openafs.git
9 years agoWindows: afsredirlib log messages
Jeffrey Altman [Thu, 29 Dec 2011 17:45:16 +0000]
Windows: afsredirlib log messages

Improve or correct a number of log messages.  Report the correct
FID or NT Status value, etc.

Change-Id: I434b47e1350767f868170323280298f77e1a840a
Reviewed-on: http://gerrit.openafs.org/6442
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Symlink resolve failure error
Jeffrey Altman [Thu, 29 Dec 2011 17:42:26 +0000]
Windows: Symlink resolve failure error

If a symlink cannot be resolved, return STATUS_REPARSE_POINT_NOT_RESOLVED
instead of STATUS_ACCESS_DENIED.  The symlink is after all a reparse
point.  This results in a more meaningful error being delivered to
the end user.

Change-Id: I30713dac7b916efaf3cf7a5d7717cb0bc971a31a
Reviewed-on: http://gerrit.openafs.org/6441
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Make idle dead timeout very long
Jeffrey Altman [Wed, 28 Dec 2011 22:08:23 +0000]
Windows: Make idle dead timeout very long

The idle dead timeout processing must eventually be removed
from Rx for initiators.  In the meantime, make the timeout period
ten times longer than the hard dead timeout.  This permits eventual
failure when the server doesn't respond in ten minutes but avoids
more transient issues.

Change-Id: Ia673666dd55b33c4375ee8fdcbb89c82e8b01185
Reviewed-on: http://gerrit.openafs.org/6440
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: replace strdup with xdr_alloc in callback processing
Jeffrey Altman [Wed, 28 Dec 2011 22:07:01 +0000]
Windows: replace strdup with xdr_alloc in callback processing

The CRT allocator cannot be used for memory that will be freed
by afsrpc.dll.  Use xdr_alloc() instead.

Change-Id: Idd33710c225d58b4e6eba0bfdb2f8b3282996258
Reviewed-on: http://gerrit.openafs.org/6439
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agowindows: osi_TSignalForMLs simplify
Jeffrey Altman [Tue, 27 Dec 2011 01:59:21 +0000]
windows: osi_TSignalForMLs simplify

Simplify logic for readability and efficiency.

Change-Id: I3c78b23b6fcf8478fe20a803755923108995d532
Reviewed-on: http://gerrit.openafs.org/6438
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: osisleep do not tamper with queues
Jeffrey Altman [Tue, 27 Dec 2011 01:56:38 +0000]
Windows: osisleep do not tamper with queues

There is no need to manually remove an entry from a queue before
executing osi_QRemoveHT().  osi_QRemoveHT() removes the item
from the queue and fixes up the pointers correctly.  Manual
intervention is a waste of cpu and can be harmful.

Change-Id: Iaea4ceac2cb5f61e5bb73fd181bd934e06ddf0a6
Reviewed-on: http://gerrit.openafs.org/6437
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: osi_sleepInfo tid type
Jeffrey Altman [Tue, 27 Dec 2011 01:55:22 +0000]
Windows: osi_sleepInfo tid type

The thread id type is DWORD not size_t for consistency
with the rest of the client_osi package.

Change-Id: I2e2d31d8738d9de82d99f346f5109de133f3e25e
Reviewed-on: http://gerrit.openafs.org/6436
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: add osi_TWaitExt(), fix osi_TWait()
Jeffrey Altman [Tue, 27 Dec 2011 01:51:33 +0000]
Windows: add osi_TWaitExt(), fix osi_TWait()

osi_TWait() was adding new locks to the turnstile at the tail
which is the end of the queue locks are removed from.  This
implemented LIFO instead of FIFO when FIFO is the "fair" order
to service lock requests.

osi_TWaitExt() is added to permit the Reader to Writer upgrade
request to use LIFO when more than one reader is present.

Change-Id: Ib6435a3edc2cb8519939cfad93e0db4b0604da2d
Reviewed-on: http://gerrit.openafs.org/6435
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: use waiters counter instead of osi_TEmpty
Jeffrey Altman [Tue, 27 Dec 2011 01:48:24 +0000]
Windows: use waiters counter instead of osi_TEmpty

The osi_TEmpty() macro examines the values of the turnstile
pointers.  Instead use the lock's 'waiters' counter to determine
if there are waiting threads to signal.

Change-Id: I8e14a03a30adcf1e67b07fc020104c2ada3b5c6a
Reviewed-on: http://gerrit.openafs.org/6434
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: kauth search for kerberos iv port first
Jeffrey Altman [Sat, 24 Dec 2011 20:16:12 +0000]
Windows: kauth search for kerberos iv port first

Modify src/kauth/user_nt.c to match the service name search
order of the Unix code:

 kerberos4
 kerberos-iv
 kerberos

The standard Windows SERVICES file includes "kerberos-iv" as
port 750.

FIXES 127907

Change-Id: I518a812cc2d465334e8ef6929f8988c51b33749b
Reviewed-on: http://gerrit.openafs.org/6430
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoafs: Panic on afs_conn refcount imbalance
Andrew Deason [Thu, 22 Dec 2011 20:48:49 +0000]
afs: Panic on afs_conn refcount imbalance

An undercounted afs_conn can easily cause a panic and/or memory
corruption later on, since we put an rx_connection reference with each
afs_conn reference. Panic as soon as we detect this, as this indicates
a serious bug.

Change-Id: I251fd3303114d0822b8cf70805a8a447986a7762
Reviewed-on: http://gerrit.openafs.org/6413
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafs: Add afs_WriteDCache sanity checks
Andrew Deason [Wed, 21 Dec 2011 22:01:16 +0000]
afs: Add afs_WriteDCache sanity checks

Writing a non-free non-discarded dcache entry with a zero volume id
can easily cause hash table corruption later on, so make sure we don't
do that. Also log something if the write itself fails, as this usually
indicates an unusual situation involving I/O errors or something.

Change-Id: Ib9602227e8cee324cb63a4a3dee28e53af69b446
Reviewed-on: http://gerrit.openafs.org/6419
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafs: Cope with afs_GetValidDSlot errors
Andrew Deason [Wed, 21 Dec 2011 21:05:40 +0000]
afs: Cope with afs_GetValidDSlot errors

Make callers of afs_GetValidDSlot deal with getting a NULL dcache,
which can occur if an error is encountered. Some of these just panic
at least for now, since a code path for recovery is complex, but this
is at least better than dereferencing a NULL pointer.

Change-Id: I4022a914bbaa0e1f3f4daadfdc32d165a6e2febd
Reviewed-on: http://gerrit.openafs.org/6418
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafs: Do not always ignore errors in afs_GetDSlot
Andrew Deason [Wed, 21 Dec 2011 20:04:32 +0000]
afs: Do not always ignore errors in afs_GetDSlot

Currently afs_UFSGetDSlot will silently swallow any error in reading
the specified dslot from disk, and will return a "blank" dcache to the
caller. However, many callers of afs_GetDSlot will be asking for a
dcache that we know exists, and more importantly, we know is on the
global hash table. If a disk error is encountered and we're given a
"blank" dcache, we will erroneously believe the dcache entry is not on
the hash table, causing corruption of the hash table later on.

