Increase max chunksize to 128K from 32K. Windows uses 64K SMB writes.
The large chunksize helps reduce the overlapped write to afs issue.
Increase number of server threads from 4 to 25. Also helps to aleviate
the symptoms of the overlapped write to afs issue. I can now write files
as large as 80MB. 120MB files still fail.
Export pr_CreateUser and pr_SNameToId from afsauthent.lib in order to
allow aklog.exe to use them to determine if a new pts uid should be
created for a user when accessing a foreign cell.
Modify pioctl to output a message to stderr if a Downgrade Detection error
has been returned when attempting to open the __IOCTL__ file.
Increase version number to 1.3.6601
Use HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer:Logon User Name
to determine the current user name for the afscreds.exe display
Do not allow submount names to have forward or backward slashes
Add debug info to cm_ioctl to track token addition and deletion
Add register new user code to aklog.exe from KenH's AFS kit
Correct test in cm_callback.c for freelance root.afs volume which
should not have been applied when freelance was not active.
osi_Log2(afsd_logp, "GetCallback scp %x flags %lX", scp, flags);
#ifdef AFS_FREELANCE_CLIENT
- // yj
// The case where a callback is needed on /afs is handled
// specially. We need to fetch the status by calling
// cm_MergeStatus and mark that cm_fakeDirCallback is 2
- if (cm_freelanceEnabled &&
- scp->fid.cell==AFS_FAKE_ROOT_CELL_ID &&
- scp->fid.volume==AFS_FAKE_ROOT_VOL_ID &&
- scp->fid.unique==0x1 &&
- scp->fid.vnode==0x1) {
- // Start by indicating that we're in the process
- // of fetching the callback
-
- lock_ObtainMutex(&cm_Freelance_Lock);
- cm_fakeGettingCallback = 1;
- lock_ReleaseMutex(&cm_Freelance_Lock);
-
- // Fetch the status info
- cm_MergeStatus(scp, &afsStatus, &volSync, userp, 0);
-
- // Indicate that the callback is not done
- lock_ObtainMutex(&cm_Freelance_Lock);
- cm_fakeDirCallback = 2;
- // Indicate that we're no longer fetching the callback
- cm_fakeGettingCallback = 0;
- lock_ReleaseMutex(&cm_Freelance_Lock);
+ if (cm_freelanceEnabled) {
+ if (scp->fid.cell==AFS_FAKE_ROOT_CELL_ID &&
+ scp->fid.volume==AFS_FAKE_ROOT_VOL_ID &&
+ scp->fid.unique==0x1 &&
+ scp->fid.vnode==0x1) {
+ // Start by indicating that we're in the process
+ // of fetching the callback
+
+ lock_ObtainMutex(&cm_Freelance_Lock);
+ cm_fakeGettingCallback = 1;
+ lock_ReleaseMutex(&cm_Freelance_Lock);
+
+ // Fetch the status info
+ cm_MergeStatus(scp, &afsStatus, &volSync, userp, 0);
- return 0;
- }
+ // Indicate that the callback is not done
+ lock_ObtainMutex(&cm_Freelance_Lock);
+ cm_fakeDirCallback = 2;
+ // Indicate that we're no longer fetching the callback
+ cm_fakeGettingCallback = 0;
+ lock_ReleaseMutex(&cm_Freelance_Lock);
+
+ return 0;
+ }
if (scp->fid.cell==AFS_FAKE_ROOT_CELL_ID && scp->fid.volume==AFS_FAKE_ROOT_VOL_ID) {
- osi_Log0(afsd_logp,"cm_getcallback should NEVER EVER get here... ");
- }
- // yj: end of getcallback modifications ---------------
-
+ osi_Log0(afsd_logp,"cm_getcallback should NEVER EVER get here... ");
+ }
+ }
#endif /* AFS_FREELANCE_CLIENT */
mustCall = (flags & 1);
#define CM_CONFIGDEFAULT_CACHESIZE 20480
#define CM_CONFIGDEFAULT_BLOCKSIZE 4096
