In rxi_ReceivePacket, if the packet is for a client connection
and there is no call allocated, the conn->conn_call_lock was
leaked. Introduced by 95c38dff3740d7e24971ceb5875c06e7abfce102.
Michael Meffie [Mon, 20 Feb 2012 20:26:09 +0000 (15:26 -0500)]
auth: get local cell internal function
Add an internal function to retrieve the local cell
name when the auth mutex is already held. Implement
afsconf_GetLocalCell in terms of the new internal
function.
Instead of attempting to CreateFile(OPEN_EXISTING) the _._AFS_IOCTL_._
file, try using GetFileAttributes() to obtain the attributes of the
file. The file doesn't exist in the directory listing but the
afs redirector and the afs smb server will respond to the request.
Perhaps the SMB servers in the broken printers will fail it.
When verifying a directory entry we must update the metadata
for a file therefore we must also purge the data if the version
number changed. This is not optional.
Simon Wilkinson [Sun, 8 Jan 2012 11:45:57 +0000 (11:45 +0000)]
rx: Rework code which pulls packet from recv queue
Both rxi_ReadProc and rxi_FillReadVector contained copies of the
same code to pull a packet out of the receive queue, and turn it
into the call's currentPacket. Abstract this out into a single common
function, so we're not maintaining the same code in two different
places.
Simon Wilkinson [Fri, 6 Jan 2012 10:12:26 +0000 (10:12 +0000)]
rx: Tidy up currentPacket handling
Instead of making a copy of the call->currentPacket variable in our
read/write routines, reference it directly. Make it clear that
currentPacket is used solely by the application thread, and remove
a number of mistaken comments that suggest otherwise.
Simon Wilkinson [Thu, 8 Sep 2011 10:26:39 +0000 (11:26 +0100)]
Remove redundant header includes
Remove includes of system headers where roken.h already takes care of
including them. This simplifies the source tree, reduces the amount of
work done by the compiler, and ensures that all of our headers are
included with the correct guards
The list of files to edit was generated with the following script:
list=`grep include external/heimdal/roken/roken.h.in \
| sed -e's/#include//g' | sort | uniq`; \
for A in `find . -name *.c | xargs grep -l roken.h \
| grep -v external/ | grep -v WINNT/`; do \
found=0; \
for B in $list; do \
if grep "$B" $A > /dev/null; then \
echo "$A : $B"; \
found=1; \
fi; \
done; \
if [ $found == 1 ] ; then mvim -f $A; fi; \
done
Andrew Deason [Thu, 22 Mar 2012 22:54:12 +0000 (17:54 -0500)]
salvager: Trust inode-based special data over OGM
Currently the salvaging code looks for special inodes, and infers the
volume id and inode type from the OGM data in each special inode file.
However, we can already derive this information from the inode number
itself for the special inode, so if they disagree, use the values
based off of the inode number and correct the OGM data.
The inode number should be more likely to be correct, since that is
how we look up the special inode from the header when attaching the
volume. It is also impossible to get special inode files with the same
name, so this ensures we don't get duplicates. And for people that go
snooping around /vicepX/AFSIDat even though we tell them not to, it
seems more likely that they go around 'chmod'ing or 'chown'ing rather
than 'mv'ing.
This change avoids an abort in the salvaging code when the OGM data is
wrong. If we trust the OGM data when it is incorrect, we assume the
special inode file is for a different volume. So when we go to
recreate one of the special files for the volume we're actually
working with, the IH_CREATE fails (from EEXIST) and so we abort.
Andrew Deason [Fri, 23 Mar 2012 18:02:22 +0000 (13:02 -0500)]
namei: Abstract out OGM functions a bit more
Add GetWinOGM and SetWinOGM for getting and setting the
Windows-equivalent of the Unix OGM data. Make those and CheckOGM use
GetFileTime/SetFileTime so we can operate just via an FD_t, without
needing the full pathname. Modify the NT namei_icreate to use
SetWinOGM.
Michael Meffie [Wed, 29 Feb 2012 14:40:14 +0000 (09:40 -0500)]
Build: link libaudit before util
libaudit depends on util symbols, so link it first to avoid
unresolved symbols. Include libaudit in the list of libs
instead of making it a special case.
If an error was detected when processing RDR_CleanupFileEntry()
do not perform the file deletion. Just return the error as
attempting the deletion could result in an exception.
