the problem with rx_PutConnection is h_FreeConnection uses the host global lock
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
the problem with rx_PutConnection is h_FreeConnection uses the host global lock
but it shouldn't matter (callback conn should be a client not server conn and
thus not h_FreeConnection on cleanup)
further, we should free the conns we GetConnection'd not the ones still in
the host struct at the end.
(cherry picked from commit 2fbfef7f9157aad571307564faae1ce7aae4e3be)
Cummulative update of changes including:
* Add code to block the issuance of AFS tokens by aklog.exe or
afscreds.exe when the Kerberos 5 principal name contains a dot.
* Modify the IsAdmin() function to always treat the local SYSTEM
account as an AFS client administrator. Affects fs.exe and
afs_config.exe.
* Modify the internal handling of Quota Exceeded errors
* Upgrade all reference count fields in the Windows cache manager
and the osi library to use unsigned long instead of signed short.
A similar fix has been applied to the afs rpc (rx) library.
* fix the Windows cache manager to prevent it from replacing the
rx_connection object associated with the cm_conn_t object on each
and every operation if "fs crypt" was set. This explains the
dramatic performance difference when crypt is used vs clear.
The problem: 'cryptall', a boolean flag indicating whether or not
"fs crypt" is set, was being compared to the rx_connection
cryptlevel which is either rxkad_clear:0 or rxkad_crypt:2.
1 != 2 and therefore the rx_connection was always destroyed
and replaced on each and every operation.
Lock the cm_conn_t object around every call to RXAFS_xxxx functions.
It is not safe for the cm_conn_t object to not be locked because
rx_DestroyConnection might be called from another thread if:
- the user's tokens have changed or expired
- the crypt mode has changed
This fix appears to have also taken care of the problems associated
with Overlapped Writes resulting in Delayed Write errors.
* fix NSIS installer's AdminGroup.exe to properly create and
remove groups when given -create or -remove. The string comparison
test was wrong.
* fs sysname now accepts a list of sysname values
* added a new registry value HKLM\SOFTWARE\OpenAFS\Client "IoctlDebug"
DWORD which when set to a non-zero value will cause error message
text to be output to stderr from the pioctl() routine. Useful in
debugging failures of fs.exe, tokens.exe, etc.
* added a test to the power management code to only perform a
flush operation if there is at least one network adapter which
is not a loopback adapter.
* Fix bug in loading of registry value HKLM\SOFTWARE\OpenAFS\Client
"EnableKFW". This value will not be read if the key
HKCU\SOFTWARE\OpenAFS\Client exists; even if the "EnableKFW"
value under that key does not.
* provide mechanisms to force the use of krb524d for Kerberos 5
ticket to AFS token conversion. For afslogon.dll and afscreds.exe
there is a new registry value "Use524" and for aklog.exe a new
command line parameter "-m".
* Fix the pattern matching algorithm to properly match patterns
ending with a '*'.
* smb_ReceiveCoreRename() was factored to produce smb_Rename()
which is used by both the original function and the new
smb_ReceiveNTRename(). smb_ReceiveNTRename() supports the
creation of HardLinks in addition to Renaming. smb_Link()
is a new function which creates HardLinks via cm_Link().
cm_Link() is a new vnodeops function which creates links
using RXAFS_Link().
smb_ReceiveNTRename() does not support the File Copy and
Move Cluster Information operations described in its interface.
ReceiveNTRename is under documented in CIFS-TR-1p00_FINAL.pdf.
* When opening files via symlinks, we should follow the symlinks
until we reach the actual file stat cache entry. The stat cache
entry of the file should then be stored in the FID instead of
stat scache entry of the symlink.
* return bad operation errors for all unimplemented functions
even if we do not know the functions exist.
* Log bad packets and unknown operation packets to the trace log
* Map CM_ERROR_BADOP to STATUS_NOT_SUPPORTED instead of
0xC09820FF
* Update list of known CIFS operations to include all those listed
in CIFS-TR-1p00_FINAL.pdf.
* Modify the handling of HKLM\SOFTWARE\OpenAFS\Client\Submounts
to support the REG_EXPAND_SZ type.