So instead, modify all callers of afs_GetDSlot to use either
afs_GetValidDSlot or afs_GetNewDSlot. Calling afs_GetValidDSlot
indicates that the given dentry index is known to be valid, and any
error encountered while reading the entry from disk should result in
an error (for disk I/O errors we have no control over, this results in
a NULL dentry returned; for internal consistency errors we panic).
Calling afs_GetNewDSlot indicates that the specified index may not
exist or may not be valid, and so returning a "blank" dentry in that
case is fine.

For memcache, the situation is the same, except any time we go to
"disk" it is an (internal) error, since there is no disk.

Change-Id: I53ea6e99649e4d6d5cbde58929dfcee1d45a3e7b
Reviewed-on: http://gerrit.openafs.org/6417
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafs: Remove second argument to afs_GetDSlot
Andrew Deason [Wed, 21 Dec 2011 22:25:29 +0000]
afs: Remove second argument to afs_GetDSlot

All callers of afs_GetDSlot were passing NULL as the second argument
to afs_GetDSlot. So, remove the argument, and behave as if tmpdc was
NULL unconditionally.

Change-Id: I138fe917d739c3020c35c20da48ffdf38f682fd6
Reviewed-on: http://gerrit.openafs.org/6416
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafs: Indicate error from afs_osi_Read/Write better
Andrew Deason [Thu, 22 Dec 2011 20:01:52 +0000]
afs: Indicate error from afs_osi_Read/Write better

Currently afs_osi_Read and afs_osi_Write just return -1 on any I/O
error, even though they know the error code given from the OS VFS.
Just return that code instead so the caller can see what the error
was; but negate it, so it's clear that it is an error.

Change-Id: I3d8350da18d075713356137a1cacf182a749fe3e
Reviewed-on: http://gerrit.openafs.org/6412
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafs: afs_osi_Read/Write returns negative on error
Andrew Deason [Thu, 22 Dec 2011 19:50:09 +0000]
afs: afs_osi_Read/Write returns negative on error

afs_osi_Read and afs_osi_Write need to return negative values on
error. EIO is not negative; return -EIO so we don't accidentally
return "success" if someone requested to read or write EIO bytes.

Change-Id: Id0693776737fdf7086de16a935ad3942f5026e55
Reviewed-on: http://gerrit.openafs.org/6411
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoklog.krb5: cast get_cred_keylen to unsigned
Andrew Deason [Thu, 22 Dec 2011 18:50:53 +0000]
klog.krb5: cast get_cred_keylen to unsigned

get_cred_keylen can yield a type besides an unsigned int (such as a
size_t on heimdal). But we are printing it with %u, which causes a
warning, so cast it to an unsigned int.

Change-Id: I7b89de5b0b163b9532ac347e9c56e865cb58f266
Reviewed-on: http://gerrit.openafs.org/6410
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agofuse: Autodetect Solaris 11 FUSE
Andrew Deason [Fri, 23 Dec 2011 23:31:10 +0000]
fuse: Autodetect Solaris 11 FUSE

FUSE exists in Solaris 11, but it does not come with a fuse.pc
pkg-config configuration. Autodetect the presence of FUSE anyway.

Change-Id: Ia052ba0a1bfe511dd051f3cfbee10395dc9d2c60
Reviewed-on: http://gerrit.openafs.org/6422
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafsd.fuse: Solaris 11 support
Andrew Deason [Thu, 22 Dec 2011 04:19:01 +0000]
afsd.fuse: Solaris 11 support

The FUSE in Solaris 11 has a couple of quirks; work around them.

Change-Id: I29b8a8858467d1c6ebacb4926a15165feae64f2c
Reviewed-on: http://gerrit.openafs.org/6421
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoafsd: Parse cacheinfo during argument parsing
Andrew Deason [Thu, 22 Dec 2011 03:00:12 +0000]
afsd: Parse cacheinfo during argument parsing

Currently we parse cacheinfo in afsd_run, when the client is
initialized and started. Parsing cacheinfo can change
afsd_cacheMountDir, however, which may be of interest to afsd.o users;
in particular, libuafs exposes this via uafs_MountDir(). This means
that if a mount dir is not explicitly specified in the libcmd
arguments to afsd, a libuafs-using program will see the mountpoint as
the empty string if it is queried after afsd_parse but before
afsd_run. For afsd.fuse, this causes the cryptic error message:

    fuse: bad mount point `': No such file or directory

since the mountpoint is the empty string if it is not specified
explicitly on the command line.

To fix this, move cacheinfo parsing to effectively near the end of
afsd_parse, so the mountpoint is calculated in afsd_parse().

Change-Id: I058f2c7c2f0cc21db21c4b1d38ff63b9e9ed1562
Reviewed-on: http://gerrit.openafs.org/6400
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agofuse: Add -oallow_other by default where possible
Andrew Deason [Fri, 2 Dec 2011 22:06:42 +0000]
fuse: Add -oallow_other by default where possible

By default, fuse mountpoints are only accessible by the same uid as
that which mounted the fuse filesystem. When we're running as root,
specify -oallow_other so by default anyone can access the afs
mountpoint.

Change-Id: Idc732a22136fbe6bc585b76ac6291d8518f1f9de
Reviewed-on: http://gerrit.openafs.org/6390
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoWindows: Avoid bottleneck on VolumeLock
Peter Scott [Sat, 24 Dec 2011 00:00:57 +0000]
Windows: Avoid bottleneck on VolumeLock

The VolumeLock resource was obtained during each AFSParseName()
and held across a wide range of operations including volume
info queries, renames, and extent requests.  These operations can
take a long time to complete and as long as the VolumeLock was
held exclusively there could only be one operation in flight at
a time on a given volume.  This significantly reduced the parallelism
of operations.

The VolumeLock was not required in almost all cases.  This patchset
adjusts the use of the VolumeLock and avoids the bottleneck.

Change-Id: I9d60fe41d157b9e315aeaa15feee8d1e0d4ded4c
Reviewed-on: http://gerrit.openafs.org/6420
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: avoid race in cm_GetNewSCache
Jeffrey Altman [Sat, 24 Dec 2011 08:15:53 +0000]
Windows: avoid race in cm_GetNewSCache

The cm_scacheLock is dropped while walking the scache LRU queue.
As a result it is possible for the cm_scache_t that is being
considered for recycling to be accessed and moved to the head
of the queue.

Track the prev and next pointers so it is possible to detect if
the cm_scache_t that is about to be recycled has been moved.  If
so, restart the search from the tail.

