Andrew Deason [Mon, 18 Jun 2012 20:06:49 +0000 (15:06 -0500)]
doc: Consolidate NetRestrict format docmentation
We were specifying exactly the same format in two different places;
consolidate them into one place. In addition, explicitly say there are
is no way to specify a range of addresses, in case some people are
confused by the previous versions of this man page that erroneously
said you could use 255 as a wildcard.
Ben Kaduk [Sat, 23 Jun 2012 01:33:50 +0000 (21:33 -0400)]
Catch up on fbsd releases
Pull in the changes needed to even have a chance at supporting
FreeBSD 8.3, 8.4, 9-stable, and 10-current.
Conditionals for changed interfaces in a follow-up commit.
Andrew Deason [Sun, 20 May 2012 22:05:12 +0000 (17:05 -0500)]
FBSD: Add osi_fbsd_checkinuse
Add the osi_fbsd_checkinuse function, which contains code common to
the FreeBSD osi_TryEvictVCache and osi_VM_FlushVCache. Implement the
latter two in terms of osi_fbsd_checkinuse.
This commit should incur no behavior changes. This is just a
reorganization so future commits can change the implementations of
osi_TryEvictVCache and osi_VM_FlushVCache.
Niklas Jonsson [Wed, 20 Jun 2012 14:03:54 +0000 (10:03 -0400)]
Auth: increase size of DNS resolver answer buffer
This patchset increases the size of the res_search() answer
buffer from 1024 octets to 4096 octets. This is not a proper
long term solution but will permit sites with longer response
lists to make use of SRV and AFSDB records.
This patchset only impacts UNIX systems. Windows uses the
Win32 DNS resolver which dynamically allocates memory based
upon the size of the response.
Simon Wilkinson [Tue, 15 May 2012 15:45:57 +0000 (16:45 +0100)]
opr: Add simple time type
Add a simple time type to the opr library, which provides helper
routines to implement the 100ns time format selected for on-the-wire
use for AFS-3 (this also provides a handy single integer internal
time format)
Simon Wilkinson [Sat, 9 Jun 2012 21:29:44 +0000 (22:29 +0100)]
viced: Tidy up VL initialization
Tidy up the routines which initialize the VL server so that they
don't reopen an already open configuration directory, and so that
some global variables are less globally scoped.
Simon Wilkinson [Wed, 30 May 2012 17:25:51 +0000 (18:25 +0100)]
rxgen: Make input strings const
Modify the code generation routines so that string inputs to RPCs
are declared as (const char *) on the client side. This doesn't affect
callers as we can freely cast from (char *) to (const char *), but means
it is easier to write API wrappers that accept const arguments.
Simon Wilkinson [Thu, 7 Jun 2012 22:21:48 +0000 (23:21 +0100)]
aklog: Fix error message fallback for Heimdal
Since we reverted to using Russ's upstream version of rra-c-util's
krb5.m4, we no longer check for the existence of the pure com_err
error_message().
So, for error message fallback on Heimdal, use krb5_get_error_message()
instead. As we don't have access to the context in which the error
occurred, build one to get the raw com_err error translation - this
won't give us any additional context specific detail.
Simon Wilkinson [Thu, 10 May 2012 23:34:24 +0000 (00:34 +0100)]
viced: Abstract out hpr thread context code
Every hpr lookup function had a copy of the same code to pull a thread
specific ubik context out of the pthread library, and to create one if
one wasn't already there.
Instead of endlessly repeating this code, create a small inline function
to do the job.
Simon Wilkinson [Tue, 15 May 2012 16:01:50 +0000 (17:01 +0100)]
viced: Remove unused profiling code
src/viced/profile.c is never built, and contains unused code which
is now useless to us. Just remove it from the tree - it is in git if
we ever need it again.