* fix the Windows cache manager to prevent it from replacing the
rx_connection object associated with the cm_conn_t object on each
and every operation if "fs crypt" was set. This explains the
dramatic performance difference when crypt is used vs clear.
The problem: 'cryptall', a boolean flag indicating whether or not
"fs crypt" is set, was being compared to the rx_connection
cryptlevel which is either rxkad_clear:0 or rxkad_crypt:2.
1 != 2 and therefore the rx_connection was always destroyed
and replaced on each and every operation.
Lock the cm_conn_t object around every call to RXAFS_xxxx functions.
It is not safe for the cm_conn_t object to not be locked because
rx_DestroyConnection might be called from another thread if:
- the user's tokens have changed or expired
- the crypt mode has changed
* Modify cm_Lookup to evaluate a list of possible values for @sys
instead of just a single entry. Re-write cm_ExpandSysname and
add cm_LookupInternal.
* Reformat affected files
* Add cache file name to cache creation errors
(cherry picked from commit d8453a3f467e6350da304dbc0f494591737662cd)
correct the test for -create and -remove so that the proper
action is taken for each
(cherry picked from commit 04ec8ea29d1440beca6e8be9bac12a64650c900b)
Add a new registry value HKLM/SOFTWARE/OpenAFS/Client "IoctlDebug" DWORD
which when set to a non-zero value will output error messages to stderr.
This is to assist in debugging ioctl failures when fs.exe, tokens.exe,
etc. fail because of an inability to open the ioctl file name.
(cherry picked from commit e845efc4428fa5764eb5e450b7f5ec8a805eb4f7)
FIXES 15250
One more fix for the symlink problem. Access control checks cannot be
performed until after we have walked all of the symlinks. Otherwise,
we are checking access to the symlink itself and not to the file.
(cherry picked from commit fdaf6f793398fb7dd61bdb7030447918dbe30b38)
The windows power management code responds to a request to suspend or
hibernate by performing a "fs flushvol" as the logged in user on each
of the SMB/CIFS mounted shares. This can be very time consuming if
the cell servers cannot be reached.
This patch adds a test to ensure that there is at least one network
adapter in the machine which is not a loopback adapter.
While developing this patch other areas of concern have been raised.
The power management code waits a fixed period of time based upon
the hard dead timeout before allowing the suspend/hibernate to continue.
This allows the machine to shutdown even if there are active flush
operations being performed. This defeats the benefit of performing
the flush at all.
A better mechanism could be developed if the functions called via
cm_IoctlFlushVolume returned and checked error codes. Then it might
be possible to abandon the flush operation if a Server Not Reachable
state was obtained.
The power management flush operations will also not work on Terminal
Server. This would be important in the case where a terminal server
is shutting down due to a switch over to a UPS. The reason it does
not work on Terminal Server is that there is that it is not possible
for afsd_service.exe to enumerate the SMB/CIFS shares and impersonate
the individual logged in users.
It would be preferred for there to be a new cm_FlushAll() function
implemented which was not dependent on the use of the ioctl mechanism
for the purpose of identifying a volume ID or a user ID.
(cherry picked from commit 2469663d0d4b2df8100ec8e09954163ddf1aa042)
Fix the registry query in afskfw.lib to read the HKLM machine value
even if the HKCU key is present.
Update text in the install notes to better describe the krb524
issues
(cherry picked from commit d69e6641e5fc423b41fcfc9345a6f917ec958f37)
Provide mechanisms to force the use of krb524 via afscreds, afslogon,
and aklog. afslogon and afscreds rely on a new "Use524" registry value
(see registry.txt) and aklog has a new "-m" command line option.
(cherry picked from commit b40090233989aad1b96fdd9fd9d8d0478c2abd6e)
FIXES 15365
The pattern matching algorithm was failing to match strings when the
pattern terminated in a '*'. The logic was also too complex because
it failed to simply the patterns prior to processing. Any combination
of '*' and '?' == '*' according to the Windows file name pattern
matching rules.