Change-Id: I6c3b645b85aa60197b9b6d60cffdcb818eb6f4b2
Reviewed-on: http://gerrit.openafs.org/6424
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: cm_BufWrite() must wait in cm_SyncOp()
Jeffrey Altman [Sat, 24 Dec 2011 08:11:04 +0000]
Windows: cm_BufWrite() must wait in cm_SyncOp()

Now that it is permissible for more than one store data operation
to construct BIOD lists in parallel, cm_BufWrite() must be willing
to wait in cm_SyncOp().  Otherwise, the daemon threads will spin.

Change-Id: I77ee2005025de9255b4c9cdb8bed8efc44b9518a
Reviewed-on: http://gerrit.openafs.org/6423
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agorx: Don't adjust non-existent events
Simon Wilkinson [Sat, 24 Dec 2011 17:23:48 +0000]
rx: Don't adjust non-existent events

If we notice that time has gone backwards (that is, the current
time is older than the time of the last event we fired), then we
reschedule all pending events.

On Windows, immediately after we have resumed from a suspend, this
code path can be executed with an empty event tree, causing an
exception:

FAULTING_IP:
afsrpc!adjustTimes+cf [c:\src\openafs\openafs.git\repo\src\rx\rx_event.c @ 213]
00000000`61041847 4c8b4030        mov     r8,qword ptr [rax+30h]

EXCEPTION_RECORD:  ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0000000061041847 (afsrpc!adjustTimes+0x00000000000000cf)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: 0000000000000030
Attempt to read from address 0000000000000030

Resolve this by checking for an empty tree before we attempt to adjust
event times. If the tree is empty, we just zero the last event time
(so we don't keep running the adjustTimes routine), and continue as
normal.

Change-Id: I42a42ff1bd53a9d5c4733efc7ac5f629426b3aa1
Reviewed-on: http://gerrit.openafs.org/6425
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: AFSCleanup extent processing
Jeffrey Altman [Thu, 22 Dec 2011 02:47:56 +0000]
Windows: AFSCleanup extent processing

1. Perform a CcFlushCache() any time the file is cached
   and the Context Control Block indicates that the handle
   has FILE_WRITE_DATA permission.

2. Perform an AFSFlushExtents() whenever there are dirty
   extents and the handle has FILE_WRITE_DATA permission.
   No point flushing the extents if the AuthGroup does not
   have write permission.  Another Ccb must exist that does
   have write permission.

Change-Id: I3ece011b484c12e7dc936b81c272ba6a42f6c7d6
Reviewed-on: http://gerrit.openafs.org/6399
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: AFSRetrieveValidAuthGroup FILE_READ_DATA
Jeffrey Altman [Thu, 22 Dec 2011 02:37:41 +0000]
Windows: AFSRetrieveValidAuthGroup FILE_READ_DATA

Only an AuthGroup belonging to a Context Control Block that was
granted the FILE_READ_DATA permission is capable of reading
data from the file server.

Change-Id: I93a7d8e65a6bc87b44399a30da5c0dd7d4e07685
Reviewed-on: http://gerrit.openafs.org/6398
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: AFSRequestExtentsAsync retry with alt authgroup
Jeffrey Altman [Thu, 22 Dec 2011 02:34:14 +0000]
Windows: AFSRequestExtentsAsync retry with alt authgroup

If AFSRequestExtentsAsync() fails to obtain requested extents
due to STATUS_ACCESS_DENIED using the AuthGroup associated with
the Context Control Block, try to find an alternate AuthGroup
to use to perform the extent request.  We have already told
Windows what permissions the application has when the file was
opened.  Windows will perform its own validation checks prior
to permitting the data to be accessed or altered.

Change-Id: I430657e8c8e30c9f636a5ec81065af4122c926d7
Reviewed-on: http://gerrit.openafs.org/6397
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Use AuthGroups for extent request error reporting
Jeffrey Altman [Thu, 22 Dec 2011 02:17:33 +0000]
Windows: Use AuthGroups for extent request error reporting

The afs redirector current tracks the most recent extent error
in the File Control Block.  Prior to this patchset the error
was returned to the requesting thread when the process Id matched
the most recent Process to issue a request.  This approach resulted
in a couple of problems.

 1. There are multiple threads that can issue an extent request
    on the same file at the same time representing different processes.
    Resetting the process Id with each new request could clear the
    error prior to its receipt.

 2. The failure may be due to inappropriate permissions.  Permissions
    are not associated with proceses but with Authentication Groups.

This patchset makes several changes:

 1. It enables the afsd_service to track the active authgroup as
    part of the cm_user_t structure and associates that object with
    the BIOD object to ensure that the active authgroup can be
    reported to the afs redirector.

 2. It modifies the AFSExtentFailureCB structure to include the
    AuthGroup GUID.

 3. It tracks the AuthGroup GUID associated with the extent
    failure in the non-paged file control block.

 4. It converts all tests on Process Id to use AuthGroup instead.

 5. It alters the behavior of error delivery such that reported
    error is only cleared after it has been reported once to a
    thread using the matching AuthGroup.

These changes make the situation better but not perfect as error
states can still be lost.  However, it avoids the case most often
seen in production where two processes (a end user process and an
anti-malware process) are fighting over a file and the anti-malware
process has no permission to access the file under its own credentials.

Change-Id: Ia5c3877b8d46de695c86884c4166dc812885a72c
Reviewed-on: http://gerrit.openafs.org/6396
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Explicit permission check on extent release
Jeffrey Altman [Thu, 22 Dec 2011 02:10:45 +0000]
Windows: Explicit permission check on extent release

When a data extent is released by the afs redirector or the
afsd_service performs an extent claw back during a cleanup
operation, perform an explicit permission check before attempting
to store dirty buffers to the file server.   Instead of waiting
for the file server to fail the request, fail it immediately.

The permission check is performed using the currently active
authentication group.

Change-Id: I533f06ec10b8a6f4dbe5e18b1205b20881b5559a
Reviewed-on: http://gerrit.openafs.org/6395
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: RDR_CleanupFileEntry restrict extent claw back
Jeffrey Altman [Thu, 22 Dec 2011 02:08:59 +0000]
Windows: RDR_CleanupFileEntry restrict extent claw back

Only demand that extents be returned by the afs redirector
if this cleanup is the last open handle or the redirector has
requested that the file be flushed to the file server.

Change-Id: I03ddcd153d2ded5fc805148a192234742d20b29e
Reviewed-on: http://gerrit.openafs.org/6394
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: remove unused AFSRequestExtents()
Jeffrey Altman [Thu, 22 Dec 2011 02:03:52 +0000]
Windows: remove unused AFSRequestExtents()

Change-Id: I25251827ab2cfb68ba20cf97eaebb669e4f36a82
Reviewed-on: http://gerrit.openafs.org/6393
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Bad DV invalidate only when new DV not 0
Jeffrey Altman [Thu, 22 Dec 2011 01:49:59 +0000]
Windows: Bad DV invalidate only when new DV not 0

If the current DV is BAD_VERSION and the new DV is 0, do not send
an invalidation to the redirector.  It only results in wasteful work.
If the current DV is BAD_VERSION the object either:

 1. was never previously known

 2. was recently flushed

 3. the cm_scache_t was recycled

In all cases, the redirector does not have knowledge of the object
since either it didn't exist or a previous invalidation was sent.

