LICENSE MIT
Fix the order of parameters to strncpy
Add error checking to all krb5 functions.
Initialize the global ccache variable to NULL.
(cherry picked from commit 2169423f68)
LICENSE MIT
Two recent changes to the AFS/Kerberos landscape have been causing
problems for aklog and related modules. First, the support for multiple
local realms for the cell has broken the pts auto-registration code
when the realm used for the token acquisition does not match the
realm belonging to the selected vldb server. Second, Kerberos referrals
prevents detection of the realm of the vldb server.
This commit adds a new method of searching for the afs service principal.
The first attempt is for afs/<cell>@<CLIENT-REALM>. If found, the
<CLIENT-REALM> is used as the realm of the cell.
The patch adds error handling for KRB5_ERR_HOST_REALM_UNKNOWN which is
returned when krb5_get_host_realm() can't determine the realm.
Duplicate queries are also avoided and copy_realm_of_ticket() is
properly employed.
(cherry picked from commit c6897cee01)
LICENSE MIT
1. return CM_ERROR_NOSUCHFILE when attempting to remove a symlink or
mount point that does not exist
2. When adding a new symlink or mountpoint, be sure to increment the
number of local mount points
3. When re-initializing the fake root.cell the unique value is always
one, not two. Use cm_FidCmp() to compare fids. The use of the
value two prevented the invalidation of existing values because all
of the directory entries are created with the unique set to one.
(cherry picked from commit b2e3e64275)
LICENSE IPL10
FIXES 17509
because of when fds are NULL'd in file_table this should work except when one process has the same file open for read and for write in different FDs; otherwise,
the last write fd to close collects the error.
(cherry picked from commit 1cf6c12a07)
LICENSE MIT
make krb5_context global. wrap all calls to exit() in a new function,
akexit(), which performs cleanup of the krb5_ccache and the krb5_context.
(cherry picked from commit 887f2869e3)
LICENSE MIT
Windows Error Reports indicate that sometimes the krb5_cc_default()
call must be failing because krb5_cc_principal is being called with
a NULL ccache value. Perform error checking and cleanup that was
not previously implemented.
(cherry picked from commit 94f32208af)
LICENSE MIT
Adds HKLM\\Software\\OpenAFS\\Client DisableIoctlSMCheck
For use in setting tokens when afsd_service.exe is started without
use of the NT Service Manager. Permits profiling authenticated
operations.
(cherry picked from commit 77c1e98636)
LICENSE MIT
Add CM_CONFIGDEFAULT_CELLS (1024) to cm_config.h and a "Cells" registry
value that can be used to alter the limit at runtime.
No longer tie the number of cells to the number of stat cache objects.
1024 should be more than sufficient.
(cherry picked from commit edbde00d6c)
LICENSE MIT
The volume dotdotFid field should have moved into the cm_volstate_t
object as there can be different parents for rw, ro, and bk volumes.
(cherry picked from commit d24b177765)
LICENSE MIT
The UMich AFS IFS code has never been made ready for production.
An alternative approach is currently being worked on that will be.
(cherry picked from commit e3f9fcdeaa)
LICENSE MIT
Protect against invalid data being passed into ParseAcl and
corrupting the stack. This affects both fs.exe and the explorer
shell extension.
Windows Error Reporting in recent weeks has begun to report several
instances of stack corruption in the explorer shell extension from
Denmark and Germany.
(cherry picked from commit e6d7e16588)
LICENSE MIT
The UMich AFS IFS code has never been made ready for production.
An alternative approach is currently being worked on that will be.
(cherry picked from commit e7e2a3bd06)
LICENSE BSD
this will dump the current dafs vlru state on kill -XCPU (just as we dump other
fileserver state)
that state is
VLRU is a garbage collection facility which automatically offlines
volumes in the background. The purpose of this facility is to
proactively offline infrequently used volumes to improve shutdown and
salvage times. The process of offlining a volume from the "attached"
state to the "pre-attached" state is called soft detachment.
VLRU works in a manner similar to a generational garbage collector.
There are five queues on which volumes can reside: new, intermediate,
old, held, and candidate:
held:
queue for volumes which are administratively barred from VLRU activity
candidate:
queue for volumes which have not been accessed recently, and are thus
candidates for soft detachment
new, intermediate, old:
generational queues for active volumes; state transitions controlled by
inactivity timers.
State transition timeouts are as follows:
candidate->new activity present
new->candidate (1*vlruthresh) minutes since last transition; no activity
new->mid (2*vlruthresh) minutes since last transition; activity
present
mid->old (4*vlruthresh) minutes since last transition; activity
present
old->mid (2*vlruthresh) minutes since last transition; no activity
mid->new (1*vlruthresh) minutes since last transition; no activity
(cherry picked from commit 6c81286368)
LICENSE IPL10
The pts program has a command 'source' to read commands from
a file. In the interactive "shell" mode, this command works,
reading and executing commands until the end of the file and
then returning to the command shell.
This command is valid for use as a command line option, but
does not work. It requires a valid filename as an argument,
but does not process the file, instead just dropping the user
into the interactive mode.
When given as a command line option, pts source SHOULD read
the file, execute the commands and then exit, according to
the documentation. It does not currently do this and should
be fixed.
(cherry picked from commit db4c703131)
LICENSE IPL10
update solaris 11. probably we should do configure tests instead for
these things, since they're sort of "moving target"
(cherry picked from commit 680123d70c)
LICENSE IPL10
keep accurate tabs on whether a volume is "in use" so we don't end up with volum
e state that's nonsensical.
(cherry picked from commit c7bce5882a)
LICENSE MIT
The cm_scache structure has included a reference to the associated cm_volume_t,
volp. By doing so the reference count on the cm_volume_t objects never hits
zero unless all of the cm_scache_t objects in that volume have been reused.
This prevents cm_volume object recycling.
This commit removes the hard reference and instead adds a function
cm_GetVolumeByFID which obtains a reference to the cm_volume that matches
the cm_scache fid value as needed.
A new "Volumes" registry value is added to permit explicit specification
of the number of volume objects to be allocated.
(cherry picked from commit f9cc51fb40)