Derrick Brashear [Tue, 12 Jun 2012 18:23:12 +0000 (14:23 -0400)]
uss: allow disabling by configure switch
provide an option to disable building uss. current heimdal
when built static can leak symbol names for its flex/bison parser
causing symbol conflicts. this is but a workaround, but
sites not needing uss can at least use it.
Derrick Brashear [Mon, 11 Jun 2012 20:05:10 +0000 (16:05 -0400)]
viced: fix merge error
when 37fc2dfbb9e3a8a8ecb022febae7ccd04d7340a4 was merged, the close
bracket went in the wrong place, meaning for non-remote calls
we don't re-enable keepalives. fix it.
Andrew Deason [Thu, 31 May 2012 22:45:56 +0000 (17:45 -0500)]
vol: Avoid getting stuck in ATTACHING in attach2
Since commit 5fc2365f, a VNOVOL error early in attach2 meant that we
skipped changing the volume state to anything, and just returned
instead. When we do this, the volume is in VOL_STATE_ATTACHING for
DAFS, and so if we return, the volume will forever be in
VOL_STATE_ATTACHING. The next thing that tries to access the volume
will wait forever for the volume to come out of that state.
So, revert half of 5fc2365f, and transition to ERROR state instead.
This code path should not be hit during normal usage, since a
nonexistant volume access for the fileserver will be detected earlier.
If the volume does not appear to exist at this stage of attachment,
something is wrong with the volume, so this warrants the ERROR state.
For the volserver and other volume utilities, we may hit this when a
request just plain references a nonexistant volume for whatever
reason, but in that case the vp should go away soon. For non-DAFS,
this commit does not change much, since the difference between
error_notbroken and unlocked_error is very small.
The other half of 5fc2365f is not changed, since it is correct. For
VOFFLINE errors at this point, the volume has already been
transitioned to VOL_STATE_UNATTACHED, so it is okay to return. Add a
comment to help make this more explicit.
Andrew Deason [Thu, 31 May 2012 21:41:15 +0000 (16:41 -0500)]
DAFS: Preattach, not attach, in FSYNC_Drop
FSYNC_Drop currently attaches volumes that were checked out by the
dropped fssync handler, but not checked back in, in order to make the
volume available again. For DAFS, however, a full attachment is
unnecessary; just preattach instead.
Andrew Deason [Thu, 31 May 2012 21:15:33 +0000 (16:15 -0500)]
vol-salvage: Unlock volumes before exiting
Normally, volume locks acquired by an exiting salvaging process would
be automatically given up when the process exits, since our FDs are
closed. However, if we exit by calling Exit() or Abort(), we
gracefully shutdown our SYNC channels before exiting. For FSSYNC, this
can result in the fileserver trying to online the volumes we had
checked out but had not yet checked back in, so the fileserver may try
to online a volume we have locked, before the locks have been
released.
To avoid this, unlock all volume locks for all partitions before we
shutdown SYNC channels on exit.
Marc Dionne [Sun, 3 Jun 2012 01:35:53 +0000 (21:35 -0400)]
Linux 3.5: encode_fh API change
The encode_fh export operation now expects two inode arguments
instead of a dentry and a "connectable" flag. Use the inode of
the dentry we're interested in, and NULL as the parent inode which
is the same as passing a 0 flag in the previous API.
Marc Dionne [Sun, 3 Jun 2012 00:45:08 +0000 (20:45 -0400)]
afsd: include sys/resource.h in afsd_kernel.c
With a recent glibc update, sys/wait.h no longer includes
sys/resource.h unless __USE_SVID, __USE_XOPEN or __USE_XOPEN2K8
are set.
Don't rely on the indirect inclusion to get the bits we need;
include it directly in afsd_kernel.c. This include used to be
there but was dropped when afsd_kernel.c was split off.