#define CM_CONFIGDEFAULT_STATS 1000
-#define CM_CONFIGDEFAULT_CHUNKSIZE 15
+#define CM_CONFIGDEFAULT_CHUNKSIZE 17
#define CM_CONFIGDEFAULT_DAEMONS 2
-#define CM_CONFIGDEFAULT_SVTHREADS 4
+#define CM_CONFIGDEFAULT_SVTHREADS 25
#define CM_CONFIGDEFAULT_TRACEBUFSIZE 5000
#ifndef __CM_CONFIG_INTERFACES_ONLY__
if (flags & PIOCTL_LOGON) {
/* SMB user name with which to associate tokens */
smbname = tp;
- osi_Log1(smb_logp,"cm_IoctlSetToken for user [%s]",osi_LogSaveString(smb_logp,smbname));
+ osi_Log2(smb_logp,"cm_IoctlSetToken for user [%s] smbname [%s]",
+ osi_LogSaveString(smb_logp,uname), osi_LogSaveString(smb_logp,smbname));
fprintf(stderr, "SMB name = %s\n", smbname);
tp += strlen(tp) + 1;
+ } else {
+ osi_Log1(smb_logp,"cm_IoctlSetToken for user [%s]",
+ osi_LogSaveString(smb_logp,uname));
}
#ifndef DJGPP /* for win95, session key is back in pioctl */
if (!cm_FindTokenEvent(uuid, sessionKey))
return CM_ERROR_INVAL;
#endif /* !DJGPP */
- } else
+ } else {
cellp = cm_rootCellp;
+ osi_Log0(smb_logp,"cm_IoctlSetToken - no name specified");
+ }
if (flags & PIOCTL_LOGON) {
userp = smb_FindCMUserByName(smbname, ioctlp->fidp->vcp->rname);
/* store the token */
lock_ObtainMutex(&userp->mx);
ucellp = cm_GetUCell(userp, cellp);
+ osi_Log1(smb_logp,"cm_IoctlSetToken ucellp %lx", ucellp);
ucellp->ticketLen = ticketLen;
if (ucellp->ticketp)
free(ucellp->ticketp); /* Discard old token if any */
return CM_ERROR_NOMORETOKENS;
}
+ osi_Log1(smb_logp,"cm_IoctlDelToken ucellp %lx", ucellp);
+
if (ucellp->ticketp) {
free(ucellp->ticketp);
ucellp->ticketp = NULL;
lock_ObtainMutex(&userp->mx);
- for (ucellp = userp->cellInfop; ucellp; ucellp = ucellp->nextp) {
+ for (ucellp = userp->cellInfop; ucellp; ucellp = ucellp->nextp) {
+ osi_Log1(smb_logp,"cm_IoctlDelAllToken ucellp %lx", ucellp);
ucellp->flags &= ~CM_UCELLFLAG_RXKAD;
ucellp->gen++;
}
#include <afs/stds.h>
#include <krb.h>
#include <krb5.h>
+#include <afs/ptserver.h>
#ifdef WIN32
#include <windows.h>
(void) afsconf_Close(*pconfigdir);
}
-void ViceIDToUsername(char *username, int *status,
-struct ktc_principal *aserver)
+#define ALLOW_REGISTER 1
+void ViceIDToUsername(char *username, char *realm_of_user, char *realm_of_cell,
+ char * cell_to_use, CREDENTIALS *c,
+ int *status,
+ struct ktc_principal *aclient, struct ktc_principal *aserver, struct ktc_token *atoken)
{
-#ifndef WIN32
+ static char lastcell[MAXCELLCHARS+1] = { 0 };
+ static char confname[512] = { 0 };
long viceId; /* AFS uid of user */
+#ifdef ALLOW_REGISTER
+ afs_int32 id;
+#endif /* ALLOW_REGISTER */
+
+ if (confname[0] == '\0') {
+ strncpy(confname, AFSDIR_CLIENT_ETC_DIRPATH, sizeof(confname));
+ confname[sizeof(confname) - 2] = '\0';
+ }
if (dflag)
printf("About to resolve name %s to id\n", username);
- if (!pr_Initialize (0, AFSDIR_CLIENT_ETC_DIRPATH, aserver->cell))
+ /*
+ * Talk about DUMB! It turns out that there is a bug in
+ * pr_Initialize -- even if you give a different cell name
+ * to it, it still uses a connection to a previous AFS server
+ * if one exists. The way to fix this is to change the
+ * _filename_ argument to pr_Initialize - that forces it to
+ * re-initialize the connection. We do this by adding and
+ * removing a "/" on the end of the configuration directory name.