Simon Wilkinson [Sun, 23 Oct 2011 15:21:52 +0000 (16:21 +0100)]
Rework the ugen_* interface
Remodel the ugen_* ubik initialisation interface so that more complex
sets of security flags can be passed through it. A number of new
functions are provided, all of which take the AFSCONF_* security flags
defined in libauth:
*) ugen_ClientInitCell is used to initialise a ubik client structure
when the caller already has afsconf_dir and afsconf_cell
structures for the cell being contacted
*) ugen_ClientInitServer is used to initialise a client which will
contact a specific server within a given cell, rather than
selecting one from the pool
*) ugen_ClientInitFlags is used to initialise a client given a
cellname, and a path to a configuration directory. It is is
closest to the legacy ugen_ClientInit function.
All of the in tree callers are updated to use this new interface
Marc Dionne [Sun, 22 Jan 2012 15:03:43 +0000 (10:03 -0500)]
viced: Make Update_TargetVnodeStatus usable by replication code
Add a remote flag, skip rights related code for the remote case.
This will need to be revisited later; in the case that what ends
up on disk is slightly different than the InStatus passed in, the
changes should be preserved to pass to the replicas.
Marc Dionne [Sun, 22 Jan 2012 14:34:28 +0000 (09:34 -0500)]
viced: Make GetVolumePackageWithCall usable by replication code
Add a remote flag to GetVolumePackageWithCall to make it usable for
remote replication RPCs. For the remote case the checks related
to access rights are skipped.
Marc Dionne [Sat, 21 Jan 2012 19:42:01 +0000 (14:42 -0500)]
vol: Allow VAllocVnode of specific vnodes
Add parameters to VAllocVnode to allow the caller to specifiy the
vnode and unique numbers to use. This will be used by the RW
replication code to keep vnode numbers in sync between the master
volume and the replicas.
Adapted from code by Vishal Powar and Derrick Brashear.
Simon Wilkinson [Thu, 5 Apr 2012 20:00:32 +0000 (16:00 -0400)]
rxkad: Remove DES include from header file
Remove the hcrypto/des.h include directory from the rxkad_prototypes
header file. We ship rxkad_prototypes.h, but we don't ship the hcrypto
headers. Having an installed header depend upon an uninstalled one is
a pain when building out-of-tree code like perl-AFS.
Simon Wilkinson [Thu, 5 Apr 2012 19:58:11 +0000 (15:58 -0400)]
rxkad: Move conversion functions to own file
Move the various key conversion functions into thir own header file,
rather than rxkad_prototypes.h. This means we can isolate the dependency
on the hcrypto DES headers (which we don't install)
Simon Wilkinson [Fri, 6 Apr 2012 22:56:30 +0000 (23:56 +0100)]
shlibafsauthent: Add a load more objects
The perl-AFS module needs to link against a pthreaded, PIC, library
that contains all of the routines that it provides perl shims for.
At the moment, libafsrpc_pic and libafsauthent_pic are the only such
libraries that OpenAFS provides.
Add all of the necessary objects to libafsauthent_pic such that the
2.6.2 version of perl-AFS can build with a minimal set of patches.
Minimise the damage by only making these available through the static
version of the libafsauthent_pic library.
Simon Wilkinson [Fri, 6 Apr 2012 22:54:10 +0000 (23:54 +0100)]
opr: Install the queue.h header
The opr queue definition is required by a structure in the installed
cellconfig.h header. So that header can still be used by out-of-tree
applications, install the queue.h header too.
Refactor AFSValidateEntry to avoid obtaining the
ObjectInformation->Fcb->Resource when it isn't necessary.
This will avoid contention and improve performance.
The only time that the Fcb->Resource is required is when
the object requires verification, the object is a FILE,
and the object was successfully evaluated.
Even with this reorganization there is a small window
of opportunity for a deadlock to occur if a CcPurgeCacheSection()
which is called with the Fcb->Resource held triggers a filter
driver to issue a CreateFile and in between the two operations
an invalidate object is received.
Simon Wilkinson [Fri, 9 Sep 2011 06:46:01 +0000 (07:46 +0100)]
Generalise the new background daemon code
Move the new background daemon code out from under the AFS_DARWIN80_ENV
ifdef into its own AFS_NEW_BKG define. This lets us use it for things
other than the Darwin mv helper, on other platforms.
Based on code originally written by Derrick Brashear
Andrew Deason [Mon, 9 Apr 2012 22:16:42 +0000 (17:16 -0500)]
vos: Do not try to remove backup volume id 0
Currently we always try to delete a BK volume if we're deleting the
RW. If the BK volume id is 0, this is never going to do anything, so
don't try to delete it.
