openafs.git
5 years agoMerge branch 'security-1.6' into HEAD openafs-stable-1_6_9-branch openafs-stable-1_6_9
Stephan Wiesand [Thu, 12 Jun 2014 08:52:09 +0000]
Merge branch 'security-1.6' into HEAD

5 years agoMake OpenAFS 1.6.9
Stephan Wiesand [Thu, 12 Jun 2014 08:30:48 +0000]
Make OpenAFS 1.6.9

Update version strings and NEWS for 1.6.9

Change-Id: I80fe292dd091a26cbec5d5b4a2fab51e4cf4dee6

5 years agoRevert "viced: Avoid issuing redundant TMAY requests"
Jeffrey Altman [Wed, 11 Jun 2014 23:03:45 +0000]
Revert "viced: Avoid issuing redundant TMAY requests"

This reverts commit 03a9b481c7f27c462c9d65a756d172e79758b86d.

Andrew Deason wrote,

  "Briefly, 'host' structures are allocated without clearing all of the
  contents to '0'. Only part of the structure is cleared, according to the
  HOST_TO_ZERO macro. Unfortunately I put the new tmay_ fields right below
  the 'index' field for some reason, so this means they aren't zeroed and
  can contain garbage. This means we can easily segfault in the fileserver
  when we try to access the pointers in there.

  "We access uninitialized memory for every 'host' that is allocated. So
  the chance of us corrupting memory is the chance that a particular
  pointer-sized area of memory from 'malloc' is not already NULL.

  "That seems pretty likely, but it's not so frequent as to have the
  fileserver effectively "constantly" crashing at the site that noticed.
  So it has not been a fire drill, but it has been noticeable (we heard
  about it I think yesterday, and got details today when it happened
  again). The noticing incident was a segfault, but an abort or sigbus are
  probably also likely.

  "Of course, the chances of noticing go way up with more clients. I expect
  the chances dramatically increase if you have more than 512 client hosts
  hit the box, since the first block of 512 are allocated before we really
  do anything. For the next 512, it seems much more likely that 'malloc'
  will give us back non-zeroed data. But this is just theory.

  "With the incident I know about, the crash happened semi-quickly after
  the server started (a few minutes). But it seems likely to occur after
  the server has been up for a long time, if/when you cross the next line
  of 512 hosts.

  "I am also concerned that this can easily be corrupting memory without
  being noticed via a crash (or it takes a while to crash), since we are
  potentially free'ing invalid pointers, or stomping over someone else's
  memory, etc etc."

Change-Id: I20bd40fc9df69247884099a0623e6db40908b3e8

5 years agovolser: -log restore operations
Michael Meffie [Mon, 20 May 2013 15:32:04 +0000]
volser: -log restore operations

Add vos restore to the list of operations which are logged
when the volserver is running with the -log option. Example
log line:

    admin on 172.16.50.141 is executing Restore 536870969

Reviewed-on: http://gerrit.openafs.org/9926
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit eb7b3dac482ed0427b6e618bf60507a7a1a99769)

Change-Id: If09d8d170c14cfd71c181cbdc87c6027ee570c45
Reviewed-on: http://gerrit.openafs.org/11153
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoIncrease size of space for ACL in "up" command.
Antoine Verheijen [Tue, 9 Apr 2013 02:51:52 +0000]
Increase size of space for ACL in "up" command.

The amount of space allocated for use by the pioctl call to
obtain the ACL for the source directory in the "up" command
is not large enough and the call fails when access lists get
sufficiently large.

This change increases the size of the space provided to
pioctl to the maximum possible. This allows for much larger
access lists and is consistent with a similar call in the
"fs listacl" command).

Reviewed-on: http://gerrit.openafs.org/9753
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 639453196dd9f71a86e61d2c83e2e8ae0d8bf45f)

Change-Id: I4fabbe3fc294c076bd786d43f5e9d2dd0b32e99d
Reviewed-on: http://gerrit.openafs.org/11111
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoredhat: Use the right path to depmod
Stephan Wiesand [Wed, 7 May 2014 13:20:51 +0000]
redhat: Use the right path to depmod

As of Fedora 17 and RHEL 7, depmod has moved from /sbin to /usr/sbin.
The full path to depmod is used in package scripts and as a dependency.
This hasn't caused problems in most cases because on an installed
system a link /sbin -> /usr/sbin is present and during ordinary package
installations yum/rpm correctly then figure out that /sbin/depmod is
actually provided. But in other situations, the dependency check is not
that clever and (incorrectly) fails.

Add a macro to the spec defining the full path to depmod, use the macro
rather than plain /sbin/depmod throughout the spec, and also pass it to
kmodtool when required to generate the kmod package scripts and
requirements.

FIXES 131860

Reviewed-on: http://gerrit.openafs.org/11128
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit c20c01185ed748b2bc823369a8f28cf004b7d1c9)

Change-Id: Ib9e0bfe586de668ddba6fb82ff1ea2a081277150
Reviewed-on: http://gerrit.openafs.org/11171
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Don't double check for required param
Simon Wilkinson [Sat, 2 Mar 2013 11:09:08 +0000]
libadmin: Don't double check for required param

The server, process and stat_type parameters are declared as
required when the command syntax is set up - so they must be
present when the command handler is called. So, don't bother
checking for them.

Caught by coverity (#985963, #985964, #985965, #985966, #985967,
    #985968, #985969, #985970, #985971, #985972,
    #985973, #985974, #985975, #985976, #985977)

Reviewed-on: http://gerrit.openafs.org/9399
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit f5b462c9d4a56be0ae4696db08fb92a1e7390e2c)

Change-Id: I4ea58eadbc97a934bb54a346086cdaf77ab28b9c
Reviewed-on: http://gerrit.openafs.org/11048
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Dan Hyde <drh@umich.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agodoc: Clarify some BosConfig.new text
Andrew Deason [Tue, 15 Apr 2014 17:30:19 +0000]
doc: Clarify some BosConfig.new text

It is not always clear to users whether BosConfig.new is noticed
during an automatic restart, or if it requires stopping and starting
the bosserver. Slightly reword the relevant text and add a small note
that a "general restart" does cause BosConfig.new to be noticed, so
this is explicitly clear.

Reviewed-on: http://gerrit.openafs.org/11076
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 3946b50a7ecdfd34681ab471863929b2f82aff4b)

Change-Id: Ia630aec6ef5259fc3c3fd531fdf8fda8a4152c54
Reviewed-on: http://gerrit.openafs.org/11216
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agovolser: remove commented code
Chas Williams (CONTRACTOR) [Fri, 21 Mar 2014 18:35:46 +0000]
volser: remove commented code

Apparently this predates AFS 3.0 so it should be safe to remove.

Reviewed-on: http://gerrit.openafs.org/10935
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit cc39ac77c6e8d120a41ffe67a60896463323ab31)

Change-Id: Ia034b8a14c000ee2772ba555a45a9776a20aff43
Reviewed-on: http://gerrit.openafs.org/10945
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoafs: Raise fake free space reporting
Andrew Deason [Wed, 27 Mar 2013 23:12:41 +0000]
afs: Raise fake free space reporting

We report 'fake' values for free space, free file nodes, etc for the
'AFS' filesystem, since these values are not meaningful for AFS
itself. Currently we report about 9G of free space for most platforms,
and a few different values for a few others. Raise all of these to
2^32-1, so that trying to copy over 9G of data into AFS does not fail
for those applications that check the destination free space with
statfs(2). Note that one such application is KDE 4.8.x.

Consolidate all places that do this, and put the 'fake' value in one
place, AFS_VFS_FAKEFREE, along with the relevant comments.

Related issues reported by Lars Schimmer, Richard Brittain, and
others.

Reviewed-on: http://gerrit.openafs.org/9688
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Markus Koeberl <markus.koeberl@tugraz.at>
Tested-by: Markus Koeberl <markus.koeberl@tugraz.at>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit e385571ba37fa6d43fecca17e9e5d60a22a414cd)

Change-Id: Id9b5fa92f48bc83b84bb4f50bc0ae25b028694b0
Reviewed-on: http://gerrit.openafs.org/10984
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agofs: Fix improper use of readlink
Stephan Wiesand [Thu, 10 Apr 2014 15:59:24 +0000]
fs: Fix improper use of readlink

readlink returns a non-NUL terminated buffer. If we are going to
terminate its response, we need to make sure that there's space to
do so. So the length passed to readlink should be one less than the
real length of the buffer.

This is a 1.6-only change

It is inspired by commit 25011b4544e48dffd5978201669f7b9e23da3144
which cannot be cherry picked due to other missing commits on
the 1.6 branch, like 763ec5250deef6f0f8ae1c85b52bac3ffc1a6176.

