Simon Wilkinson [Sat, 26 Sep 2009 16:44:06 +0000 (17:44 +0100)]
Squash more viced warnings
Get rid of more warnings in viced
- Cast fids that we pass into the Dir package to avoid type warnings
- Add ()s to a && b || c, to clarify its meaning - (a && b ) || c
- Don't use %ld to print ints
- Prototype another function from the host package
Simon Wilkinson [Mon, 28 Sep 2009 10:07:58 +0000 (12:07 +0200)]
Add support for warning checked builds
This patch adds a '--enable-checking' configuration option. When this
option is supplied, and gcc is in use, the compiler will treat any
warnings as errors. This will hopefully help stop new warnings from
creeping into the tree.
In order to still be able to build, all of the currently existing
warnings are accepted (these are documented in README.WARNINGS). With
this set of warning inhibitions, the tree is known to build on 32bit
Leopard - other systems may vary. Warning inhibition may be disabled
by supplying --enable-checking=all - in this case the tree will
definitely not build!
If --enabled-checking is not specified, the existing compilation
behaviour is maintained, so there is no user-visible change.
Gcc 4.2, or later, is required to use the pragma sets contained within
this patch. Again, they are not visible unless --enable-checking is
given.
Implementation of new dump tag and length standard
The implementation follows the specification from October 2007.
All old tags are accecpted as before.
New tags 0x06-0x60 (capital letters) are followed by a 1 byte length
field which may contain directly the length (up to 127) or the length
of the then following length field (max 8) ored with 0x80.
New tags 0x61-0x77a are directly followed by 4 bytes building a 32bit
integer.
0x7b-0xf are single-byte tags, 0x7e meaning next tag is critical.
On this basis unknown tags can be skipped unless they were marked
critical. In this case the restore is aborted.
in dump.h tags following the new standard are marked by an asterisk
Last update: added parameter types for HandleUnknownTag.
Simon Wilkinson [Mon, 28 Sep 2009 09:41:52 +0000 (11:41 +0200)]
Avoid redefinition errors for AFS_NONFSTRANS
Some parts of the build provide -DAFS_NONFSTRANS on the command line.
This causes an error when the 'param' file redefines it. Fix this
by #undef ing the token before defining it.
Marc Dionne [Fri, 28 Aug 2009 21:03:44 +0000 (17:03 -0400)]
Use intptr_t and uintptr_t for integer/pointer conversions
Use intptr_t and uintptr_t casts to appease the compiler when
values are converted between 32-bit integers and pointers.
This generates many warnings (currently ~170 on linux amd64)
when pointers are 64-bit.
These types are normally defined in stdint.h, and get defined
by autoconf if that's not the case.
In a few places, NULL is simply replaced with 0 where compared
with an integer.
Simon Wilkinson [Mon, 28 Sep 2009 08:43:24 +0000 (10:43 +0200)]
Make butc logging use va_args
Change the logging functions in butc so that they use va_args. This
means that we can prototype the logging functions, and kill a bunch
more compiler warnings.
Simon Wilkinson [Sat, 26 Sep 2009 17:11:53 +0000 (18:11 +0100)]
Miscellaneous warning cleanup
Assorted warning cleanup, that it didn't seem to make sense having one
patch per file for.
This patch
- Adds some casting for syscall pointers
- ANSIfies SRXAFSCB_GetDE in fsprobe
- Loads sys/ioctl.h on some more platforms in usd
- Includes some missing header files
- Removes unused variables
- Makes it clear that VIsSalvager does handle all enumerated types
- Adds some more prototypes
Simon Wilkinson [Sat, 26 Sep 2009 17:04:06 +0000 (18:04 +0100)]
Remove some more warnings from rx
The mtu variable in InitPeerParams is in the wrong place. It's only
required when the (never used) AFS_USERSPACE_IP_ADDR code is enabled.
Move the variable to the appropriate location, and indent the if and
endif directives in this section to try to make it clearer what the
control flow is (my brain hurt)
Remove the unused rx_pthread_n_event_wakeups variable
ANSIfy rxi_syscall - we can't prototype it yet, sadly.
