From b0920fe9c2cfbb314146c7a9941aec3cc20b96c8 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Wed, 21 Jul 2004 15:05:59 +0000 Subject: [PATCH] registry-docs-logoff-20040721 * Update Windows Notes files * Modify logoff procedure to use a pioctl to check if an arbitrary path exists within AFS * Add a new registry value HKLM\Software\OpenAFS\Client CellServDBDir which can be used to locate the CellServDB file in an arbitrary directory --- doc/txt/winnotes/afs-changes-since-1.2.txt | 28 ++++++++++-- doc/txt/winnotes/afs-install-notes.txt | 11 ++++- doc/txt/winnotes/registry.txt | 22 +++++++-- src/WINNT/afsd/afslogon.c | 32 ++++++++----- src/WINNT/afsd/cm_config.c | 53 ++++++++++++++++------ src/WINNT/afsd/cm_config.h | 2 + src/WINNT/afsd/smb3.c | 2 +- src/WINNT/afsreg/afsreg.h | 4 +- src/WINNT/afsreg/afssw.c | 14 ++++++ src/WINNT/afsreg/afssw.h | 5 +- src/WINNT/client_config/cellservdb.c | 28 ++++++++++-- src/auth/cellconfig.c | 39 +++++++++++++--- 12 files changed, 191 insertions(+), 49 deletions(-) diff --git a/doc/txt/winnotes/afs-changes-since-1.2.txt b/doc/txt/winnotes/afs-changes-since-1.2.txt index c6496f82c..1b936c6e1 100644 --- a/doc/txt/winnotes/afs-changes-since-1.2.txt +++ b/doc/txt/winnotes/afs-changes-since-1.2.txt @@ -1,4 +1,23 @@ Since 1.3.65: + * Support for SMB/CIFS browsing has been added to the AFS Client Service + SMB server. It is now possible to use "NET VIEW \\AFS" to obtain a + listing of AFS submounts and freelance mount points. Support for + NETSHAREENUM, NETSHAREGETINFO, NETSERVERENUM2, NETSERVERGETINFO + significantly enhances the behavior of AFS volumes within the Explorer + Shell. For instance, "AFS" now shows up as server in the Explorer + with each submount or freelance mount point visible as a share. + The right click menu in each folder now works with full functionality + on a consistent basis. + + * The network provider can be configured to have different behavior + depending on the domain that the user logs into. These settings are + only relevant when using integrated login. A domain refers to an + Active Directory (AD) domain, a trusted Kerberos (non-AD) realm or the + local machine (i.e. local account logins). The domain name that is + used for selecting the domain would be the domain that is passed into + the NPLogonNotify function of the network provider. (see registry.txt + for details) + * Added a new registry value [HKCU\SOFTWARE\OpenAFS\Client] "Authentication Cell" which may be used to specify a default authentication cell for afscreds.exe which is different from @@ -9,10 +28,11 @@ Since 1.3.65: New registry entries added to register the dll for Winlogon events. The logoff event will now force a call to ktc_ForgetAllTokens() - using the context of the user being logged off. - - Need to double check that this code does not prevent profile data - from being written back to an afs volume + using the context of the user being logged off as long as the + user's profile is not loaded from within AFS. If the profile + was loaded from AFS we can't release the tokens since the Logoff + event is triggered prior to the profile being written back