Change-Id: I7e0cf41bae64660e4e1ec342bafcf3ef8a693d56
Reviewed-on: http://gerrit.openafs.org/6392
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Define times in terms of AFS_ONE_SECOND
Jeffrey Altman [Thu, 22 Dec 2011 01:45:19 +0000]
Windows: Define times in terms of AFS_ONE_SECOND

The afs redirector defines the macro AFS_ONE_SECOND to indicate
the number of 100ns units necessary to indicate one second of time.
Use that definition when defining other time values.  Also define
AFS_ONE_MILLISECOND and AFS_ONE_MICROSECOND.

Change-Id: Ie2a173b4037af61e9a1c5aa06129520c36d714bb
Reviewed-on: http://gerrit.openafs.org/6391
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoInclude afsconfig.h before anything else
Andrew Deason [Mon, 19 Dec 2011 22:11:31 +0000]
Include afsconfig.h before anything else

afsconfig.h can define various preprocessor symbols that can affect
how system headers behave. For example, the presence of the
_POSIX_PTHREAD_SEMANTICS symbol changes the number of arguments to
getpwnam_r on at least Solaris 8. So, we must include afsconfig.h
before including anything else, to ensure consistency.

Change-Id: I84bc73b3fada5dbc68cd355c24f2f746f2e982b3
Reviewed-on: http://gerrit.openafs.org/6387
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: avoid deadlock during SetRenameInformation
Jeffrey Altman [Sun, 18 Dec 2011 23:36:14 +0000]
Windows: avoid deadlock during SetRenameInformation

The VolumeLock must be held before the Fcb->NPFcb->Resource.
Obtain the VolumeLock in AFSSetFileInformation only in the
rename case instead of obtaining the VolumeLockin AFSSetRenameInformation.

Change-Id: I84f086e3a8f7d08630266c9e409e1e22c1f92742
Reviewed-on: http://gerrit.openafs.org/6377
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: terminate HOSTS/LMHOSTS with newline
Jeffrey Altman [Sun, 18 Dec 2011 17:08:24 +0000]
Windows: terminate HOSTS/LMHOSTS with newline

If the original file did not terminate with a newline,
add one before appending the "AFS" entry.

FIXES 130210

Change-Id: I35f96120904d09679d62ea4fb65f29648c4abfa5
Reviewed-on: http://gerrit.openafs.org/6375
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Track AuthGroup in Context Control Block
Peter Scott [Wed, 14 Dec 2011 19:27:54 +0000]
Windows: Track AuthGroup in Context Control Block

Tracking the AuthGroup in the File Control Block proved to be
insufficient to ensure that dirty extents can be stored back
to the file server when an anti-virus service opens a file
in authgroup without 'write' permission immediate after the
application performing a WriteFile() opens it.  In this situation
the Fcb ends up with the AuthGroup set to the anti-virus value
and not the one that belongs to the writing application.

Tracking the AuthGroup by Ccb provides the ability to select
an AuthGroup from the list of open handles instead of tracking
the most recent one.

Change-Id: I851ea646feb531d7c765e1cf789a4ba541e4a150
Reviewed-on: http://gerrit.openafs.org/6333
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Tear down extents upon file deletion
Jeffrey Altman [Sat, 17 Dec 2011 17:14:28 +0000]
Windows: Tear down extents upon file deletion

When processing AFS_INVALIDATE_REMOVED, tear down all extents
since they are no longer necessary and return them to the service
for recycling.

Change-Id: Iec6c0d2c68db16dbf3bd04c51536e13d45f0c1b8
Reviewed-on: http://gerrit.openafs.org/6365
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: notify file size change if flushed
Jeffrey Altman [Sat, 17 Dec 2011 17:13:17 +0000]
Windows: notify file size change if flushed

When processing AFS_INVALIDATE_FLUSHED, notify any listeners
that the file size has changed to force a complete refresh.

Change-Id: Ie5f0076ea786357ae77ef6a76f162c776d555953
Reviewed-on: http://gerrit.openafs.org/6364
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agoWindows: forget data version only for flushing
Jeffrey Altman [Sat, 17 Dec 2011 17:08:49 +0000]
Windows: forget data version only for flushing

The AFS redirector was intentionally forgetting the data version
number for AFS_INVALIDATE_DATA_VERSION events.  The point of that
event is to ensure that clean data be purged if the data version
in fact changed.  Checking the data version for change cannot be
performed if the data version is reset to -1.

Only when AFS_INVALIDATE_FLUSHED is processed should the data
version be reset to ensure that all of the data is purged.

Change-Id: I430afc4889c55c49ef24904a987b08042994cfea
Reviewed-on: http://gerrit.openafs.org/6363
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: fix indentation
Jeffrey Altman [Sat, 17 Dec 2011 17:07:53 +0000]
Windows: fix indentation

Change-Id: I187cfa466830a528d0ac2c77b0006e2b66b0a47c
Reviewed-on: http://gerrit.openafs.org/6362
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agoWindows: AFSSetRenameInfo log message
Jeffrey Altman [Sat, 17 Dec 2011 16:57:15 +0000]
Windows: AFSSetRenameInfo log message

Fix a typo in the log message and change its priority from
error to verbose

Change-Id: I807d7d6d9118b0fa6af3de638bb9fa2c0d90cbcb
Reviewed-on: http://gerrit.openafs.org/6361
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agoWindows: return error to system paging requests
Jeffrey Altman [Fri, 16 Dec 2011 22:24:36 +0000]
Windows: return error to system paging requests

If an error has been set on a file, return that error to the
System process for any outstanding extent requests.

Change-Id: I8f7244f19cc0e3f96a1599ce011251ade0afe3f4
Reviewed-on: http://gerrit.openafs.org/6360
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agoWindows: log volume and authgroup for redir open
Jeffrey Altman [Fri, 16 Dec 2011 23:24:50 +0000]
Windows: log volume and authgroup for redir open

If opening a volume root fails, log the authgroup and volume
to make it easier to debug the error.

Change-Id: I0c9ffc58ffaf7582a1b22043de2b5d096530de5b
Reviewed-on: http://gerrit.openafs.org/6352
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: save fid/type for redirector invalidation
Jeffrey Altman [Fri, 16 Dec 2011 05:12:39 +0000]
Windows: save fid/type for redirector invalidation

Must save the fid/type fields of the cm_scache_t object before
recycling in order to invalidate the contents in the redirector.

Change-Id: I7914faaa80082033044980deb471eaffbddf3cfc
Reviewed-on: http://gerrit.openafs.org/6359
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: move to head of queue no-op if not in queue
Jeffrey Altman [Fri, 16 Dec 2011 22:22:49 +0000]
Windows: move to head of queue no-op if not in queue

If the buffer is not in the queue, do nothing.