Simon Wilkinson [Sat, 26 Sep 2009 16:34:48 +0000 (17:34 +0100)]
Fix signed/unsigned warnings in XDR
Our xdr routines use the same native functions to read signed, and
unsigned integers from the wire. This leads to compiler warnings when
the unsigned versions of these functions are called. This patch always
casts to (afs_int32 *) when calling PUT_INT32 and GET_INT32, to resolve
these warnings
Simon Wilkinson [Sat, 26 Sep 2009 16:50:04 +0000 (17:50 +0100)]
Tidy up unlog
Remove warnings from the unlog code
- Prototype internal functions, and make them static
- Define variables appropriately
- Remove uneccesary local function defintions
Simon Wilkinson [Sat, 26 Sep 2009 16:56:48 +0000 (17:56 +0100)]
Squish some warnings in ubik/
Remove some more warnings from the ubik/ directory
- Remove a dangling else case from an if statement
- Prototype ubik_dprint_25
- Don't do (a || b()) - it's horrible, and causes warnings!
Replace with if (!a) b();
Simon Wilkinson [Sat, 26 Sep 2009 19:54:06 +0000 (20:54 +0100)]
Relax compiler specification on Darwin 9 and 10
Commit 1992b702f64f561c75cc74d4645bb0e1afeec6bd made it possible to
relax the compiler choice on a per architecture basis. That commit
allowed the user to specify their compiler of choice on all Linux
systems, but hardcoded 'cc' everywhere else.
This patch permits Darwin 9 and 10 users to also override the default
compiler for user space builds.
Simon Wilkinson [Sat, 26 Sep 2009 09:06:27 +0000 (10:06 +0100)]
Attempt to fix CForeign moredata behaviour
The fetchstore patches changed the behaviour of the multiple chunk handling
that's used in FetchData when the vnode's CForeign bit is set. In the original
code, the data would be read as (length, payload) chunks. The new code does
(length, length, payload), which corrupts the incoming data.
Simon Wilkinson [Thu, 24 Sep 2009 23:27:40 +0000 (00:27 +0100)]
Fix CacheFetchProc in cases where the fileserver hates us
In some situations, the fileserver returns a large negative number
as the length in an FetchData64 call. The old FetchProc code used an int32
to hold this number, and checked length > 0 before attempting to read more
data. The new code uses a uint32, and does while (length), which causes the
cache manage to loop until RX aborts the connection.
This patch restores the old behaviour. length becomes a signed int once more
(and the original 32 bit length from the wire is used, rather than truncating
the 64 bit value), and the conditional checks for > 0.
Andrew Deason [Mon, 21 Sep 2009 17:48:30 +0000 (12:48 -0500)]
Unlink correct files in salvager
Fallout from 0ac956b3384842b3c60e72bde78a4baf58a5877f; a couple of
unlink() calls were not updated to use the absolute path. Update them,
and log errors from unlink(), since otherwise it is difficult to tell
that anything is going wrong.
Andrew Deason [Tue, 22 Sep 2009 21:59:34 +0000 (16:59 -0500)]
Solaris: Default to fs_pathconf in afs_pathconf
Instead of returning EINVAL in afs_pathconf when we don't recognize the
pathconf command, return the result of fs_pathconf. fs_pathconf provides
sensible defaults or correctly represents a filesystem not implementing
a particular pathconf cmd; all in-tree (Open)Solaris filesystems call
fs_pathconf for unimplemented commands. Returning EINVAL allegedly
represents that the fileystem does not support pathconf at all.
Also, account for OpenSolaris adding another parameter to
pathconf-related calls.
Simon Wilkinson [Wed, 23 Sep 2009 17:18:34 +0000 (18:18 +0100)]
Refactor the cache bypass determination code
The code which determines whether the cache can be bypassed occurs in
multiple locations in this file. Make a single static inline function
that can do this, and use it.
Andrew Deason [Mon, 21 Sep 2009 21:57:01 +0000 (16:57 -0500)]
Implement _PC_FILESIZEBITS for solaris pathconf
Using recent NFS clients and servers with the translator under Solaris
causes AFS to be queried for the _PC_FILESIZEBITS pathconf value. Right
now we don't implement it and return EINVAL, causing at least some
modern NFS clients to be unable to mount AFS via the translator on at
least some modern NFS servers.
So, return _PC_FILESIZEBITS as either 32 or 64, depending on whether we
are a 64-bit client or not.
Andrew Deason [Mon, 21 Sep 2009 19:28:29 +0000 (14:28 -0500)]
Avoid salvager vol header read assert
When we read the volume header in order to write it back with a modified
inUse while salvaging, we were aborting if we couldn't read the header.
Since we can fail to read the header data if the volume header file
isn't associated with any data (and will be deleted by the salvager),
don't abort. Do still abort if we can't write the data back, since if
the data can be read but not written, other programs may think that the
volume is not being salvaged.