Change-Id: I5c3f2946f7c1b8e935ae46bc195f58e207e115d6
Reviewed-on: http://gerrit.openafs.org/11054
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobozo: remove obsolete bnode_Deactivate() prototype
Stephan Wiesand [Fri, 28 Feb 2014 17:47:12 +0000]
bozo: remove obsolete bnode_Deactivate() prototype

Commit 54eb2485b59550ba42569ed3a8d76211a3a35019 removed the
implementation of bnode_Deactivate(), which had been #ifdef'd out
for a long time, but left the prototype in place. Remove the
obsolete declaration in bosprototypes.h as well.

Reviewed-on: http://gerrit.openafs.org/10868
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 01a7c64e472c241798306e7f8137de28efdef37e)

Change-Id: Ic1ca95ef455705a14cf68f0801d73789cc7bd4b5
Reviewed-on: http://gerrit.openafs.org/11192
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobos: Change the remaining use of ktc_to_charptr to char cast
Stephan Wiesand [Fri, 14 Mar 2014 13:44:54 +0000]
bos: Change the remaining use of ktc_to_charptr to char cast

This is a 1.6 only change to complement the preceding commit.

On the master branch, this modification is part of commit
a9b8fd81bf14c04d33113e9e4df4e1ca7573e49d which otherwise comprises
changes not foreseen to be applied to 1.6.

Change-Id: I44678c2fb15f136d70f2d38a3996ad3d7d0455d5
Reviewed-on: http://gerrit.openafs.org/10891
Reviewed-by: D Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobos: Change to using char casts for ka functions
Simon Wilkinson [Thu, 5 Apr 2012 19:50:35 +0000]
bos: Change to using char casts for ka functions

The ka_IsZero and ka_PrintBytes function just use char strings. Cast
directly, rather than going via a helper functions to simplify this
code.

The helper functions add complexity, and additional dependencies which
cause problems with some uses of this code.

Reviewed-on: http://gerrit.openafs.org/7066
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit 46c5aabfc6f5af2875e8b20252a17955ad89dd38)

Change-Id: Ifee3178e5cdc2eab947f759541864ecea4345b7a
Reviewed-on: http://gerrit.openafs.org/10867
Reviewed-by: D Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agodoc: recommend cleanup steps in "vos convertROtoRW" man page
Ken Dreyer [Wed, 6 Mar 2013 20:53:29 +0000]
doc: recommend cleanup steps in "vos convertROtoRW" man page

vos convertROtoRW leaves the older RW copy on the original fileserver,
although it is no longer in the VLDB. Provide the user with some hints
regarding clean up.

Reviewed-on: http://gerrit.openafs.org/9408
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Tested-by: Ken Dreyer <ktdreyer@ktdreyer.com>
(cherry picked from commit 279345c231d0a2d9f6e8c2f76a5347bafd40e70b)

Change-Id: Id273ab86bfe68f89ef629f0c4d839882852e09ab
Reviewed-on: http://gerrit.openafs.org/11126
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobozo: Remove dead code and minor cleanup
Ben Kaduk [Wed, 17 Jul 2013 19:00:11 +0000]
bozo: Remove dead code and minor cleanup

This stuff has been #if 0'd for ages; put it out of its misery.

While here, remove the global bnode_waiting which is not used for anything.

bnode_SoftInt claims to return a pointer, so return NULL instead of 0.

Reviewed-on: http://gerrit.openafs.org/10284
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 54eb2485b59550ba42569ed3a8d76211a3a35019)

Change-Id: Ife2604f1a99ef81e2075a82cb97d94ae5373031c
Reviewed-on: http://gerrit.openafs.org/10864
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolinux: make reading unixusers from proc actually work
D Brashear [Tue, 22 Apr 2014 15:38:44 +0000]
linux: make reading unixusers from proc actually work

our indentation did not match our braces so we would never read all the
objects in each unixuser hash chain. add the missing braces

Reviewed-on: http://gerrit.openafs.org/11094
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 279e01051600f0884ed3669786543578e53cf518)

Change-Id: If8d4faf8a9cc301d231c1f7b11ab5bb9ca721451
Reviewed-on: http://gerrit.openafs.org/11093
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Nathaniel Filardo <nwfilardo@gmail.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobutc: Init volheader before using it for hton
Simon Wilkinson [Mon, 4 Mar 2013 16:34:20 +0000]
butc: Init volheader before using it for hton

When converting a volume header from host to network order, make
sure that any unused fields in the structure are zero'd, so we don't
end up filling them with stack garbage in the network version of
the structure.

Caught by coverity (#985956)

Reviewed-on: http://gerrit.openafs.org/9548
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 21166744bf15f13bc04c25d68a28fe803a960b0a)

Change-Id: I7156cc51f52a8c9911d6ce087ba0a6b1cc0d9a9e
Reviewed-on: http://gerrit.openafs.org/11065
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoupserver: Don't overflow file and hostname buffers
Simon Wilkinson [Mon, 4 Mar 2013 16:22:08 +0000]
upserver: Don't overflow file and hostname buffers

If the user specifies a ridiculously long command line, don't
overflow the filename or hostname buffers with what they supply.

Caught by coverity (#985911)

Reviewed-on: http://gerrit.openafs.org/9546
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit d672d5ee78d7673f3c42a7a343989b2bd4dca02b)

Change-Id: Id86f5488bfb3bbf5794af43e9f8fe84a2fe796c3
Reviewed-on: http://gerrit.openafs.org/11064
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoauth: Don't overflow buffer in CompFindUser
Simon Wilkinson [Sat, 2 Mar 2013 13:01:14 +0000]
auth: Don't overflow buffer in CompFindUser

The fullname buffer in CompFindUser is theoretically big enough
to take the data usually supplied to it. However, play it safe by
using strlcat and strlcpy to catch buffer overflows.

Caught by coverity (#985771)

Reviewed-on: http://gerrit.openafs.org/9543
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit cc95fca8e16f83d7dda3f09a5133dc9294299d61)

Change-Id: I900611e13d6254c4410915b0688b18a3b6c4acc3
Reviewed-on: http://gerrit.openafs.org/11063
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoaudit: Fix overflow in file backend
Simon Wilkinson [Sat, 2 Mar 2013 12:38:49 +0000]
audit: Fix overflow in file backend

If the filename passed to open_file was larger than MAXPATHLEN-5,
then we'd overflow the oldName buffer when creating the backup
filename. Fix the overflow by using a malloc'd buffer instead.

Caught by coverity (#985767)

Reviewed-on: http://gerrit.openafs.org/9448
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit b0b3def56c15161df28059e270f0360c31241217)

Change-Id: I3993de8e4372c30d35e6e675042511f85ba9d014
Reviewed-on: http://gerrit.openafs.org/11062
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoaklog: Fix buffer overflows in next_path
Simon Wilkinson [Sat, 2 Mar 2013 12:21:06 +0000]
aklog: Fix buffer overflows in next_path

Use strlcpy and strlcat

Caught by coverity (#985765)

Reviewed-on: http://gerrit.openafs.org/9447
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit f4373e7867abd50b3fe39716073811794fe62379)

Change-Id: I45d3be18e2975443ce2135f4057128e51d995fa2
Reviewed-on: http://gerrit.openafs.org/11061
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoaklog: Protect against overflows from cmdline
Simon Wilkinson [Sat, 2 Mar 2013 12:15:22 +0000]
aklog: Protect against overflows from cmdline

The cell, realm and path arrays are populated based on the user's
command line, and xlog_path is populated from their passwd map
entry. Protect against all of these overflowing, by making suitable
use of strlcpy and strlcat.

Caught by coverity (#985764, #985904)

Reviewed-on: http://gerrit.openafs.org/9446
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 2902ef93976fd4baa1a1ed07f4940c5979702856)

Change-Id: I1c8b72aa087902e45cef758844193949471170c5
Reviewed-on: http://gerrit.openafs.org/11060
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoaklog: Avoid overflows in get_afs_mountpoint
Simon Wilkinson [Sat, 2 Mar 2013 12:09:42 +0000]
aklog: Avoid overflows in get_afs_mountpoint

When working with the fixed length cellname buffer, use
strlcat and strlcpy rather than strcat and strcpy.

Caught by coverity (#985763)

Reviewed-on: http://gerrit.openafs.org/9445
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 19d2683d711f95165adc16fac765bb4a31c99043)

Change-Id: I91c169380600496a8b5148fffcb1a21feb1eee29
Reviewed-on: http://gerrit.openafs.org/11059
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoaklog: Fix overflows in auth_to_path
Simon Wilkinson [Sat, 2 Mar 2013 12:04:46 +0000]
aklog: Fix overflows in auth_to_path

In the auth_to_path routine, don't use strcpy and strcat when
working with the fixed length pathtocheck buffer. Instead, use
strlcpy and strlcat to ensure that all string operations fit within
the buffer limits.