Jeffrey Altman [Wed, 6 Jun 2012 03:07:40 +0000 (23:07 -0400)]
Windows: SMB GetFileAttributes support
commit 56a2cbb5fbdcab51bd5f4720e610796abbce5c41 added a
GetFileAttributes query to the pioctl interface to protect
against printing pages on printers with a broken smb protocol
implementation. This patchset adds support for GetFileAttribute
on _._AFS_IOCTL_._ files to the SMB implementation.
Jeffrey Altman [Sat, 26 May 2012 22:11:06 +0000 (18:11 -0400)]
Windows: Adjust extent release strategy
All extents were flushed whenever AFSReleaseExtentsWithFlush was
executed. This included a call at the completion of each
NonCached Read operation which could result in heavy thrashing
as the data would be released prior to it being needed by the
application.
This patchset makes the following adjustments. First,
AFSReleaseExtentsWithFlush() has been modified to release all
but 1024 extents belonging to the file. Second, NonCached Reads
only execute AFSReleaseExtentsWithFlush() when there are more
than 4096 extents associated with the file. Third,
AFSReleaseExtentsWithFlush() now has a 'bReleaseAll' parameter
which is used for calls from AFSCleanup() and AFSFlushExtents()
which need to be able to flush all extents attached to a FCB.
Jeffrey Altman [Sat, 26 May 2012 22:04:25 +0000 (18:04 -0400)]
Windows: consoldiate NextExtent() implementations
Both AFSExtentsSupport.cpp and AFSIoSupport.cpp provided
NextExtent() implementations. The AFSExtentsSupport version was
more general. Use that one for both modules.
Jeffrey Altman [Fri, 25 May 2012 00:46:27 +0000 (20:46 -0400)]
Windows: Add CCB NonPaged Resource for synchronization
Add a NonPaged ERESOURCE object to the AFS_CCB structure for
use in synchronizing access to the Ccb->Flags field and the
construction of Directory Snapshots.
Jeffrey Altman [Thu, 24 May 2012 08:57:19 +0000 (04:57 -0400)]
Windows: Avoid deadlock on VolumeCB->VolumeLock
AFSPrimaryVolumeWorkerThread() holds VolumeCB->VolumeLock SHARED
across the call to AFSCleanupFcb() -> CcPurgeCacheSection().
If a filter driver such as Sophos (savonaccessfilter.sys ->
savonaccesscontrol.sys) triggers an AFSCreate() in response to
the cache section being purged that will force the evaluation of
the file path by AFSLocateNameEntry(). If the path contains a
mount point that requires validation, AFSBuildMountPointTarget()
is called which in turn required the VolumeCB->VolumeLock EXCL.
AFSBuildMountPointTarget() only requires the VolumeCB->VolumeLock
if the VolumeCB->RootFcb == NULL. That should only be true if
the VolumeCB was allocated by AFSInitVolume() or under very rare
race conditions.
This patchset refactors AFSInitVolume() to ensure that it holds
an extra VolumeCB->VolumeReferenceCount reference. This reference
is used to assist in the refactoring of AFSBuildRootVolume() and
AFSBuildMountPointTarget() to avoid races with volume root object
invalidation as well as permitting the VolumeCB->VolumeLock to
be ignored in the common case.
Avoiding the acquisition of VolumeCB->VolumeLock during mount
point target evaluation has the additional benefit of reducing
lock contention during path evaluation.
FIXES 130812
Change-Id: Id9b0dcc2bfd91277d522f3724893b60ce4d947f5
Reviewed-on: http://gerrit.openafs.org/7474 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Peter Scott <pscott@kerneldrivers.com> Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com> Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Andrew Deason [Fri, 18 May 2012 21:40:38 +0000 (17:40 -0400)]
afs: Do not QueueVCB before osi_dnlc_purge*
In afs_FlushVCache, when we QueueVCB, we might drop the afs_xvcache
lock (as of 76158df491f47de56d1febe1d1d2d17d316c9a74). The vcache may
still be on the DNLC, so a lookup while xvcache is dropped can cause
someone else to grab a reference to the vcache while it is being
flushed. This can cause panics and failed assertions, since someone
will have a reference to the flushed vcache, which is effectively
freed and many of the structure fields are no longer valid.
