Since 1.3.65:
+ * The algorithm used to re-attempt access to the servers associated with
+ a volume has been altered to properly address the case in which all
+ servers have been marked down. The previous algorithm did not reset
+ the server's down flags so the servers were never actually retried.
+ This caused a problem with active volumes if the network connectivity
+ was lost as could be the case with a network cable removal, wireless
+ drop, or laptop hibernation. With the fix volume access is restored
+ almost instantenously when network connectivity becomes available.
+
* Support for SMB/CIFS browsing has been added to the AFS Client Service
SMB server. It is now possible to use "NET VIEW \\AFS" to obtain a
listing of AFS submounts and freelance mount points. Support for
add these service principals to the list of principals to be maintained
for each host.
-SMB Authentication will fail in the following situation. If you have
-configured the Windows machine to authenticate to a non-Windows realm
-(MIT or Heimdal KDC) and you are using account mapping to map the
-Kerberos principal to local account name. If the password for the
-Kerberos principal and the local machine account are not the same,
-SMB Authentication will fail. To make AFS accessible to the user one
-of three things must be done:
-
-(1) The user must synchronize the local Windows password with the Kerberos
- password
-
-(2) The user must login with the local Windows account
-
-(3) The user must attach to the AFS server using the local account credentials.
- The user can do this either by browsing \\AFS in the Windows Explorer and
- specify "remember my password" to avoid the need to perform this operation
- in the future; or the following commands may be executed from the command
- line:
-
- NET USE \\AFS /USER:<local-account-name> <password>
- NET USE \\AFS /SAVECRED
-
-(4) SMB Authentication for OpenAFS must be disabled. (see registry.txt
- for information on how to set the SMBAuthType to NONE.
-
-
19. As of 1.3.70, INI files are no longer used for the storage of AFS
configuration data. No longer are there any AFS related files stored in the
%WINDIR% directory. The CellServDB file is no longer called "afsdsbmt.ini"
-This file is a rough list of known issues with the 1.3.65 release of OpenAFS
+This file is a rough list of known issues with the 1.3.70 release of OpenAFS
on Windows. This list is not complete. There are probably other issues
which can be found in the RT database or on the mailing list.
temporarily unable to access the Cell due to network restore timing
issues.)
-(18) No support for Unicode filenames. Translations make file unreadable
+(18) No support for Unicode CIFS/SMB data structures. OEM Code Pages prevent
+ the use of interoperable file names; force the use of paths no longer
+ than 256 characters; force share names to be no longer than 13
+ characters; restrict authentication to ASCII only names and passwords;
+ etc.
(19) No auto-restart on service failure
(20) Better EventLog handling
-(21) Named Pipes Support
+(21) Named Pipes Support [requires modifications to AFS servers to support]
(22) Memory Mapped File support
-(23) Large file support
+(23) Large file support [both SMB/CIFS and AFS]
-(26) Implement persistent disk based cache which survives restarts
+(24) Implement persistent disk based cache which survives restarts
-(27) NSIS Installer issues
+(25) NSIS Installer issues
(a) integration with KFW install script
(b) Optional removal of AFS Server volumes
-(28) The User Interface needs to be re-designed to separate the per-user
+(26) The User Interface needs to be re-designed to separate the per-user
and per-machine settings. All of the new registry items need to
be added to the UI
-(30) There appears to be a thread safety issue in the Rx library when
+(27) There appears to be a thread safety issue in the Rx library when
running on Intel processors which support hyper-threading
-(32) Thread initialization versus Global Drive Mapping. There is no
+(28) Thread initialization versus Global Drive Mapping. There is no
mechanism in the afsd_init.c to ensure that all of the threads
complete initializing in the correct sequence. In the case of
Global Drive Maps this is a problem because the Global Drive Maps
can be executed prior to the completion of the SMB registration
and service thread initialization.
-(35) Should we allow the AFSCACHE file to be stored in the Virtual Paging
+(29) Should we allow the AFSCACHE file to be stored in the Virtual Paging
file as long as we do not support persistent caches?
+(30) CIFS Remote Administration Protocol implementation is incomplete.