Caught by coverity (#985762)

Reviewed-on: http://gerrit.openafs.org/9444
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 788a6b67a088e2565c3b47ecb6e594a7b15f2757)

Change-Id: I9abb8ab33da1d72e42764969e5527d443eea9652
Reviewed-on: http://gerrit.openafs.org/11058
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoafsmonitor: Fix theoretical overflow of handler string
Simon Wilkinson [Sat, 2 Mar 2013 12:00:47 +0000]
afsmonitor: Fix theoretical overflow of handler string

Don't do an unbounded copy into the thresh structure's handler
string, in case the caller has passed us a string which is too
long.

Instead, switch to strlcpy for all string copies.

Caught by coverity (#985761)

Reviewed-on: http://gerrit.openafs.org/9443
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 95cd5b1d950ecb820179e4279b8570d8ad6780f5)

Change-Id: Id8d7f3b97ac3ccbf65862d61b2f9e9d39baeb162
Reviewed-on: http://gerrit.openafs.org/11057
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoutil: Avoid overflow in GetNameByINet
Simon Wilkinson [Sat, 2 Mar 2013 10:27:47 +0000]
util: Avoid overflow in GetNameByINet

We copy the results of gethostbyaddr into a fixed length buffer
without checking whether they fit. Add a length check, and use
strlcpy to do the copy to make sure we can't overflow.

Caught by coverity (#985912, #985872)

Reviewed-on: http://gerrit.openafs.org/9393
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit fcb7974b838c2b37a8b81b88b11905c6ece398f6)

Change-Id: I2d7f781c159999e721504cd6eec408db93bb703c
Reviewed-on: http://gerrit.openafs.org/11056
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agokauth: Don't overflow stack when building username
Simon Wilkinson [Sat, 2 Mar 2013 09:35:01 +0000]
kauth: Don't overflow stack when building username

knfs constructs the userName by combining the clientName.name
and clientName.instance arrays, along with a dot separator. Make
sure that the userName array is big enough to hold these, and
use strlcpy and strlcat just to make sure.

Caught by coverity (#985829)

Reviewed-on: http://gerrit.openafs.org/9351
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit cc194827a841f057654f1dbe4dcb3f6de98c1c60)

Change-Id: Iec62a0e0fb830e8bfc76896733269d0511c5a8d9
Reviewed-on: http://gerrit.openafs.org/11055
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agofstrace: Don't read uninitialised data
Simon Wilkinson [Sat, 2 Mar 2013 11:49:13 +0000]
fstrace: Don't read uninitialised data

The pftix variable points to the next free element in the
printfTypes array, so when we iterate through that array to
read that data back, we should stop when our iterator equals
pftix, not when it is greater than it.

Caught by coverity (#986013)

Reviewed-on: http://gerrit.openafs.org/9442
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 908105fe8d51551e45692de4e145022138a0356c)

Change-Id: I2dec4dc3b041093e1d1ac2ea4546a341e9b00687
Reviewed-on: http://gerrit.openafs.org/11053
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoreadpwd: Make sure user supplies a passwdfile
Simon Wilkinson [Sat, 2 Mar 2013 11:44:02 +0000]
readpwd: Make sure user supplies a passwdfile

If the user supplies enough command line arguments, but doesn't
provide a passwdfile, then we can end up trying to open whatever
garbage is on the stack.

Once we've finished parsing the command line arguments, make sure
that a filename was supplied.

Caught by coverity (#986009)

Reviewed-on: http://gerrit.openafs.org/9441
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit d81271640891fb8c364e8625e7a9f6ede21572f4)

Change-Id: I66d38c04c0f9519c401d3299e7d3ece57d001d96
Reviewed-on: http://gerrit.openafs.org/11052
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoreadgroup: Make sure user supplies a groupfile
Simon Wilkinson [Sat, 2 Mar 2013 11:44:02 +0000]
readgroup: Make sure user supplies a groupfile

If the user supplies enough command line arguments, but doesn't
provide a groupfile, then we can end up trying to open whatever
garbage is on the stack.

Once we've finished parsing the command line arguments, make sure
that a filename was supplied.

Caught by coverity (#986008)

Reviewed-on: http://gerrit.openafs.org/9440
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 3c564444cf1c0bad25792b10edc158030e180369)

Change-Id: I8d0bb6ec6a39ad095959ede0252dc6f00777515e
Reviewed-on: http://gerrit.openafs.org/11051
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Don't pass garbage to pts_UserCreate
Simon Wilkinson [Sat, 2 Mar 2013 11:36:31 +0000]
libadmin: Don't pass garbage to pts_UserCreate

The libadmin pts_UserCreate function uses the value passed to
it in newUserId to control whether the user is being created
with a user supplied ID or not.

Initialise this value in the caller, so we don't end up creating
users with corrupt ids.

Caught by clang (#985979)

Reviewed-on: http://gerrit.openafs.org/9401
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 5cf4415c8ad400a92fc9c7f436ae52256db2ef09)

Change-Id: I0e91352a98f63b386185abf9860dc056cb775821
Reviewed-on: http://gerrit.openafs.org/11050
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Don't pass garbage to pts_GroupCreate
Simon Wilkinson [Sat, 2 Mar 2013 11:36:31 +0000]
libadmin: Don't pass garbage to pts_GroupCreate

The libadmin pts_GroupCreate function uses the value passed to
it in newGroupId to control whether the group is being created
with a user supplied ID or not.

Initialise this value in the caller, so we don't end up creating
groups with corrupt ids.

Caught by clang (#985978)

Reviewed-on: http://gerrit.openafs.org/9400
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ece7bd669af0c58dcaa2589e093387adb7d1756a)

Change-Id: I51750db47f7709406c079c4fbeec561228359e73
Reviewed-on: http://gerrit.openafs.org/11049
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Don't free garbage pointer
Simon Wilkinson [Sat, 2 Mar 2013 11:02:09 +0000]
libadmin: Don't free garbage pointer

If we jump to the error handler early on in pts_GroupOwnerChange,
idlist may not have been used, and so we will end up trying to
free stack garbage.

Initialise the structure to 0 at the start of the function, so it
is always safe to enter the error handler.

Caught by coverity (#985962)

Reviewed-on: http://gerrit.openafs.org/9398
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 8260d86dda766a21e9f457994e7a3b259ba3a31b)

Change-Id: I79f7fe3cba11a2904c644e6747511e3630d74a79
Reviewed-on: http://gerrit.openafs.org/11047
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agokauth: Use strl* functions in ka_log
Simon Wilkinson [Sat, 2 Mar 2013 10:54:16 +0000]
kauth: Use strl* functions in ka_log

Switch to using the strlcat and strlcpy functions in ka_log, to
avoid potential buffer overflows.

Caught by coverity (#985824)

Reviewed-on: http://gerrit.openafs.org/9397
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit b535059d48ac592760e2e5b87414d9010143c993)

Change-Id: Ie2a3f39e3189492f855729b4ded7a6fa71c43c9c
Reviewed-on: http://gerrit.openafs.org/11046
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agokauth: Handle calls to ka_log with no principal
Simon Wilkinson [Sat, 2 Mar 2013 10:48:50 +0000]
kauth: Handle calls to ka_log with no principal

If ka_log is called without a principal string, then the resulting
buffer will be garbage, as we don't start with a string for strlcat
to append to.

Caught by coverity (#985959)

Reviewed-on: http://gerrit.openafs.org/9396
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 508674486a5b1b3b25d7f28febb41e8712d8592d)

Change-Id: Ib65f63a1a7adef73d56d61ea59adfbca430dff13
Reviewed-on: http://gerrit.openafs.org/11045
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agovsys: Avoid uninitialised variable warning
Simon Wilkinson [Sat, 2 Mar 2013 10:42:27 +0000]
vsys: Avoid uninitialised variable warning

Initialise the parms array to 0 so that we don't get warnings from
the compiler when we call syscall() using it.

Caught by coverity (#985949)

Reviewed-on: http://gerrit.openafs.org/9395
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit a666bfd67bd14028aac5eb49f1bf02576fb58405)

Change-Id: Ia777a33c1332fe9a1f00cc56be3980f0d50b69ea
Reviewed-on: http://gerrit.openafs.org/11044
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agormtsys: Don't overflow pathname buffer
Simon Wilkinson [Sat, 2 Mar 2013 10:15:10 +0000]
rmtsys: Don't overflow pathname buffer

When we're constructing a homedirectory path to look for the
.AFSSERVER file in, we copy the HOME environment variable into a
static buffer, with a risk of overflowing that buffer.

