2 * SPDX-License-Identifier: BSD-3-Clause
3 * Copyright (c) 1990 The Regents of the University of California.
5 * Copyright (c) 2008 Doug Rabson
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 Copyright (c) 2000 The Regents of the University of Michigan.
35 Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>.
36 All rights reserved, all wrongs reversed.
38 Redistribution and use in source and binary forms, with or without
39 modification, are permitted provided that the following conditions
42 1. Redistributions of source code must retain the above copyright
43 notice, this list of conditions and the following disclaimer.
44 2. Redistributions in binary form must reproduce the above copyright
45 notice, this list of conditions and the following disclaimer in the
46 documentation and/or other materials provided with the distribution.
47 3. Neither the name of the University nor the names of its
48 contributors may be used to endorse or promote products derived
49 from this software without specific prior written permission.
51 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
52 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
53 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
54 DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
55 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
56 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
57 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
58 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
59 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
60 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
61 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
63 $Id: svc_auth_gss.c,v 1.27 2002/01/15 15:43:00 andros Exp $
66 #include <sys/cdefs.h>
67 __FBSDID("$FreeBSD$");
69 #include <sys/param.h>
70 #include <sys/systm.h>
72 #include <sys/kernel.h>
75 #include <sys/malloc.h>
77 #include <sys/mutex.h>
80 #include <sys/ucred.h>
83 #include <rpc/rpcsec_gss.h>
85 #include "rpcsec_gss_int.h"
87 static bool_t svc_rpc_gss_wrap(SVCAUTH *, struct mbuf **);
88 static bool_t svc_rpc_gss_unwrap(SVCAUTH *, struct mbuf **);
89 static void svc_rpc_gss_release(SVCAUTH *);
90 static enum auth_stat svc_rpc_gss(struct svc_req *, struct rpc_msg *);
91 static int rpc_gss_svc_getcred(struct svc_req *, struct ucred **, int *);
93 static struct svc_auth_ops svc_auth_gss_ops = {
99 struct sx svc_rpc_gss_lock;
101 struct svc_rpc_gss_callback {
102 SLIST_ENTRY(svc_rpc_gss_callback) cb_link;
103 rpc_gss_callback_t cb_callback;
105 static SLIST_HEAD(svc_rpc_gss_callback_list, svc_rpc_gss_callback)
106 svc_rpc_gss_callbacks = SLIST_HEAD_INITIALIZER(svc_rpc_gss_callbacks);
108 struct svc_rpc_gss_svc_name {
109 SLIST_ENTRY(svc_rpc_gss_svc_name) sn_link;
113 gss_cred_id_t sn_cred;
117 static SLIST_HEAD(svc_rpc_gss_svc_name_list, svc_rpc_gss_svc_name)
118 svc_rpc_gss_svc_names = SLIST_HEAD_INITIALIZER(svc_rpc_gss_svc_names);
120 enum svc_rpc_gss_client_state {
121 CLIENT_NEW, /* still authenticating */
122 CLIENT_ESTABLISHED, /* context established */
123 CLIENT_STALE /* garbage to collect */
126 #define SVC_RPC_GSS_SEQWINDOW 128
128 struct svc_rpc_gss_clientid {
129 unsigned long ci_hostid;
130 uint32_t ci_boottime;
134 struct svc_rpc_gss_client {
135 TAILQ_ENTRY(svc_rpc_gss_client) cl_link;
136 TAILQ_ENTRY(svc_rpc_gss_client) cl_alllink;
137 volatile u_int cl_refs;
139 struct svc_rpc_gss_clientid cl_id;
140 time_t cl_expiration; /* when to gc */
141 enum svc_rpc_gss_client_state cl_state; /* client state */
142 bool_t cl_locked; /* fixed service+qop */
143 gss_ctx_id_t cl_ctx; /* context id */
144 gss_cred_id_t cl_creds; /* delegated creds */
145 gss_name_t cl_cname; /* client name */
146 struct svc_rpc_gss_svc_name *cl_sname; /* server name used */
147 rpc_gss_rawcred_t cl_rawcred; /* raw credentials */
148 rpc_gss_ucred_t cl_ucred; /* unix-style credentials */
149 struct ucred *cl_cred; /* kernel-style credentials */
150 int cl_rpcflavor; /* RPC pseudo sec flavor */
151 bool_t cl_done_callback; /* TRUE after call */
152 void *cl_cookie; /* user cookie from callback */
153 gid_t cl_gid_storage[NGROUPS];
154 gss_OID cl_mech; /* mechanism */
155 gss_qop_t cl_qop; /* quality of protection */
156 uint32_t cl_seqlast; /* sequence window origin */
157 uint32_t cl_seqmask[SVC_RPC_GSS_SEQWINDOW/32]; /* bitmask of seqnums */
159 TAILQ_HEAD(svc_rpc_gss_client_list, svc_rpc_gss_client);
162 * This structure holds enough information to unwrap arguments or wrap
163 * results for a given request. We use the rq_clntcred area for this
164 * (which is a per-request buffer).
