[DRBD-cvs] r1727 - in trunk: drbd/linux scripts user

svn at svn.drbd.org svn at svn.drbd.org
Wed Jan 19 22:24:59 CET 2005 

Author: phil
Date: 2005-01-19 22:24:55 +0100 (Wed, 19 Jan 2005)
New Revision: 1727

Modified:
   trunk/drbd/linux/drbd.h
   trunk/scripts/drbd.conf
   trunk/user/drbdadm_parser.y
   trunk/user/drbdadm_scanner.fl
   trunk/user/drbdsetup.c
Log:
User space part for the challenge/response authentication.


Modified: trunk/drbd/linux/drbd.h
===================================================================
--- trunk/drbd/linux/drbd.h	2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/drbd/linux/drbd.h	2005-01-19 21:24:55 UTC (rev 1727)
@@ -60,6 +60,8 @@
 				   the AF_UNIX size (see net/unix/af_unix.c
 				   :unix_mkname()).
 				 */
+#define CRYPTO_MAX_ALG_NAME 64
+#define SHARED_SECRET_MAX   64
 
 enum io_error_handler {
 	PassOn,
@@ -85,6 +87,8 @@
 struct net_config {
 	IN char     my_addr[MAX_SOCK_ADDR];
 	IN char     other_addr[MAX_SOCK_ADDR];
+	IN char     shared_secret[SHARED_SECRET_MAX];
+	IN char     cram_hmac_alg[CRYPTO_MAX_ALG_NAME];
 	IN int      my_addr_len;
 	IN int      other_addr_len;
 	IN int      timeout;          // deci seconds

Modified: trunk/scripts/drbd.conf
===================================================================
--- trunk/scripts/drbd.conf	2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/scripts/drbd.conf	2005-01-19 21:24:55 UTC (rev 1727)
@@ -212,6 +212,9 @@
     # one of these filesystems. Do not enable it for ext2,
     # ext3,reiserFS,XFS,JFS etc...
     # allow-two-primaries;
+
+    # cram-hmac-alg=sha1;
+    # shared-secret="FooFunFactory";
   }
 
   syncer {

Modified: trunk/user/drbdadm_parser.y
===================================================================
--- trunk/user/drbdadm_parser.y	2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/user/drbdadm_parser.y	2005-01-19 21:24:55 UTC (rev 1727)
@@ -249,7 +249,7 @@
 %token <txt> TK_KO_COUNT TK_ON_DISCONNECT TK_DIALOG_REFRESH
 %token <txt> TK_ALLOW_TWO_PRIMARIES
 %token <txt> TK_PRI_ON_INCON_DEGR TK_PRI_SEES_SEC_WITH_HIGHER_GC
-%token <txt> TK_OUTDATE_PEER
+%token <txt> TK_OUTDATE_PEER TK_CRAM_HMAC_ALG TK_SHARED_SECRET
 
 %type <txt> hostname resource_name
 %type <d_option> disk_stmts disk_stmt
@@ -373,6 +373,8 @@
 		{ range_check(R_KO_COUNT,$1,$2);	$$=new_opt($1,$2); }
 		| TK_ON_DISCONNECT  TK_STRING	{	$$=new_opt($1,$2); }
 		| TK_ALLOW_TWO_PRIMARIES	{	$$=new_opt($1,0);  }
+		| TK_CRAM_HMAC_ALG  TK_STRING	{	$$=new_opt($1,$2); }
+		| TK_SHARED_SECRET  TK_STRING	{	$$=new_opt($1,$2); }
 		;
 
 sync_stmts:	  /* empty */	           { $$ = 0; }

Modified: trunk/user/drbdadm_scanner.fl
===================================================================
--- trunk/user/drbdadm_scanner.fl	2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/user/drbdadm_scanner.fl	2005-01-19 21:24:55 UTC (rev 1727)
@@ -255,7 +255,10 @@
   ko-count		do_assign(NUM);   CP; return TK_KO_COUNT;
   on-disconnect 	do_assign(ON_DISCONNECT); CP; return TK_ON_DISCONNECT;
   allow-two-primaries   yy_push_state(SEMICOLON); CP; return TK_ALLOW_TWO_PRIMARIES;
-  {NDELIM}		expect_error("one of 'sndbuf-size|timeout|ping-int|connect-int|max-buffers|max-epoch-size|ko-count|on-disconnect'");
+  cram-hmac-alg		do_assign(STRING); CP; return TK_CRAM_HMAC_ALG;
+  shared-secret		do_assign(STRING); CP; return TK_SHARED_SECRET;
+
+  {NDELIM}		expect_error("one of 'sndbuf-size|timeout|ping-int|connect-int|max-buffers|max-epoch-size|ko-count|on-disconnect|cram-hmac-alg|shared-secret'");
 }
 
 <SYNCER>{

Modified: trunk/user/drbdsetup.c
===================================================================
--- trunk/user/drbdsetup.c	2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/user/drbdsetup.c	2005-01-19 21:24:55 UTC (rev 1727)
@@ -163,6 +163,8 @@
      { "ko-count",   required_argument, 0, 'k' },
      { "on-disconnect",required_argument, 0, 'd' },
      { "allow-two-primaries",no_argument, 0, 'm' },
+     { "cram-hmac-alg",required_argument, 0, 'a' },
+     { "shared-secret",required_argument, 0, 'x' },
      { 0,            0,                 0, 0 } } },
   {"disk", cmd_disk_conf,(char *[]){"lower_dev","meta_data_dev",
 				    "meta_data_index",0},
@@ -451,6 +453,8 @@
   cn->config.sndbuf_size = DEF_SNDBUF_SIZE ;
   cn->config.on_disconnect = DEF_ON_DISCONNECT;
   cn->config.two_primaries = DEF_TWO_PRIMARIES;
+  cn->config.cram_hmac_alg[0] = 0;
+  cn->config.shared_secret[0] = 0;
 
   if(argc==0) return 0;
 
@@ -506,6 +510,12 @@
 	  fprintf(stderr,"%s: '%s' is an invalid on-disconnect handler.\n",
 		  cmdname,optarg);
 	  return 20;
+	case 'a':
+	  strncpy(cn->config.cram_hmac_alg,optarg,CRYPTO_MAX_ALG_NAME);
+	  break;
+	case 'x':
+	  strncpy(cn->config.shared_secret,optarg,SHARED_SECRET_MAX);
+	  break;
 	case 1:	// non option argument. see getopt_long(3)
 	  fprintf(stderr,"%s: Unexpected nonoption argument '%s'\n",cmdname,optarg);
 	case '?':

More information about the drbd-cvs mailing list