+ Notifications are not made to requestors when the view of a file
+ or folder changes due to token acquisition; token expiration; or
+ token destruction
+
+(31) Microsoft Office appears to have trouble editing files of ~20MB
+ or larger from within AFS. Performance is particularly slow and
+ applications such as Word often crash upon saving the files.
+
-------------------------------------------------------------------------
-List sent to SLAC:
+List of unfunded projects:
1. No longer use AFS Client Service "cell" as the default cell for individual users
2. Re-write afsd_service.exe to perform synchronized thread startup and shutdown.
15. Large File support (> 2GB)
16. Integrate KFW installation into the NSIS installer
17. Add support for record locking to AFS (requires changes to the servers)
-
+ 18. Unicode enable the SMB/CIFS server. OEM Code Pages:
+ 1. prevent the use of interoperable file names
+ 2. force the use of paths no longer than 256 characters
+ 3. force share names to be no longer than 13 characters
+ 4. restrict authentication to ASCII only names and passwords
+ 19. Complete implementation of CIFS Remote Administration Protocol
+ 20. Identify and correct the problems with Microsoft Office applications
afsi_log("Logoff token transfer on by default");
}
smb_LogoffTokenTransfer = ltt;
+ afsi_log("Logoff token transfer is currently ignored");
if (ltt) {
dummyLen = sizeof(ltto);
ltto = 0;
}
smb_LogoffTransferTimeout = ltto;
+ afsi_log("Default logoff token is currently ignored");
dummyLen = sizeof(cm_rootVolumeName);
code = RegQueryValueEx(parmKey, "RootVolume", NULL, NULL,
/* write out wbytes of data from bufferp */
temp = rx_Write(callp, bufferp, wbytes);
if (temp != wbytes) {
+ osi_Log2(afsd_logp, "rx_Write failed %d != %d",temp,wbytes);
code = -1;
break;
- }
+ } else {
+ osi_Log1(afsd_logp, "rx_Write succeeded %d",temp);
+ }
nbytes -= wbytes;
} /* while more bytes to write */
} /* if RPC started successfully */
-
- if (code == 0)
+ else {
+ osi_Log1(afsd_logp, "StartRXAFS_StoreData failed (%lX)",code);
+ }
+ if (code == 0) {
code = EndRXAFS_StoreData(callp, &outStatus, &volSync);
+ if (code)
+ osi_Log1(afsd_logp, "EndRXAFS_StoreData failed (%lX)",code);
+ }
code = rx_EndCall(callp, code);
osi_Log0(afsd_logp, "CALL StoreData DONE");
*(aLocalMountPoint->mountPointStringp + (strlen(line)-(t-line)-2)) = 0;
osi_Log2(afsd_logp,"found mount point: name %s, string %s",
- aLocalMountPoint->namep,
- aLocalMountPoint->mountPointStringp);
+ osi_LogSaveString(afsd_logp,aLocalMountPoint->namep),
+ osi_LogSaveString(afsd_logp,aLocalMountPoint->mountPointStringp));
aLocalMountPoint++;
}
allow partial matches as a means of poor man's alias. */
/* major performance issue? */
osi_Log3(afsd_logp,"Freelance Add Mount request: filename=%s cellname=%s volume=%s %s",
- filename, cellname, volume, rw ? "rw" : "ro");
+ osi_LogSaveString(afsd_logp,filename),
+ osi_LogSaveString(afsd_logp,cellname),