+ */
+
+ if (lastcell[0] != '\0' && (strcmp(lastcell, aserver->cell) != 0)) {
+ int i = strlen(confname);
+ if (confname[i - 1] == '/') {
+ confname[i - 1] = '\0';
+ } else {
+ confname[i] = '/';
+ confname[i + 1] = '\0';
+ }
+ }
+
+ strcpy(lastcell, aserver->cell);
+
+ if (!pr_Initialize (0, confname, aserver->cell))
*status = pr_SNameToId (username, &viceId);
if (dflag)
* the code for tokens, this hack (AFS ID %d) will
* not work if you change %d to something else.
*/
- if ((*status == 0) && (viceId != ANONYMOUSID))
- sprintf (username, "AFS ID %d", viceId);
-#endif
+
+ /*
+ * This code is taken from cklog -- it lets people
+ * automatically register with the ptserver in foreign cells
+ */
+
+#ifdef ALLOW_REGISTER
+ if (*status == 0) {
+ if (viceId != ANONYMOUSID) {
+#else /* ALLOW_REGISTER */
+ if ((*status == 0) && (viceId != ANONYMOUSID))
+#endif /* ALLOW_REGISTER */
+ sprintf (username, "AFS ID %d", (int) viceId);
+#ifdef ALLOW_REGISTER
+ } else if (strcmp(realm_of_user, realm_of_cell) != 0) {
+ if (dflag) {
+ printf("doing first-time registration of %s "
+ "at %s\n", username, cell_to_use);
+ }
+ id = 0;
+ strncpy(aclient->name, username, MAXKTCNAMELEN - 1);
+ strcpy(aclient->instance, "");
+ strncpy(aclient->cell, c->realm, MAXKTCREALMLEN - 1);
+ if ((*status = ktc_SetToken(aserver, atoken, aclient, 0))) {
+ printf("%s: unable to obtain tokens for cell %s "
+ "(status: %d).\n", progname, cell_to_use, status);
+ *status = AKLOG_TOKEN;
+ }
+
+ /*
+ * In case you're wondering, we don't need to change the
+ * filename here because we're still connecting to the
+ * same cell -- we're just using a different authentication
+ * level
+ */
+
+ if ((*status = pr_Initialize(1L, confname, aserver->cell, 0))) {
+ printf("Error %d\n", status);
+ }
+
+ if ((*status = pr_CreateUser(username, &id))) {
+ printf("%s: unable to create remote PTS "
+ "user %s in cell %s (status: %d).\n", progname,
+ username, cell_to_use, *status);
+ } else {
+ printf("created cross-cell entry for %s at %s\n",
+ username, cell_to_use);
+ sprintf(username, "AFS ID %d", (int) id);
+ }
+ }
+ }
+#endif /* ALLOW_REGISTER */
}
char *LastComponent(char *str)
struct ktc_principal aclient;
struct ktc_token atoken, btoken;
+
/* try to avoid an expensive call to get_cellconfig */
if (cell && ll_string_check(&authedcells, cell))
{
strcat(username, realm_of_user);
}
- ViceIDToUsername(username, &status, &aserver);
+ ViceIDToUsername(username, realm_of_user, realm_of_cell, cell_to_use, &c, &status, &aclient, &aserver, &atoken);
}
if (dflag)
return FALSE;