Simon Wilkinson [Sun, 1 Apr 2012 16:27:04 +0000 (12:27 -0400)]
rx: Remove packet burst elements from peer struct
The peer structure contains a number of elements left over from an
earlier, burst based, congestion control strategy. As OpenAFS has
never implemented this strategy, just remove these elements from
the structure, and store 0 values for these elements in the debug
packets.
Simon Wilkinson [Fri, 25 Nov 2011 20:51:40 +0000 (20:51 +0000)]
rx: Remove the unused packet skew code
We don't (and haven't, since the release of OpenAFS) use the packet
skew calculations for anything. However, maintaining them requires
taking locks in some critical parts of the transmission code path.
For both speed, and maintainability, reasons remove the skew code
from the tree - it's in git if we ever want to go back to it.
Simon Wilkinson [Mon, 5 Dec 2011 18:56:03 +0000 (18:56 +0000)]
rx: Hide struct rx_peer from the rest of the tree
The peer structure is an internal RX structure, so it shouldn't
be contained in public header files, or used by non-rx modules.
Hide the structure definition in rx_peer.h, and convert the
rx_HostOf and rx_PortOf accessors from macros into functions. This
will also help with adding support for non-IPv4 addresses to RX.
Simon Wilkinson [Sun, 25 Sep 2011 20:30:02 +0000 (21:30 +0100)]
Move configuration parsing into libcmd
Rework the API for directly parsing configuration files and move it
out of util/ and into libcmd, where we can actually make use of it.
This is a raw API - it provides direct access to the parser. The
eventual intent is that this will predominantly be contained within
libcmd itself, which will then wrap this with the more general purpose
Option functions
Simon Wilkinson [Sun, 1 Apr 2012 19:09:57 +0000 (15:09 -0400)]
all needs to be first rule in the Makefile
Just running 'make' in a subdirectory will fire the first rule in that
directory's Makefile. When the buildtools rules were added to roken and
crypto, they were put at the start of the file, meaning that they fire
in perference to 'all'
Swap the ordering back so that 'make' does what would be expected
Simon Wilkinson [Wed, 7 Dec 2011 18:30:00 +0000 (18:30 +0000)]
rx: rxi_AckAll isn't an event handler
rxi_AckAll is coded as if it is an event handler, yet the only
call site is a direct call from rx.c. So, rework the function to
remove all of the event handling code, change its arguments to match,
and make it static.
Simon Wilkinson [Mon, 14 Nov 2011 10:28:38 +0000 (10:28 +0000)]
rx: Remove trailing else from RX_KERNEL_TRACE
The RX_KERNEL_TRACE ifdefs all contain a trailing else, which makes
no logicial sense given the rest of the code. The only effect of this
trailing else is to cause packets to not be sent when tracing is
enabled, which probably isn't the desired behaviour.
Simon Wilkinson [Sun, 8 Apr 2012 22:31:31 +0000 (18:31 -0400)]
kas: Don't require config for help
Modify the call to ka_Init in kas, so that a fully configured client
isn't required in order to generate help output. In particular, permit
kas -help, kas -version and kas apropos to run without initialising the
ka library.
This fixes a problem with running 'make check' on systems that don't
have an AFS client installed (or where the AFS client is installed in
a different location)
Marc Dionne [Sat, 7 Apr 2012 14:11:14 +0000 (10:11 -0400)]
tools: return error code in xfclose
The code variable takes the return code from do_close, but
is then unused. Return its value instead of systematically
returning 0, avoiding an unused variable warning.
Simon Wilkinson [Sat, 25 Jun 2011 17:29:27 +0000 (18:29 +0100)]
rx: Remove unused ACKHACK macro
rx_globals.h had a macro called ACKHACK which at one point looks like
it was used to determine whether to send an ACK or not. We now have a
more sophisticate mechanism for determining this, and the old macro
doesn't seem to have been used in a long time. So, remove it to avoid
confusion.
Simon Wilkinson [Sat, 31 Mar 2012 19:27:53 +0000 (15:27 -0400)]
cmd: Don't leak memory when constructing help string
It's not critical, because we'll be exiting soon afterwards, but just
to be nice, don't leak the name of every command option whilst we're
constructing the help string.
Simon Wilkinson [Sat, 31 Mar 2012 19:23:22 +0000 (15:23 -0400)]
ktime: Don't leak token list
ktime_ParsePeriodic generates a malloc'd token list when it parses
the time string passed to it. Make sure that we free this list before
exiting from the function.
Simon Wilkinson [Sat, 31 Mar 2012 18:52:58 +0000 (14:52 -0400)]
opr: Flag assertion error handles as noreturn
Flag both of our assertion error handlers as being AFS_NORETURN, so
that static analysers can truncate their decision trees, and avoid
false positives, based on assertion statements.