+ osi_LogSaveString(afsd_logp,volume), rw ? "rw" : "ro");
if (cellname[0] == '.') {
if (!cm_GetCell_Gen(&cellname[1], &fullname[1], CM_FLAG_CREATE))
return -1;
return -1;
}
- osi_Log1(afsd_logp,"Freelance Adding Mount for Cell: %s", cellname);
+ osi_Log1(afsd_logp,"Freelance Adding Mount for Cell: %s",
+ osi_LogSaveString(afsd_logp,cellname));
lock_ObtainMutex(&cm_Freelance_Lock);
osi_Log1(afsd_logp, "CM SyncOp sleeping scp %x", (long) scp);
if ( scp->flags & CM_SCACHEFLAG_WAITING )
osi_Log1(afsd_logp, "CM SyncOp CM_SCACHEFLAG_WAITING already set for 0x%x", scp);
+ else
+ osi_Log1(afsd_logp, "CM SyncOp CM_SCACHEFLAG_WAITING set for 0x%x", scp);
scp->flags |= CM_SCACHEFLAG_WAITING;
if (bufLocked) lock_ReleaseMutex(&bufp->mx);
osi_SleepM((long) &scp->flags, &scp->mx);
/* and wakeup anyone who is waiting */
if (scp->flags & CM_SCACHEFLAG_WAITING) {
- scp->flags &= ~CM_SCACHEFLAG_WAITING;
- osi_Wakeup((long) &scp->flags);
+ osi_Log1(afsd_logp, "CM SyncOp CM_SCACHEFLAG_WAITING reset for 0x%x", scp);
+ scp->flags &= ~CM_SCACHEFLAG_WAITING;
+ osi_Wakeup((long) &scp->flags);
}
}
return CM_ERROR_NOSUCHFILE;
}
else { /* nonexistent dir on freelance root, so add it */
- osi_Log1(afsd_logp,"cm_Lookup adding mount for non-existent directory: %s", namep);
+ osi_Log1(afsd_logp,"cm_Lookup adding mount for non-existent directory: %s",
+ osi_LogSaveString(afsd_logp,namep));
code = cm_FreelanceAddMount(namep, namep, "root.cell.", 0, &rock.fid);
if (code < 0) { /* add mount point failed, so give up */
if (flags & CM_FLAG_CHECKPATH)
DWORD code;
DWORD allSubmount = 1;
- if (strcmp(shareName, "IPC$") == 0) {
- *pathNamep = NULL;
- return 0;
- }
-
/* if allSubmounts == 0, only return the //mountRoot/all share
* if in fact it has been been created in the subMounts table.
* This is to allow sites that want to restrict access to the
return 1;
}
+ if (_stricmp(shareName, "IPC$") == 0 ||
+ _stricmp(shareName, SMB_IOCTL_FILENAME_NOSLASH) == 0 ||
+ _stricmp(shareName, "DESKTOP.INI") == 0
+ ) {
+ *pathNamep = NULL;
+ return 0;
+ }
+
#ifndef DJGPP
code = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\OpenAFS\\Client\\Submounts",
0, KEY_QUERY_VALUE, &parmKey);
}
*NTStatusp = NTStatus;
- osi_Log2(smb_logp, "SMB SEND code %x as NT %x", code, NTStatus);
+ osi_Log2(smb_logp, "SMB SEND code %lX as NT %lX", code, NTStatus);
}
void smb_MapCoreError(long code, smb_vc_t *vcp, unsigned short *scodep,
*scodep = error;
*classp = class;
- osi_Log3(smb_logp, "SMB SEND code %x as SMB %d: %d", code, class, error);
+ osi_Log3(smb_logp, "SMB SEND code %lX as SMB %d: %d", code, class, error);
}
long smb_SendCoreBadOp(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *outp)
DWORD filter = 0;
cm_req_t req;
+ osi_Log3(smb_logp, "smb_WriteData fid %d, off 0x%x, size 0x%x",
+ fidp->fid, offsetp->LowPart, count);
+
cm_InitReq(&req);
bufferp = NULL;
lock_ObtainMutex(&scp->mx);
/* start by looking up the file's end */