Instead of using a static buffer, just allocate one with asprintf.

Caught by coverity (#985910)

Reviewed-on: http://gerrit.openafs.org/9392
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit f322b0ff1ec44d713c23d567f4d304e3dc65e702)

Change-Id: I588fecf4caee64915fc2e7730f68f051d6faa92a
Reviewed-on: http://gerrit.openafs.org/11043
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agofsprobe: Get rid of unused hostname buffer
Simon Wilkinson [Sat, 2 Mar 2013 10:35:42 +0000]
fsprobe: Get rid of unused hostname buffer

When we copy the user supplied hostname into the fixed length
hnamebuf array, we might overflow it. As we never use this buffer,
just get rid of it.

Caught by coverity (#985913)

Reviewed-on: http://gerrit.openafs.org/9394
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit b32d92268f77608b57adf350d963941a94a31604)

Change-Id: I09d119745dfdc9545af4912bd27f8ee09ccefd1f
Reviewed-on: http://gerrit.openafs.org/11042
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoauth: Don't overflow hostName array
Simon Wilkinson [Sat, 2 Mar 2013 09:59:20 +0000]
auth: Don't overflow hostName array

afsconf_cell's hostName structure is a fixed length. Don't overflow
it by writing whatever comes back from gethostbyaddr into it. Use
strlcpy to catch an overflow, and if one occurs, just use
"UNKNOWNHOST", rather than a truncated host name.

Caught by coverity (#985906)

Reviewed-on: http://gerrit.openafs.org/9354
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit fed5dac9f25f7fbd74b6834ce6f087eaf31be2f2)

Change-Id: I468f66585e19623d62dee8730141767bd050ed1d
Reviewed-on: http://gerrit.openafs.org/11041
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Don't overflow volume name
Simon Wilkinson [Sat, 2 Mar 2013 09:47:53 +0000]
libadmin: Don't overflow volume name

The maximum volume name length in the VLDB RPCs is VL_MAXNAMELEN
(65), not 64 as used as a hardcoded value in vsprocs. Switch to
using the defined value, and also use strlcat to check that we
don't overflow this.

Caught by coverity (#985849)

Reviewed-on: http://gerrit.openafs.org/9353
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 79abe9d68ea041a2ea6261c6f7bb1f055a45bf0a)

Change-Id: I0e1dd46be835e74fc43335606bf5ab8341678251
Reviewed-on: http://gerrit.openafs.org/11040
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agovolser: fix spurious strcat of volume extension.
Michael Meffie [Fri, 28 Mar 2014 16:08:46 +0000]
volser: fix spurious strcat of volume extension.

Fix malformed merge error left over from
commit 4f9ec8396d1c7f12f8fa264cea7c255ce62b7b8d
where we converted strcat to strlcat.

Reviewed-on: http://gerrit.openafs.org/10963
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit e6110959e802bd9ae60e3724ba41078e7b335bab)

Change-Id: I3ac39245f9151f319ab5d5bb6b6d17dd13446ac1
Reviewed-on: http://gerrit.openafs.org/11039
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agovolser: Don't overflow volume name
Simon Wilkinson [Sat, 2 Mar 2013 09:47:53 +0000]
volser: Don't overflow volume name

The maximum volume name length in the VLDB RPCs is VL_MAXNAMELEN
(65), not 64 as used as a hardcoded value in vsprocs. Switch to
using the defined value, and also use strlcat to check that we
don't overflow this.

Caught by coverity (#985849)

Reviewed-on: http://gerrit.openafs.org/9352
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 4f9ec8396d1c7f12f8fa264cea7c255ce62b7b8d)

Change-Id: I7e2dfcaf23312dde123515e2c7329df1fa62de3e
Reviewed-on: http://gerrit.openafs.org/11038
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agokauth: Don't overflow cell string
Simon Wilkinson [Sat, 2 Mar 2013 09:33:12 +0000]
kauth: Don't overflow cell string

The cell string within a ktc_principal is only 64 characters long.
Be careful not to overflow it.

Caught by coverity (#985829)

Reviewed-on: http://gerrit.openafs.org/9350
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 77aa6c65b74e46c77dfaf440745496ab98b14244)

Change-Id: I7e0411ce635d481cf1618c2eabf79dfb85fcd069
Reviewed-on: http://gerrit.openafs.org/11037
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoauth: Don't overflow cell string
Simon Wilkinson [Sat, 2 Mar 2013 09:26:05 +0000]
auth: Don't overflow cell string

If the kernel gives us bogus data back from the VIOCGETTOK pioctl,
we might overflow the cell string when copying in to it. Use
strlcpy to avoid this (unlikely) occurrence.

Caught by coverity (#985768, #985769)

Reviewed-on: http://gerrit.openafs.org/9349
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 362728d2d6d53011603dc39f691707db20866434)

Change-Id: I839c330a232525ddccc7957ead785c7ed9beec88
Reviewed-on: http://gerrit.openafs.org/11036
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoaklog: Fix improper use of readlink
Simon Wilkinson [Sat, 2 Mar 2013 09:16:10 +0000]
aklog: Fix improper use of readlink

readlink doesn't NUL terminate its return string, so it is up to
us to do so.

Caught by coverity (#985739)

Reviewed-on: http://gerrit.openafs.org/9347
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 2fac53522e7ef5b3a376e191bffdc1f6784e6995)

Change-Id: I9d47a6a7cbc86fba3f68f7e47c5d7a0fb924781f
Reviewed-on: http://gerrit.openafs.org/11035
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agovlserver: Use correct literal in bounds check
Simon Wilkinson [Sat, 2 Mar 2013 09:01:59 +0000]
vlserver: Use correct literal in bounds check

The base array has VL_MAX_ADDREXTBLKS elements. Use this when
checking for an array overflow, rather than VL_ADDREXTBLK_SIZE.

Caught by coverity (#985600)

Reviewed-on: http://gerrit.openafs.org/9346
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 6a54bf735871d93bc77e5cf166e506f4f2423d0a)

Change-Id: I056432a1bf85b175ee4fc307d0662d072724b272
Reviewed-on: http://gerrit.openafs.org/11034
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agorxgen: Don't overflow PackageIndex
Simon Wilkinson [Fri, 1 Mar 2013 11:35:05 +0000]
rxgen: Don't overflow PackageIndex

PackageIndex++ returns the pre-index value of PackageIndex, so the
error statement isn't run when PackageIndex == MAX_PACKAGES. This
means we go on to overflow all of the arrays that are MAX_PACKAGES
in size.

Caught by coverity (#985583, #985584, #985585, #985586,
                    #985587, #985588, #985589)

Reviewed-on: http://gerrit.openafs.org/9325
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit a1d8109c8fa8c10e3ce5ed67cda03b3b557608ff)

Change-Id: I5278bff5fe6be1bf127b240f7752c69385a9da24
Reviewed-on: http://gerrit.openafs.org/11033
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobucoord: Remove theoretical overflow of ubik array
Simon Wilkinson [Fri, 1 Mar 2013 11:09:04 +0000]
bucoord: Remove theoretical overflow of ubik array

The ubik connections array is NULL terminated, so we have to
ensure that there is enough space for the trailing NULL. As the
array is MAXSERVERS elements long, this means that we can only
store MAXSERVERS-1 connections in it.

This problem will never be encountered by the correct code, as
the number of hosts returned from afsconf_Open is capped at
MAXHOSTSPERCELL (currently 8). MAXSERVERS is currently 20. However,
fix the bug in case we increase MAXHOSTSPERCELL at some point in
the future.

Caught by coverity (#985576)

Reviewed-on: http://gerrit.openafs.org/9322
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit c0fba6eab519bd1bb6929b788361219f97da7212)

Change-Id: I1e2556df6867ebb7b6b311e54a0271fb6fe631fd
Reviewed-on: http://gerrit.openafs.org/11032
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoxstat: Add the residency RPC to the list of fs ops
Simon Wilkinson [Fri, 1 Mar 2013 10:52:32 +0000]
xstat: Add the residency RPC to the list of fs ops

Include the ResidencyRpc in the list of fs operation numbers that
can be display by xstat_cm_test.

Caught by coverity (#989029)

Reviewed-on: http://gerrit.openafs.org/9320
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 64630d07b893199431b601a73de23c303c61db40)

Change-Id: If14fb4e6929ea667b2dde18b381ab5c59c6bf8db
Reviewed-on: http://gerrit.openafs.org/11031
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Don't free garbage
Simon Wilkinson [Thu, 28 Feb 2013 22:07:12 +0000]
libadmin: Don't free garbage

Make sure that we initialise the nbulkentries structure to 0 before
we start work, so that if the failure handler is called, it doesn't
try to free garbage.

