git://git.whamcloud.com - fs/lustre-release.git/commit

author	Sebastien Buisson <sbuisson@ddn.com>
	Thu, 19 Dec 2019 14:30:11 +0000 (23:30 +0900)
committer	Oleg Drokin <green@whamcloud.com>
	Tue, 17 Mar 2020 03:41:05 +0000 (03:41 +0000)
commit	6724002732c1bedb4ae4217871d432972672747e
tree	fd2585327a62a6803e94bac5bdc0a67f160516cd	tree \| snapshot
parent	26e8f1137b82b26dca0219f58543ea6edd9a30ae	commit \| diff

LU-12992 gss: retry in case of short computed shared key

Lustre uses OpenSSL's DH_compute_key() to compute shared secret key.
There is around 1 chance out of 256 that the returned shared key
is shorter than expected.
https://www.qacafe.com/articles/router-vpn-implementation-pitfalls/
If the returned key is short by 1 or 2 bytes, we prepend it with 0s.
Otherwise, we retry twice as it should finally be the expected length.

Test-Parameters: envdefinitions=SHARED_KEY=true testlist=sanity,recovery-small
Test-Parameters: envdefinitions=SHARED_KEY=true testlist=sanity,recovery-small
Test-Parameters: envdefinitions=SHARED_KEY=true testlist=sanity,recovery-small
Test-Parameters: envdefinitions=SHARED_KEY=true testlist=sanity,recovery-small
Test-Parameters: envdefinitions=SHARED_KEY=true testlist=sanity,recovery-small
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I519194ef52539ca9a6305120fbf00b60ca985b1f
Reviewed-on: https://review.whamcloud.com/37064
Tested-by: jenkins <devops@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Jeremy Filizetti <jeremy.filizetti@gmail.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

lustre/utils/gss/lgss_sk_utils.c		diff \| blob \| history
lustre/utils/gss/sk_utils.c		diff \| blob \| history
lustre/utils/gss/svcgssd_proc.c		diff \| blob \| history