Andrew Deason [Mon, 21 Sep 2009 16:09:56 +0000 (11:09 -0500)]
DAFS: Put back volumes we get in FSSYNC handlers
fssync-server.c has a few issues with not properly VPutVolume_r'ing
volumes that were VGetVolume_r'd. The most important of these was that
the handler for FSYNC_VOL_MOVE can put back a volume it did not get,
when DAFS is enabled.
Fix that, and another erroneous edge case in the FSYNC_VOL_QUERY_HDR
handler when DAFS is not enabled.
Windows: Protect against null serverp in cm_Analyze
If cm_Analyze is called with both 'serverp' and 'connp' set
to NULL and an RX error is provided, a null pointer dereference
will occur. Test for non-NULL serverp before dereferencing
Windows: Do not mark server down due to Store / Fetch Data protocol error
When performing a StoreData or FetchData operation there are
several data validation checks performed to ensure that the
lengths of data obtained with rx_Write and rx_Read are consistent
with the RXAFS_FetchData and RXAFS_StoreData protocol operations.
When an inconsistency is detected the cache manager terminates the
call and returns an error to the caller which is passed to cm_Analyze().
The cache manager was returning -1 as the error code which is
equivalent to RX_CALL_DEAD which in turn will result in the server
being marked down.
This commit makes the following changes:
. add trace logging to permit monitoring this case
. instead of returning -1 return either RX_PROTOCOL_ERROR or RX_EOF
depending on the situation
. in cm_Analyze do not mark a server as down for rx errors other
than RX_CALL_DEAD. Instead, force a new connection and retry
until the request timeout limit is reached.
Windows: Use "Name not found" instead of "File not found"
When a file cannot be opened because the name of the file or
a directory in the path cannot be found, return "Name not found"
instead of "File not found". "File not found" is the error returned
by the smb redirector to the application when the file cannot be
located in the search path. "Name not found" indicates that the
entry is not present at the location requested.
The use of "File not found" prevented execution of applications
from the \\AFS name space on Windows 7.
Windows: trace logging changes for smb_ReceiveTran2QPathInfo
Add new trace log entries in smb_ReceiveTran2QPathInfo to
help track down the reason for queries in which the path and
tidPath are both the empty string.
Windows: Improve WKSSRC and SRVSVC compatibility with Windows
This commit includes several changes to improve compatibility
with Windows (in particular Windows 2000).
1. Specify a Lan Workgroup name. We use "AFS".
2. Ensure that the server name returned does not include
leading slash or backslash characters. The name provided
might include them but they are not part of the name and
cannot be returned.
3. The NetrWkstaGetInfo and NetrServerGetInfo responses must
be consistent. Otherwise, the Explorer Shell will get confused and
refuse to provide access to the server shares.
This commit also includes some minor comment changes.
Even if the rand_s() function is supported by the compiler
it is not supported on Windows 2000 because the kernel level
functionality it requires does not exist on that platform.
Calling rand_s() on Windows 2000 will throw an exception
and terminate the service.
Marc Dionne [Mon, 14 Sep 2009 21:40:23 +0000 (17:40 -0400)]
Linux: Restore aklog -setpag functionality for kernel 2.6.32+
With kernel 2.6.32 it is now possible for a process to copy its session
keyring to its parent through the use of the KEYCTL_SESSION_TO_PARENT
function of the keyctl syscall.
We can't use this easily from kernel space to cover all calls to
VIOCSETTOK with the setpag flag - we'd need to make a syscall
or have keyctl exported. Instead, a hook is added to ktc_SetToken to
make it honour the AFS_SETTOK_SETPAG flag, which was ineffective with recent
kernels.
This should cover the most common cases (ex: aklog) where this is needed.
The syscall is coded directly to avoid introducing a dependency on the
keyutils library or header files which may not be installed everywhere.
An initial pass at adding indexing to the Windows release notes.
The next pass should refine the index terms and add appropriate
secondary index values.
make fileserver avoid salvage loop on init failure
if the vlserver or prserver setup can't succeed, it doesn't indicate
a condition which salvaging is required to fix; instead, come up
and retry in the background.
Felix Frank [Thu, 16 Jul 2009 06:26:55 +0000 (08:26 +0200)]
Code beautifications.
* get rid of register declarations
* remove unused local var InStatus
* comment prototypes properly (correct .c file)
* save some linebreaks in function headers
Felix Frank [Mon, 13 Jul 2009 11:28:41 +0000 (13:28 +0200)]
Cosmetics in CacheStoreDCaches, CacheStoreVCache and storeInit.
* StoreProc: renamed alen to size.