for ( ; *pszSubmount; ++pszSubmount)
- {
- if (!isprint(*pszSubmount))
- return FALSE;
- if (*pszSubmount == TEXT(' '))
- return FALSE;
- if (*pszSubmount == TEXT('\t'))
- return FALSE;
- }
+ {
+ if (!isprint(*pszSubmount))
+ return FALSE;
+ if (*pszSubmount == TEXT(' '))
+ return FALSE;
+ if (*pszSubmount == TEXT('/'))
+ return FALSE;
+ if (*pszSubmount == TEXT('\\'))
+ return FALSE;
+ if (*pszSubmount == TEXT('\t'))
+ return FALSE;
+ }
return TRUE;
}
void Main_OnInitDialog (HWND hDlg)
{
- if (!g.fIsWinNT)
- {
- TCHAR szTitle[256];
- GetString (szTitle, IDS_TITLE_95);
- SetWindowText (hDlg, szTitle);
- }
+ if (!g.fIsWinNT)
+ {
+ TCHAR szTitle[256];
+ GetString (szTitle, IDS_TITLE_95);
+ SetWindowText (hDlg, szTitle);
+ }
- TCHAR szVersion[256];
- DWORD dwPatch = 0;
- TCHAR szUser[256];
- GetString (szVersion, IDS_UNKNOWN);
- GetString (szUser, IDS_UNKNOWN);
+ TCHAR szVersion[256];
+ DWORD dwPatch = 0;
+ TCHAR szUser[256];
+ GetString (szVersion, IDS_UNKNOWN);
+ GetString (szUser, IDS_UNKNOWN);
- HKEY hk;
- if (RegOpenKey (HKEY_LOCAL_MACHINE, REGSTR_PATH_AFS, &hk) == 0)
- {
- DWORD dwSize = sizeof(szVersion);
- DWORD dwType = REG_SZ;
- RegQueryValueEx (hk, REGVAL_AFS_VERSION, NULL, &dwType, (PBYTE)szVersion, &dwSize);
+ HKEY hk;
+ if (RegOpenKey (HKEY_LOCAL_MACHINE, REGSTR_PATH_AFS, &hk) == 0)
+ {
+ DWORD dwSize = sizeof(szVersion);
+ DWORD dwType = REG_SZ;
+ RegQueryValueEx (hk, REGVAL_AFS_VERSION, NULL, &dwType, (PBYTE)szVersion, &dwSize);
- dwSize = sizeof(dwPatch);
- dwType = REG_DWORD;
- RegQueryValueEx (hk, REGVAL_AFS_PATCH, NULL, &dwType, (PBYTE)&dwPatch, &dwSize);
- RegCloseKey (hk);
- }
+ dwSize = sizeof(dwPatch);
+ dwType = REG_DWORD;
+ RegQueryValueEx (hk, REGVAL_AFS_PATCH, NULL, &dwType, (PBYTE)&dwPatch, &dwSize);
+ RegCloseKey (hk);
+ }
- BOOL fFoundUserName = FALSE;
- if (RegOpenKey (HKEY_LOCAL_MACHINE, TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Explorer"), &hk) == 0)
+ /* We should probably be using GetUserNameEx() for this */
+ BOOL fFoundUserName = FALSE;
+ if (RegOpenKey (HKEY_CURRENT_USER, TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Explorer"), &hk) == 0)
{
DWORD dwSize = sizeof(szUser);
DWORD dwType = REG_SZ;
}
if (!fFoundUserName )
{
+ if (RegOpenKey (HKEY_LOCAL_MACHINE, TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Explorer"), &hk) == 0)
+ {
+ DWORD dwSize = sizeof(szUser);
+ DWORD dwType = REG_SZ;
+ if (RegQueryValueEx (hk, TEXT("Logon User Name"), NULL, &dwType, (PBYTE)szUser, &dwSize) == 0)
+ fFoundUserName = TRUE;
+ RegCloseKey (hk);
+ }
+ }
+ if (!fFoundUserName )