Change-Id: Icdb95775bcc6d010ca1926ce4384d9edcd8f1cd3
Reviewed-on: http://gerrit.openafs.org/6351
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Properly convert FID structures
Jeffrey Altman [Fri, 16 Dec 2011 21:15:56 +0000]
Windows: Properly convert FID structures

Use the FID conversion function in RDR_SetFileStatus().
The FID structures are not the same in afsd_service and the
afsredirlib.sys driver.

Change-Id: I6360f39c8b90c46d468a06c08f0911f55f9142fb
Reviewed-on: http://gerrit.openafs.org/6350
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: propagate directory enumeration failures
Jeffrey Altman [Fri, 16 Dec 2011 16:43:32 +0000]
Windows: propagate directory enumeration failures

If a directory is enumerated with an AuthGroup that has no
permissions, do not treat the enumeration as successful.

Change-Id: I6a543a1b19b9d2e68ee2c99f67398ed94ad52896
Reviewed-on: http://gerrit.openafs.org/6344
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows Problem with cross-directory rename
Peter Scott [Fri, 16 Dec 2011 00:52:54 +0000]
Windows Problem with cross-directory rename

Not correctly handling cross-directory rename processing

Change-Id: I36e30a68d7755241c727868074e344beb9580c2d
Reviewed-on: http://gerrit.openafs.org/6343
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Update Adv Firewall Rules
Jeffrey Altman [Wed, 14 Dec 2011 17:58:36 +0000]
Windows: Update Adv Firewall Rules

Do not specify the Service Name property.  According to feedback
on openafs-info the Service Name blocks the rule from working properly.

If the rule already exists, attempt to remove the Service Name filter
and update NAT Edge Traversal and Permitted interface rules.

Change-Id: I1ab1a0c57f9271b68f91b08e530483a1fa40a165
Reviewed-on: http://gerrit.openafs.org/6332
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agovol: fix a08c3207255756c825ab69a19e04f79dd879c646
Jeffrey Altman [Thu, 15 Dec 2011 08:28:34 +0000]
vol: fix a08c3207255756c825ab69a19e04f79dd879c646

Patchset a08c3207255756c825ab69a19e04f79dd879c646 broke the suse
and windows builds by relying on C99 language syntax.  Fix it.

Change-Id: I8220e0504048d2caff00deb08e3bf53599e596b7
Reviewed-on: http://gerrit.openafs.org/6337
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoafs: Clear VHardMount on ResetVolumeInfo
Andrew Deason [Wed, 14 Dec 2011 20:42:08 +0000]
afs: Clear VHardMount on ResetVolumeInfo

afs_Analyze sets VHardMount on a volume struct when a hard-mount
scenario is encountered, and clears it after sleeping. However, if the
volume struct has VRecheck set, or if it's not in memory, afs_Analyze
cannot retrieve the volume struct in order to clear VHardMount again.

For the VRecheck case, this can results in VHardMount never getting
cleared, and so hard-mount messages for the volume seem to disappear.
So, clear VHardMount when we set VRecheck so this does not occur.

For the case where the volume struct is not in memory, this is not a
problem, since when we allocate a volume struct again, the VHardMount
state will not be retained.

Change-Id: I607741241e330391b8c857b2a72f0e0cfc0b91cc
Reviewed-on: http://gerrit.openafs.org/6335
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agoviced: Yell when we GetSomeSpace_r
Andrew Deason [Wed, 14 Dec 2011 20:16:16 +0000]
viced: Yell when we GetSomeSpace_r

A GetSomeSpace_r call indicates we don't have enough callbacks
configured. For many people, this can happen without the administrator
realizing anything is wrong, since we never give any indication that
something is amiss, unless the administrator checks the xstat
statistics.

Since this can indicate a serious performance problem, yell in the log
when this happens. Only do it once, so we don't spam the log.

Change-Id: I5c881a3c127c20b4f086d59bf3768864307efe92
Reviewed-on: http://gerrit.openafs.org/6334
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoRevert "Windows: cs_CZ localization"
Jeffrey Altman [Thu, 15 Dec 2011 15:00:28 +0000]
Revert "Windows: cs_CZ localization"

This reverts commit 642153cae6700e855a8abcc20be207612e1e6b3c

cs_CZ localization cannot be committed to the repository until:

1. Resource DLLs for all components are built in the tree.

2. All built components have been successfully tested so that OpenAFS is not shipping code that caused executable components to crash in the cs_CZ locale.

Change-Id: Id287d150a4c63afdc3f4105d26c9faf211da5395
Reviewed-on: http://gerrit.openafs.org/6339
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agobozo: retry start after error stops
Michael Meffie [Thu, 29 Sep 2011 18:44:11 +0000]
bozo: retry start after error stops

After a bnode is stopped because of two many consecutive exits
delay for some time and attempt to start the bnode again. Countine
to retry on each error stop, doubling the delay for each retry
attempt until a maxium number of attempts.

Change-Id: Ib6a4935d09c70c69de87f65717562bd3dcde761b
Reviewed-on: http://gerrit.openafs.org/5534
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agobozo: preserve all options over restart
Michael Meffie [Fri, 30 Sep 2011 16:22:27 +0000]
bozo: preserve all options over restart

On unix, save all the bosserver command-line options and reuse
them on bosserver restarts. On Windows, the SCM integrator saves
the argument list, just use them.

Change-Id: Ib54d1b0c9430946cce666d09f5ed923016d5ac8b
Reviewed-on: http://gerrit.openafs.org/5532
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

9 years agovolser: Do not reset copyDate in ReClone
Andrew Deason [Thu, 3 Feb 2011 22:11:38 +0000]
volser: Do not reset copyDate in ReClone

When we ReClone in the volserver, do not reset the clone's copyDate to
the current time. If we retain the copyDate between ReClone
operations, then we can know when the clone was first created (and
thus makes local RO clones more consistent with remote RO sites).

Change-Id: Ic76862c1a03ee3cafaf199f414fabc90e3b058d2
Reviewed-on: http://gerrit.openafs.org/3892
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agoutil: simplify thread-name interface
Garrett Wollman [Sat, 30 Jul 2011 01:33:10 +0000]
util: simplify thread-name interface

It appears that we don't actually need an interface to set the name
of an arbitrary thread (which Mac OS can't do), so remove the
afs_pthread_setname() interface and promote afs_pthread_setname_self()
to the status of primary.

Change-Id: I2d915d8165dac9ccfe0cb99630db657cb1473389
Reviewed-on: http://gerrit.openafs.org/5121
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agoWindows: AFSRDFSProvider stack overrun
Jeffrey Altman [Wed, 14 Dec 2011 04:28:15 +0000]
Windows: AFSRDFSProvider stack overrun

StringCchXXX functions take the number of characters not
the number of bytes.   Use StringCbXXXX functions whenever the
buffer size is being specified.