Caught by coverity (#985980)

Reviewed-on: http://gerrit.openafs.org/9317
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit bf78bf2c115659b78c34d3bc9d1934bcff21c8cc)

Change-Id: I24536b0bec47f381eee7cfcbe1feb89c373cca0f
Reviewed-on: http://gerrit.openafs.org/11030
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoafsmonitor: Fix multiple NUM_CM_STAT_ENTRIES overflows
Simon Wilkinson [Thu, 28 Feb 2013 17:14:20 +0000]
afsmonitor: Fix multiple NUM_CM_STAT_ENTRIES overflows

If an array is n elements long, accessing element array[n] is an
overflow. Fix various places where we apply loop bounds incorrectly
using the NUM_CM_STAT_ENTRIES constant.

Caught by coverity (#985571, #985573)

Reviewed-on: http://gerrit.openafs.org/9316
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 3beca62928665868294ec3e9d34ab63b41e12645)

Change-Id: Icb2221409d7cd62a7efa229697eeb16146ad3ddd
Reviewed-on: http://gerrit.openafs.org/11029
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoafsmonitor: Fix multiple NUM_FS_STAT_ENTRIES overflows
Simon Wilkinson [Thu, 28 Feb 2013 17:14:20 +0000]
afsmonitor: Fix multiple NUM_FS_STAT_ENTRIES overflows

If an array is n elements long, accessing element array[n] is an
overflow. Fix various places where we apply loop bounds incorrectly
using the NUM_FS_STAT_ENTRIES constant.

Caught by coverity (#985570, #985571, #985572)

Reviewed-on: http://gerrit.openafs.org/9315
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 4ea1c8440aad6bb6dc9cdb598b5708c685603219)

Change-Id: I028fcb13716ba60266635a1f04f2dda083cba1a3
Reviewed-on: http://gerrit.openafs.org/11028
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoafsmonitor: Add missing items to fsOpNames array
Simon Wilkinson [Thu, 28 Feb 2013 17:07:31 +0000]
afsmonitor: Add missing items to fsOpNames array

The Lookup and Residency fs stats counters were missing from the
fsOpNames array. Add them in - Lookup has been missing since the
IBM release, Residency was missed when the MR-AFS code was merged.

This is still rather fragile, as there's no guarantee that
AFS_STATS_NUM_FS_RPC_OPS matches the number of elements in this
array. However, this is now correct until someone breaks it again...

Caught by coverity (#985569)

Reviewed-on: http://gerrit.openafs.org/9314
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 74d0d0d5e686d82e18f896889870af666c4d495d)

Change-Id: Iac7275fd9dd9a2fa5fe163ba96a15d32d4e5d05e
Reviewed-on: http://gerrit.openafs.org/11027
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agodumptool: Remove newlines safely
Simon Wilkinson [Thu, 28 Feb 2013 12:15:29 +0000]
dumptool: Remove newlines safely

The code currently does

   fgets(cmdbuf, ... );
   cmdbuf[strlen(cmdbuf - 1)] = '\0';

in order to remove new lines from cmdbuf. Coverity thinks there's
a danger of strlen(cmdbuf) being 0, and thus the strlen being negative.
That shouldn't happen, but if fgets hits EOF midway through a line, we
might get a string that doesn't have a trailing '\n', and end up
removing the wrong character. Tidy this up by checking that the string
isn't 0 length, and that the character we're zapping is a newline.

Caught by coverity (#985430)

Reviewed-on: http://gerrit.openafs.org/9310
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 8f51502e5f45a43fba130d260813716be894d51e)

Change-Id: Ie165c8e50c4071c07fffa220601c8b5e92ccf815
Reviewed-on: http://gerrit.openafs.org/11026
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoUnix CM: Don't free cell, then release lock on it
Simon Wilkinson [Wed, 27 Feb 2013 10:28:05 +0000]
Unix CM: Don't free cell, then release lock on it

If afs_NewCell fails, then we can end up releasing a lock on a
section of memory that we have already freed. As this only happens
if the memory we're operating on is newly allocated and not yet
visible to anyone else, it is safe to release the lock before
starting to tidy things up.

Caught by coverity (#986054)

Reviewed-on: http://gerrit.openafs.org/9298
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 816b0c76738b7e404c9384a745b58b4d90bfc30d)

Change-Id: I7976f00431e4dc96642b45fc7563485a5087c938
Reviewed-on: http://gerrit.openafs.org/11025
Reviewed-by: Nathaniel Filardo <nwfilardo@gmail.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibafscp: Can't unlock something we've freed
Simon Wilkinson [Wed, 27 Feb 2013 10:11:21 +0000]
libafscp: Can't unlock something we've freed

When we call _StatCleanup on a stored statent structure, it
deletes the mutex, and frees the structure itself. This means it
can't be called with a locked structure as the mutex deletion
will fail, and then we'll try to reference freed memory when we
later unlock that mutex.

Fix this by unlocking the mutex before calling _StatCleanup. This
is safe because the only reference to the structure visible to other
threads must have been deleted by the time we reach this point.

Caught by coverity (#986058, #986059)

Reviewed-on: http://gerrit.openafs.org/9297
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ce20f1f15103226667bc872378cf9b2e4b3e8cd7)

Change-Id: Id89df6302002224ec2f871f18711e781990f73d3
Reviewed-on: http://gerrit.openafs.org/11024
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agopt_util: fix group line check for input files
Michael Meffie [Tue, 30 Apr 2013 15:30:15 +0000]
pt_util: fix group line check for input files

Fix the check for requiring group lines before any membership lines. Do
not clear flag indicating the presence of a group after reading each
line.  (This error was caught by the pt_util-t unit test.)

Fix for commit 12ced70c95fe8efbcec09a372f0af81d819bb8cd

Reviewed-on: http://gerrit.openafs.org/9832
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 9c391e7f7d0e5dfdfe947d385e2db9a8b8ca3610)

Change-Id: I6414f78d7611c61628aaacb4ae41111dbeec0d89
Reviewed-on: http://gerrit.openafs.org/11148
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agopt_util: Protect against corrupt input files
Simon Wilkinson [Wed, 27 Feb 2013 09:23:07 +0000]
pt_util: Protect against corrupt input files

If we have an input file which contains a group membership line
(with a leading space) before any group definitions occur, pt_util
would use stack garbage as the group to create these members in.

Avoid this by requiring the presence of a group line before any
membership lines.

Caught by coverity (#92180, #986000, #92248)

Reviewed-on: http://gerrit.openafs.org/9296
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 12ced70c95fe8efbcec09a372f0af81d819bb8cd)

Change-Id: I1ad524ed701e78ebe5b2e990168782a75d69613b
Reviewed-on: http://gerrit.openafs.org/11023
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agopt_util: Catch sscanf failures
Simon Wilkinson [Wed, 27 Feb 2013 09:21:30 +0000]
pt_util: Catch sscanf failures

If there isn't sufficient data in the input line to satisfy sscanf,
fail with an error, rather than continuing with potentially corrupt
data.

Reviewed-on: http://gerrit.openafs.org/9295
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 62a10e063b4fe6721bd9768611d5f0c13b303189)

Change-Id: I7b9cff1d106538496c6d554291710f73fd6b5370
Reviewed-on: http://gerrit.openafs.org/11022
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agokauth: Fix overflow when writing ticket file
Simon Wilkinson [Tue, 26 Feb 2013 22:40:04 +0000]
kauth: Fix overflow when writing ticket file

krb_write_ticket_file uses a fixed length buffer to store the name
of the ticket file, but copies into this from an environment variable.

Remove the fixed length buffer, and use a mixture of the variable
itself, and dynamically allocated strings.

Caught by coverity (#985909)

Reviewed-on: http://gerrit.openafs.org/9294
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit a332ce9d0e87fab55f3d286690026fe075f624dd)

Change-Id: Idcf442323b13cc4daa893917ede6492616ba1aeb
Reviewed-on: http://gerrit.openafs.org/11021
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoauth: Refactor afsconf_Open failure handler
Simon Wilkinson [Tue, 26 Feb 2013 22:31:49 +0000]
auth: Refactor afsconf_Open failure handler

Refactor the code which returns a failure from afsconf_Open into
a single section, rather than having multiple copies through out
the routine.