to + the its source location. * Windows XP SP2 Internet Connection Firewall interoperability has been added. diff --git a/doc/txt/winnotes/afs-install-notes.txt b/doc/txt/winnotes/afs-install-notes.txt index c365af411..f8362c7e0 100644 --- a/doc/txt/winnotes/afs-install-notes.txt +++ b/doc/txt/winnotes/afs-install-notes.txt @@ -236,7 +236,16 @@ the receipt of incoming callback messages from the AFS file server. In addition, the appropriate Back Connection entries are added to the registry to allow SMB authentication to be performed across the loopback connection. -21. +21. As of 1.3.66, the OpenAFS Client Service supports the CIFS Remote +Admin Protocol which provides browsing of server and share information. +This significantly enhances the functionality of AFS volumes within the +Explorer Shell. + +22. OpenAFS will now automatically forget a user's tokens upon Logoff +unless the user's profile was loaded from an AFS volume. In this situation +there is no mechanism to determine when the profile has been successfully +written back to the network. It is therefore unsafe to release the user's +tokens. ------------------------------------------------------------------------ diff --git a/doc/txt/winnotes/registry.txt b/doc/txt/winnotes/registry.txt index 07991a393..e49341be2 100644 --- a/doc/txt/winnotes/registry.txt +++ b/doc/txt/winnotes/registry.txt @@ -348,7 +348,7 @@ Default : 0 Value : AuthentProviderPath Type : REG_SZ -NSIS : \afslogon.dll +NSIS : %WINDIR%\SYSTEM32\afslogon.dll Specifies the install location of the authentication provider dll. @@ -383,12 +383,26 @@ NSIS : "OpenAFSDaemon" Value : ProviderPath Type : REG_SZ -NSIS : \afslogon.dll +NSIS : %WINDIR%\SYSTEM32\afslogon.dll Specifies the DLL to use for the network provider -2.1 Domain specific configuration keys --------------------------------------- + +Regkey: +[HKLM\SOFTWARE\OpenAFS\Client] + +Value : CellServDBDir +Type : REG_SZ +Default : + + Specifies the directory containing the CellServDB file. + When this value is not specified, the AFS Client install + directory is used. + + + +2.1 Domain specific configuration keys for the Network Provider +--------------------------------------------------------------- The network provider can be configured to have different behavior depending on the domain that the user logs into. These settings are diff --git a/src/WINNT/afsd/afslogon.c b/src/WINNT/afsd/afslogon.c index 709cf9dd9..a08ea520c 100644 --- a/src/WINNT/afsd/afslogon.c +++ b/src/WINNT/afsd/afslogon.c @@ -769,20 +769,33 @@ DWORD APIENTRY NPPasswordChangeNotify( #include #include -#include "lanahelper.h" +#include +#include + +BOOL IsPathInAfs(const CHAR *strPath) +{ + char space[2048]; + struct ViceIoctl blob; + int code; + + blob.in_size = 0; + blob.out_size = 2048; + blob.out = space; + + code = pioctl((LPTSTR)((LPCTSTR)strPath), VIOC_FILE_CELL_NAME, &blob, 1); + if (code) + return FALSE; + return TRUE; +} VOID AFS_Logoff_Event( PWLX_NOTIFICATION_INFO pInfo ) { DWORD code; TCHAR profileDir[256] = TEXT(""); - TCHAR uncprefix[64] = TEXT("\\\\"); - DWORD len; - - len = 256; - lana_GetNetbiosName(&uncprefix[2], LANA_NETBIOS_NAME_FULL); + DWORD