(cherry picked from commit a135e0d30c077e19c3f10f7a6ccc46fa3fb6c234)
FIXES 915
FIXES 15250
* smb_ReceiveCoreRename() was factored to produce smb_Rename()
which is used by both the original function and the new
smb_ReceiveNTRename(). smb_ReceiveNTRename() supports the
creation of HardLinks in addition to Renaming. smb_Link()
is a new function which creates HardLinks via cm_Link().
cm_Link() is a new vnodeops function which creates links
using RXAFS_Link().
smb_ReceiveNTRename() does not support the File Copy and
Move Cluster Information operations described in its interface.
ReceiveNTRename is under documented in CIFS-TR-1p00_FINAL.pdf.
* When opening files via symlinks, we should follow the symlinks
until we reach the actual file stat cache entry. The stat cache
entry of the file should then be stored in the FID instead of
stat scache entry of the symlink.
* return bad operation errors for all unimplemented functions
even if we do not know the functions exist.
* Log bad packets and unknown operation packets to the trace log
* Map CM_ERROR_BADOP to STATUS_NOT_SUPPORTED instead of
0xC09820FF
* Update list of known CIFS operations to include all those listed
in CIFS-TR-1p00_FINAL.pdf.
(cherry picked from commit e07406e551cc5c67e83c9985dbbfe5952ada6518)
replace QWORD with DWORD
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
add expanded registry string support to Submounts
====================
Correct a 64-bit time_t error
(cherry picked from commit f31658317a77346759f165ff13b5dcf77a8b3683)
netbsd's cc doesn't like multiple semicolons in variable declarations,
so move OSI_VC_CONVERT down to the last statement
(cherry picked from commit 4d906fec23916230936763ef36d6bc7a79c8eebf)
well, i'm not sure what the right way to deal is, seeing as this change weas reverted later in the kernel
(cherry picked from commit 1d6cf7729ca06c95eb4dd8b2f72d61bda6010304)
FIXES 6355
- It resolves all IP addresses to names unless the "-numeric"
parameter is used.
This is the same behavior as "fs listcells [-numeric]"
- If the "-numeric" parameter is used, IP address will be printed
in dotted decimal form instead of a 8 digit hex string.
- A new parameter "-long" allows to print all information for all
entries in the log.
This is the same info you get for entry XYZ when called with
"-key XYZ" only you get this for _all_ keys.
The output is slow if not also called together with "-numeric
(cherry picked from commit e82bc5223192fc2a7270aec53aed951ba4a24cae)
Thanks to jaltman for pointing out some files I missed
(basically those in two-level deep directories).
(cherry picked from commit b0f773c41c68fd7833a669693d30b27a12f3ba8e)
make des crypt module be built without optimization.
make aix 5.2 be "supported"
make ukernel work on aix 5
(cherry picked from commit c18d67d9a0d653b6557824d3583c827f076e29d3)
Add trailing semicolons to _LOCK and _UNLOCK macros and re-indent.
This should've been in fix-indent-bug-with-lock-macros-20030729
but somehow it slipped by and I've only found it now.
(cherry picked from commit 788ca86bdc139ee42aeecceb4b453c87bfd2426f)
"Playing around with multi-address database servers on little-endian machines
I found out that there is one conversion of the ip-address too much"
(cherry picked from commit 6f1cd5a43e1240ecc7a964b8236e25e1d0e46fca)
check for existance of some headers (in_systm.h, mm_inline.h) to decide on inclusion
(cherry picked from commit fc441042fcfe619cc8fac528886782caed12ab48)
Noone seems to be using this code anyway, as it's been non-compilable
for 2 years now. But indent noticed that we have too many close-parens
in there, so might as well fix it...
(cherry picked from commit 3fa71885aecae85a3ddadc04dd1fcbfaa2a7e8b0)
modern 2.6 kernels with i_security need this such that if the i_security field got garbage-collected out from under us we don't deref a null pointer.
(cherry picked from commit e6c7148abed9f88d6dd83ce8dba77a434cce231a)
Drive mappings are now per user and stored in the registry. Allow
them to continue to use environment variables in the paths.
(cherry picked from commit bca5ba20e678ffc7b5dbbd3d9e2760b16b1ff1a9)
Update text files for 1.3.71 and describe the new Windows Authorization
Group "AFS Client Admins"
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
Add support for "AFS Client Admins" windows authortization group
(cherry picked from commit 40d2f5f7c02e28cf471d284e5be9fb97c91d145a)