So instead, do not call QueueVCB until we have purged the vcache from
the DNLC.
Simon Wilkinson [Thu, 17 May 2012 08:01:02 +0000 (09:01 +0100)]
Don't cast the return from realloc()
realloc takes, and returns a (void *) argument. So we don't need to
cast these parameters into, or out of, realloc. Doing so is just
noise, so don't bother.
Simon Wilkinson [Thu, 17 May 2012 07:36:11 +0000 (08:36 +0100)]
Use calloc, rather than malloc/memset
Rather than doing
a = malloc(sizeof(me));
memset(a, 0, sizeof(me));
Just use
a = calloc(1, sizeof(me));
This is simpler, shorter, and removes the potential for the size of
the memset not matching the size of the malloc (or the target of the
memset being wrong!)
Where the size is of the form (n * sizeof(me)), we also use
calloc(n, sizeof(me));
Simon Wilkinson [Wed, 16 May 2012 19:38:02 +0000 (20:38 +0100)]
Don't cast arguments to free()
free(3) is defined as:
void free(void *ptr);
so there is no need to cast the pointer argument being past to it to
(char *), (void *), or whatever other randomness happened to be floating
through the author's mind. Remove all such casts, as they are just
noise.
Simon Wilkinson [Wed, 16 May 2012 19:27:22 +0000 (20:27 +0100)]
auth: Simplify DNS lookups with asprintf
Instead of allocing a maximal string, and using snprintf to
construct each possible DNS search string, just use asprintf to
construct each string. This greatly simplifies the code, and makes
it much less likely that maths errors can creep in causing buffer
overflows in the future. The downside is that we have more round
trips to the allocator, but that shouldn't matter in this context.
Simon Wilkinson [Wed, 16 May 2012 05:44:30 +0000 (06:44 +0100)]
Use strdup to copy strings
Where we have
newStr = malloc(strlen(oldStr)+1);
strcpy(newStr, oldStr);
replace these with
newStr = strdup(oldStr);
It's shorter, clearer, and gets rid of a load of occurences of strcpy,
which some compilers are now warning is unsafe (although it isn't in
this context)
Get rid of a number of custom duplicate string functions and replace
them with strdup where the behaviour is identical
Andrew Deason [Mon, 21 May 2012 22:11:29 +0000 (17:11 -0500)]
afsd: Avoid dir interpolation for memcache
memcache doesn't make use of fullpn_DCacheFile, fullpn_VolInfoFile,
etc. Do not even try to generate these strings for memcache, since
cacheBaseDir will be NULL, and so this can cause a segfault on some
platforms including Solaris.
Jeffrey Altman [Fri, 18 May 2012 14:19:13 +0000 (10:19 -0400)]
Windows: buf redir queue mgmt scp can be null
buf_InsertToRedirQueue, buf_RemoveFromRedirQueue, and
buf_MoveToHeadOfRedirQueue can be passed a NULL cm_scache_t pointer.
If the pointer is NULL (as is the case during buf_Init() processing)
the scp->redirMx must not be obtained or a crash will occur.
Jeffrey Altman [Wed, 16 May 2012 13:52:00 +0000 (09:52 -0400)]
Windows: Apply MAX_FID_COUNT to AFS Redirector
Provide consistency between the SMB path parser and the AFS
redirector path processing by using the same constant, MAX_FID_COUNT,
for both. MAX_FID_COUNT is the maximum number of unique file ids
that can exist in a path after all mount points and symlinks have
been expanded. The current value is 512.
Jeffrey Altman [Mon, 14 May 2012 15:11:57 +0000 (11:11 -0400)]
Windows: AFSTearDownExtents may experience active extents
If there are extents with a non-zero ActiveCount when AFSTearDownExtents()
is executed, it must leave them alone and attached to the File Control
Block. This has implications for its callers, especially AFSCleanupFcb()
since it may be the case that a Cleanup cannot be completed.