len = 256; if ( GetUserProfileDirectory(pInfo->hToken, profileDir, &len) ) { - if (_tcsnicmp(uncprefix, profileDir, _tcslen(uncprefix))) { + if (!IsPathInAfs(profileDir)) { if (code = ktc_ForgetAllTokens()) DebugEvent(NULL,"AFS AfsLogon - AFS_Logoff_Event - ForgetAllTokens failed [%lX]",code); else @@ -792,8 +805,3 @@ VOID AFS_Logoff_Event( PWLX_NOTIFICATION_INFO pInfo ) } } } - - - - - diff --git a/src/WINNT/afsd/cm_config.c b/src/WINNT/afsd/cm_config.c index 9c3cc9cf2..a02dbc277 100644 --- a/src/WINNT/afsd/cm_config.c +++ b/src/WINNT/afsd/cm_config.c @@ -31,6 +31,7 @@ char AFSConfigKeyName[] = "SYSTEM\\CurrentControlSet\\Services\\TransarcAFSDaemon\\Parameters"; +char AFSLocalMachineKeyName[] = "SOFTWARE\\OpenAFS\\Client"; /* TODO: these should be pulled in from dirpath.h */ #if !defined(DJGPP) && !defined(AFS_WIN95_ENV) @@ -152,7 +153,6 @@ long cm_SearchCellFile(char *cellNamep, char *newCellNamep, cm_configProc_t *procp, void *rockp) { char wdir[257]; - int tlen; FILE *tfilep = NULL, *bestp, *tempp; char *tp; char lineBuffer[257]; @@ -167,18 +167,7 @@ long cm_SearchCellFile(char *cellNamep, char *newCellNamep, char *afsconf_path; #endif -#if !defined(DJGPP) - strcpy(wdir, AFSDIR_CLIENT_ETC_DIRPATH); - - /* add trailing backslash, if required */ - tlen = strlen(wdir); - if (wdir[tlen-1] != '\\') strcat(wdir, "\\"); -#else - strcpy(wdir, cm_confDir); - strcat(wdir,"/"); -#endif /* !DJGPP */ - - strcat(wdir, AFS_CELLSERVDB); + cm_GetCellServDB(wdir); tfilep = fopen(wdir, "r"); #if defined(DJGPP) || defined(AFS_WIN95_ENV) @@ -395,6 +384,44 @@ long cm_SearchCellByDNS(char *cellNamep, char *newCellNamep, int *ttl, } #if !defined(DJGPP) && !defined(AFS_WIN95_ENV) +/* look up the CellServDBDir's name in the Registry + * or use the Client Dirpath value to produce a CellServDB + * filename + */ +long cm_GetCellServDB(char *cellNamep) +{ +#if !defined(DJGPP) + DWORD code, dummyLen; + HKEY parmKey; + int tlen; + + code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSLocalMachineKeyName, + 0, KEY_QUERY_VALUE, &parmKey); + if (code != ERROR_SUCCESS) + goto dirpath; + + dummyLen = 256; + code = RegQueryValueEx(parmKey, "CellServDBDir", NULL, NULL, + cellNamep, &dummyLen); + RegCloseKey (parmKey); + + dirpath: + if (code != ERROR_SUCCESS || cellNamep[0] == 0) + strcpy(cellNamep, AFSDIR_CLIENT_ETC_DIRPATH); + + /* add trailing backslash, if required */ + tlen = strlen(cellNamep); + if (cellNamep[tlen-1] != '\\') + strcat(cellNamep, "\\"); +#else + strcpy(cellNamep, cm_confDir); + strcat(cellNamep,"/"); +#endif /* !DJGPP */ + + strcat(cellNamep, AFS_CELLSERVDB); + return 0; +} + /* look up the root cell's name in the Registry */ long cm_GetRootCellName(char *cellNamep) { diff --git a/src/WINNT/afsd/cm_config.h b/src/WINNT/afsd/cm_config.h index 11996e55c..33318b341 100644 --- a/src/WINNT/afsd/cm_config.h +++ b/src/WINNT/afsd/cm_config.h @@ -53,6 +53,8 @@ extern long cm_AppendNewCellLine(cm_configFile_t *filep, char *linep); extern long cm_CloseCellFile(cm_configFile_t *filep); +extern long cm_GetCellServDB(char *cellNamep); + #endif /* __CM_CONFIG_INTERFACES_ONLY__ */ #endif /* __CONFIG_H_ENV_ */ diff --git a/src/WINNT/afsd/smb3.c b/src/WINNT/afsd/smb3.c index 8cd0805bb..7f795e266 100644 --- a/src/WINNT/afsd/smb3.c +++ b/src/WINNT/afsd/smb3.c @@ -1509,7 +1509,7 @@ long smb_ReceiveRAPNetShareEnum(smb_vc_t *vcp, smb_tran2Packet_t *p, smb_packet_ for(i=0; i < nRegShares && cshare < nSharesRet; i++) { len = sizeof(thisShare); rv = RegEnumValue(hkSubmount, i, thisShare, &len, NULL, NULL, NULL, NULL); - if(rv == ERROR_SUCCESS && strlen(thisShare)) { + if(rv == ERROR_SUCCESS && strlen(thisShare) && (!allSubmount || stricmp(thisShare,"all"))) { strncpy(shares[cshare].shi1_netname, thisShare, sizeof(shares->shi1_netname)-1); shares[cshare].shi1_netname[sizeof(shares->shi1_netname)-1] = 0; /* unfortunate truncation */ shares[cshare].shi1_remark = cstrp - outp->datap; diff --git a/src/WINNT/afsreg/afsreg.h b/src/WINNT/afsreg/afsreg.h index 0d4096a51..ad051f22e 100644 --- a/src/WINNT/afsreg/afsreg.h +++ b/src/WINNT/afsreg/afsreg.h @@ -168,8 +168,8 @@ /* AFSREG_CLT_SVC_PARAM_KEY values */ #define AFSREG_CLT_SVC_PARAM_CELL_VALUE "Cell" - - +#define AFSREG_CLT_OPENAFS_KEY "HKEY_LOCAL_MACHINE\\Software\\OpenAFS\\Client" +#define AFSREG_CLT_OPENAFS_CELLSERVDB_DIR_VALUE "CellServDBDir" /* Extended (alternative) versions of registry access functions */ diff --git a/src/WINNT/afsreg/afssw.c b/src/WINNT/afsreg/afssw.c index c0e45ff99..ffe63508e 100644 --- a/src/WINNT/afsreg/afssw.c +++ b/src/WINNT/afsreg/afssw.c @@ -63,6 +63,20 @@ afssw_GetClientInstallDir(char **bufPP) /* [out] data buffer */ bufPP); } +/* + * afssw_GetClientCellServDBDir() -- Get directory in which AFS client CellServDB + * file is installed. Sets *bufPP to point to allocated buffer containing string. + * + * RETURN CODES: 0 success, -1 failed (errno set) + */ +int +afssw_GetClientCellServDBDir(char **bufPP) /* [out] data buffer */ +{ + return StringDataRead(AFSREG_CLT_OPENAFS_KEY, + AFSREG_CLT_OPENAFS_CELLSERVDB_DIR_VALUE, + bufPP); +} + /* * afssw_GetClientCellName() -- Get name of cell in which AFS client is diff --git a/src/WINNT/afsreg/afssw.h b/src/WINNT/afsreg/afssw.h index 2b04ff25c..5eaecbe73 100644 --- a/src/WINNT/afsreg/afssw.h +++ b/src/WINNT/afsreg/afssw.h @@ -20,7 +20,10 @@ extern int afssw_GetServerInstallDir(char **bufPP); extern int -afssw_GetClientInstallDir(char **bufPP); +afssw_GetClientCellServDBDir(char **bufPP); + +extern int +afssw_GetClientCellDir(char **bufPP); extern int afssw_GetClientCellName(char **bufPP); diff --git a/src/WINNT/client_config/cellservdb.c b/src/WINNT/client_config/cellservdb.c index 47b4d2363..a8a130539 100644 --- a/src/WINNT/client_config/cellservdb.c +++ b/src/WINNT/client_config/cellservdb.c @@ -23,6 +23,7 @@ #include #endif +char AFSLocalMachineKeyName[] = "SOFTWARE\\OpenAFS\\Client"; /* * PROTOTYPES _________________________________________________________________ @@ -69,11 +70,28 @@ void CSDB_GetFileName (char *pszFilename) #ifdef AFS_NT40_ENV /* Find the appropriate CellServDB */ char * clientdir = 0; - afssw_GetClientInstallDir(&clientdir); - if (clientdir) { - strncpy(pszFilename, clientdir, MAX_CSDB_PATH); - pszFilename[MAX_CSDB_PATH - 1] = '\0'; - } + DWORD code, dummyLen; + HKEY parmKey; + int tlen; + + code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSLocalMachineKeyName, + 0, KEY_QUERY_VALUE, &parmKey); + if (code != ERROR_SUCCESS) + goto dirpath; + + dummyLen = MAX_CSDB_PATH; + code = RegQueryValueEx(parmKey, "CellServDBDir", NULL, NULL, + pszFilename, &dummyLen); + RegCloseKey (parmKey); + + dirpath: + if (code != ERROR_SUCCESS || pszFilename[0] == 0) { + afssw_GetClientInstallDir(&clientdir); + if (clientdir) { + strncpy(pszFilename, clientdir, MAX_CSDB_PATH); + pszFilename[MAX_CSDB_PATH - 1] = '\0'; + } + } if (pszFilename[ strlen(pszFilename)-1 ] != '\\') strcat (pszFilename, "\\"); diff --git a/src/auth/cellconfig.c b/src/auth/cellconfig.c index aad9bbd6f..864309dba 100644 --- a/src/auth/cellconfig.c +++ b/src/auth/cellconfig.c @@ -211,8 +211,17 @@ afsconf_Check(register struct afsconf_dir *adir) #ifdef AFS_NT40_ENV /* NT client CellServDB has different file name than NT server or Unix */ if (IsClientConfigDirectory(adir->name)) { - strcompose(tbuffer, 256, adir->name, "/", - AFSDIR_CELLSERVDB_FILE_NTCLIENT, NULL); + if ( !afssw_GetClientCellServDBDir(tbuffer) ) { + strcompose(tbuffer, sizeof(tbuffer), adir->name, "/", + AFSDIR_CELLSERVDB_FILE_NTCLIENT, NULL); + } else { + int len = strlen(tbuffer); + if ( tbuffer[len-1] != '\\' && tbuffer[len-1] != '/' ) { + strncat(tbuffer, "\\", sizeof(tbuffer)); + } + strncat(tbuffer, AFSDIR_CELLSERVDB_FILE_NTCLIENT, sizeof(tbuffer)); + tbuffer[sizeof(tbuffer)-1] = '\0'; + } } else { strcompose(tbuffer, 256, adir->name, "/", AFSDIR_CELLSERVDB_FILE, NULL); @@ -248,8 +257,17 @@ afsconf_Touch(register struct afsconf_dir *adir) /* NT client CellServDB has different file name than NT server or Unix */ if (IsClientConfigDirectory(adir->name)) { - strcompose(tbuffer, 256, adir->name, "/", - AFSDIR_CELLSERVDB_FILE_NTCLIENT, NULL); + if ( !afssw_GetClientCellServDBDir(tbuffer) ) { + strcompose(tbuffer, sizeof(tbuffer), adir->name, "/", + AFSDIR_CELLSERVDB_FILE_NTCLIENT, NULL); + } else { + int len = strlen(tbuffer); + if ( tbuffer[len-1] != '\\' && tbuffer[len-1] != '/' ) { + strncat(tbuffer, "\\", sizeof(tbuffer)); + } + strncat(tbuffer, AFSDIR_CELLSERVDB_FILE_NTCLIENT, sizeof(tbuffer)); + tbuffer[sizeof(tbuffer)-1] = '\0'; + } } else { strcompose(tbuffer, 256, adir->name, "/", AFSDIR_CELLSERVDB_FILE, NULL); @@ -412,8 +430,17 @@ afsconf_OpenInternal(register struct afsconf_dir *adir, char *cell, */ if (IsClientConfigDirectory(adir->name)) { /* NT client config dir */ - strcompose(tbuffer, 256, adir->name, "/", - AFSDIR_CELLSERVDB_FILE_NTCLIENT, NULL); + if ( !afssw_GetClientCellServDBDir(tbuffer) ) { + strcompose(tbuffer, sizeof(tbuffer), adir->name, "/", + AFSDIR_CELLSERVDB_FILE_NTCLIENT, NULL); + } else { + int len = strlen(tbuffer); + if ( tbuffer[len-1] != '\\' && tbuffer[len-1] != '/' ) { + strncat(tbuffer, "\\", sizeof(tbuffer)); + } + strncat(tbuffer, AFSDIR_CELLSERVDB_FILE_NTCLIENT, sizeof(tbuffer)); + tbuffer[sizeof(tbuffer)-1] = '\0'; + } } else { /* NT server config dir */ strcompose(tbuffer, 256, adir->name, "/", AFSDIR_CELLSERVDB_FILE, -- 2.39.5