166 struct svc_rpc_gss_cookedcred {
167 struct svc_rpc_gss_client *cc_client;
168 rpc_gss_service_t cc_service;
172 #define CLIENT_HASH_SIZE 256
173 #define CLIENT_MAX 1024
174 u_int svc_rpc_gss_client_max = CLIENT_MAX;
175 u_int svc_rpc_gss_client_hash_size = CLIENT_HASH_SIZE;
177 SYSCTL_NODE(_kern, OID_AUTO, rpc, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
179 SYSCTL_NODE(_kern_rpc, OID_AUTO, gss, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
182 SYSCTL_UINT(_kern_rpc_gss, OID_AUTO, client_max, CTLFLAG_RW,
183 &svc_rpc_gss_client_max, 0,
184 "Max number of rpc-gss clients");
186 SYSCTL_UINT(_kern_rpc_gss, OID_AUTO, client_hash, CTLFLAG_RDTUN,
187 &svc_rpc_gss_client_hash_size, 0,
188 "Size of rpc-gss client hash table");
190 static u_int svc_rpc_gss_lifetime_max = 0;
191 SYSCTL_UINT(_kern_rpc_gss, OID_AUTO, lifetime_max, CTLFLAG_RW,
192 &svc_rpc_gss_lifetime_max, 0,
193 "Maximum lifetime (seconds) of rpc-gss clients");
195 static u_int svc_rpc_gss_client_count;
196 SYSCTL_UINT(_kern_rpc_gss, OID_AUTO, client_count, CTLFLAG_RD,
197 &svc_rpc_gss_client_count, 0,
198 "Number of rpc-gss clients");
200 struct svc_rpc_gss_client_list *svc_rpc_gss_client_hash;
201 struct svc_rpc_gss_client_list svc_rpc_gss_clients;
202 static uint32_t svc_rpc_gss_next_clientid = 1;
205 svc_rpc_gss_init(void *arg)
209 svc_rpc_gss_client_hash = mem_alloc(sizeof(struct svc_rpc_gss_client_list) * svc_rpc_gss_client_hash_size);
210 for (i = 0; i < svc_rpc_gss_client_hash_size; i++)
211 TAILQ_INIT(&svc_rpc_gss_client_hash[i]);
212 TAILQ_INIT(&svc_rpc_gss_clients);
213 svc_auth_reg(RPCSEC_GSS, svc_rpc_gss, rpc_gss_svc_getcred);
214 sx_init(&svc_rpc_gss_lock, "gsslock");
216 SYSINIT(svc_rpc_gss_init, SI_SUB_KMEM, SI_ORDER_ANY, svc_rpc_gss_init, NULL);
219 rpc_gss_set_callback(rpc_gss_callback_t *cb)
221 struct svc_rpc_gss_callback *scb;
223 scb = mem_alloc(sizeof(struct svc_rpc_gss_callback));
225 _rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOMEM);
228 scb->cb_callback = *cb;
229 sx_xlock(&svc_rpc_gss_lock);
230 SLIST_INSERT_HEAD(&svc_rpc_gss_callbacks, scb, cb_link);
231 sx_xunlock(&svc_rpc_gss_lock);
237 rpc_gss_clear_callback(rpc_gss_callback_t *cb)
239 struct svc_rpc_gss_callback *scb;
241 sx_xlock(&svc_rpc_gss_lock);
242 SLIST_FOREACH(scb, &svc_rpc_gss_callbacks, cb_link) {
243 if (scb->cb_callback.program == cb->program
244 && scb->cb_callback.version == cb->version
245 && scb->cb_callback.callback == cb->callback) {
246 SLIST_REMOVE(&svc_rpc_gss_callbacks, scb,
247 svc_rpc_gss_callback, cb_link);
248 sx_xunlock(&svc_rpc_gss_lock);
249 mem_free(scb, sizeof(*scb));
253 sx_xunlock(&svc_rpc_gss_lock);
257 rpc_gss_acquire_svc_cred(struct svc_rpc_gss_svc_name *sname)
259 OM_uint32 maj_stat, min_stat;
260 gss_buffer_desc namebuf;
262 gss_OID_set_desc oid_set;
265 oid_set.elements = sname->sn_mech;
267 namebuf.value = (void *) sname->sn_principal;
268 namebuf.length = strlen(sname->sn_principal);
270 maj_stat = gss_import_name(&min_stat, &namebuf,
271 GSS_C_NT_HOSTBASED_SERVICE, &name);
272 if (maj_stat != GSS_S_COMPLETE)
275 if (sname->sn_cred != GSS_C_NO_CREDENTIAL)
276 gss_release_cred(&min_stat, &sname->sn_cred);
278 maj_stat = gss_acquire_cred(&min_stat, name,
279 sname->sn_req_time, &oid_set, GSS_C_ACCEPT, &sname->sn_cred,
281 if (maj_stat != GSS_S_COMPLETE) {
282 gss_release_name(&min_stat, &name);
285 gss_release_name(&min_stat, &name);
291 rpc_gss_set_svc_name(const char *principal, const char *mechanism,
292 u_int req_time, u_int program, u_int version)
294 struct svc_rpc_gss_svc_name *sname;
297 if (!rpc_gss_mech_to_oid(mechanism, &mech_oid))
300 sname = mem_alloc(sizeof(*sname));
303 sname->sn_principal = strdup(principal, M_RPC);
304 sname->sn_mech = mech_oid;
305 sname->sn_req_time = req_time;
306 sname->sn_cred = GSS_C_NO_CREDENTIAL;
307 sname->sn_program = program;
308 sname->sn_version = version;
310 if (!rpc_gss_acquire_svc_cred(sname)) {
311 free(sname->sn_principal, M_RPC);
312 mem_free(sname, sizeof(*sname));
316 sx_xlock(&svc_rpc_gss_lock);
317 SLIST_INSERT_HEAD(&svc_rpc_gss_svc_names, sname, sn_link);
318 sx_xunlock(&svc_rpc_gss_lock);
324 rpc_gss_clear_svc_name(u_int program, u_int version)
327 struct svc_rpc_gss_svc_name *sname;
329 sx_xlock(&svc_rpc_gss_lock);
330 SLIST_FOREACH(sname, &svc_rpc_gss_svc_names, sn_link) {
331 if (sname->sn_program == program
332 && sname->sn_version == version) {
333 SLIST_REMOVE(&svc_rpc_gss_svc_names, sname,
334 svc_rpc_gss_svc_name, sn_link);
335 sx_xunlock(&svc_rpc_gss_lock);
336 gss_release_cred(&min_stat, &sname->sn_cred);
337 free(sname->sn_principal, M_RPC);
338 mem_free(sname, sizeof(*sname));
342 sx_xunlock(&svc_rpc_gss_lock);
346 rpc_gss_get_principal_name(rpc_gss_principal_t *principal,
347 const char *mech, const char *name, const char *node, const char *domain)
349 OM_uint32 maj_stat, min_stat;
353 gss_name_t gss_name, gss_mech_name;
354 rpc_gss_principal_t result;
356 if (!rpc_gss_mech_to_oid(mech, &mech_oid))
360 * Construct a gss_buffer containing the full name formatted
361 * as "name/node@domain" where node and domain are optional.