Reviewed-on: http://gerrit.openafs.org/9293
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit a5324a6bb6ff127997c48b54f8ad0e98189f3f1e)

Change-Id: I03f963b717c8095914dd994d7d5612bf57148ce7
Reviewed-on: http://gerrit.openafs.org/11020
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoauth: Fix buffer overflow in afsconf_Open
Simon Wilkinson [Tue, 26 Feb 2013 22:27:25 +0000]
auth: Fix buffer overflow in afsconf_Open

If we fallback to the .AFSCONF file in the user's homedirectory,
the results of getenv("HOME") are copied into a fixed length string,
without checking for overflows.

Instead of risking this, just use asprintf to dynamically construct
a string, and free it when we are done.

Caught by coverity (#985905)

Reviewed-on: http://gerrit.openafs.org/9292
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 41d9ea697bf5e81e5003ad7b208788223c25536b)

Change-Id: I5b8664328dd0d397cbe459ff1e7667e63afc31e2
Reviewed-on: http://gerrit.openafs.org/11019
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobos_util: Fix buffer overflow
Simon Wilkinson [Tue, 26 Feb 2013 21:30:20 +0000]
bos_util: Fix buffer overflow

Get rid of a buffer overflow in the bos_util utility, by just
printing the key from the 'tbuffer' string, rather than copying
it into 'x' which is too small for it.

Reviewed-on: http://gerrit.openafs.org/9291
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit debf43714b0f00fa00a0ef3384e098de78d28ed6)

Change-Id: If8b075691defeded972d0eff29b7fb594680e433
Reviewed-on: http://gerrit.openafs.org/11018
Reviewed-by: Nathaniel Filardo <nwfilardo@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agovolser: Fix bad readlink usage
Simon Wilkinson [Tue, 26 Feb 2013 21:28:52 +0000]
volser: Fix bad readlink usage

readlink fills the buffer passed to it with a non-terminated string.
It can legitimately fill the whole of this buffer. So, if we require
a string to be NUL terminated, we must give readlink one less than
the string length so that the termination character can be safely
appended.

Caught by coverity (#985611)

Reviewed-on: http://gerrit.openafs.org/9290
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ddc37043351056c402158610477312f0d7d01c13)

Change-Id: Ic3aa9f767b3dce988e32ce670763791f17e72aa2
Reviewed-on: http://gerrit.openafs.org/11017
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoafsmonitor: Use NULL, rather than (struct foo *)0
Simon Wilkinson [Tue, 26 Feb 2013 20:52:47 +0000]
afsmonitor: Use NULL, rather than (struct foo *)0

Reviewed-on: http://gerrit.openafs.org/9285
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit caabad98232557220f153461520fc0cf1c6978fb)

Change-Id: Ie1e0e1bb4dcae88f17c592b4ebccaef227298190
Reviewed-on: http://gerrit.openafs.org/11016
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoafsmonitor: Check correct variable is non-NULL
Simon Wilkinson [Tue, 26 Feb 2013 20:51:34 +0000]
afsmonitor: Check correct variable is non-NULL

Before freeing curr_fsData, check that it is non-NULL, rather than
checking prev_fsData in error.

Caught by coverity (#985289)

Reviewed-on: http://gerrit.openafs.org/9284
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 5a61e826fa0de6a5987f06257199476f79d2473a)

Change-Id: Ie63e90f8873f4fbe8afc7abee160a090920add4d
Reviewed-on: http://gerrit.openafs.org/11015
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoptserver: Zero ubik header before writing to it
Simon Wilkinson [Tue, 26 Feb 2013 12:30:00 +0000]
ptserver: Zero ubik header before writing to it

When using pt_util's ubik shim, if we're creating a new ubik label
make sure to zero the whole structure before writing it out to disk.
Otherwise we get a shorts worth of stack garbage in the resulting
file.

Caught by coverity (#986010)

Reviewed-on: http://gerrit.openafs.org/9274
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 96131593b329a319b22368a9ef37788fb4e5d4f4)

Change-Id: I9b2b22c075bf896a74f4b527354c8a6758ac2865
Reviewed-on: http://gerrit.openafs.org/11013
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agoptserver: Rename ubik.c as ptubik.c
Simon Wilkinson [Tue, 26 Feb 2013 12:26:36 +0000]
ptserver: Rename ubik.c as ptubik.c

Coverity gets confused between ubik/ubik.c and ptserver/ubik.c,
and produces a load of false positives. Rename the ptserver ubik
shim (which is only used by pt_util) in order to reduce this
confusion.

Reviewed-on: http://gerrit.openafs.org/9273
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit daed548f70a2187c679232e4f79d703389419c4e)

Change-Id: I834fab3b65859cb73ece3fc52d9272d0b7d452ed
Reviewed-on: http://gerrit.openafs.org/11012
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agobosserver: Catch failures to create daemon thread
Simon Wilkinson [Tue, 26 Feb 2013 12:06:15 +0000]
bosserver: Catch failures to create daemon thread

If we can't create the bozo daemon thread, then don't keep going
regardless. Just warn the user and exit.

Caught by coverity (#988414)

Reviewed-on: http://gerrit.openafs.org/9269
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 4587ddc130547b4cce723476cfa798a03ccc0320)

Change-Id: I4dcf67f4aeb2533ad39e9b1b0202d00205584118
Reviewed-on: http://gerrit.openafs.org/11011
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Catch VL_GetNewVolumeId failures
Simon Wilkinson [Tue, 26 Feb 2013 11:59:56 +0000]
libadmin: Catch VL_GetNewVolumeId failures

If ubik_VL_GetVolumeId fails in the vos ProcessEntries routine,
report the failure and give up, rather than continuing with a
0 maxVolid

Caught by coverity (#988417)

Reviewed-on: http://gerrit.openafs.org/9268
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 8192554e36272d5ed21007b4c0e3b6c56511457d)

Change-Id: I004386d62dc9d2955a795c4c5952b573ff203784
Reviewed-on: http://gerrit.openafs.org/11010
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agolibadmin: Fix a lot of dead assignments in vsprocs
Simon Wilkinson [Thu, 21 Feb 2013 20:36:19 +0000]
libadmin: Fix a lot of dead assignments in vsprocs

Tidy up a lot of places where we initialise a variable, then
immediately assign a proper value to it, or store a return value
that we don't actually care about.

Caught by clang-analyzer

Reviewed-on: http://gerrit.openafs.org/9205
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ee0d57bb488e9fd74b46547273904a9821e20c57)

Change-Id: I60f690336bc449f481a5be542ab7369d6e04f4b6
Reviewed-on: http://gerrit.openafs.org/11009
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

5 years agofs: Catch pioctl failure in mkmount
Simon Wilkinson [Tue, 26 Feb 2013 11:55:32 +0000]
fs: Catch pioctl failure in mkmount

If the VIOC_FILE_CELL_NAME pioctl fails in fs mkmount, return an
error to the caller, instead of ploughing on with potentially bad
data.

Caught by coverity (#988418)

Reviewed-on: http://gerrit.openafs.org/9267
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 3ad7ba106dea28277b9e1f7a7370ba17b9fb3d17)

Change-Id: I239ff7e567b01ecbec0314ec61f79d2fd0064de7
Reviewed-on: http://gerrit.openafs.org/11008
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoMake OpenAFS 1.6.8 openafs-stable-1_6_8
Stephan Wiesand [Sat, 10 May 2014 18:00:59 +0000]
Make OpenAFS 1.6.8

Update version strings for the 1.6.8 release

Change-Id: If74aea398c0210807d8e5a1d9236a4c6242ac23f
Reviewed-on: http://gerrit.openafs.org/11137
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoUpdate NEWS for 1.6.8
Stephan Wiesand [Sat, 10 May 2014 17:57:13 +0000]
Update NEWS for 1.6.8

Finalize the 1.6.8 release notes

Change-Id: Ic97d1767ff168b538ce69c15aa8c7f0af4607b1b
Reviewed-on: http://gerrit.openafs.org/11136
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoMake OpenAFS 1.6.8pre2 openafs-stable-1_6_8pre2
Stephan Wiesand [Fri, 14 Mar 2014 15:01:16 +0000]
Make OpenAFS 1.6.8pre2

prerelease for 1.6.8

Change-Id: I1664633e86e218330c729362d5814ec8c160fc5c
Reviewed-on: http://gerrit.openafs.org/10894
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoFBSD: catch up to 1997 and include if_var.h with if.h
Benjamin Kaduk [Fri, 24 Jan 2014 17:00:20 +0000]
FBSD: catch up to 1997 and include if_var.h with if.h

The commit message for upstream's r257244 change includes:
 - Make the prophecy from 1997 happen and remove if_var.h inclusion
   from if.h.
Despite the clear public posting, we were caught unawares.  We made
it down to the cellar despite the missing stairs, but "Beware of
the Leopard" caused us to turn back, apparently.