The AFSPrimaryVolumeWorker thread must therefore check after calling
AFSCleanupFcb() whether or not the Fcb ExtentCount is zero before
calling AFSRemoveFcb().
Jeffrey Altman [Wed, 16 May 2012 03:27:36 +0000 (23:27 -0400)]
Windows: avoid duplicate work cm_Analyze
During VNOVOL processing, if the volume is replicated and the
server reference status is "not busy", set the status to busy
and avoid calling cm_SetServerBusyStatus() because that function
mirrors the loop that is already being processed.
Mark Vitale [Tue, 8 May 2012 14:01:12 +0000 (10:01 -0400)]
vos: convertROtoRW may create two RW volumes
If the RW volume is listed after the RO convert target in the VLDB,
the code failed to detect that an RW is already present and would
create a second RW volume.
Jeffrey Altman [Mon, 14 May 2012 04:12:17 +0000 (00:12 -0400)]
Windows: Redir Ioctl thread safety
A crash dump showed that it is possible for a Cleanup
to race with a Read from the ioctl file. Add reference counting
to protect against crashing under such a circumstance.
Jeffrey Altman [Fri, 11 May 2012 23:24:54 +0000 (19:24 -0400)]
Windows: Permit Media Player to work with mapped drives
Windows Media Player was failing to play media files from
mapped drives if the mapping was to a directory several
levels below \\afs\cellname\. The code to permit SUBST drive
letters to work got in the way during NPGetConnection processing.
Try to get the connection info without the drive substitution
logic. Try again with the drive substitution if the result
is no connection present.
Simon Wilkinson [Sun, 9 Oct 2011 00:20:57 +0000 (01:20 +0100)]
cmd: Add support for pulling options from files
With this change, we gain the ability to set our command line options
from krb5.conf configuration files. This is only available for tools
which are implemented using the new cmd_OptionAs accessor methods.
Callers should load their configuration file using
cmd_OpenConfigFile("/path/to/config/file.conf");
(an addition to libauth to return a path to a system wide
configuration file will be forthcoming)
and then set their command name (for example, "fileserver", "afsd",
"vos" and so on) using
cmd_SetCommandName("mycommand");
The accessor functions will then populate their return values with
either:
a) The command line options, if specified
b) The contents of the tag matching the option name, in the
[command_subcommand] section of the configuration file, if it
exists
c) The contents of the same tag, in the [command] section of the
configuration file, if it that exists.
d) The contents of the same tag in the [defaults] section of the
configuration file.
Callers can also gain access to the entire configuration file by
calling cmd_RawFile, or to just the section corresponding to their
command line by calling cmd_RawSection. Note that when using the file
directly, it is up to callers to preserve consistency by implementing
similar inheritance rules as the above.
modify afshelper to just run what it's told instead
of offering fixed operations. this avoids having a setuid
tool around. in spite of apple's suggestion this is correct,
it's actually more dangerous. instead, elevate privilege only
to run a small set of commands, then drop. allow
unlocking of the prefs pane, but make the menu extra prompt
for authentication when needed.
deactivate controls in the prefs pane when locked.
Andrew Deason [Fri, 4 May 2012 22:23:42 +0000 (17:23 -0500)]
Call rx_SetNoJumbo earlier
For ubik server processes, rx_SetNoJumbo needs to be called before
ubik initialization for it to effect the communication between
dbservers; otherwise, full database transfers may result in Rx
jumbograms on the wire regardless of the jumbo/nojumbo setting. Move
the call to rx_SetNoJumbo to before ubik initialization to avoid this.
Also move the call to rx_SetNoJumbo to immediately after rx_Init* for
all server processes, for consistency. Move similar calls to
rx_SetMaxMTU for the same reason.
projects / packages / o / openafs.git / log