git://git.whamcloud.com - fs/lustre-release.git/commit

author	Sebastien Buisson <sbuisson@ddn.com>
	Fri, 8 Dec 2023 08:05:04 +0000 (09:05 +0100)
committer	Andreas Dilger <adilger@whamcloud.com>
	Fri, 29 Dec 2023 10:52:01 +0000 (10:52 +0000)
commit	e9e8f4f3b492393110cb2deb8a0854f24d1b719f
tree	4d389e13db54b1ed709e73ec8c0982868f0bed5f	tree \| snapshot
parent	7e894a2a29edd9c3df14ed17405323073e940591	commit \| diff

LU-17317 gss: do not continue using expired reverse context

In case a server uses an expired gss context to send a callback
request to a client, it might be that the associated context on
the client has already expired, and been purged from the cache.
This results in a GSS_S_NO_CONTEXT reply.
In this specific scenario, the server must mark its reverse context
as dead. This will lead to destruction of the expired context, and
creation of a new context suitable for further callback requests.

Lustre-change: https://review.whamcloud.com/53375
Lustre-commit: TBD (65f91673262098aa6d97448f68a036b0f2cdfd98)

Test-Parameters: kerberos=true testlist=sanity-krb5
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I4af90cd70a3815851ec555ea85b49714c8da4202
Reviewed-on: https://review.whamcloud.com/c/ex/lustre-release/+/53369
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>

lustre/ptlrpc/gss/gss_keyring.c		diff \| blob \| history
lustre/ptlrpc/gss/sec_gss.c		diff \| blob \| history