* StoreProc: Make connection before do {}
* rename fP to tfile.
* Declare nchunks later in StoreProc.
* Fixed order of storeInit parameters.
* storeInit: renamed tlen to length.
Andrew Deason [Wed, 9 Sep 2009 14:22:02 +0000 (09:22 -0500)]
Do not respond to SYNC_COM_CHANNEL_CLOSE requests
SYNC clients, when closing a channel, send a SYNC_COM_CHANNEL_CLOSE
command, and immediately disconnect before waiting for a response. So,
don't send a SYNC response, since by the time we send it, the other end
will most likely have already hung up, causing a lot of needless
'SYNC_putRes: write failed' messages whenever a SYNC channel is closed
(e.g. when a demand-salvage finishes).
Windows: Handle "(Default)" regsitry value in MountGlobalDrivesThread
In MountGlobalDrivesThread(), if the "(Default)" registry value
is defined that should be interpreted as a drive mapping to a
device with no name. This is specified using NULL instead of the
nul-string.
theoretically a user thread can race us during shutdown and end up
panicing us if the soclose happens at the wrong time. if we're shutting down
just return. using afs_shuttingdown would have the side effect that we'd lose
the ability to add any graceful behavior.
Felix Frank [Mon, 13 Jul 2009 07:07:17 +0000 (09:07 +0200)]
Added guard against missing call and moved alength assignment in fetchInit.
The returned value of rx_NewCall is important of course and must be taken
into account before trying to start RPCs. Do assign the length output
variable ASAP.
Also fixes an overlong line and the type of the pos local var to unsigned.
More style fixes:
* Moved length64 to use proper scope, initialized code.
* Generally make more tidy
Russ Allbery [Sat, 22 Aug 2009 01:59:01 +0000 (18:59 -0700)]
Stop using sig_t
acinclude.m4 was adding to afsconfig.h some code to define sig_t as the
type of a signal handler. This definition was in terms of RETSIGTYPE,
which is deprecated by Autoconf. It also adds an unnecessary abstraction
for only two places in the AFS source code where it was used. Remove it
and change those two spots to use the standard C declaration of the
function pointer.
Reviewed-on: http://gerrit.openafs.org/335 Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Russ Allbery [Sat, 22 Aug 2009 01:12:39 +0000 (18:12 -0700)]
Move restorevol to bin from sbin
restorevol only requires access to a dump file and write access to the
directory in which the dump is being unpacked. It doesn't require being
a superuser, so it should be installed in bin instead of sbin. Also
move the man page to section 1 and update references accordingly.
Derrick Brashear [Thu, 13 Aug 2009 14:05:44 +0000 (10:05 -0400)]
make salvager able to cope with corrupt class index
right now if a directory ends up in the small vnode index, the salvager
will never fix it. unlinking from the index (and recovering an orphan later)
beats crashing forever
Felix Frank [Mon, 13 Jul 2009 06:54:23 +0000 (08:54 +0200)]
Cosmetics: Rename some variables, fix types.
* Replaced tsize by new local var llbytes in rxfs_storeInit.
* Make int32 lengths unsigned in rxfs_storeInit.
* Renamed lengthFound to length64.
* renamed abase to base.
This is rxfs-specific, so move it out of CacheStoreProc.
It must be done before entering the do { } while (moredata) loop proper
now, as rxfs_fetchMore is never called during the first iteration
(moredata is always 0), but the length may need fixing (note that
this was done after what is now the fetchMore op originally). Thus
it appears in rxfs_fetchInit.
To prevent a bogus call during the first loop iteration, also check
for length!=0. Finally, don't bother with fetchMore at all unless
CForeign is set.
In rxfs_fetchInit, we added an additional check for length_hi being
zero.
Windows: Add data validation to ktc_xxxx functions that perform pioctls
The ktc_GetToken and ktc_ListTokens functions perform a pioctl
and then parse the response data. There is no validation that the
data required is not longer than the pioctl output or that the
data received fits into the data structures that are being written.
As a result, random crashes have occurred when the wrong data
has been received from the pioctl.
This commit adds data validation to at least ensure that these
functions cannot read beyond the data provided or write beyond
the allocated memory.
Russ Allbery [Sat, 22 Aug 2009 07:31:22 +0000 (00:31 -0700)]
Only force a specific compiler where necessary
Rather than setting the compiler to cc on all platforms by default,
use the Autoconf default unless the specific compiler might matter.
