Before we would refuse to recurse, but would still give
a response with hints back. Some nefarious clients will interpret the
lack of a Refused response code as us being an open resolver.
When clunking a Fid while the file-system is read
only, dont just free the Amsg, but also drop the
references to dent and mnt.
Make clunkfid() nil fid->rclose, so no reuse
after free is possible.
Make clunkfid() always set the return pointer,
avoid missing prior initialization.
Do not abuse fidtab lock for serializing
clunking.
The clunk should serialize on Fid.Lock
instead, so add a canlock check here.
The lock order is strictly:
Fid.Lock > Conn.fidtab[x].Lock
The AuthRpc was attached to the Fid, but this doesnt
work as it does not handle dupfid() properly.
Instead attach the AuthRpc to the directory entry,
which is refcounted.
The dupfid() function retuns the new Fid* struct with
an extra reference. If we don't use it, we have to
putfid() it.
Use ainc()/adec() consistently and dont mix it with
agetl().
Before, we would just leak all the "Conn"
structures.
fshangup() could cause problems as it just
forcefully closes the file descriptors,
not considering someone else going to
write them afterwards.
Instead, we add a "hangup" flag to Conn,
which readers and writers check before
attempting i/o.
And we only close the file-descriptors
when the last reader/writer drops the
connection. (Make it ref-counted).
For faster teardown, also preserve the
"ctl" file descriptor from listen()
amd use it to kill the connection quickly
when fshangup() is called.
When at the task of decomposing a rune into its
"button" and "rune", also consider the keyboard
map table with the escaped scancodes.
This fixes Shift + left/right combinations in
drawterm.
For each connection, remember if authentication
protocol ran successfully and only then, allow
attach as 'none' user.
This prevents anonymous remote mounts of none.
The 'none' user also shouldnt attach to the dump
file system.
The Tauth for "none" should always fail,
but Tattach should only succeed when
the channel ran a successfull authentication
before.
Also, prevent "none" from attaching "dump".
We want to implement "none" attaches for hjfs,
but only if the 9p-"channel" ran a successfull
authentication before, to prevent anonymous
remote mounts as "none".
Add a flag to the Srv struct for this.
Before this it was possible to Tauth and Tattach with one
user name and then authenticate with factotum using a different
user name. To fix this we now ensure that the uname matches the returned
cuid from AuthInfo.
This security bug is still pending a cute mascot and theme song.
when appending to a directory, the copy of the offset in the dent was
set to the offset that the write was supposed to happen at -- however,
for DMAPPEND files the offset is always at the end of the file. Until
the file was closed, stat would show the wrong directory info.
Implement a hangup ctl command that flushes the
queues, but keeps the filter around.
This can be usefull for low-overhead traffic blocking,
as only the file-descriptor needs to be kept around
and the queues can be flushed.
No user-space process is needed to consume packets
and no buffers are wasted.
example:
aux/dial -e -o hangup 'ipmux!ver=4;src=8.8.8.8' rc -c 'echo 0 > /srv/blocked'
rm /srv/blocked
It seems some protocols are unprepared to
deal with ipoput*() raising an error
(thrown from ifc->m->bwrite()).
so catch it and return -1 (no route) instead.
We were accidentally searching the key for '&', instead of the value.
Inferno received this exact fix at some point, but it never made it back to Plan 9.
the installed version of git has a bug; removing
this file will trigger some spurious removals of
test files, so hold off deleting it until people
have time to install a fixed git
directories need to sort as though they end with a '/',
when running through them for comparison, otherwise we
flag files as added and removed spuriously, leading to
them incorrectly getting deleted when merging commits.
Instead of Proc { Mach *mp; Mach *wired; },
track affinity by an integer representing
the mach number instead.
This simplifies the code as it avoids needing
to compare with MACHP(m->machno).
Wiering a process to a processor is now done
by just assigning affinity and then set a flag
that it should not change.
Call procpriority() when we want to change
priority of a process instead of managing
the fields directly.