363 namelen = strlen(name) + 1;
365 namelen += strlen(node) + 1;
368 namelen += strlen(domain) + 1;
371 buf.value = mem_alloc(namelen);
372 buf.length = namelen;
373 strcpy((char *) buf.value, name);
375 strcat((char *) buf.value, "/");
376 strcat((char *) buf.value, node);
379 strcat((char *) buf.value, "@");
380 strcat((char *) buf.value, domain);
384 * Convert that to a gss_name_t and then convert that to a
385 * mechanism name in the selected mechanism.
387 maj_stat = gss_import_name(&min_stat, &buf,
388 GSS_C_NT_USER_NAME, &gss_name);
389 mem_free(buf.value, buf.length);
390 if (maj_stat != GSS_S_COMPLETE) {
391 rpc_gss_log_status("gss_import_name", mech_oid, maj_stat, min_stat);
394 maj_stat = gss_canonicalize_name(&min_stat, gss_name, mech_oid,
396 if (maj_stat != GSS_S_COMPLETE) {
397 rpc_gss_log_status("gss_canonicalize_name", mech_oid, maj_stat,
399 gss_release_name(&min_stat, &gss_name);
402 gss_release_name(&min_stat, &gss_name);
405 * Export the mechanism name and use that to construct the
406 * rpc_gss_principal_t result.
408 maj_stat = gss_export_name(&min_stat, gss_mech_name, &buf);
409 if (maj_stat != GSS_S_COMPLETE) {
410 rpc_gss_log_status("gss_export_name", mech_oid, maj_stat, min_stat);
411 gss_release_name(&min_stat, &gss_mech_name);
414 gss_release_name(&min_stat, &gss_mech_name);
416 result = mem_alloc(sizeof(int) + buf.length);
418 gss_release_buffer(&min_stat, &buf);
421 result->len = buf.length;
422 memcpy(result->name, buf.value, buf.length);
423 gss_release_buffer(&min_stat, &buf);
430 rpc_gss_getcred(struct svc_req *req, rpc_gss_rawcred_t **rcred,
431 rpc_gss_ucred_t **ucred, void **cookie)
433 struct svc_rpc_gss_cookedcred *cc;
434 struct svc_rpc_gss_client *client;
436 if (req->rq_cred.oa_flavor != RPCSEC_GSS)
439 cc = req->rq_clntcred;
440 client = cc->cc_client;
442 *rcred = &client->cl_rawcred;
444 *ucred = &client->cl_ucred;
446 *cookie = client->cl_cookie;
451 * This simpler interface is used by svc_getcred to copy the cred data
452 * into a kernel cred structure.
455 rpc_gss_svc_getcred(struct svc_req *req, struct ucred **crp, int *flavorp)
458 struct svc_rpc_gss_cookedcred *cc;
459 struct svc_rpc_gss_client *client;
462 if (req->rq_cred.oa_flavor != RPCSEC_GSS)
465 cc = req->rq_clntcred;
466 client = cc->cc_client;
469 *flavorp = client->cl_rpcflavor;
471 if (client->cl_cred) {
472 *crp = crhold(client->cl_cred);
476 uc = &client->cl_ucred;
477 cr = client->cl_cred = crget();
478 cr->cr_uid = cr->cr_ruid = cr->cr_svuid = uc->uid;
479 cr->cr_rgid = cr->cr_svgid = uc->gid;
480 crsetgroups(cr, uc->gidlen, uc->gidlist);
481 cr->cr_prison = &prison0;
482 prison_hold(cr->cr_prison);
489 rpc_gss_svc_max_data_length(struct svc_req *req, int max_tp_unit_len)
491 struct svc_rpc_gss_cookedcred *cc = req->rq_clntcred;
492 struct svc_rpc_gss_client *client = cc->cc_client;
495 OM_uint32 maj_stat, min_stat;
498 switch (client->cl_rawcred.service) {
499 case rpc_gss_svc_none:
500 return (max_tp_unit_len);
503 case rpc_gss_svc_default:
504 case rpc_gss_svc_integrity:
508 case rpc_gss_svc_privacy:
516 maj_stat = gss_wrap_size_limit(&min_stat, client->cl_ctx, want_conf,
517 client->cl_qop, max_tp_unit_len, &max);
519 if (maj_stat == GSS_S_COMPLETE) {
525 rpc_gss_log_status("gss_wrap_size_limit", client->cl_mech,
531 static struct svc_rpc_gss_client *
532 svc_rpc_gss_find_client(struct svc_rpc_gss_clientid *id)
534 struct svc_rpc_gss_client *client;
535 struct svc_rpc_gss_client_list *list;
536 struct timeval boottime;
537 unsigned long hostid;
539 rpc_gss_log_debug("in svc_rpc_gss_find_client(%d)", id->ci_id);
541 getcredhostid(curthread->td_ucred, &hostid);
542 getboottime(&boottime);
543 if (id->ci_hostid != hostid || id->ci_boottime != boottime.tv_sec)
546 list = &svc_rpc_gss_client_hash[id->ci_id % svc_rpc_gss_client_hash_size];
547 sx_xlock(&svc_rpc_gss_lock);
548 TAILQ_FOREACH(client, list, cl_link) {
549 if (client->cl_id.ci_id == id->ci_id) {
551 * Move this client to the front of the LRU
554 TAILQ_REMOVE(&svc_rpc_gss_clients, client, cl_alllink);
555 TAILQ_INSERT_HEAD(&svc_rpc_gss_clients, client,
557 refcount_acquire(&client->cl_refs);
561 sx_xunlock(&svc_rpc_gss_lock);
566 static struct svc_rpc_gss_client *
567 svc_rpc_gss_create_client(void)
569 struct svc_rpc_gss_client *client;
570 struct svc_rpc_gss_client_list *list;
571 struct timeval boottime;
572 unsigned long hostid;
574 rpc_gss_log_debug("in svc_rpc_gss_create_client()");
576 client = mem_alloc(sizeof(struct svc_rpc_gss_client));
577 memset(client, 0, sizeof(struct svc_rpc_gss_client));
580 * Set the initial value of cl_refs to two. One for the caller
581 * and the other to hold onto the client structure until it expires.
