acl_CheckRights() was generating core dumps because the client's prlist
was being invalidated by h_TossStuff_r() as part of freeing the associated
host. This patch fixes the problem in probably redundant ways.
A missing hold on the host is now obtained. refCounts on the client
are now preserved as part of GetClient()/PutClient(). Read/Write locks
are now obtained on the client when accessing/manipulating the prlist.
This patch adds the client parameter to GetVolumePackage() and
PutVolumePackage() and adds the new function PutClient().
This patch removes the need for the client X had conn Y stolen by X messages.
This is replaced by "deleted client X already had conn Y stolen by X. If
we see this there is definitely a logic problem as the client should not
be deleted at this point. We a no longer allowing the race condition that
would have resulted in the original message.
In addition, this patch fixes a problem with UAEs caused by the
inappropriate translation of VICE error into UAEs when there is overlap
between VICE error values and those in sys/errno.h.
When we have found an existing host via Uuid, send the probe to the
connection associated with the old host instead of the new one. If
you send it to the new connection, we will fail to detect that the
old host is no longer responding and hence that it should be removed.
This should solve the 55 second delay problem seen from clients with
Uuids that move addresses or sit behind a NAT.
When we discover a new address for an existing host we can take the
opportunity to cleanup the hash table and the interface list if the
new address differs from an existing address only by the port number.
In that case we know the client is communicating to us from behind a
NAT and the old addr/port number combination is no longer going to
be of use to us.
Fix two bugs reported via Windows Crash Reporting:
* Freelance initialization is somehow broken allowing the number of
locally defined mountpoints to become negative. Due to the use of
!= instead of < in loops, it is possible to read/write unallocated
memory.
* GetTextualSid() was not properly handling a NULL output buffer
pointer as an indication that the desired size should be returned.
Initial cut at an HTML conversion of the POD reference pages. Requires
Pod::Simple be installed (version 3.0 or later, probably). Also fix a POD
formatting bug in the afs(1) man page noticed while testing HTML output.
this is only a partial pullup
64-bit type safety changes required for successful compilation
on Windows 64-bit systems with the VS 2005 compiler
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
this is a partial pullup
64-bit type safety changes required for successful compilation
on Windows 64-bit systems with the VS 2005 compiler
the dynamic/system inode version of the linux client already keeps an
extra reference when the inode is on the vcache list. the inode/vnode
should not go away while we are trying to flush the dcache children.
Further testing revealed that some smb_vc_t objects could not be freed
because the associated smb_fid_t objects never reached a zero refcount.
Additional auditing uncovered cases in which there were holds not being
released and others in which they were released to many times. This
patch fixes the problems and improves auditability by modifying the
behavior of the smb_IoctlXXX() functions to not release a reference
that was obtained by the caller. Now the caller releases the reference.
* re-enable LogoffTokenTransferTimeout and LogoffTokenTransfer.
Tokens are now destroyed at logoff based upon the values specified
here. Default is ON and 120 seconds. Setting this to OFF will
result in tokens never being destroyed. This will leak memory.
* protect global queues with mutexes and avoid a variety of race
conditions.
The size of h_maxSlots as computed based upon the value of
MAX_FILESERVER_THREAD is too small. It is possible for h_lwpIndex
(in the pthread case) to have produce the same Slot value for multiple
threads. In that case it is possible for the following to occur:
X: h_Hold_r(host)
X: H_UNLOCK
...
E: H_LOCK
E: Check h_Held_r(host); it is true, so don't hold
E: H_UNLOCK
X: H_LOCK
X: h_Release_r(host)
X: h_TossStuff_r(host) [called by h_Release_r]
X: H_UNLOCK
E: CheckHost(host)
The end result would be a crash due to a reference to a null field
in the host processed by CheckHost.
This patch is a bit of a hack in that it solves the problem by increasing
the number of slots for threads and does not determine the correct number
of threads the process should be allowed to produce.