Since if.h is included in many places and if_var.h is not present
on all OSes, pull the if.h inclusion into the common kernel headers
for afs/ and rx/ , and add in if_var.h (as well as the sys/socket.h
prerequisite).

Reviewed-on: http://gerrit.openafs.org/10754
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 8817308a87ca76bc47a0f5564b97c7942b3be04a)

Change-Id: I8a03c7b2a0fe54f987b6d63cac19980f66c80e9d
Reviewed-on: http://gerrit.openafs.org/10987
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoMerge branch '1.6-security' into HEAD
Stephan Wiesand [Wed, 9 Apr 2014 12:10:35 +0000]
Merge branch '1.6-security' into HEAD

Conflicts:
NEWS
configure-libafs.ac
configure.ac
src/config/NTMakefile.amd64_w2k
src/config/NTMakefile.i386_nt40
src/config/NTMakefile.i386_w2k

Change-Id: If4cf26d5559229a35b2754957f856350a8100ffb

6 years agoMake OpenAFS 1.6.7 openafs-stable-1_6_7
Stephan Wiesand [Thu, 3 Apr 2014 12:07:58 +0000]
Make OpenAFS 1.6.7

Update version strings for 1.6.7

Change-Id: Ia9d931cd5329afb440cfa7da1f139ae669c6e8ae

6 years agoUpdate NEWS for 1.6.7
Stephan Wiesand [Thu, 3 Apr 2014 11:54:58 +0000]
Update NEWS for 1.6.7

Release notes for OpenAFS 1.6.7.

Change-Id: I9c331ca0dd01f9617917af326f58fc1944c152d7

6 years agoviced: fix get-statistics64 buffer overflow
Michael Meffie [Sat, 15 Feb 2014 17:03:43 +0000]
viced: fix get-statistics64 buffer overflow

Range check the statsVersion argument of the GetStatisitics64 RPC to
avoid a buffer overflow in the fileserver, or a huge memory allocation,
by a rogue client.

FIXES 131803

(cherry picked from commit bd2cc32da969abe57334d20563d5cddf065a905e)

Change-Id: I05b18b9f4bacd8981eafb9fe4b5aea904f88a9cc

6 years agorx: Avoid rxi_Delay on RXS_CheckResponse failure
Andrew Deason [Fri, 21 Feb 2014 21:30:49 +0000]
rx: Avoid rxi_Delay on RXS_CheckResponse failure

Currently we rxi_Delay whenever RXS_CheckResponse fails for any
reason. This can result in disastrous performance degradations if a
client keeps sending "bad" responses, since rxi_Delay'ing here will
delay the Rx listener thread. This means we cannot receive any packets
for about a second, which can easily cause us to drop a lot of
incoming packets.

Instead, send the abort after 1 second by scheduling an event. This
will retain existing behavior from the point of view of the client
(it will get the abort after 1 second), but avoids hanging the Rx
listener thread.

FIXES 131802

(cherry picked from commit 0ec67b0a9a175af14e360da75d1f5429c6c97b24)

Change-Id: Idf2fb2cc26c013b9071d578b46f6d4831ff3fe5f

6 years agorx: Split out rxi_SendConnectionAbortLater
Andrew Deason [Fri, 21 Feb 2014 21:26:35 +0000]
rx: Split out rxi_SendConnectionAbortLater

Take the functionality in rxi_SendConnectionAbort that schedules a
delayed abort, and split it out into a new function,
rxi_SendConnectionAbortLater. This allows callers an easy interface to
send such a delayed abort with their own delay.

This commit should incur no change in behavior; it is just code
reorganization.

(cherry picked from commit 61d80537cae95d125c4b9fed31e2454a281b8b02)

Change-Id: I8798ace952bffa0c736ab90e9028fd7c99305a78

6 years agoMake OpenAFS 1.6.8pre1 openafs-stable-1_6_8pre1
Stephan Wiesand [Fri, 14 Mar 2014 14:59:29 +0000]
Make OpenAFS 1.6.8pre1

prerelease for 1.6.8

Change-Id: I1b0632aa5b76ecff1690fb252eb3427aa17aaad0
Reviewed-on: http://gerrit.openafs.org/10893
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoUpdate NEWS for 1.6.8
Stephan Wiesand [Thu, 27 Mar 2014 09:27:17 +0000]
Update NEWS for 1.6.8

release notes for OpenAFS 1.6.8

Change-Id: I77712d776a2c31eb2c65612768734a4cceaa1d34
Reviewed-on: http://gerrit.openafs.org/10958
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoviced: Restore some previous log message language
Andrew Deason [Wed, 26 Feb 2014 17:42:16 +0000]
viced: Restore some previous log message language

Before commit 6c41b1f740e16b5b9adfe9026630595be6f0699e, we logged
these three messages in the fileserver in different situations:

  CallPreamble: Couldn't get client.
  CallPreamble: Couldn't get CPS. Fail
  CallPreamble: couldn't reconnect to ptserver

After commits 6c41b1f740e16b5b9adfe9026630595be6f0699e and
0a5e878aa0a71c4dfaef1806744ed78bcc13b9f4, these messages were changed
to contain more useful information, but the language was also changed.
The messages now look like:

  Client host too busy while handling request from host %s:%d viceid %d fid %lu.%lu.%lu, failing request
  Cannot get CPS for client while handling request [...], failing request
  Cannot reconnect to ptserver while handling request [...], failing request

While the new messages are more informative, and (in my opinion)
better describe what is happening in those situations, they do look
very different from the old messages. This can break scripts that try
to parse these logs, but in general it is also not clear to
administrators that these messages still refer to the same events.

So instead, put these messages back the way they were. Still include
the extra information, of course, but revert the language to look more
like the old messages. Now we log:

  CallPreamble: Couldn't get client while handling request from host %s:%d viceid %d fid %lu.%lu.%lu, failing request
  CallPreamble: Couldn't get CPS while handling request [...], failing request
  CallPreamble: couldn't reconnect to ptserver while handling request [...], failing request

Thanks to Ben Kaduk for bringing this up.

Reviewed-on: http://gerrit.openafs.org/10857
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 0e9bb718ce231ffd73fe11810d8dc1d3902e4b2d)

Change-Id: I35c8369a7efba0c08c000a24e14385209082cfe0
Reviewed-on: http://gerrit.openafs.org/10953
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoviced: Improve client error log messages
Andrew Deason [Fri, 18 Oct 2013 00:22:48 +0000]
viced: Improve client error log messages

Commit 6c41b1f740e16b5b9adfe9026630595be6f0699e improved a few log
messages to include the client ip and port of the request triggering
that log message. Include the viceid and fid (if applicable), too, so
an administrator may more easily identify the cause.

This creates the function LogClientError, so we can use a common
function for logging very similar information. This also modifies
h_FindClient_r to give the viceid to the caller, even in the case of
error. In addition, this modifies CallPreamble to accept a fid and
modifies all callers to accomodate.

Reviewed-on: http://gerrit.openafs.org/10347
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 0a5e878aa0a71c4dfaef1806744ed78bcc13b9f4)

Change-Id: Ib8b41989809e559dee486757b11ccff789d615e9
Reviewed-on: http://gerrit.openafs.org/10757
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

6 years agodoc: bos setrestricted -mode 0 does make sense
Stephan Wiesand [Wed, 12 Mar 2014 09:47:17 +0000]
doc: bos setrestricted -mode 0 does make sense

Commit 070230ab76e1df338db3f2a7971111ca976a0c1a added documentation of
the mode parameter to bos setrestricted, claiming that the value 0 is
useless, and commit eee0bf5871944d919951cc8b7b4908ee909c3b62 added
documentation of the restrictmode entry in BosConfig, claiming that it
can only be set back to 0 with an editor. Both claims are wrong, since
bos setrestricted -mode 0 will do exactly that (if it succeeds, which
it only can if the server is running in unrestricted mode, which can
be achieved by sending it the FPE signal). Fix the man pages
accordingly.

Reviewed-on: http://gerrit.openafs.org/10885
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit da549eea21941681c075796512a27a830259c835)

Change-Id: Iea8f252829ba6192176da0ceba464cbc41aad53c
Reviewed-on: http://gerrit.openafs.org/10955
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agodoc: bos manpage fixes
Andrew Deason [Fri, 14 Jun 2013 20:58:45 +0000]
doc: bos manpage fixes

Add missing documentation for the -mode option.

