windows-todays-bugs-20060203

* cell names must be treated as case insensitive

* smb logoff messages do not mean the user is logging off the machine.
  do not use as an indication that tokens should be destroyed

* use the correct lock and avoid a deadlock when handling dead VCs

diff --git a/src/WINNT/afsd/cm_cell.c b/src/WINNT/afsd/cm_cell.c
index 65bfa58..a23e3b1 100644 (file)
--- a/src/WINNT/afsd/cm_cell.c
+++ b/src/WINNT/afsd/cm_cell.c
@@ -134,7 +134,7 @@ cm_cell_t *cm_GetCell_Gen(char *namep, char *newnamep, long flags)
 
     lock_ObtainWrite(&cm_cellLock);
     for (cp = cm_data.allCellsp; cp; cp=cp->nextp) {
-        if (strcmp(namep, cp->name) == 0) {
+        if (stricmp(namep, cp->name) == 0) {
             strcpy(fullname, cp->name);
             break;
         }

diff --git a/src/WINNT/afsd/smb.c b/src/WINNT/afsd/smb.c
index 4e16c12..6c8d95a 100644 (file)
--- a/src/WINNT/afsd/smb.c
+++ b/src/WINNT/afsd/smb.c
@@ -2488,11 +2488,11 @@ void smb_SendPacket(smb_vc_t *vcp, smb_packet_t *inp)
        osi_Log2(smb_logp, "marking dead vcp 0x%x, user struct 0x%x",
                 vcp, vcp->usersp);
 
-       lock_ObtainWrite(&smb_globalLock);
        lock_ObtainMutex(&vcp->mx);
        vcp->flags |= SMB_VCFLAG_ALREADYDEAD;
-       dead_sessions[vcp->session] = TRUE;
        lock_ReleaseMutex(&vcp->mx);
+       lock_ObtainWrite(&smb_globalLock);
+       dead_sessions[vcp->session] = TRUE;
        lock_ReleaseWrite(&smb_globalLock);
        smb_CleanupDeadVC(vcp);
     }
@@ -7591,19 +7591,21 @@ void smb_Server(VOID *parmp)
             /* Client closed session */
             vcp = smb_FindVC(ncbp->ncb_lsn, 0, lanas[idx_session]);
             if (vcp) {
-               lock_ObtainWrite(&smb_globalLock);
+               lock_ObtainMutex(&vcp->mx);
                if (!(vcp->flags & SMB_VCFLAG_ALREADYDEAD)) {
                     osi_Log2(smb_logp, "marking dead vcp 0x%x, user struct 0x%x",
                              vcp, vcp->usersp);
-                   lock_ObtainMutex(&vcp->mx);
                     vcp->flags |= SMB_VCFLAG_ALREADYDEAD;
-                   dead_sessions[vcp->session] = TRUE;
                    lock_ReleaseMutex(&vcp->mx);
+                   lock_ObtainWrite(&smb_globalLock);
+                   dead_sessions[vcp->session] = TRUE;
                    lock_ReleaseWrite(&smb_globalLock);
                    smb_CleanupDeadVC(vcp);
                    smb_ReleaseVC(vcp);
                    vcp = NULL;
-                }
+                } else {
+                   lock_ReleaseMutex(&vcp->mx);
+               }
             }
             goto doneWithNCB;
 
@@ -7632,28 +7634,33 @@ void smb_Server(VOID *parmp)
         default:
             /* A weird error code.  Log it, sleep, and continue. */
             vcp = smb_FindVC(ncbp->ncb_lsn, 0, lanas[idx_session]);
+           if (vcp) 
+               lock_ObtainMutex(&vcp->mx);
             if (vcp && vcp->errorCount++ > 3) {
                 osi_Log2(smb_logp, "session [ %d ] closed, vcp->errorCount = %d", idx_session, vcp->errorCount);
-               lock_ObtainWrite(&smb_globalLock);
                if (!(vcp->flags & SMB_VCFLAG_ALREADYDEAD)) {
                    osi_Log2(smb_logp, "marking dead vcp 0x%x, user struct 0x%x",
                             vcp, vcp->usersp);
-                   lock_ObtainMutex(&vcp->mx);
                    vcp->flags |= SMB_VCFLAG_ALREADYDEAD;
-                   dead_sessions[vcp->session] = TRUE;
                    lock_ReleaseMutex(&vcp->mx);
+                   lock_ObtainWrite(&smb_globalLock);
+                   dead_sessions[vcp->session] = TRUE;
                    lock_ReleaseWrite(&smb_globalLock);
                    smb_CleanupDeadVC(vcp);
                    smb_ReleaseVC(vcp);
                    vcp = NULL;
-               }
+               } else {
+                   lock_ReleaseMutex(&vcp->mx);
+               }
                goto doneWithNCB;
             }
             else {
+               if (vcp)
+                   lock_ReleaseMutex(&vcp->mx);
                 thrd_Sleep(1000);
-                thrd_SetEvent(SessionEvents[idx_session]);
+               thrd_SetEvent(SessionEvents[idx_session]);
             }
-            continue;
+           continue;
         }
 
         /* Success, so now dispatch on all the data in the packet */

diff --git a/src/WINNT/afsd/smb3.c b/src/WINNT/afsd/smb3.c
index df1d079..8c0395b 100644 (file)
--- a/src/WINNT/afsd/smb3.c
+++ b/src/WINNT/afsd/smb3.c
@@ -952,12 +952,19 @@ long smb_ReceiveV3UserLogoffX(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *ou
        unp = uidp->unp;
         lock_ReleaseMutex(&uidp->mx);
 
+#ifdef COMMENT
+       /* we can't do this.  we get logoff messages prior to a session
+        * disconnect even though it doesn't mean the user is logging out.
+        * we need to create a new pioctl and EventLogoff handler to set
+        * SMB_USERNAMEFLAG_LOGOFF.
+        */
        if (unp && smb_LogoffTokenTransfer) {
            lock_ObtainMutex(&unp->mx);
            unp->flags |= SMB_USERNAMEFLAG_LOGOFF;
            unp->last_logoff_t = osi_Time() + smb_LogoffTransferTimeout;
            lock_ReleaseMutex(&unp->mx);
        }
+#endif
 
        smb_ReleaseUID(uidp);
     }
@@ -1169,7 +1176,7 @@ smb_tran2Packet_t *smb_GetTran2ResponsePacket(smb_vc_t *vcp,
     return tp;
 }       
 
-/* free a tran2 packet; must be called with smb_globalLock held */
+/* free a tran2 packet */
 void smb_FreeTran2Packet(smb_tran2Packet_t *t2p)
 {
     if (t2p->vcp) {
@@ -1398,9 +1405,7 @@ long smb_ReceiveV3Trans(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *outp)
         }
 
         /* free the input tran 2 packet */
-        lock_ObtainWrite(&smb_globalLock);
         smb_FreeTran2Packet(asp);
-        lock_ReleaseWrite(&smb_globalLock);
     }
     else if (firstPacket) {
         /* the first packet in a multi-packet request, we need to send an
@@ -2024,9 +2029,7 @@ long smb_ReceiveV3Tran2A(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *outp)
         }
 
         /* free the input tran 2 packet */
-        lock_ObtainWrite(&smb_globalLock);
         smb_FreeTran2Packet(asp);
-        lock_ReleaseWrite(&smb_globalLock);
     }
     else if (firstPacket) {
         /* the first packet in a multi-packet request, we need to send an