Conservatively set the compiler to cc for all non-Linux, non-BSD
operating systems that previously didn't explicitly set it. Fix a
few places on Linux where the compiler was set to gcc explicitly
rather than using the Autoconf result.
Don't bother setting the Linux i386 compiler to gcc -pipe. The compile
performance difference isn't enough to bother with the special
exception, and we don't do this for other Linux systems.
With this change, setting CC at Autoconf time will correctly set the
compiler per the user's preferences unless they're on an operating
system where we care about having a particular compiler for kernel
purposes. This can be relaxed further in the future, particularly if
the kernel compiler is broken out to a separate setting.
Russ Allbery [Sat, 22 Aug 2009 02:11:58 +0000 (19:11 -0700)]
Remove old disabled code to support truncated passwords
ka_UserAuthenticateGeneral had code disabled with #ifdef OLDCRUFT to
retry failed authentications by truncating the password to eight
characters, with a comment that the truncating behavior of kpasswd
was disabled in 1990. Nothing references this preprocessor define in
the source tree. Delete the dead code.
Windows: Prevent pioctl races from crashing afsd_service
The SMB redirector will permit two processes to open the
pioctl file at the same time without giving SMB server an
opportunity to say 'no'. As a result multiple reads and writes
on the allocated smb_fid->ioctl can play havoc with the pioctl
state. Since afsd_service doesn't know the writes and reads
are coming from separate requests there is nothing it can do
to prevent incorrect data going to the wrong process. However,
it can (and should) protect itself when the state becomes invalid.
Two prevention methods are applied:
1. add an additional state flag that explicitly indicates
when the ioctl is in the dataout state
2. validate the length of data in the ioctl input or
output buffers before copying it. If the length
becomes negative, return a CM_ERROR_INVAL error.
In addition, when the invalid state results in a failure to
to find a matching pioctl function do not return CM_ERROR_BADOP.
CM_ERROR_BADOP can only be returned if the SMB operation is not
supported. Returning it in response to a ReadFile request will
cause the SMB client to drop the connection.
Finally, fix smb_FindFID to prevent the same 'fid' from being
used for more than one open file.
The fake scache object used for pioctl operations was not
fully initialized. The magic value, data version, and
several locks were not initialized. Do so.
Since the fid of the fake scache object is 0.0.0.0
remove the assert in cm_GetSCache for cell != 0.
Instead simply return CM_ERROR_INVAL.
The Windows pioctl implementation makes an incorrect assumption.
It is not true that every CreateFile() operation results in a
SMB NTCreateX operation being delivered to SMB Server. The SMB
client can combine open requests from multiple processes or threads
onto a single SMB file descriptor and locally manage the operations.
This is a problem for pioctls since the Transceive operation requires
that a WriteFile/ReadFile combination must belong to the same request.
Prior to this change simultaneous pioctl operations would be
combined and the individual reads and writes could overlap resulting
in responses going to the wrong requestor and end of file errors
being received by the others.
Due to lack of data validation in fs.c, ktc_nt.c, symlink.c,
etc random crashes are produced.
This change alters the sharing mode under which the pioctl file is
opened. Instead of FILE_SHARE_READ | FILE_SHARE_WRITE, only
FILE_SHARE_READ is specified to CreateFile(). This ensures that
the CreateFile will fail with a sharing violation if the pioctl
file was previously opened for writing.
A sharing violation check is provided and the CreateFile is retried
indefinitely until the open succeeds or the error is not a sharing
violation.
smb_FindShareCSCPolicy() ignored the error state of RegCreateKeyEx()
and would pass the uninitialized hkCSCPolicy to RegQueryValueEx()
and RegCloseKey(). While this did not produce invalid results, it
did result in unnecessary operations and exception handling within
the Win32 registry apis.
Jeffrey Altman [Sat, 29 Aug 2009 18:16:45 +0000 (14:16 -0400)]
Correct nvldbentry and vldbentry misuse in uss/uss_vol.c
The uss module relies on MapNetworkToHost / MapHostToNetwork from
src/volser. These functions convert a struct nvldbentry and not
a struct vldbentry. When src/volser was converted to struct nvldbentry
src/uss must have been forgotten.
In uss_vol.c convert GetServerAndPart() to accept a nvldbentry
instead of a vldbentry.
Add two static functions:
* ovlentry_to_nvlentry() to convert from vldbentry to nvldbentry
if required
* uss_vol_GetEntryByID() which first attempts to use
ubik_VL_GetEntryByIDN() and if that is not supported falls
back to ubik_VL_GetEntryByID() and ovlentry_to_nvlentry().
projects / packages / o / openafs.git / log