There should never be a case where h_Enumerate calls CheckHost with a
host whose callback_rxcon that is NULL. However, due to a bug it ended up
being the case that it happened. An examination of the CheckHost code
showed that the check for the HOSTDELETED flag should take place before
a reference to callback_rxcon is obtained. If HOSTDELETED were set, the
code would simply release the reference immediately. However, the process
of obtaining and releasing the reference required dropping and obtaining
locks that would be a performance hit.
(1) removes the rest of the dead logoff code that was originally
stripped of any meaning by DELTA
winnt-win2000-win98-afs-client-updates-20010623.
(2) gives new meaning to smb_TokenTransfer and smb_TokenTransferTimeout.
these variables now control how long a smb_username_t and its
associated cm_user_t and its cm_cellinfo_t (including tokens)
will be preserved after a logoff.
(3) adds logic to detect logoff conditions
(4) adds cm_CheckVCs(). This function probes the SMB client with a ECHO
response to determine if the associated SMB virtual circuit is still
valid. This is executed once every five minutes by smb_Daemon()
and whenever the machine's IP addresses change. This allows
abandoned VCs to be detected and the associated user credentials,
file handles, and locks to be cleaned up. This will also prevent
the exhaustion of the limited number of SMB sessions.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
and remember to mark the session dead so it can be re-used
====================
fix an error caused by patch conflict during pullup
The Integrated Logon hack of setting a token for a smb name different
than the one associated with the current smb session fails when smb
virtual circuits, sessions and username objects are properly reference
counted. When refcounts are not leaked the constructed smb_username_t
is destroyed immediately after the token is set since there are not
references to it from a current session.
The fix is to mark the smb_username_t object with a flag indicating that
it was created by the Network Provider. This flag prevents the destruction
when the refcount is zero so that it will be available at the time the
smb session is created (just a moment or two later.) During the binding
of the smb_username_t to the smb_vc_t the flag is cleared allowing the
tokens to be destroyed when the smb session is closed.
* the smb virtual circuits can be active and/or dead. this patch
improves the handling of vc's making the transition from active
to dead
* correct the refcounts on the smb_user_t and smb_vc_t objects
* replace the deprecated GetCurrentTime() with GetTickCounts() which
is the new name. This function needs to be replaced with something
else because its return value wraps after 49.7 days
* hold the correct locks when adjusting the scp->fileLocksH queue
the smb_username_t objects are reference counted but they were never
released on their own accord. Instead the smb_uid_t objects when
released were also cleaning up the smb_username_t. Since the smb_username_t
is reused, now that smb_user_t objects are being cleaned up, this was
a problem.
When SMB sessions are prematurely terminated as part of the tear down
of the virtual circuit we must clean up any remaining file handles,
tree connections, and user sessions.
Add man pages for rxgen and cmdebug. The cmdebug man page was written from
scratch based on the source code. The rxgen man page is a conversion of an
old TeX document to POD.
Add new man pages for livesys and voldump. Fix the man page for sys to say
what it actually does, rather than implying that it works like livesys, and
to recommend livesys instead. Fix a path error in the NetInfo
documentation. Update the README for the current status, including
listing all installed commands that don't have man pages. (There may still
be some subcommands that don't have man pages but aren't listed.)
On installation, substitute the configured paths into the man pages,
replacing the Transarc paths. Also fix a problem with the way that
pinstall was being used to install man pages. (Silly me, I was assuming
it had the same behavior as install.)
This is just a quick first pass. Longer term, it's probably better to
replace all paths in the man pages with unambiguous tokens and then
replace those tokens instead of assuming that the man pages use Transarc
paths and replacing those paths specifically. The current method has a
few minor problems, such as not being able to distinguish between the
various paths that make up /usr/afs/bin. Still, the results of this method
are good enough to start with.
Move man page generation out into a separate script that's just invoked
from regen.sh, so that someone can run that separate script later if they
wish. Make that script more robust against problems such as empty podN
directories. Diagnose a missing pod2man and warn about old versions of
Pod::Man.
Also, remove the old programs used to do the initial conversion from HTML.
Enough post-conversion editing was done that they're no longer necessary
except for historical curiosity, and for that purpose they can be pulled
out of CVS.
projects / packages / o / openafs.git / log