* re-enable LogoffTokenTransferTimeout and LogoffTokenTransfer.
Tokens are now destroyed at logoff based upon the values specified
here. Default is ON and 120 seconds. Setting this to OFF will
result in tokens never being destroyed. This will leak memory.
* protect global queues with mutexes and avoid a variety of race
conditions.
The size of h_maxSlots as computed based upon the value of
MAX_FILESERVER_THREAD is too small. It is possible for h_lwpIndex
(in the pthread case) to have produce the same Slot value for multiple
threads. In that case it is possible for the following to occur:
X: h_Hold_r(host)
X: H_UNLOCK
...
E: H_LOCK
E: Check h_Held_r(host); it is true, so don't hold
E: H_UNLOCK
X: H_LOCK
X: h_Release_r(host)
X: h_TossStuff_r(host) [called by h_Release_r]
X: H_UNLOCK
E: CheckHost(host)
The end result would be a crash due to a reference to a null field
in the host processed by CheckHost.
This patch is a bit of a hack in that it solves the problem by increasing
the number of slots for threads and does not determine the correct number
of threads the process should be allowed to produce.
There should never be a case where h_Enumerate calls CheckHost with a
host whose callback_rxcon that is NULL. However, due to a bug it ended up
being the case that it happened. An examination of the CheckHost code
showed that the check for the HOSTDELETED flag should take place before
a reference to callback_rxcon is obtained. If HOSTDELETED were set, the
code would simply release the reference immediately. However, the process
of obtaining and releasing the reference required dropping and obtaining
locks that would be a performance hit.
(1) removes the rest of the dead logoff code that was originally
stripped of any meaning by DELTA
winnt-win2000-win98-afs-client-updates-20010623.
(2) gives new meaning to smb_TokenTransfer and smb_TokenTransferTimeout.
these variables now control how long a smb_username_t and its
associated cm_user_t and its cm_cellinfo_t (including tokens)
will be preserved after a logoff.
(3) adds logic to detect logoff conditions
(4) adds cm_CheckVCs(). This function probes the SMB client with a ECHO
response to determine if the associated SMB virtual circuit is still
valid. This is executed once every five minutes by smb_Daemon()
and whenever the machine's IP addresses change. This allows
abandoned VCs to be detected and the associated user credentials,
file handles, and locks to be cleaned up. This will also prevent
the exhaustion of the limited number of SMB sessions.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
and remember to mark the session dead so it can be re-used
====================
fix an error caused by patch conflict during pullup
The Integrated Logon hack of setting a token for a smb name different
than the one associated with the current smb session fails when smb
virtual circuits, sessions and username objects are properly reference
counted. When refcounts are not leaked the constructed smb_username_t
is destroyed immediately after the token is set since there are not
references to it from a current session.
The fix is to mark the smb_username_t object with a flag indicating that
it was created by the Network Provider. This flag prevents the destruction
when the refcount is zero so that it will be available at the time the
smb session is created (just a moment or two later.) During the binding
of the smb_username_t to the smb_vc_t the flag is cleared allowing the
tokens to be destroyed when the smb session is closed.
* the smb virtual circuits can be active and/or dead. this patch
improves the handling of vc's making the transition from active
to dead
* correct the refcounts on the smb_user_t and smb_vc_t objects
* replace the deprecated GetCurrentTime() with GetTickCounts() which
is the new name. This function needs to be replaced with something
else because its return value wraps after 49.7 days
* hold the correct locks when adjusting the scp->fileLocksH queue
the smb_username_t objects are reference counted but they were never
released on their own accord. Instead the smb_uid_t objects when
released were also cleaning up the smb_username_t. Since the smb_username_t
is reused, now that smb_user_t objects are being cleaned up, this was
a problem.
When SMB sessions are prematurely terminated as part of the tear down
of the virtual circuit we must clean up any remaining file handles,
tree connections, and user sessions.
Add man pages for rxgen and cmdebug. The cmdebug man page was written from
scratch based on the source code. The rxgen man page is a conversion of an
old TeX document to POD.
Add new man pages for livesys and voldump. Fix the man page for sys to say
what it actually does, rather than implying that it works like livesys, and
to recommend livesys instead. Fix a path error in the NetInfo
documentation. Update the README for the current status, including
listing all installed commands that don't have man pages. (There may still
be some subcommands that don't have man pages but aren't listed.)
On installation, substitute the configured paths into the man pages,
replacing the Transarc paths. Also fix a problem with the way that
pinstall was being used to install man pages. (Silly me, I was assuming
it had the same behavior as install.)
This is just a quick first pass. Longer term, it's probably better to
replace all paths in the man pages with unambiguous tokens and then
replace those tokens instead of assuming that the man pages use Transarc
paths and replacing those paths specifically. The current method has a
few minor problems, such as not being able to distinguish between the
various paths that make up /usr/afs/bin. Still, the results of this method
are good enough to start with.
