-on: http://gerrit.openafs.org/9274
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 96131593b3)
Change-Id: I9b2b22c075bf896a74f4b527354c8a6758ac2865
Reviewed-on: http://gerrit.openafs.org/11013
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Coverity gets confused between ubik/ubik.c and ptserver/ubik.c,
and produces a load of false positives. Rename the ptserver ubik
shim (which is only used by pt_util) in order to reduce this
confusion.
Reviewed-on: http://gerrit.openafs.org/9273
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit daed548f70)
Change-Id: I834fab3b65859cb73ece3fc52d9272d0b7d452ed
Reviewed-on: http://gerrit.openafs.org/11012
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If we can't create the bozo daemon thread, then don't keep going
regardless. Just warn the user and exit.
Caught by coverity (#988414)
Reviewed-on: http://gerrit.openafs.org/9269
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 4587ddc130)
Change-Id: I4dcf67f4aeb2533ad39e9b1b0202d00205584118
Reviewed-on: http://gerrit.openafs.org/11011
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If ubik_VL_GetVolumeId fails in the vos ProcessEntries routine,
report the failure and give up, rather than continuing with a
0 maxVolid
Caught by coverity (#988417)
Reviewed-on: http://gerrit.openafs.org/9268
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 8192554e36)
Change-Id: I004386d62dc9d2955a795c4c5952b573ff203784
Reviewed-on: http://gerrit.openafs.org/11010
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tidy up a lot of places where we initialise a variable, then
immediately assign a proper value to it, or store a return value
that we don't actually care about.
Caught by clang-analyzer
Reviewed-on: http://gerrit.openafs.org/9205
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ee0d57bb48)
Change-Id: I60f690336bc449f481a5be542ab7369d6e04f4b6
Reviewed-on: http://gerrit.openafs.org/11009
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
If the VIOC_FILE_CELL_NAME pioctl fails in fs mkmount, return an
error to the caller, instead of ploughing on with potentially bad
data.
Caught by coverity (#988418)
Reviewed-on: http://gerrit.openafs.org/9267
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 3ad7ba106d)
Change-Id: I239ff7e567b01ecbec0314ec61f79d2fd0064de7
Reviewed-on: http://gerrit.openafs.org/11008
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Update version strings for the 1.6.8 release
Change-Id: If74aea398c0210807d8e5a1d9236a4c6242ac23f
Reviewed-on: http://gerrit.openafs.org/11137
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
prerelease for 1.6.8
Change-Id: I1664633e86e218330c729362d5814ec8c160fc5c
Reviewed-on: http://gerrit.openafs.org/10894
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
The commit message for upstream's r257244 change includes:
- Make the prophecy from 1997 happen and remove if_var.h inclusion
from if.h.
Despite the clear public posting, we were caught unawares. We made
it down to the cellar despite the missing stairs, but "Beware of
the Leopard" caused us to turn back, apparently.
Since if.h is included in many places and if_var.h is not present
on all OSes, pull the if.h inclusion into the common kernel headers
for afs/ and rx/ , and add in if_var.h (as well as the sys/socket.h
prerequisite).
Reviewed-on: http://gerrit.openafs.org/10754
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 8817308a87)
Change-Id: I8a03c7b2a0fe54f987b6d63cac19980f66c80e9d
Reviewed-on: http://gerrit.openafs.org/10987
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Range check the statsVersion argument of the GetStatisitics64 RPC to
avoid a buffer overflow in the fileserver, or a huge memory allocation,
by a rogue client.
FIXES 131803
(cherry picked from commit bd2cc32da9)
Change-Id: I05b18b9f4bacd8981eafb9fe4b5aea904f88a9cc
Currently we rxi_Delay whenever RXS_CheckResponse fails for any
reason. This can result in disastrous performance degradations if a
client keeps sending "bad" responses, since rxi_Delay'ing here will
delay the Rx listener thread. This means we cannot receive any packets
for about a second, which can easily cause us to drop a lot of
incoming packets.
Instead, send the abort after 1 second by scheduling an event. This
will retain existing behavior from the point of view of the client
(it will get the abort after 1 second), but avoids hanging the Rx
listener thread.
FIXES 131802
(cherry picked from commit 0ec67b0a9a)
Change-Id: Idf2fb2cc26c013b9071d578b46f6d4831ff3fe5f
Take the functionality in rxi_SendConnectionAbort that schedules a
delayed abort, and split it out into a new function,
rxi_SendConnectionAbortLater. This allows callers an easy interface to
send such a delayed abort with their own delay.
This commit should incur no change in behavior; it is just code
reorganization.
(cherry picked from commit 61d80537ca)
Change-Id: I8798ace952bffa0c736ab90e9028fd7c99305a78
Before commit 6c41b1f740, we logged
these three messages in the fileserver in different situations:
CallPreamble: Couldn't get client.
