[DRBD-cvs] r1727 - in trunk: drbd/linux scripts user
svn at svn.drbd.org
svn at svn.drbd.org
Wed Jan 19 22:24:59 CET 2005
Author: phil
Date: 2005-01-19 22:24:55 +0100 (Wed, 19 Jan 2005)
New Revision: 1727
Modified:
trunk/drbd/linux/drbd.h
trunk/scripts/drbd.conf
trunk/user/drbdadm_parser.y
trunk/user/drbdadm_scanner.fl
trunk/user/drbdsetup.c
Log:
User space part for the challenge/response authentication.
Modified: trunk/drbd/linux/drbd.h
===================================================================
--- trunk/drbd/linux/drbd.h 2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/drbd/linux/drbd.h 2005-01-19 21:24:55 UTC (rev 1727)
@@ -60,6 +60,8 @@
the AF_UNIX size (see net/unix/af_unix.c
:unix_mkname()).
*/
+#define CRYPTO_MAX_ALG_NAME 64
+#define SHARED_SECRET_MAX 64
enum io_error_handler {
PassOn,
@@ -85,6 +87,8 @@
struct net_config {
IN char my_addr[MAX_SOCK_ADDR];
IN char other_addr[MAX_SOCK_ADDR];
+ IN char shared_secret[SHARED_SECRET_MAX];
+ IN char cram_hmac_alg[CRYPTO_MAX_ALG_NAME];
IN int my_addr_len;
IN int other_addr_len;
IN int timeout; // deci seconds
Modified: trunk/scripts/drbd.conf
===================================================================
--- trunk/scripts/drbd.conf 2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/scripts/drbd.conf 2005-01-19 21:24:55 UTC (rev 1727)
@@ -212,6 +212,9 @@
# one of these filesystems. Do not enable it for ext2,
# ext3,reiserFS,XFS,JFS etc...
# allow-two-primaries;
+
+ # cram-hmac-alg=sha1;
+ # shared-secret="FooFunFactory";
}
syncer {
Modified: trunk/user/drbdadm_parser.y
===================================================================
--- trunk/user/drbdadm_parser.y 2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/user/drbdadm_parser.y 2005-01-19 21:24:55 UTC (rev 1727)
@@ -249,7 +249,7 @@
%token <txt> TK_KO_COUNT TK_ON_DISCONNECT TK_DIALOG_REFRESH
%token <txt> TK_ALLOW_TWO_PRIMARIES
%token <txt> TK_PRI_ON_INCON_DEGR TK_PRI_SEES_SEC_WITH_HIGHER_GC
-%token <txt> TK_OUTDATE_PEER
+%token <txt> TK_OUTDATE_PEER TK_CRAM_HMAC_ALG TK_SHARED_SECRET
%type <txt> hostname resource_name
%type <d_option> disk_stmts disk_stmt
@@ -373,6 +373,8 @@
{ range_check(R_KO_COUNT,$1,$2); $$=new_opt($1,$2); }
| TK_ON_DISCONNECT TK_STRING { $$=new_opt($1,$2); }
| TK_ALLOW_TWO_PRIMARIES { $$=new_opt($1,0); }
+ | TK_CRAM_HMAC_ALG TK_STRING { $$=new_opt($1,$2); }
+ | TK_SHARED_SECRET TK_STRING { $$=new_opt($1,$2); }
;
sync_stmts: /* empty */ { $$ = 0; }
Modified: trunk/user/drbdadm_scanner.fl
===================================================================
--- trunk/user/drbdadm_scanner.fl 2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/user/drbdadm_scanner.fl 2005-01-19 21:24:55 UTC (rev 1727)
@@ -255,7 +255,10 @@
ko-count do_assign(NUM); CP; return TK_KO_COUNT;
on-disconnect do_assign(ON_DISCONNECT); CP; return TK_ON_DISCONNECT;
allow-two-primaries yy_push_state(SEMICOLON); CP; return TK_ALLOW_TWO_PRIMARIES;
- {NDELIM} expect_error("one of 'sndbuf-size|timeout|ping-int|connect-int|max-buffers|max-epoch-size|ko-count|on-disconnect'");
+ cram-hmac-alg do_assign(STRING); CP; return TK_CRAM_HMAC_ALG;
+ shared-secret do_assign(STRING); CP; return TK_SHARED_SECRET;
+
+ {NDELIM} expect_error("one of 'sndbuf-size|timeout|ping-int|connect-int|max-buffers|max-epoch-size|ko-count|on-disconnect|cram-hmac-alg|shared-secret'");
}
<SYNCER>{
Modified: trunk/user/drbdsetup.c
===================================================================
--- trunk/user/drbdsetup.c 2005-01-18 20:57:51 UTC (rev 1726)
+++ trunk/user/drbdsetup.c 2005-01-19 21:24:55 UTC (rev 1727)
@@ -163,6 +163,8 @@
{ "ko-count", required_argument, 0, 'k' },
{ "on-disconnect",required_argument, 0, 'd' },
{ "allow-two-primaries",no_argument, 0, 'm' },
+ { "cram-hmac-alg",required_argument, 0, 'a' },
+ { "shared-secret",required_argument, 0, 'x' },
{ 0, 0, 0, 0 } } },
{"disk", cmd_disk_conf,(char *[]){"lower_dev","meta_data_dev",
"meta_data_index",0},
@@ -451,6 +453,8 @@
cn->config.sndbuf_size = DEF_SNDBUF_SIZE ;
cn->config.on_disconnect = DEF_ON_DISCONNECT;
cn->config.two_primaries = DEF_TWO_PRIMARIES;
+ cn->config.cram_hmac_alg[0] = 0;
+ cn->config.shared_secret[0] = 0;
if(argc==0) return 0;
@@ -506,6 +510,12 @@
fprintf(stderr,"%s: '%s' is an invalid on-disconnect handler.\n",
cmdname,optarg);
return 20;
+ case 'a':
+ strncpy(cn->config.cram_hmac_alg,optarg,CRYPTO_MAX_ALG_NAME);
+ break;
+ case 'x':
+ strncpy(cn->config.shared_secret,optarg,SHARED_SECRET_MAX);
+ break;
case 1: // non option argument. see getopt_long(3)
fprintf(stderr,"%s: Unexpected nonoption argument '%s'\n",cmdname,optarg);
case '?':
More information about the drbd-cvs
mailing list