Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-09-25 09:23:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

drbd: Don't go into StandAlone mode when authentification failes because of network error

Browse Source 
Signed-off-by: Philipp Reisner <philipp.reisner@linbit.com>
Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
This commit is contained in:
Johannes Thoma 2010-01-07 16:02:50 +01:00 committed by Philipp Reisner
parent 36bfc7e210
commit b10d96cb9c
1 changed files with 22 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
drivers/block/drbd/drbd_receiver.c
View File

@ -878,9 +878,13 @@ retry:
if (mdev->cram_hmac_tfm) {
/* drbd_request_state(mdev, NS(conn, WFAuth)); */
if (!drbd_do_auth(mdev)) {
switch (drbd_do_auth(mdev)) {
case -1:
dev_err(DEV, "Authentication of peer failed\n");
return -1;
case 0:
dev_err(DEV, "Authentication of peer failed, trying again.\n");
return 0;
}
}
@ -3831,10 +3835,17 @@ static int drbd_do_auth(struct drbd_conf *mdev)
{
dev_err(DEV, "This kernel was build without CONFIG_CRYPTO_HMAC.\n");
dev_err(DEV, "You need to disable 'cram-hmac-alg' in drbd.conf.\n");
return 0;
return -1;
}
#else
#define CHALLENGE_LEN 64
/* Return value:
1 - auth succeeded,
0 - failed, try again (network error),
-1 - auth failed, don't try again.
*/
static int drbd_do_auth(struct drbd_conf *mdev)
{
char my_challenge[CHALLENGE_LEN]; /* 64 Bytes... */
@ -3855,7 +3866,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
(u8 *)mdev->net_conf->shared_secret, key_len);
if (rv) {
dev_err(DEV, "crypto_hash_setkey() failed with %d\n", rv);
rv = 0;
rv = -1;
goto fail;
}
@ -3878,14 +3889,14 @@ static int drbd_do_auth(struct drbd_conf *mdev)
if (p.length > CHALLENGE_LEN*2) {
dev_err(DEV, "expected AuthChallenge payload too big.\n");
rv = 0;
rv = -1;
goto fail;
}
peers_ch = kmalloc(p.length, GFP_NOIO);
if (peers_ch == NULL) {
dev_err(DEV, "kmalloc of peers_ch failed\n");
rv = 0;
rv = -1;
goto fail;
}
@ -3901,7 +3912,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
response = kmalloc(resp_size, GFP_NOIO);
if (response == NULL) {
dev_err(DEV, "kmalloc of response failed\n");
rv = 0;
rv = -1;
goto fail;
}
@ -3911,7 +3922,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
rv = crypto_hash_digest(&desc, &sg, sg.length, response);
if (rv) {
dev_err(DEV, "crypto_hash_digest() failed with %d\n", rv);
rv = 0;
rv = -1;
goto fail;
}
@ -3947,7 +3958,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
right_response = kmalloc(resp_size, GFP_NOIO);
if (right_response == NULL) {
dev_err(DEV, "kmalloc of right_response failed\n");
rv = 0;
rv = -1;
goto fail;
}
@ -3956,7 +3967,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
rv = crypto_hash_digest(&desc, &sg, sg.length, right_response);
if (rv) {
dev_err(DEV, "crypto_hash_digest() failed with %d\n", rv);
rv = 0;
rv = -1;
goto fail;
}
@ -3965,6 +3976,8 @@ static int drbd_do_auth(struct drbd_conf *mdev)
if (rv)
dev_info(DEV, "Peer authenticated using %d bytes of '%s' HMAC\n",
resp_size, mdev->net_conf->cram_hmac_alg);
else
rv = -1;
fail:
kfree(peers_ch);