Reviewed-on: http://gerrit.openafs.org/10390
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 070230ab76e1df338db3f2a7971111ca976a0c1a)

Change-Id: I0780fc350840631d55d60c21e6223020ca9a845f
Reviewed-on: http://gerrit.openafs.org/10954
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agodoc: improve man pages related to bos restricted mode
Stephan Wiesand [Fri, 7 Mar 2014 10:03:36 +0000]
doc: improve man pages related to bos restricted mode

Mention the restrictmode entry and the commands for setting and
querying it in the BosConfig man page, and add/fix cross references
between the BosConfig, bos, bos_getrestricted and bos_setrestricted
ones.

Reviewed-on: http://gerrit.openafs.org/10874
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit eee0bf5871944d919951cc8b7b4908ee909c3b62)

Change-Id: I25d2f23d75a9074ae478f86296bb13c1b2dda95b
Reviewed-on: http://gerrit.openafs.org/10883
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agofs: display cell not available on ESRCH
Michael Meffie [Fri, 7 Feb 2014 14:55:31 +0000]
fs: display cell not available on ESRCH

The cache manager pioctls abuse ESRCH to represent errors due to
unavailable cell information.  Give a more sensible error message to
the user when a pioctl returns an ESRCH error, instead of "no such
process", which is the conventional meaning of ESRCH.

The new error message is consistent with the Windows implementation
of fs.

For example, on a host with a misconfigured ThisCell and/or CellServDB.

    $ fs wscell
    fs: No such process

becomes:

    $ fs wscell
    fs: Cell name not recognized.

Reviewed-on: http://gerrit.openafs.org/10824
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 8beba712d95b637225f215534a759961ff4d80a9)

Change-Id: I0cf6f6e0939a1075332049361153bc8a0b0958ce
Reviewed-on: http://gerrit.openafs.org/10949
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agodoc: fix releases mentioned in fileserver sync behavior documentation
Stephan Wiesand [Fri, 14 Mar 2014 16:51:49 +0000]
doc: fix releases mentioned in fileserver sync behavior documentation

The default will likely change in 1.6.8, not 1.6.7.

Change-Id: I5f5d62979fabd22ed79ccac6c584921acf571108
Reviewed-on: http://gerrit.openafs.org/10897
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agolibafs: reset global icl set pointers on shutdown
Michael Meffie [Tue, 11 Mar 2014 16:40:33 +0000]
libafs: reset global icl set pointers on shutdown

Avoid panicking when an icl tracing function is called after
shutdown_icl.

There is a window during shutdown in which pioctls can be requested
after the shutdown_icl is issued. Reset the global icl set pointers
so tracing is disabled after the shutdown_icl, instead of using
pointers to freed memory.

Removed the unneeded afs_icl_FindSet calls and use the global
pointers which were set during the initialization.

Reviewed-on: http://gerrit.openafs.org/10884
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 64dd6dd018eb7413636ed6416bd244bb81893d9e)

Change-Id: I65671ee60e3cdf11d9921585dcd67df7cc22c88f
Reviewed-on: http://gerrit.openafs.org/10932
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agovolser: use also vn_length_hi in dump size calculation
Hartmut Reuter [Mon, 10 Mar 2014 16:21:21 +0000]
volser: use also vn_length_hi in dump size calculation

Only the low order 32 bits of the file length were used.
Now using macro VNDISK_GET_LEN instead of direct FillInt64.

FIXES 131819

Reviewed-on: http://gerrit.openafs.org/10876
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 705f3ee384814bc082817267a2658bd5c918550c)

Change-Id: I1816e4b7c5fe1166ac81ff53235f9f676f4d234f
Reviewed-on: http://gerrit.openafs.org/10933
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoLinux: Do drop dentry if lookup returns ENOENT
Marc Dionne [Wed, 19 Mar 2014 15:15:13 +0000]
Linux: Do drop dentry if lookup returns ENOENT

Commit 997f7fce437787a45ae0584beaae43affbd37cce switched to using
d_invalidate instead of d_drop to prevent unhashing dentries
which are only temporarily invalid and may still be referenced
by someone having a current working directory pointing to it.
This could result in getting ENOENT from getcwd() after some
transient problems, even when the directory is there and
accessible.

The change had the side effect of potentially leaving something
visible when it has actually been removed, for instance a mountpoint
removed by "fs rm".

If afs_lookup returns ENOENT, we want to forcibly drop (unhash)
the dentry, even if it has current users.

Reviewed-on: http://gerrit.openafs.org/10928
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 389473032cf0b200c2c39fd5ace108bdc05c9d97)

Change-Id: Ifeda5a38a01bc136d3ecef01227ecd354da7cc3e
Reviewed-on: http://gerrit.openafs.org/10948
Reviewed-by: D Brashear <shadow@your-file-system.com>
Tested-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoMake struct CallBack indentation uniform again
Benjamin Kaduk [Wed, 19 Mar 2014 16:16:48 +0000]
Make struct CallBack indentation uniform again

Align the per-field comments.

Reviewed-on: http://gerrit.openafs.org/10929
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit cb4ec4e4952b40999013d4f67c0add6bf51ff286)

Change-Id: I9b388d03d9ca3da10eba6010147427b44a88d787
Reviewed-on: http://gerrit.openafs.org/10934
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoviced: Avoid endless BCB loop
Andrew Deason [Mon, 12 Aug 2013 22:37:29 +0000]
viced: Avoid endless BCB loop

Without this commit, when we break callbacks for a fid, we loop over
all callbacks for the fid, break a few of them, and then start over.
We do this repeatedly until we run out of callbacks. If a client sees
a callback break, and then establishes a new callback promise while
the fileserver is still breaking callbacks, the fileserver can break
the same callback for the same host again and again. This can continue
forever, if the client establishes its new callback promises quickly
enough.

So to avoid this, when we start breaking callbacks, flag all of the
callback structures that we want to look at. Then when we repeatedly
loop through all of the callbacks for the fid, only look at the
flagged callback structures.

This adds a 'flags' field to struct CallBack, and defines a single
flag, CBFLAG_BREAKING.

This is an alternative fix to the issue also fixed in 843d705c. This
implementation avoids allocating extra memory under locks, and has the
slight benefit of not breaking callbacks that were elsewhere deleted
during the BCB. This comes at the cost of a single extra traversal
through our callback list, and the cost of claiming one of the bits in
the CallBack structure.

Reviewed-on: http://gerrit.openafs.org/10172
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 47124f337b43f8731bfbe3bd71e42d046a4d1075)

Change-Id: I522e0cecd0a9a10bf9eafaae669f4f0005ced893
Reviewed-on: http://gerrit.openafs.org/10755
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agolibafs: DARWIN: update for Xcode 5.1
Benjamin Kaduk [Fri, 14 Mar 2014 15:13:15 +0000]
libafs: DARWIN: update for Xcode 5.1

(1) remove -mlong-branch from amd64 build

Random internet postings suggest that it has triggered a warning
since at least Xcode 3.2, and the gcc manual page suggests that
it is only applicable on ppc, anyway.

(2) remove -mpreferred-stack-boundary=4 from the amd64 build

The evidence here shows up less readily in an internet search,
but it seems that Apple's compilers will force the stack alignment
to 16 bytes regardless of what is passed here.  One poster had
trouble with -mpreferred-stack-boundary being unused in Xcode 4.4.1

This change only fixes warnings reported as errors by buildbot; it
does not attempt to fully synchronize with the flags that Xcode 5.1
uses for kernel module builds.

Reviewed-on: http://gerrit.openafs.org/10896
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit cb18fbde6536942e4bc87bd5943a13cc14fbe332)

Change-Id: Ic66d9028e4f15bd7a9d7c80db84087879560f4d2
Reviewed-on: http://gerrit.openafs.org/10926
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoDo not use garbage-collection for DARWIN ObjC apps
Benjamin Kaduk [Thu, 13 Mar 2014 20:37:10 +0000]
Do not use garbage-collection for DARWIN ObjC apps

Xcode 5.1 does not support this feature.

Reviewed-on: http://gerrit.openafs.org/10890
Reviewed-by: D Brashear <shadow@your-file-system.com>
Tested-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 52a9d1929518feab17b81b0a9db7ba45f69d5071)

Change-Id: Ia383e1f9c4ee4ae19ed81cfedb1541399d7546b3
Reviewed-on: http://gerrit.openafs.org/10925
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: D Brashear <shadow@your-file-system.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

6 years agoUse correct include guard for vol_prototypes.h
Benjamin Kaduk [Thu, 13 Mar 2014 19:33:44 +0000]
Use correct include guard for vol_prototypes.h

Correct the case of the 'h'.

Reviewed-on: http://gerrit.openafs.org/10889
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 8832cd4e61f04fa5c650060e968bd7834afebd92)

Change-Id: I306107184667724e48d5c9c32a11ddc4c9748ce7
Reviewed-on: http://gerrit.openafs.org/10924
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>