Check return codes from StringXXXXXX functions and return errors
instead of blindly continuing with a truncated string.

Allocate a larger buffer for substitution strings since they
need to handle the device path plus the target path.

FIXES 130392

Change-Id: I62ca980d145d6fef8cf771c26cd634ce1dd55b91
Reviewed-on: http://gerrit.openafs.org/6248
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agovos: fix code to not triple-negate
Derrick Brashear [Tue, 13 Dec 2011 17:19:48 +0000]
vos: fix code to not triple-negate

!!! is !. just write it that way.

Change-Id: I8e788177280c4a1d78cedaffd144a5c4ecba28f2
Reviewed-on: http://gerrit.openafs.org/6252
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agobuild tsalvaged, tvolser, and dvolser targets on *nbsd*
Jonathan A. Kollasch [Tue, 11 Oct 2011 17:33:19 +0000]
build tsalvaged, tvolser, and dvolser targets on *nbsd*

Change-Id: Idb744f57ab92ba2d9af4d7d9ca7c800b3ee880d2
Reviewed-on: http://gerrit.openafs.org/5595
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

9 years agovolscan: print vnode metadata information
Michael Meffie [Tue, 26 Jul 2011 13:18:44 +0000]
volscan: print vnode metadata information

volscan program to print vnode meta-data in a grep/awk/perl friendly
format. Optionally, find the paths of each vnode relative to the volume
root.  Access control list data can be reported, and are listed as one
access entry per line. Mount point information can be shown to which
volumes are mounted from given volumes.

The path lookup code originally written by Tom Keiser.

Change-Id: I743e1a33d9e6076e4f1b1b2cc462960a94e3763b
Reviewed-on: http://gerrit.openafs.org/5102
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

9 years agoUnix CM: Log reason for marking server up or down
Simon Wilkinson [Thu, 24 Nov 2011 17:43:45 +0000]
Unix CM: Log reason for marking server up or down

When we mark a server up or down also log the error code that says
why we did so, for help in debugging connection issues.

Change-Id: I1a14434607499c9932e23724b8e403442dc400c7
Reviewed-on: http://gerrit.openafs.org/6116
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

9 years agovolinfo: implement -checkout option
Michael Meffie [Tue, 26 Jul 2011 02:02:04 +0000]
volinfo: implement -checkout option

Implement the -checkout option using the FSSYNC communication
channel with the fileserver.

Change-Id: I119fab0c238fd37eb85c9810626ee91210b2efb6
Reviewed-on: http://gerrit.openafs.org/5101
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agovol: log error reason on header read failure
Michael Meffie [Tue, 22 Nov 2011 00:12:56 +0000]
vol: log error reason on header read failure

Log the error reason instead of just VSALVAGE when
ReadHeader() fails.

Change-Id: I24d5ca175310345ee4ce095229b08d9e7c75f700
Reviewed-on: http://gerrit.openafs.org/6108
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoWindows: cs_CZ localization
Lukas Volf [Sun, 4 Dec 2011 23:52:49 +0000]
Windows: cs_CZ localization

Resource conversion for the cs_CZ locale.  Does not include
installer updates.

Change-Id: Ifac0d7d9818dc662e584bc74701133cada9fbf33
Reviewed-on: http://gerrit.openafs.org/6227
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agolibafs: disable mtu discovery
Derrick Brashear [Wed, 14 Dec 2011 04:49:38 +0000]
libafs: disable mtu discovery

we need to rework this to use lack of soft acks instead of this
method, which is too fragile

Change-Id: Iedcd1e57e2c6a6c15ce3c040a9a9e6ae7d78bb36
Reviewed-on: http://gerrit.openafs.org/6256
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

9 years agolibafs: only do pings for default conn with root uid
Derrick Brashear [Wed, 14 Dec 2011 04:20:01 +0000]
libafs: only do pings for default conn with root uid

instead of doing it for potentially every unauth user, just do it for
root.

Change-Id: I39ef22578eb07c339b096b25753a1775c9917e0b
Reviewed-on: http://gerrit.openafs.org/6255
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

9 years agoWindows: memory leak when setting tokens via smb
Jeffrey Altman [Sat, 10 Dec 2011 18:28:17 +0000]
Windows: memory leak when setting tokens via smb

The SID string of the RPC used to set the token sessionKey
was being leaked.  Be sure to free it when it is no longer
required.

Change-Id: I28261643680d608d5c8805e095650a751193ab6d
Reviewed-on: http://gerrit.openafs.org/6244
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Suspend/Resume for afsd_service
Jeffrey Altman [Fri, 9 Dec 2011 23:40:42 +0000]
Windows: Suspend/Resume for afsd_service

The power mgmt events are received in the service.  The service
can block all requests from the redirector from being processed
until it knows that it is safe to process them.

The service will receive a SERVICE_CONTROL_APMSUSPEND just before
the system goes to sleep.  The service has two seconds to respond
and it uses that time to attempt to send RXAFS_GiveUpAllCallBacks
to all file servers as an rx_multi with no wait.  It also marks
all servers down and updates the callback expirations to be just
after the servers were marked down so that they will be forced to
be refreshed when the server is marked up.

Upon resume the service receives two events.  First,
SERVICE_CONTROL_APMRESUMEAUTOMATIC which is used to perform an
SMB lan adapter change detection and perform a probe of all down
servers.  The second, SERVICE_CONTROL_APMRESUMESUSPEND is used to
resume SMB listeners, perform a 2nd lan adapter change check (just
in case), check the status of all down servers in additional
networks have come up, and finally resume processing of redirector
requests.

With these changes no special logic in the redirector is required.

Change-Id: I5405ecab754dca04f34afb024c4dacc3fe089088
Reviewed-on: http://gerrit.openafs.org/6243
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoPrint "waiting for job termination" at most once.
Karl Ramm [Sun, 4 Dec 2011 18:56:29 +0000]
Print "waiting for job termination" at most once.

This message is useless, annoying, and is the UI equivalent of littering... but
it does explain why your backup command is just sitting there.

Change-Id: Ied49d0bf9f81b0e10804133c6f05814321d80438
Reviewed-on: http://gerrit.openafs.org/6223
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: increase timeout for extent request retries
Jeffrey Altman [Thu, 8 Dec 2011 15:00:57 +0000]
Windows: increase timeout for extent request retries

The AFS Redirector requests file data extents from the afsd_service.exe.  If
it does not receive the requested extent within 10 seconds it issues another
request for that extent.  Extent processing in the afsd_service is handled
by background daemons that process tasks serially from a work queue.   When
the load on the system is large enough that satisfying the work queue takes
longer than 10 seconds, the redirector would retry the request.  This would
increase the length of the work queue and increase lock contention.

Increasing the timeout period for extent retries to two minutes
significantly reduces the number of retry attempts while maintaining
protection against a lost extent request.  Two minutes is selected because
that is the rx hard dead call timeout.