583 refcount_init(&client->cl_refs, 2);
584 sx_init(&client->cl_lock, "GSS-client");
585 getcredhostid(curthread->td_ucred, &hostid);
586 client->cl_id.ci_hostid = hostid;
587 getboottime(&boottime);
588 client->cl_id.ci_boottime = boottime.tv_sec;
589 client->cl_id.ci_id = svc_rpc_gss_next_clientid++;
592 * Start the client off with a short expiration time. We will
593 * try to get a saner value from the client creds later.
595 client->cl_state = CLIENT_NEW;
596 client->cl_locked = FALSE;
597 client->cl_expiration = time_uptime + 5*60;
599 list = &svc_rpc_gss_client_hash[client->cl_id.ci_id % svc_rpc_gss_client_hash_size];
600 sx_xlock(&svc_rpc_gss_lock);
601 TAILQ_INSERT_HEAD(list, client, cl_link);
602 TAILQ_INSERT_HEAD(&svc_rpc_gss_clients, client, cl_alllink);
603 svc_rpc_gss_client_count++;
604 sx_xunlock(&svc_rpc_gss_lock);
609 svc_rpc_gss_destroy_client(struct svc_rpc_gss_client *client)
613 rpc_gss_log_debug("in svc_rpc_gss_destroy_client()");
616 gss_delete_sec_context(&min_stat,
617 &client->cl_ctx, GSS_C_NO_BUFFER);
619 if (client->cl_cname)
620 gss_release_name(&min_stat, &client->cl_cname);
622 if (client->cl_rawcred.client_principal)
623 mem_free(client->cl_rawcred.client_principal,
624 sizeof(*client->cl_rawcred.client_principal)
625 + client->cl_rawcred.client_principal->len);
628 crfree(client->cl_cred);
630 sx_destroy(&client->cl_lock);
631 mem_free(client, sizeof(*client));
635 * Drop a reference to a client and free it if that was the last reference.
638 svc_rpc_gss_release_client(struct svc_rpc_gss_client *client)
641 if (!refcount_release(&client->cl_refs))
643 svc_rpc_gss_destroy_client(client);
647 * Remove a client from our global lists.
648 * Must be called with svc_rpc_gss_lock held.
651 svc_rpc_gss_forget_client_locked(struct svc_rpc_gss_client *client)
653 struct svc_rpc_gss_client_list *list;
655 sx_assert(&svc_rpc_gss_lock, SX_XLOCKED);
656 list = &svc_rpc_gss_client_hash[client->cl_id.ci_id % svc_rpc_gss_client_hash_size];
657 TAILQ_REMOVE(list, client, cl_link);
658 TAILQ_REMOVE(&svc_rpc_gss_clients, client, cl_alllink);
659 svc_rpc_gss_client_count--;
663 * Remove a client from our global lists and free it if we can.
666 svc_rpc_gss_forget_client(struct svc_rpc_gss_client *client)
668 struct svc_rpc_gss_client_list *list;
669 struct svc_rpc_gss_client *tclient;
671 list = &svc_rpc_gss_client_hash[client->cl_id.ci_id % svc_rpc_gss_client_hash_size];
672 sx_xlock(&svc_rpc_gss_lock);
673 TAILQ_FOREACH(tclient, list, cl_link) {
675 * Make sure this client has not already been removed
676 * from the lists by svc_rpc_gss_forget_client() or
677 * svc_rpc_gss_forget_client_locked().
679 if (client == tclient) {
680 svc_rpc_gss_forget_client_locked(client);
681 sx_xunlock(&svc_rpc_gss_lock);
682 svc_rpc_gss_release_client(client);
686 sx_xunlock(&svc_rpc_gss_lock);
690 svc_rpc_gss_timeout_clients(void)
692 struct svc_rpc_gss_client *client;
693 time_t now = time_uptime;
695 rpc_gss_log_debug("in svc_rpc_gss_timeout_clients()");
698 * First enforce the max client limit. We keep
699 * svc_rpc_gss_clients in LRU order.
701 sx_xlock(&svc_rpc_gss_lock);
702 client = TAILQ_LAST(&svc_rpc_gss_clients, svc_rpc_gss_client_list);
703 while (svc_rpc_gss_client_count > svc_rpc_gss_client_max && client != NULL) {
704 svc_rpc_gss_forget_client_locked(client);
705 sx_xunlock(&svc_rpc_gss_lock);
706 svc_rpc_gss_release_client(client);
707 sx_xlock(&svc_rpc_gss_lock);
708 client = TAILQ_LAST(&svc_rpc_gss_clients,
709 svc_rpc_gss_client_list);
712 TAILQ_FOREACH(client, &svc_rpc_gss_clients, cl_alllink) {
713 if (client->cl_state == CLIENT_STALE
714 || now > client->cl_expiration) {
715 svc_rpc_gss_forget_client_locked(client);
716 sx_xunlock(&svc_rpc_gss_lock);
717 rpc_gss_log_debug("expiring client %p", client);
718 svc_rpc_gss_release_client(client);
719 sx_xlock(&svc_rpc_gss_lock);
723 sx_xunlock(&svc_rpc_gss_lock);
728 * OID<->string routines. These are uuuuugly.