+ osi_Log1(smb_logp, "smb_WriteData fid %d calling cm_SyncOp NEEDCALLBACK|SETSTATUS|GETSTATUS",
+ fidp->fid);
code = cm_SyncOp(scp, NULL, userp, &req, 0,
CM_SCACHESYNC_NEEDCALLBACK
| CM_SCACHESYNC_SETSTATUS
| CM_SCACHESYNC_GETSTATUS);
+ osi_Log2(smb_logp, "smb_WriteData fid %d calling cm_SyncOp NEEDCALLBACK|SETSTATUS|GETSTATUS returns %d",
+ fidp->fid,code);
if (code)
goto done;
/* now get the data in the cache */
while (1) {
+ osi_Log1(smb_logp, "smb_WriteData fid %d calling cm_SyncOp NEEDCALLBACK|WRITE|BUFLOCKED",
+ fidp->fid);
code = cm_SyncOp(scp, bufferp, userp, &req, 0,
CM_SCACHESYNC_NEEDCALLBACK
| CM_SCACHESYNC_WRITE
| CM_SCACHESYNC_BUFLOCKED);
+ osi_Log2(smb_logp, "smb_WriteData fid %d calling cm_SyncOp NEEDCALLBACK|WRITE|BUFLOCKED returns %d",
+ fidp->fid,code);
if (code)
goto done;
}
if (code == 0 && doWriteBack) {
+ long code2;
lock_ObtainMutex(&scp->mx);
- cm_SyncOp(scp, NULL, userp, &req, 0, CM_SCACHESYNC_ASYNCSTORE);
+ osi_Log1(smb_logp, "smb_WriteData fid %d calling cm_SyncOp ASYNCSTORE",
+ fidp->fid);
+ code2 = cm_SyncOp(scp, NULL, userp, &req, 0, CM_SCACHESYNC_ASYNCSTORE);
+ osi_Log2(smb_logp, "smb_WriteData fid %d calling cm_SyncOp ASYNCSTORE returns %d",
+ fidp->fid,code2);
lock_ReleaseMutex(&scp->mx);
cm_QueueBKGRequest(scp, cm_BkgStore, writeBackOffset.LowPart,
writeBackOffset.HighPart, cm_chunkSize, 0, userp);
}
+ osi_Log2(smb_logp, "smb_WriteData fid %d returns %d",
+ fidp->fid, code);
return code;
}
op = smb_GetSMBData(inp, NULL);
op = smb_ParseDataBlock(op, NULL, &inDataBlockCount);
- osi_Log3(smb_logp, "smb_ReceiveCoreWrite fd %d, off 0x%x, size 0x%x",
+ osi_Log3(smb_logp, "smb_ReceiveCoreWrite fid %d, off 0x%x, size 0x%x",
fd, offset.LowPart, count);
fd = smb_ChainFID(fd, inp);
nr.dwType=RESOURCETYPE_DISK;
nr.lpLocalName=szDrive;
nr.lpRemoteName=szPath;
- nr.dwDisplayType = RESOURCEDISPLAYTYPE_SHARE;
+ nr.dwDisplayType = RESOURCEDISPLAYTYPE_SHARE; /* ignored parameter */
DWORD res=WNetAddConnection2(&nr,NULL,pUsername,(bPersistent)?CONNECT_UPDATE_PROFILE:0);
DEBUG_EVENT5("AFS DriveMap","Mount %s Local[%s] Remote[%s] User[%s]=%x",
(bPersistent)?"Persistant" : "NonPresistant",
extern "C" {
#include <afs/param.h>
#include <afs/stds.h>
+#include <afs/afskfw.h>
}
#include "afscreds.h"
if (StartService (hService, 0, 0))
{
TestAndDoMapShare(SERVICE_START_PENDING);
+ if ( KFW_is_available() && KFW_AFS_wait_for_service_start() ) {
+#ifdef USE_MS2MIT
+ KFW_import_windows_lsa();
+#endif /* USE_MS2MIT */
+ KFW_AFS_renew_tokens_for_all_cells();
+ }
fSuccess = TRUE;
}
CloseServiceHandle (hService);
SERVICE_QUERY_STATUS | SERVICE_START)) != NULL)
{
if (StartService (hService, 0, 0))
- TestAndDoMapShare(SERVICE_START_PENDING);
+ TestAndDoMapShare(SERVICE_START_PENDING);
CloseServiceHandle (hService);
}
MENUITEM "Token an&zeigen...", M_ACTIVATE
MENUITEM "Vor Ablauf &warnen", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "Symbol entfe&rnen", M_TERMINATE
