From: Philipp Reisner <philipp.reisner@linbit.com>
Date: Mon, 28 Apr 2014 16:43:30 +0000 (+0200)
Subject: drbd: Fix a hole in the challange-response connection authentication
X-Git-Tag: omap-for-v3.17/soc-cleanup~42^2~7^2~25
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=67cca286caa6e33f3134bd36834d2484538f4f78;p=pandora-kernel.git

drbd: Fix a hole in the challange-response connection authentication

In the implementation as it was, the two peers sent each other
a challenge, and expects the challenge hashed with the shared
secret back.

A attacker could simply wait for the challenge of the peer, and
send the same challenge back. Then it waits for the response, and
sends the same response back.

Prevent this by not accepting a challenge from the peer that is
the same as the challenge sent to the peer.

Signed-off-by: Philipp Reisner <philipp.reisner@linbit.com>
Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
---

Reading git-diff-tree failed