731 gss_oid_to_str(OM_uint32 *minor_status, gss_OID oid, gss_buffer_t oid_str)
734 unsigned long number;
736 size_t string_length;
741 /* Decoded according to krb5/gssapi_krb5.c */
743 /* First determine the size of the string */
747 cp = (unsigned char *) oid->elements;
748 number = (unsigned long) cp[0];
749 sprintf(numstr, "%ld ", number/40);
750 string_length += strlen(numstr);
751 sprintf(numstr, "%ld ", number%40);
752 string_length += strlen(numstr);
753 for (i=1; i<oid->length; i++) {
754 if ( (size_t) (numshift+7) < (sizeof(unsigned long)*8)) {
755 number = (number << 7) | (cp[i] & 0x7f);
760 return(GSS_S_FAILURE);
762 if ((cp[i] & 0x80) == 0) {
763 sprintf(numstr, "%ld ", number);
764 string_length += strlen(numstr);
770 * If we get here, we've calculated the length of "n n n ... n ". Add 4
771 * here for "{ " and "}\0".
774 if ((bp = malloc(string_length, M_GSSAPI, M_WAITOK | M_ZERO))) {
776 number = (unsigned long) cp[0];
777 sprintf(numstr, "%ld ", number/40);
779 sprintf(numstr, "%ld ", number%40);
782 cp = (unsigned char *) oid->elements;
783 for (i=1; i<oid->length; i++) {
784 number = (number << 7) | (cp[i] & 0x7f);
785 if ((cp[i] & 0x80) == 0) {
786 sprintf(numstr, "%ld ", number);
792 oid_str->length = strlen(bp)+1;
793 oid_str->value = (void *) bp;
795 return(GSS_S_COMPLETE);
798 return(GSS_S_FAILURE);
803 svc_rpc_gss_build_ucred(struct svc_rpc_gss_client *client,
804 const gss_name_t name)
806 OM_uint32 maj_stat, min_stat;
807 rpc_gss_ucred_t *uc = &client->cl_ucred;
812 uc->gidlist = client->cl_gid_storage;
815 maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech,
816 &uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]);
817 if (GSS_ERROR(maj_stat))
820 uc->gidlen = numgroups;
824 svc_rpc_gss_set_flavor(struct svc_rpc_gss_client *client)
826 static gss_OID_desc krb5_mech_oid =
827 {9, (void *) "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" };
830 * Attempt to translate mech type and service into a
831 * 'pseudo flavor'. Hardwire in krb5 support for now.
833 if (kgss_oid_equal(client->cl_mech, &krb5_mech_oid)) {
834 switch (client->cl_rawcred.service) {
835 case rpc_gss_svc_default:
836 case rpc_gss_svc_none:
837 client->cl_rpcflavor = RPCSEC_GSS_KRB5;
839 case rpc_gss_svc_integrity:
840 client->cl_rpcflavor = RPCSEC_GSS_KRB5I;
842 case rpc_gss_svc_privacy:
843 client->cl_rpcflavor = RPCSEC_GSS_KRB5P;
847 client->cl_rpcflavor = RPCSEC_GSS;
852 svc_rpc_gss_accept_sec_context(struct svc_rpc_gss_client *client,
853 struct svc_req *rqst,
854 struct rpc_gss_init_res *gr,
855 struct rpc_gss_cred *gc)
857 gss_buffer_desc recv_tok;
859 OM_uint32 maj_stat = 0, min_stat = 0, ret_flags;
860 OM_uint32 cred_lifetime;
861 struct svc_rpc_gss_svc_name *sname;
863 rpc_gss_log_debug("in svc_rpc_gss_accept_context()");
865 /* Deserialize arguments. */
866 memset(&recv_tok, 0, sizeof(recv_tok));
868 if (!svc_getargs(rqst,
869 (xdrproc_t) xdr_gss_buffer_desc,
870 (caddr_t) &recv_tok)) {
871 client->cl_state = CLIENT_STALE;
876 * First time round, try all the server names we have until
877 * one matches. Afterwards, stick with that one.
879 sx_xlock(&svc_rpc_gss_lock);
880 if (!client->cl_sname) {
881 SLIST_FOREACH(sname, &svc_rpc_gss_svc_names, sn_link) {
882 if (sname->sn_program == rqst->rq_prog
883 && sname->sn_version == rqst->rq_vers) {
885 gr->gr_major = gss_accept_sec_context(
890 GSS_C_NO_CHANNEL_BINDINGS,
898 GSS_S_CREDENTIALS_EXPIRED) {
900 * Either our creds really did
904 if (rpc_gss_acquire_svc_cred(sname))
907 client->cl_sname = sname;
912 xdr_free((xdrproc_t) xdr_gss_buffer_desc,
914 sx_xunlock(&svc_rpc_gss_lock);
918 gr->gr_major = gss_accept_sec_context(
921 client->cl_sname->sn_cred,
923 GSS_C_NO_CHANNEL_BINDINGS,
931 sx_xunlock(&svc_rpc_gss_lock);
933 xdr_free((xdrproc_t) xdr_gss_buffer_desc, (char *) &recv_tok);
936 * If we get an error from gss_accept_sec_context, send the
937 * reply anyway so that the client gets a chance to see what
940 if (gr->gr_major != GSS_S_COMPLETE &&
941 gr->gr_major != GSS_S_CONTINUE_NEEDED) {
942 rpc_gss_log_status("accept_sec_context", client->cl_mech,
943 gr->gr_major, gr->gr_minor);
944 client->cl_state = CLIENT_STALE;
948 gr->gr_handle.value = &client->cl_id;
949 gr->gr_handle.length = sizeof(client->cl_id);
950 gr->gr_win = SVC_RPC_GSS_SEQWINDOW;
952 /* Save client info. */
953 client->cl_mech = mech;
954 client->cl_qop = GSS_C_QOP_DEFAULT;
955 client->cl_done_callback = FALSE;
957 if (gr->gr_major == GSS_S_COMPLETE) {
958 gss_buffer_desc export_name;
961 * Change client expiration time to be near when the
962 * client creds expire (or 24 hours if we can't figure
965 if (cred_lifetime == GSS_C_INDEFINITE)
966 cred_lifetime = 24*60*60;
969 * Cap cred_lifetime if sysctl kern.rpc.gss.lifetime_max is set.