Simon Wilkinson [Sat, 31 Mar 2012 18:42:39 +0000 (14:42 -0400)]
pts: Don't malloc(0) when there's nothing to do
If GetNameOrId is called with no work to do, then don't attempt to
malloc a load of 0 length strings. Instead just return an empty array
to the caller.
Simon Wilkinson [Sat, 31 Mar 2012 18:33:33 +0000 (14:33 -0400)]
auth: Handle empty lists of keys
Handle the case where a list of keys may be empty - don't attempt
to calloc a 0 length array, and have Put handle the case where the
array being freed has no elements.
Simon Wilkinson [Sat, 31 Mar 2012 18:23:18 +0000 (14:23 -0400)]
Unix CM: We're disconnected if RW disconnected too
At the moment, the Unix CM doesn't support entering a purely RO
disconnected mode (the historical AFS_IS_DISCONNECTED mode). If we
go disconnected, or reconnect we always toggle RW discon at the same
time as we toggle RO. Arguably, the RO disconnected mode should just
be removed, as it is now superceded.
For the moment, make it clear to the compiler that RW disconnected
implies RO disconnected, so that static analysis can make more sensible
decisions about code paths.
Simon Wilkinson [Sat, 31 Mar 2012 16:20:25 +0000 (12:20 -0400)]
auth: Make sure we get AF_INET addresses from DNS
The routines which do AFSDB and SRV lookups copy the results of
gethostbyname directly into an afs_int32, and use the size of the
result to limit the copy. If, for any reason, they get a result that
isn't an int, then they will overflow this value.
Check that the result we get from gethostbyname is in the INET
address family, and also limit the size of the copy by the size of the
destination, rather than that of the source.
Simon Wilkinson [Sat, 31 Mar 2012 15:59:16 +0000 (11:59 -0400)]
vos: Initialise total counters
When VolumeStats_int calls DisplayFormat, it isn't interested in
the total counters it provides. So, it doesn't both initialising the
variables it passes in to hold these counters - garbage in, garbage out.
However, this shows up as an uninitialises variable warning, so set them
all to 0 to keep clang happy.
Simon Wilkinson [Sat, 31 Mar 2012 15:51:19 +0000 (11:51 -0400)]
vol: Don't return an uninited val from LookupNode
If the SalvageHashTable for a particular node is empty, then LookupNode
can return an uninitialised value to the caller. It isn't clear from a
broader code inspection whether LookupNode can ever be called with an
empty SalvageHashTable, but returning a NULL vsp does seem like the
correct thing to do in this situation.
Simon Wilkinson [Sat, 31 Mar 2012 11:01:46 +0000 (07:01 -0400)]
fs: Fix bad frees
On an error GetLastComponent was freeing completely the wrong thing.
Fix this so it frees the memory it has allocated, and not some random
stack pointer.
Simon Wilkinson [Sat, 31 Mar 2012 10:58:01 +0000 (06:58 -0400)]
cmd: Use strl* rather than strn* to avoid overrun
The NName function was using strncat(a, b, sizeof(a)), which doesn't
work as you would expect if 'a' already contains data. To avoid the
potential buffer overflow, switch to just using strlcat.
Simon Wilkinson [Fri, 30 Mar 2012 19:36:56 +0000 (20:36 +0100)]
autoconf: One CC to rule them all
(well, in userspace at least)
We have 3 different ways of specifying the C compiler - CC, CCOBJ and
MT_CC. On most platforms these are set to identical values by the
configure script. However, this causes problems for a user who wants
to override the default complier choice by doing
make CC=my-favorite-compiler
as this doesn't catch all of the ways we specify the compiler [1]
So, change the specification of CCOBJ and MT_CC so that, by default,
they reference CC, rather than copying its value. This means that on
platforms where CC is the appropriate compiler to use in all situations,
a user need only change CC to modify their compiler choice.
[1] - it might be argued that the correct place to substitue the
compiler is in configure's environment, which does currently work.
However, this doesn't work with special things, like static
analysers, that can build the source tree, but not the configure
tests.
Simon Wilkinson [Fri, 30 Mar 2012 18:41:17 +0000 (19:41 +0100)]
afs: Handle reading past the end of a file
... except that this change doesn't actually handle this, it just
stops clang from throwing an error about the bogus code that's already
in there. This needs fixed properly ...
Simon Wilkinson [Fri, 30 Mar 2012 18:39:51 +0000 (19:39 +0100)]
rx: Remove needless braces
Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.
Remove pointless braces from the Unix CM to make clang happy.
