Page MenuHomeFreeBSD
Differential D50238

krb5: Fix handling of transient crypto request failures
ClosedPublic
Actions

Authored by markj on May 7 2025, 12:32 PM.
Tags
None
Referenced Files
F150052892: D50238.id.diff
Sun, Mar 29, 12:49 AM
Unknown Object (File)
Mon, Mar 23, 7:17 PM
Unknown Object (File)
Sun, Mar 22, 7:48 PM
Unknown Object (File)
Sat, Feb 28, 8:05 AM
Unknown Object (File)
Sat, Feb 28, 2:12 AM
Unknown Object (File)
Jan 30 2026, 6:09 PM
Unknown Object (File)
Jan 21 2026, 3:03 AM
Unknown Object (File)
Jan 20 2026, 3:02 AM
View All 58 Files
Subscribers
imp

Details

Reviewers
jhb
Commits
rGcdf6e2d9feec: krb5: Fix handling of transient crypto request failures
rG04421fda140b: krb5: Fix handling of transient crypto request failures
Summary
  • Instead of using CRYPTO_F_DONE to decide whether a request has completed, use a custom protocol of setting crp_opaque = NULL in the callback and checking that instead. CRYPTO_F_DONE is set independent of whether an error occurred, but for transient errors signaled by EAGAIN, we want to simply retry the request.
  • Clear CRYPTO_F_DONE before retrying the request.
  • Panic if the request truly failed, as we currently have no way to pass hard errors back up.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
kgssapi/
krb5/
30 lines

Diff 155165

View Options

sys/kgssapi/krb5/kcrypto_aes.c

Loading...