971 if (svc_rpc_gss_lifetime_max > 0 && cred_lifetime >
972 svc_rpc_gss_lifetime_max)
973 cred_lifetime = svc_rpc_gss_lifetime_max;
975 client->cl_expiration = time_uptime + cred_lifetime;
978 * Fill in cred details in the rawcred structure.
980 client->cl_rawcred.version = RPCSEC_GSS_VERSION;
981 rpc_gss_oid_to_mech(mech, &client->cl_rawcred.mechanism);
982 maj_stat = gss_export_name(&min_stat, client->cl_cname,
984 if (maj_stat != GSS_S_COMPLETE) {
985 rpc_gss_log_status("gss_export_name", client->cl_mech,
989 client->cl_rawcred.client_principal =
990 mem_alloc(sizeof(*client->cl_rawcred.client_principal)
991 + export_name.length);
992 client->cl_rawcred.client_principal->len = export_name.length;
993 memcpy(client->cl_rawcred.client_principal->name,
994 export_name.value, export_name.length);
995 gss_release_buffer(&min_stat, &export_name);
996 client->cl_rawcred.svc_principal =
997 client->cl_sname->sn_principal;
998 client->cl_rawcred.service = gc->gc_svc;
1001 * Use gss_pname_to_uid to map to unix creds. For
1002 * kerberos5, this uses krb5_aname_to_localname.
1004 svc_rpc_gss_build_ucred(client, client->cl_cname);
1005 svc_rpc_gss_set_flavor(client);
1006 gss_release_name(&min_stat, &client->cl_cname);
1010 gss_buffer_desc mechname;
1012 gss_oid_to_str(&min_stat, mech, &mechname);
1014 rpc_gss_log_debug("accepted context for %s with "
1015 "<mech %.*s, qop %d, svc %d>",
1016 client->cl_rawcred.client_principal->name,
1017 mechname.length, (char *)mechname.value,
1018 client->cl_qop, client->cl_rawcred.service);
1020 gss_release_buffer(&min_stat, &mechname);
1028 svc_rpc_gss_validate(struct svc_rpc_gss_client *client, struct rpc_msg *msg,
1029 gss_qop_t *qop, rpc_gss_proc_t gcproc)
1031 struct opaque_auth *oa;
1032 gss_buffer_desc rpcbuf, checksum;
1033 OM_uint32 maj_stat, min_stat;
1034 gss_qop_t qop_state;
1035 int32_t rpchdr[128 / sizeof(int32_t)];
1038 rpc_gss_log_debug("in svc_rpc_gss_validate()");
1040 memset(rpchdr, 0, sizeof(rpchdr));
1042 /* Reconstruct RPC header for signing (from xdr_callmsg). */
1044 IXDR_PUT_LONG(buf, msg->rm_xid);
1045 IXDR_PUT_ENUM(buf, msg->rm_direction);
1046 IXDR_PUT_LONG(buf, msg->rm_call.cb_rpcvers);
1047 IXDR_PUT_LONG(buf, msg->rm_call.cb_prog);
1048 IXDR_PUT_LONG(buf, msg->rm_call.cb_vers);
1049 IXDR_PUT_LONG(buf, msg->rm_call.cb_proc);
1050 oa = &msg->rm_call.cb_cred;
1051 IXDR_PUT_ENUM(buf, oa->oa_flavor);
1052 IXDR_PUT_LONG(buf, oa->oa_length);
1053 if (oa->oa_length) {
1054 memcpy((caddr_t)buf, oa->oa_base, oa->oa_length);
1055 buf += RNDUP(oa->oa_length) / sizeof(int32_t);
1057 rpcbuf.value = rpchdr;
1058 rpcbuf.length = (u_char *)buf - (u_char *)rpchdr;
1060 checksum.value = msg->rm_call.cb_verf.oa_base;
1061 checksum.length = msg->rm_call.cb_verf.oa_length;
1063 maj_stat = gss_verify_mic(&min_stat, client->cl_ctx, &rpcbuf, &checksum,
1066 if (maj_stat != GSS_S_COMPLETE) {
1067 rpc_gss_log_status("gss_verify_mic", client->cl_mech,
1068 maj_stat, min_stat);
1070 * A bug in some versions of the Linux client generates a
1071 * Destroy operation with a bogus encrypted checksum. Deleting
1072 * the credential handle for that case causes the mount to fail.
1073 * Since the checksum is bogus (gss_verify_mic() failed), it
1074 * doesn't make sense to destroy the handle and not doing so
1075 * fixes the Linux mount.