Change-Id: I8169fbdc2d3456f151359ffe9eaa8eeccb2ceaf1
Reviewed-on: http://gerrit.openafs.org/6237
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: include owner/group in Security DACL
Peter Scott [Thu, 8 Dec 2011 01:29:00 +0000]
Windows: include owner/group in Security DACL

Include the World (Everyone) SID as the owner and group for
all files in AFS.

FIXES 130343

Change-Id: I01d697d7a6dea8e0bea67b81c14597c197b4241d
Reviewed-on: http://gerrit.openafs.org/6236
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoafs: prevent nat pings on destroyed connections
Jeffrey Altman [Mon, 5 Dec 2011 04:15:13 +0000]
afs: prevent nat pings on destroyed connections

If the connection is no longer in use, reset the nat keep alive
timer to 0 seconds.

Change-Id: I72b69979fb8b15ab5afaa654b317edc254253b4b
Reviewed-on: http://gerrit.openafs.org/6230
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoWindows: Release Notes Updates
Jeffrey Altman [Sun, 4 Dec 2011 18:42:08 +0000]
Windows: Release Notes Updates

Updates for 1.7.3.

Grammar improvements.

Reformatting.

Change-Id: Iff829f343e0140943495a19406746b30a70ed235
Reviewed-on: http://gerrit.openafs.org/6222
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agorx: Make CALL_RELE and CALL_HOLD lock refcnt mutex
Simon Wilkinson [Sun, 20 Nov 2011 23:11:53 +0000]
rx: Make CALL_RELE and CALL_HOLD lock refcnt mutex

The reference count mutex must always be held when calling CALL_RELE
or CALL_HOLD. Instead of requiring that the caller obtain, and release
the mutex, do so within the HOLD and RELE macros, greatly simplifying
calling code. Provide CALL_RELE_R and CALL_HOLD_R as versions of these
macros which can be used by callers who already hold the reference
count mutex for other purposes.

Change-Id: Ie3e9df8b9d2a79476f1707bd65e588f43271c636
Reviewed-on: http://gerrit.openafs.org/6219
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoFBSD: switch afsi_SetServerIPRank implementation
Ben Kaduk [Sat, 3 Dec 2011 19:37:09 +0000]
FBSD: switch afsi_SetServerIPRank implementation

Upstream has removed the ia_net{,mask} elements from
struct in_ifaddr, so we can no longer use them directly.
Switch to passing an rx_ifaddr_t (i.e. struct ifaddr*) in instead,
as that uses a slightly different codepath which still works
for our purposes.

We compile the kernel module with -Werror, so storing a pointer
(memcpy return value) in an int is forbidden, hence the conditional
declaration of 't'.

Change-Id: Ifefef88a353f4bd50a714ad88afa3a6f012fa3a1
Reviewed-on: http://gerrit.openafs.org/6203
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agorx: Helper function for decrementing conn refcnt
Simon Wilkinson [Sun, 20 Nov 2011 23:07:41 +0000]
rx: Helper function for decrementing conn refcnt

The code to lock the reference count mutex, reduce the connection
reference count, then unlock the mutex, is duplicated many times
throughout rx.c. Replace all of these multiple copies with a single
inline function.

Change-Id: I7adb460019d7434b32a16250cc026be667e7c55d
Reviewed-on: http://gerrit.openafs.org/6218
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agorx: Hide the rx_packet.h
Simon Wilkinson [Sun, 20 Nov 2011 16:31:28 +0000]
rx: Hide the rx_packet.h

Hide the rx_packet.h, and hence the rx_packet structure from
application view. rx_packet.h is currently still installed, and is
included directly by RX security classes, to reduce the per-packet
overhead there.

Change-Id: I269ccf4405a8f83cab4b0392b830bc1f36471c29
Reviewed-on: http://gerrit.openafs.org/6182
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: define MIN and MAX
Jeffrey Altman [Sun, 4 Dec 2011 02:20:05 +0000]
Windows: define MIN and MAX

MIN and MAX are used throughout the tree.  Windows does
not define them.  A future patchset should convert the
openafs src tree to use min and max.

Change-Id: Ibe7bba6a49e3c85f94cd1e1c45e904764bf06e02
Reviewed-on: http://gerrit.openafs.org/6209
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agorx: Make the rx_call structure private
Simon Wilkinson [Sun, 20 Nov 2011 14:58:28 +0000]
rx: Make the rx_call structure private

Hide the rx_call structure for public view. Provide accessors for
those elements which are currently accessed by applications.

Note that this change as it currently stands removes the visibility
of the last sent time, and sequence number information, from the
VolMonitor function.

Change-Id: Ib25ab5635126f893ae43acb684d92a78278d6ca6
Reviewed-on: http://gerrit.openafs.org/6181
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agorx: Make struct rx_connection private
Simon Wilkinson [Tue, 15 Nov 2011 10:40:44 +0000]
rx: Make struct rx_connection private

Move the rx_connection structure into a private header file, so that
it is only visible from within the rx module. This allows us to use
types within the structure that are not visible to everywhere that
includes rx.h, as well as being a step towards a more stable ABI for
RX.

Add accessor functions for all of the connection members which are
currently used by external callers, and modify those accessors
which were implemented as macros to also be functions.

Change all external access to the connection structures to use these
new functions.

Change-Id: Ife67e63f37cb04273fbfc9079db3907bde78ab98
Reviewed-on: http://gerrit.openafs.org/6180
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: apply Nat Pings only to cm_rootUser connections
Jeffrey Altman [Sat, 3 Dec 2011 22:49:47 +0000]
Windows: apply Nat Pings only to cm_rootUser connections

Use CM_UCELLFLAG_ROOTUSER flag to identify the cm_rootUser
connections and only apply Nat pings to those connections
instead of examining the security state of the connection.

Change-Id: I978501972509d1e58b08b630e1ff046b404e59d8
Reviewed-on: http://gerrit.openafs.org/6208
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: track cm_rootUser connections
Jeffrey Altman [Sat, 3 Dec 2011 22:46:41 +0000]
Windows: track cm_rootUser connections

Add CM_UCELLFLAG_ROOTUSER flag to cm_ucell_t for the purpose
of tracking which connections belong to the cm_rootUser.

Change-Id: Icd809631637d4fc6c2bb1bd93e7cab74f2fb5c2b
Reviewed-on: http://gerrit.openafs.org/6207
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agorx: rx_conn/rx_peer refCount signed
Jeffrey Altman [Sat, 3 Dec 2011 20:45:53 +0000]
rx: rx_conn/rx_peer refCount signed

Can't trace reference count underflows with rxi_LowConnRefCount
and rxi_LowPeerRefCount if they cannot become negative.