+ MENUITEM "Symbol entfe&rnen...", M_TERMINATE
END
MENUITEM "&Show Tokens...", M_ACTIVATE
MENUITEM "&Warn Before Expiration", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "&Remove Icon", M_TERMINATE
+ MENUITEM "&Remove Icon...", M_TERMINATE
END
MENUITEM "&Mostrar señales...", M_ACTIVATE
MENUITEM "A&visar antes de la caducidad", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "&Eliminar icono", M_TERMINATE
+ MENUITEM "&Eliminar icono...", M_TERMINATE
END
MENUITEM "g[NÌ\¦(&S)...", M_ACTIVATE
MENUITEM "úÀØêOÉx(&W)", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "ACRÌí(&R)", M_TERMINATE
+ MENUITEM "ACRÌí(&R)...", M_TERMINATE
END
MENUITEM "ÅäÅ« Ç¥½Ã(&S)...", M_ACTIVATE
MENUITEM "¸¸±â Àü °æ°í(&W)", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "¾ÆÀÌÄÜ Á¦°Å(&R)", M_TERMINATE
+ MENUITEM "¾ÆÀÌÄÜ Á¦°Å(&R)...", M_TERMINATE
END
MENUITEM "&Mostrar Tokens...", M_ACTIVATE
MENUITEM "&Avisar Antes do Vencimento", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "&Remover Ícone", M_TERMINATE
+ MENUITEM "&Remover Ícone...", M_TERMINATE
END
MENUITEM "ÏÔʾÁîÅÆ(&S)...", M_ACTIVATE
MENUITEM "µ½ÆÚÇ°¾¯¸æ(&W)", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "³ýȥͼ±ê(&R)", M_TERMINATE
+ MENUITEM "³ýȥͼ±ê(&R)...", M_TERMINATE
END
MENUITEM "Åã¥Ü°O¸¹(&S)...", M_ACTIVATE
MENUITEM "¹L´Á«e¥ýĵ§i(&W)", M_REMIND, CHECKED
MENUITEM SEPARATOR
- MENUITEM "²¾°£¹Ï¥Ü(&R)", M_TERMINATE
+ MENUITEM "²¾°£¹Ï¥Ü(&R)...", M_TERMINATE
END
if (StartService (hService, 0, 0))
TestAndDoMapShare(SERVICE_START_PENDING);
if ( KFW_is_available() && KFW_AFS_wait_for_service_start() ) {
+#ifdef USE_MS2MIT
+ KFW_import_windows_lsa();
+#endif /* USE_MS2MIT */
KFW_AFS_renew_tokens_for_all_cells();
}
<Control Id="CredStartLabel" Type="Text" X="45" Y="53" Width="295" Height="15" TabSkip="yes" Text="Startup options for AFS Credentials" />
<Control Id="CredStartup" Type="CheckBox" X="50" Y="73" Width="300" Height="15" Property="CREDSSTARTUP" CheckBoxValue="1" Text="Start AFS Credentials at startup" />
<Control Id="CredCommandLabel" Type="Text" X="45" Y="93" Width="295" Height="15" TabSkip="yes" Text="Command line options for AFS Credentials" />
- <Control Id="CredAutoInit" Type="CheckBox" X="50" Y="113" Width="300" Height="15" Property="CREDSAUTOINIT" CheckBoxValue="-a" Text="Auto initialize AFS Credentials." />
+ <Control Id="CredAutoInit" Type="CheckBox" X="50" Y="113" Width="300" Height="15" Property="CREDSAUTOINIT" CheckBoxValue="-a" Text="Auto initialize AFS Credentials" />
<Control Id="CredRenew" Type="CheckBox" X="50" Y="133" Width="300" Height="15" Property="CREDSRENEWDRMAP" CheckBoxValue="-m" Text="Renew drive maps" />
<Control Id="CredIPCg" Type="CheckBox" X="50" Y="153" Width="300" Height="15" Property="CREDSIPCHDET" CheckBoxValue="-n" Text="Detect IP address changes" />
<Control Id="CredQuiet" Type="CheckBox" X="50" Y="173" Width="300" Height="15" Property="CREDSQUIET" CheckBoxValue="-q" Text="Quiet mode" />