Simon Wilkinson [Fri, 30 Mar 2012 18:37:36 +0000 (19:37 +0100)]
rx: Handle negative returns on packet reads
rxi_RecvMsg returns an int, because it can return a negative value upon
error. Don't store its return value as an unsigned int, because this may
hide the potential errors.
Modify the error handling loop so that errors get to where they are
intended.
Simon Wilkinson [Fri, 30 Mar 2012 18:35:51 +0000 (19:35 +0100)]
venus: Make clang happy with strlcpy use
clang now expects that strlcpy will always be used to prevent overflow
of the destination string, and gives a warning if the size parameter is
based solely on the length of the source string.
Modify the BreakUpPath function so that it takes the size of the
destination string as an argument, and uses this to limit the amount of
data pasted into it.
Simon Wilkinson [Fri, 30 Mar 2012 18:34:53 +0000 (19:34 +0100)]
viced: Remove pointless braces
Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.
Remove pointless braces from viced to make clang happy.
Simon Wilkinson [Thu, 5 Jan 2012 10:51:06 +0000 (10:51 +0000)]
rxgen: Tidy up server side freeing
The way in which rxgen handles freeing of objects allocated by the RPC
stub has evolved over the years. Originally, there appears to have been
a "somefrees" parameter which was used to track whether objects required
freeing or not. However, this parameter has fallen in to disuse, as
support for typedefs and unions were added, and which parameters
require freed is now tracked within the description structures
themselves. So, get rid of somefrees, as it is now just confusing.
The generated code to free a set of RPC arguments currently looks
something like:
fail:
z_xdrs->x_op = XDR_FREE;
if (!xdr_string(z_xdrs, &Name, AFSNAMEMAX)) goto fail1;
if (!xdr_string(z_xdrs, &OfflineMsg, AFSOPAQUEMAX)) goto fail1;
if (!xdr_string(z_xdrs, &Motd, AFSOPAQUEMAX)) goto fail1;
if (rx_enable_stats) {
rx_RecordCallStatistics(z_call, RXAFS_STATINDEX,
19, RXAFS_NO_OF_STAT_FUNCS, 0);
}
Simon Wilkinson [Sun, 8 Apr 2012 12:58:25 +0000 (13:58 +0100)]
fileserver: Fix NeverAttach support
Commit 35becabed870d4bfe49abaa499d99a3ffb0a2d31 added support for
the /vicepXX/NeverAttach. However this code only appears to work on
Linux. It fails build testing on (at least) Mac OS X, FreeBSD, and AIX.
Modify the code so that the NeverAttach call uses the same variable to
locate the path of the partition as the AlwaysAttach call does.
Simon Wilkinson [Fri, 30 Mar 2012 18:30:18 +0000 (19:30 +0100)]
vol: Remove unneeded braces
Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.
Remove pointless braces from vol to make clang happy.
Simon Wilkinson [Fri, 30 Mar 2012 18:27:30 +0000 (19:27 +0100)]
vice & vol: Cast FDH_SYNC results to void
FDH_SYNC is a macro which returns a result. This leads to clang
complaining about an unused expression when the macro is expanded.
Avoid this by just casting the macro result to (void) when we aren't
interested in it.
Simon Wilkinson [Fri, 30 Mar 2012 18:24:23 +0000 (19:24 +0100)]
ptserver: Remove redundant braces
Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.
Remove pointless braces from ptserver to make clang happy.
Simon Wilkinson [Fri, 30 Mar 2012 18:21:41 +0000 (19:21 +0100)]
pam: Use &, not && for bitwise operations
All of the LOG_MASK() checks are performing bitwise operations, and so
should be using '&', not && (which will always be true, providing
logmask is non-zero)
Simon Wilkinson [Sat, 7 Apr 2012 12:26:25 +0000 (13:26 +0100)]
tools: Add roken.h to afsdump
On AIX, building afsdump currently produces the following warnings:
"afsdump_scan.c", line 34.10: 1506-296 (S) #include file <sys/fcntl.h> not found.
"afsdump_scan.c", line 275.32: 1506-045 (S) Undeclared identifier O_RDWR.
"afsdump_scan.c", line 275.41: 1506-045 (S) Undeclared identifier O_CREAT.
"afsdump_scan.c", line 275.51: 1506-045 (S) Undeclared identifier O_TRUNC.
"afsdump_scan.c", line 305.29: 1506-045 (S) Undeclared identifier O_RDONLY.
Rather than including more platform specific goo, just add a roken.h
include to the various files to pull in the necessary headers.
projects / packages / o / openafs.git / log