drbd: Don't go into StandAlone mode when authentification failes because of network error (b10d96cb) · Commits · 戴 / test

drivers/block/drbd/drbd_receiver.c

+22 −9

Original line number	Diff line number	Diff line
		@@ -878,9 +878,13 @@ retry:

		if (mdev->cram_hmac_tfm) {
		/* drbd_request_state(mdev, NS(conn, WFAuth)); */
		if (!drbd_do_auth(mdev)) {
		switch (drbd_do_auth(mdev)) {
		case -1:
		dev_err(DEV, "Authentication of peer failed\n");
		return -1;
		case 0:
		dev_err(DEV, "Authentication of peer failed, trying again.\n");
		return 0;
		}
		}

		@@ -3831,10 +3835,17 @@ static int drbd_do_auth(struct drbd_conf *mdev)
		{
		dev_err(DEV, "This kernel was build without CONFIG_CRYPTO_HMAC.\n");
		dev_err(DEV, "You need to disable 'cram-hmac-alg' in drbd.conf.\n");
		return 0;
		return -1;
		}
		#else
		#define CHALLENGE_LEN 64

		/* Return value:
		1 - auth succeeded,
		0 - failed, try again (network error),
		-1 - auth failed, don't try again.
		*/

		static int drbd_do_auth(struct drbd_conf *mdev)
		{
		char my_challenge[CHALLENGE_LEN]; /* 64 Bytes... */
		@@ -3855,7 +3866,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
		(u8 *)mdev->net_conf->shared_secret, key_len);
		if (rv) {
		dev_err(DEV, "crypto_hash_setkey() failed with %d\n", rv);
		rv = 0;
		rv = -1;
		goto fail;
		}

		@@ -3878,14 +3889,14 @@ static int drbd_do_auth(struct drbd_conf *mdev)

		if (p.length > CHALLENGE_LEN*2) {
		dev_err(DEV, "expected AuthChallenge payload too big.\n");
		rv = 0;
		rv = -1;
		goto fail;
		}

		peers_ch = kmalloc(p.length, GFP_NOIO);
		if (peers_ch == NULL) {
		dev_err(DEV, "kmalloc of peers_ch failed\n");
		rv = 0;
		rv = -1;
		goto fail;
		}

		@@ -3901,7 +3912,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
		response = kmalloc(resp_size, GFP_NOIO);
		if (response == NULL) {
		dev_err(DEV, "kmalloc of response failed\n");
		rv = 0;
		rv = -1;
		goto fail;
		}

		@@ -3911,7 +3922,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
		rv = crypto_hash_digest(&desc, &sg, sg.length, response);
		if (rv) {
		dev_err(DEV, "crypto_hash_digest() failed with %d\n", rv);
		rv = 0;
		rv = -1;
		goto fail;
		}

		@@ -3947,7 +3958,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
		right_response = kmalloc(resp_size, GFP_NOIO);
		if (right_response == NULL) {
		dev_err(DEV, "kmalloc of right_response failed\n");
		rv = 0;
		rv = -1;
		goto fail;
		}

		@@ -3956,7 +3967,7 @@ static int drbd_do_auth(struct drbd_conf *mdev)
		rv = crypto_hash_digest(&desc, &sg, sg.length, right_response);
		if (rv) {
		dev_err(DEV, "crypto_hash_digest() failed with %d\n", rv);
		rv = 0;
		rv = -1;
		goto fail;
		}

		@@ -3965,6 +3976,8 @@ static int drbd_do_auth(struct drbd_conf *mdev)
		if (rv)
		dev_info(DEV, "Peer authenticated using %d bytes of '%s' HMAC\n",
		resp_size, mdev->net_conf->cram_hmac_alg);
		else
		rv = -1;

		fail:
		kfree(peers_ch);

Admin message