Change-Id: I429da00a8e711c2e562378ec5d6601093293a55b
Reviewed-on: http://gerrit.openafs.org/6205
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agorx: Some kernels have no reschedule function
Simon Wilkinson [Sat, 3 Dec 2011 21:10:43 +0000]
rx: Some kernels have no reschedule function

If RXK_TIMEDSLEEP_ENV isn't set, then Unix kernel cache managers
call rxevent_Init without a reschedule function. Check for this so
we don't end up calling a NULL function in these situations.

Change-Id: I5e89f5247aeffc4c27d3f81c0ccabe4979232846
Reviewed-on: http://gerrit.openafs.org/6206
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: npdll connected query returns no usage
Jeffrey Altman [Sat, 3 Dec 2011 04:38:01 +0000]
Windows: npdll connected query returns no usage

In response to a NPEnumResources CONNECTED scope query, the usage
field is always set to zero.  If the CONNECTABLE flag is set,
mpr.dll will filter the entry out of the result list.

Change-Id: If939f9f168fe2e02a1a8287c661ec2e1cda5eb8f
Reviewed-on: http://gerrit.openafs.org/6195
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

9 years agoWindows: Use roken's min and max
Simon Wilkinson [Sat, 3 Dec 2011 11:20:57 +0000]
Windows: Use roken's min and max

roken provides min() and max() macros. Use these, rather than our own
MIN() and MAX()

Change-Id: I82456c061cb274490e2ef2966a7075c2bde1f016
Reviewed-on: http://gerrit.openafs.org/6196
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoAdd OpenAFS to the dependencies of remote-fs.
Edward Z. Yang [Sun, 20 Nov 2011 20:48:33 +0000]
Add OpenAFS to the dependencies of remote-fs.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>

Change-Id: Icd1fd34dc3a5c849a2b698c1da08eb4003e6efa1
Reviewed-on: http://gerrit.openafs.org/6093
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoRemove dead code from rxi_FindIfnet()
Ben Kaduk [Sat, 3 Dec 2011 01:24:04 +0000]
Remove dead code from rxi_FindIfnet()

There is a separate implementation for DARWIN and XBSD above, so
having a check for DARWIN here is pointless.

Change-Id: I66741dd1d8dbddc19809fd6e6fcd0897f047f222
Reviewed-on: http://gerrit.openafs.org/6193
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agorx: Refactor MaxMTU error checking
Simon Wilkinson [Sun, 20 Nov 2011 16:29:55 +0000]
rx: Refactor MaxMTU error checking

The error checking on the rxMaxMTU parameter was done individually by
every server that sets it, using "internal" RX #defines to do so.
Instead, do the error checking within the function that actually sets
the MTU, reducing both the amount of code duplication, and the amount
of RX knowledge held within the servers.

Change-Id: Ic2cdd9425d5344a5137f76f66f711f4dee91a7b6
Reviewed-on: http://gerrit.openafs.org/6091
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

9 years agosalvager: Create link table with volume group id
Andrew Deason [Fri, 2 Dec 2011 20:36:59 +0000]
salvager: Create link table with volume group id

The link table needs to be created with the VG id or RW vol id, not
the non-RW vol id. Unlike other special inodes, this goes for both the
'parent' and 'volume' volume ids, not just the 'parent' id, since
there is only one link table per VG.

Without this, the salvager can generate invalid linktable special
inodes if it encounters a VG with no inodes for the RW vol.

Change-Id: I10725c514ef1b8a5b09a506e42596b51b74af5a2
Reviewed-on: http://gerrit.openafs.org/6179
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoDAFS: Ensure logging on attach2 errors
Andrew Deason [Wed, 30 Nov 2011 23:41:53 +0000]
DAFS: Ensure logging on attach2 errors

The attach2 error path transitions a volume to VOL_STATE_ERROR, in
case whatever got us to that error path did not already put the volume
in an appropriate state. Log when we do this, to make sure we do not
end up with a volume in VOL_STATE_ERROR state silently.

Change-Id: I02c842b64882d96e707e867ee0f7730a2bebd405
Reviewed-on: http://gerrit.openafs.org/6168
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoDAFS: Avoid unnecessary preattach on FSYNC_VOL_ON
Andrew Deason [Wed, 30 Nov 2011 23:35:56 +0000]
DAFS: Avoid unnecessary preattach on FSYNC_VOL_ON

FSYNC_VOL_ON/FSYNC_VOL_ATTACH can be called to "online" a volume that
was actually kept online for the duration of the volume operation.
Avoid calling VPreAttachVolumeByVp_r for such a volume if it's already
attached, in order to avoid an unnecessary log message and to save a
tiny bit of processing.

Change-Id: I7776b933599ec0488941ccbd9a8e1279f5a552f4
Reviewed-on: http://gerrit.openafs.org/6167
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoDAFS: Log more for VPreAttachVolumeByVp odd states
Andrew Deason [Wed, 30 Nov 2011 23:21:32 +0000]
DAFS: Log more for VPreAttachVolumeByVp odd states

When we encounter "odd" states in VPreAttachVolumeByVp_r, say what the
actual state we encountered was, along with the attach flags, so we
have a better idea of what's going on.

Change-Id: Ic5d07d249db7b51301b3ac903ba987cfa21922ee
Reviewed-on: http://gerrit.openafs.org/6166
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoDAFS: Ensure GetVolume errors on ERROR volumes
Andrew Deason [Wed, 30 Nov 2011 23:08:57 +0000]
DAFS: Ensure GetVolume errors on ERROR volumes

In GetVolume, after we call VAttachVolumeByVp_r, there is no explicit
check to see if vp is in VOL_STATE_ERROR state. Make sure we don't try
to use such a volume, or blindly transition the volume away from that
state.

Change-Id: Ib2c975ac215eeff28b4ff5f5bb0a387298d7aab9
Reviewed-on: http://gerrit.openafs.org/6165
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoDAFS: Do not transition to ERROR on trivial errors
Andrew Deason [Wed, 30 Nov 2011 20:36:06 +0000]
DAFS: Do not transition to ERROR on trivial errors

attach2 can result in many different errors; some indicate that the
volume is in an inconsistent state, but many others just indicate that
the volume cannot be attached for benign reasons (such as VNOVOL if
the volume doesn't exist, or VOFFLINE if the volume is being used by a
volume utility). Currently, for DAFS, attach2 transitions the relevant
volume to the VOL_STATE_ERROR state for almost all errors encountered,
even the benign ones. Instead, skip the error state transition for
error handling paths that do not reflect a "broken" volume.

Change-Id: I07754f715920c4ee30fb156fb2412d1e1a7e2597
Reviewed-on: http://gerrit.openafs.org/6164
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

9 years agoWindows: GetInfoTip really set return to NULL
Jeffrey Altman [Fri, 2 Dec 2011 23:49:23 +0000]
Windows: GetInfoTip really set return to NULL

When we are not returning an info-tip string from the shell
extension the string output parameter must be set to NULL.

Change-Id: I63cd9bbe078edd01e62d4b0c810a513dfbf205ae
Reviewed-on: http://gerrit.openafs.org/6183
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>