+ {
if (RegOpenKey (HKEY_LOCAL_MACHINE, TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon"), &hk) == 0)
{
DWORD dwSize = sizeof(szUser);
fFoundUserName = TRUE;
RegCloseKey (hk);
}
+ }
+ if (!fFoundUserName)
+ {
+ if (RegOpenKey (HKEY_LOCAL_MACHINE, TEXT("Network\\Logon"), &hk) == 0)
+ {
+ DWORD dwSize = sizeof(szUser);
+ DWORD dwType = REG_SZ;
+ if (RegQueryValueEx (hk, TEXT("UserName"), NULL, &dwType, (PBYTE)szUser, &dwSize) == 0)
+ fFoundUserName = TRUE;
+ RegCloseKey (hk);
+ }
}
- if (!fFoundUserName)
- {
- if (RegOpenKey (HKEY_LOCAL_MACHINE, TEXT("Network\\Logon"), &hk) == 0)
- {
- DWORD dwSize = sizeof(szUser);
- DWORD dwType = REG_SZ;
- if (RegQueryValueEx (hk, TEXT("UserName"), NULL, &dwType, (PBYTE)szUser, &dwSize) == 0)
- fFoundUserName = TRUE;
- RegCloseKey (hk);
- }
- }
- TCHAR szSource[ cchRESOURCE ];
- TCHAR szTarget[ cchRESOURCE ];
+ TCHAR szSource[ cchRESOURCE ];
+ TCHAR szTarget[ cchRESOURCE ];
- GetString (szSource, (dwPatch) ? IDS_TITLE_VERSION : IDS_TITLE_VERSION_NOPATCH);
- wsprintf (szTarget, szSource, szVersion, dwPatch);
- SetDlgItemText (hDlg, IDC_TITLE_VERSION, szTarget);
+ GetString (szSource, (dwPatch) ? IDS_TITLE_VERSION : IDS_TITLE_VERSION_NOPATCH);
+ wsprintf (szTarget, szSource, szVersion, dwPatch);
+ SetDlgItemText (hDlg, IDC_TITLE_VERSION, szTarget);
- GetDlgItemText (hDlg, IDC_TITLE_NT, szSource, cchRESOURCE);
- wsprintf (szTarget, szSource, szUser);
- SetDlgItemText (hDlg, IDC_TITLE_NT, szTarget);
+ GetDlgItemText (hDlg, IDC_TITLE_NT, szSource, cchRESOURCE);
+ wsprintf (szTarget, szSource, szUser);
+ SetDlgItemText (hDlg, IDC_TITLE_NT, szTarget);
}
#define used in WinNT/2000 installation and program version display
AFSPRODUCT_VER_MAJOR=1
AFSPRODUCT_VER_MINOR=3
-AFSPRODUCT_VER_PATCH=6600
+AFSPRODUCT_VER_PATCH=6601
AFSPRODUCT_VER_BUILD=0
AFSPRODUCT_VERSION=$(AFSPRODUCT_VER_MAJOR).$(AFSPRODUCT_VER_MINOR).$(AFSPRODUCT_VER_PATCH)
AFSPRODUCT_FILE_VERSION=$(AFSPRODUCT_VER_MAJOR),$(AFSPRODUCT_VER_MINOR),$(AFSPRODUCT_VER_PATCH),$(AFSPRODUCT_VER_BUILD)
pioctl @77
rx_Init @78
ka_UserAuthenticateGeneral2 @79
-
-
+ pr_CreateUser @80
+ pr_SNameToId @81
DISK_function_names @83 DATA
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING,
FILE_FLAG_WRITE_THROUGH, NULL);
fflush(stdout);
- if (fh == INVALID_HANDLE_VALUE)
- return -1;
-
+ if (fh == INVALID_HANDLE_VALUE) {
+ if (GetLastError() == ERROR_DOWNGRADE_DETECTED)
+ fprintf(stderr, "Unable to open \"%s\": Authentication Downgrade Detected\n", tbuffer);
+ return -1;
+ }
/* return fh and success code */
*handlep = fh;
return 0;