CallPreamble: Couldn't get CPS. Fail
CallPreamble: couldn't reconnect to ptserver
After commits 6c41b1f740 and
0a5e878aa0, these messages were changed
to contain more useful information, but the language was also changed.
The messages now look like:
Client host too busy while handling request from host %s:%d viceid %d fid %lu.%lu.%lu, failing request
Cannot get CPS for client while handling request [...], failing request
Cannot reconnect to ptserver while handling request [...], failing request
While the new messages are more informative, and (in my opinion)
better describe what is happening in those situations, they do look
very different from the old messages. This can break scripts that try
to parse these logs, but in general it is also not clear to
administrators that these messages still refer to the same events.
So instead, put these messages back the way they were. Still include
the extra information, of course, but revert the language to look more
like the old messages. Now we log:
CallPreamble: Couldn't get client while handling request from host %s:%d viceid %d fid %lu.%lu.%lu, failing request
CallPreamble: Couldn't get CPS while handling request [...], failing request
CallPreamble: couldn't reconnect to ptserver while handling request [...], failing request
Thanks to Ben Kaduk for bringing this up.
Reviewed-on: http://gerrit.openafs.org/10857
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 0e9bb718ce)
Change-Id: I35c8369a7efba0c08c000a24e14385209082cfe0
Reviewed-on: http://gerrit.openafs.org/10953
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Commit 6c41b1f740 improved a few log
messages to include the client ip and port of the request triggering
that log message. Include the viceid and fid (if applicable), too, so
an administrator may more easily identify the cause.
This creates the function LogClientError, so we can use a common
function for logging very similar information. This also modifies
h_FindClient_r to give the viceid to the caller, even in the case of
error. In addition, this modifies CallPreamble to accept a fid and
modifies all callers to accomodate.
Reviewed-on: http://gerrit.openafs.org/10347
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 0a5e878aa0)
Change-Id: Ib8b41989809e559dee486757b11ccff789d615e9
Reviewed-on: http://gerrit.openafs.org/10757
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Commit 070230ab76 added documentation of
the mode parameter to bos setrestricted, claiming that the value 0 is
useless, and commit eee0bf5871 added
documentation of the restrictmode entry in BosConfig, claiming that it
can only be set back to 0 with an editor. Both claims are wrong, since
bos setrestricted -mode 0 will do exactly that (if it succeeds, which
it only can if the server is running in unrestricted mode, which can
be achieved by sending it the FPE signal). Fix the man pages
accordingly.
Reviewed-on: http://gerrit.openafs.org/10885
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit da549eea21)
Change-Id: Iea8f252829ba6192176da0ceba464cbc41aad53c
Reviewed-on: http://gerrit.openafs.org/10955
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Mention the restrictmode entry and the commands for setting and
querying it in the BosConfig man page, and add/fix cross references
between the BosConfig, bos, bos_getrestricted and bos_setrestricted
ones.
Reviewed-on: http://gerrit.openafs.org/10874
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit eee0bf5871)
Change-Id: I25d2f23d75a9074ae478f86296bb13c1b2dda95b
Reviewed-on: http://gerrit.openafs.org/10883
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
The cache manager pioctls abuse ESRCH to represent errors due to
unavailable cell information. Give a more sensible error message to
the user when a pioctl returns an ESRCH error, instead of "no such
process", which is the conventional meaning of ESRCH.
The new error message is consistent with the Windows implementation
of fs.
For example, on a host with a misconfigured ThisCell and/or CellServDB.
$ fs wscell
fs: No such process
becomes:
$ fs wscell
fs: Cell name not recognized.
Reviewed-on: http://gerrit.openafs.org/10824
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 8beba712d9)
Change-Id: I0cf6f6e0939a1075332049361153bc8a0b0958ce
Reviewed-on: http://gerrit.openafs.org/10949
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
The default will likely change in 1.6.8, not 1.6.7.
Change-Id: I5f5d62979fabd22ed79ccac6c584921acf571108
Reviewed-on: http://gerrit.openafs.org/10897
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Avoid panicking when an icl tracing function is called after
shutdown_icl.
There is a window during shutdown in which pioctls can be requested
after the shutdown_icl is issued. Reset the global icl set pointers
so tracing is disabled after the shutdown_icl, instead of using
pointers to freed memory.
Removed the unneeded afs_icl_FindSet calls and use the global
pointers which were set during the initialization.
Reviewed-on: http://gerrit.openafs.org/10884
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 64dd6dd018)
Change-Id: I65671ee60e3cdf11d9921585dcd67df7cc22c88f
Reviewed-on: http://gerrit.openafs.org/10932
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