1077 if (gcproc != RPCSEC_GSS_DESTROY)
1078 client->cl_state = CLIENT_STALE;
1087 svc_rpc_gss_nextverf(struct svc_rpc_gss_client *client,
1088 struct svc_req *rqst, u_int seq)
1090 gss_buffer_desc signbuf;
1091 gss_buffer_desc mic;
1092 OM_uint32 maj_stat, min_stat;
1095 rpc_gss_log_debug("in svc_rpc_gss_nextverf()");
1098 signbuf.value = &nseq;
1099 signbuf.length = sizeof(nseq);
1101 maj_stat = gss_get_mic(&min_stat, client->cl_ctx, client->cl_qop,
1104 if (maj_stat != GSS_S_COMPLETE) {
1105 rpc_gss_log_status("gss_get_mic", client->cl_mech, maj_stat, min_stat);
1106 client->cl_state = CLIENT_STALE;
1110 KASSERT(mic.length <= MAX_AUTH_BYTES,
1111 ("MIC too large for RPCSEC_GSS"));
1113 rqst->rq_verf.oa_flavor = RPCSEC_GSS;
1114 rqst->rq_verf.oa_length = mic.length;
1115 bcopy(mic.value, rqst->rq_verf.oa_base, mic.length);
1117 gss_release_buffer(&min_stat, &mic);
1123 svc_rpc_gss_callback(struct svc_rpc_gss_client *client, struct svc_req *rqst)
1125 struct svc_rpc_gss_callback *scb;
1126 rpc_gss_lock_t lock;
1132 * See if we have a callback for this guy.
1135 SLIST_FOREACH(scb, &svc_rpc_gss_callbacks, cb_link) {
1136 if (scb->cb_callback.program == rqst->rq_prog
1137 && scb->cb_callback.version == rqst->rq_vers) {
1139 * This one matches. Call the callback and see
1140 * if it wants to veto or something.
1142 lock.locked = FALSE;
1143 lock.raw_cred = &client->cl_rawcred;
1144 cb_res = scb->cb_callback.callback(rqst,
1151 client->cl_state = CLIENT_STALE;
1157 * The callback accepted the connection - it
1158 * is responsible for freeing client->cl_creds
1161 client->cl_creds = GSS_C_NO_CREDENTIAL;
1162 client->cl_locked = lock.locked;
1163 client->cl_cookie = cookie;
1169 * Either no callback exists for this program/version or one
1170 * of the callbacks rejected the connection. We just need to
1171 * clean up the delegated client creds, if any.
1173 if (client->cl_creds) {
1175 gss_release_cred(&min_ver, &client->cl_creds);
1181 svc_rpc_gss_check_replay(struct svc_rpc_gss_client *client, uint32_t seq)
1187 sx_xlock(&client->cl_lock);
1188 if (seq <= client->cl_seqlast) {
1190 * The request sequence number is less than
1191 * the largest we have seen so far. If it is
1192 * outside the window or if we have seen a
1193 * request with this sequence before, silently
1196 offset = client->cl_seqlast - seq;
1197 if (offset >= SVC_RPC_GSS_SEQWINDOW) {
1203 if (client->cl_seqmask[word] & (1 << bit)) {
1211 sx_xunlock(&client->cl_lock);
1216 svc_rpc_gss_update_seq(struct svc_rpc_gss_client *client, uint32_t seq)
1218 int offset, i, word, bit;
1219 uint32_t carry, newcarry;
1221 sx_xlock(&client->cl_lock);
1222 if (seq > client->cl_seqlast) {
1224 * This request has a sequence number greater
1225 * than any we have seen so far. Advance the
1226 * seq window and set bit zero of the window
1227 * (which corresponds to the new sequence
1230 offset = seq - client->cl_seqlast;
1231 while (offset > 32) {
1232 for (i = (SVC_RPC_GSS_SEQWINDOW / 32) - 1;
1234 client->cl_seqmask[i] = client->cl_seqmask[i-1];
1236 client->cl_seqmask[0] = 0;
1240 for (i = 0; i < SVC_RPC_GSS_SEQWINDOW / 32; i++) {
1241 newcarry = client->cl_seqmask[i] >> (32 - offset);
1242 client->cl_seqmask[i] =
1243 (client->cl_seqmask[i] << offset) | carry;
1246 client->cl_seqmask[0] |= 1;
1247 client->cl_seqlast = seq;
1249 offset = client->cl_seqlast - seq;
1252 client->cl_seqmask[word] |= (1 << bit);
1254 sx_xunlock(&client->cl_lock);
1258 svc_rpc_gss(struct svc_req *rqst, struct rpc_msg *msg)
1263 struct svc_rpc_gss_cookedcred *cc;
1264 struct svc_rpc_gss_client *client;
1265 struct rpc_gss_cred gc;
1266 struct rpc_gss_init_res gr;
1269 enum auth_stat result;
1271 rpc_gss_log_debug("in svc_rpc_gss()");
1273 /* Garbage collect old clients. */
1274 svc_rpc_gss_timeout_clients();
1276 /* Initialize reply. */
1277 rqst->rq_verf = _null_auth;
1279 /* Deserialize client credentials. */
1280 if (rqst->rq_cred.oa_length <= 0)
1281 return (AUTH_BADCRED);
1283 memset(&gc, 0, sizeof(gc));
1285 xdrmem_create(&xdrs, rqst->rq_cred.oa_base,
1286 rqst->rq_cred.oa_length, XDR_DECODE);
1288 if (!xdr_rpc_gss_cred(&xdrs, &gc)) {
1290 return (AUTH_BADCRED);
1296 /* Check version. */
1297 if (gc.gc_version != RPCSEC_GSS_VERSION) {
1298 result = AUTH_BADCRED;
1302 /* Check the proc and find the client (or create it) */
1303 if (gc.gc_proc == RPCSEC_GSS_INIT) {
1304 if (gc.gc_handle.length != 0) {
1305 result = AUTH_BADCRED;
1308 client = svc_rpc_gss_create_client();
1310 struct svc_rpc_gss_clientid *p;
1311 if (gc.gc_handle.length != sizeof(*p)) {
1312 result = AUTH_BADCRED;
1315 p = gc.gc_handle.value;
1316 client = svc_rpc_gss_find_client(p);
1319 * Can't find the client - we may have
1320 * destroyed it - tell the other side to
1323 result = RPCSEC_GSS_CREDPROBLEM;
1327 cc = rqst->rq_clntcred;
1328 cc->cc_client = client;
1329 cc->cc_service = gc.gc_svc;
1330 cc->cc_seq = gc.gc_seq;
1333 * The service and sequence number must be ignored for
1334 * RPCSEC_GSS_INIT and RPCSEC_GSS_CONTINUE_INIT.