Move man page generation out into a separate script that's just invoked
from regen.sh, so that someone can run that separate script later if they
wish. Make that script more robust against problems such as empty podN
directories. Diagnose a missing pod2man and warn about old versions of
Pod::Man.
Also, remove the old programs used to do the initial conversion from HTML.
Enough post-conversion editing was done that they're no longer necessary
except for historical curiosity, and for that purpose they can be pulled
out of CVS.
This completes the first editing pass of the man pages. Very little
content editing has been done, but the server and client versions of
various man pages have been combined into a single man page for the
file (affects CellServDB, ThisCell, NetInfo, and NetRestrict), the
descriptions of the various AFS cache files have been combined into one
afs_cache man page, and the descriptions of the two butc log files have
been combined into one butc_logs man page.
For man pages for databases with two files, symlinks are now created on
installation for the secondary file name.
All of the man pages should now be ready for public review, additional
editing and cleanup, and content editing.
This completes the initial editing pass of the section eight man pages.
Only small amounts of content editing has been done. Some known problems
have been noted in README, but there will doubtless be others, as well as
some lingering formatting problems. However, the quality should now be
good enough for general public review.
Some of the section eight man pages were really supposed to be section one,
the package apropros and package help commands are too useless to document,
and a few of the difficult-to-name section five man pages have now acquired
names.
Initial documentation for the man page project, including initial notes
on conversion, a start at a formatting guide, information on how to
contribute, and an initial issues list of things I happened to notice
while editing the section one pages.
Generate the man pages in man1, man5, and man8 subdirectories rather than
directly in the doc/man-pages directory to reduce clutter. Add a
.cvsignore to reduce noise.
This is the initial conversion of the AFS Adminstrators Reference into POD
for use as man pages. The man pages are now generated via pod2man from
regen.sh so that only those working from CVS have to have pod2man
available. The Makefile only installs. The pages have also been sorted
out into pod1, pod5, and pod8 directories, making conversion to the right
section of man page easier without maintaining a separate list and allowing
for names to be duplicated between pod5 and pod1 or pod8 (which will likely
be needed in a few cases).
This reconversion is done with a new script based on work by Chas Williams.
In some cases, the output is worse than the previous POD pages, but this is
a more comprehensive conversion.
This is only the first step, and this initial conversion has various
problems. In addition, the file man pages that didn't have simple names
have not been converted in this pass and will be added later. Some of the
man pages have syntax problems and all of them have formatting errors. The
next editing pass, coming shortly, will clean up most of the remaining
mess.
The afs_pioctl.c change should fix a real crash (panic), but fs flushv isn't
that common an operation.
Other changes:
don't GUNLOCK() around vnode_get(). we weren't consistent about it, and it
doesn't appear to be strictly required.
handle vnode_get() failures in more cases
darwin_vn_hold will panic if vnode is terminating rather than mess up the
refcounts.
The procmgmt library replaces the C RunTime Library's signal handlers
but does not restore them on process detachment. This leaves the
process with signal handlers pointing to invalid code that generates
an invalid access error during process termination if the library
was previously unloaded.
potential reclaim in progress fix, and per Chaskiel,
"I don't remember why I put it there, but the fact that
it gets triggered means that we're leaking a vcache object lock. It looks
like the "rename to .__afsXXXX" codepath is responsible (as afsrename does
not use the fact that adp (or aodp) is locked by afs_remove, and locks it
again. I'm surprised it's not deadlocking)" so i coded up a fix
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
chaskiel says
The RHS shouldn't be a double negative...
There's no bug (other than the assert itself)
when collecting rx statistics in response to an RPC query, the rx library
attempts to enumerate the number file descriptors in use. This is fine
except that file descriptors are a C Run Time Library concept on Windows
and are not related to networking. In Visual Studio 8, the run time library
will assert() if an invalid file descriptor is passed to fstat() which is
the test used to determine if a file descriptor is valid.
This patch simply returns 0 for the number of file descriptors in use
because that is what would have been returned anyway with the existing
code. What we probably want to return is the number of open socket
handles.
this patch replaces the single address in the Interface structure
with an AddrPort structure. This enables the servers to send
messages to the correct port if the port on the Interface does not
match the port stored in the client itself.
include rx.h in order to safely include rx_prototypes.h in order
to obtain a prototype for osi_Alloc() in order to prevent pointer
truncation on systems with 64-bit pointers and 32-bit int.
If osi_InitDebug() fails due to RPC_S_NO_PROTSEQS, log to the afsd_init.log
file a warning indicating that the registry should be examined for a
misconfiguration of Windows.
projects / packages / o / openafs.git / log