1336 if (gc.gc_proc != RPCSEC_GSS_INIT
1337 && gc.gc_proc != RPCSEC_GSS_CONTINUE_INIT) {
1339 * Check for sequence number overflow.
1341 if (gc.gc_seq >= MAXSEQ) {
1342 result = RPCSEC_GSS_CTXPROBLEM;
1347 * Check for valid service.
1349 if (gc.gc_svc != rpc_gss_svc_none &&
1350 gc.gc_svc != rpc_gss_svc_integrity &&
1351 gc.gc_svc != rpc_gss_svc_privacy) {
1352 result = AUTH_BADCRED;
1357 /* Handle RPCSEC_GSS control procedure. */
1358 switch (gc.gc_proc) {
1360 case RPCSEC_GSS_INIT:
1361 case RPCSEC_GSS_CONTINUE_INIT:
1362 if (rqst->rq_proc != NULLPROC) {
1363 result = AUTH_REJECTEDCRED;
1367 memset(&gr, 0, sizeof(gr));
1368 if (!svc_rpc_gss_accept_sec_context(client, rqst, &gr, &gc)) {
1369 result = AUTH_REJECTEDCRED;
1373 if (gr.gr_major == GSS_S_COMPLETE) {
1375 * We borrow the space for the call verf to
1376 * pack our reply verf.
1378 rqst->rq_verf = msg->rm_call.cb_verf;
1379 if (!svc_rpc_gss_nextverf(client, rqst, gr.gr_win)) {
1380 result = AUTH_REJECTEDCRED;
1384 rqst->rq_verf = _null_auth;
1387 call_stat = svc_sendreply(rqst,
1388 (xdrproc_t) xdr_rpc_gss_init_res,
1391 gss_release_buffer(&min_stat, &gr.gr_token);
1394 result = AUTH_FAILED;
1398 if (gr.gr_major == GSS_S_COMPLETE)
1399 client->cl_state = CLIENT_ESTABLISHED;
1401 result = RPCSEC_GSS_NODISPATCH;
1404 case RPCSEC_GSS_DATA:
1405 case RPCSEC_GSS_DESTROY:
1406 if (!svc_rpc_gss_check_replay(client, gc.gc_seq)) {
1407 result = RPCSEC_GSS_NODISPATCH;
1411 if (!svc_rpc_gss_validate(client, msg, &qop, gc.gc_proc)) {
1412 result = RPCSEC_GSS_CREDPROBLEM;
1417 * We borrow the space for the call verf to pack our
1420 rqst->rq_verf = msg->rm_call.cb_verf;
1421 if (!svc_rpc_gss_nextverf(client, rqst, gc.gc_seq)) {
1422 result = RPCSEC_GSS_CTXPROBLEM;
1426 svc_rpc_gss_update_seq(client, gc.gc_seq);
1429 * Change the SVCAUTH ops on the request to point at
1430 * our own code so that we can unwrap the arguments
1431 * and wrap the result. The caller will re-set this on
1432 * every request to point to a set of null wrap/unwrap
1433 * methods. Acquire an extra reference to the client
1434 * which will be released by svc_rpc_gss_release()
1435 * after the request has finished processing.
1437 refcount_acquire(&client->cl_refs);
1438 rqst->rq_auth.svc_ah_ops = &svc_auth_gss_ops;
1439 rqst->rq_auth.svc_ah_private = cc;
1441 if (gc.gc_proc == RPCSEC_GSS_DATA) {
1443 * We might be ready to do a callback to the server to
1444 * see if it wants to accept/reject the connection.
1446 sx_xlock(&client->cl_lock);
1447 if (!client->cl_done_callback) {
1448 client->cl_done_callback = TRUE;
1449 client->cl_qop = qop;
1450 client->cl_rawcred.qop = _rpc_gss_num_to_qop(
1451 client->cl_rawcred.mechanism, qop);
1452 if (!svc_rpc_gss_callback(client, rqst)) {
1453 result = AUTH_REJECTEDCRED;
1454 sx_xunlock(&client->cl_lock);
1458 sx_xunlock(&client->cl_lock);
1461 * If the server has locked this client to a
1462 * particular service+qop pair, enforce that
1465 if (client->cl_locked) {
1466 if (client->cl_rawcred.service != gc.gc_svc) {
1467 result = AUTH_FAILED;
1469 } else if (client->cl_qop != qop) {
1470 result = AUTH_BADVERF;
1476 * If the qop changed, look up the new qop
1479 if (client->cl_qop != qop) {
1480 client->cl_qop = qop;
1481 client->cl_rawcred.qop = _rpc_gss_num_to_qop(
1482 client->cl_rawcred.mechanism, qop);
1486 * Make sure we use the right service value
1489 if (client->cl_rawcred.service != gc.gc_svc) {
1490 client->cl_rawcred.service = gc.gc_svc;
1491 svc_rpc_gss_set_flavor(client);
1496 if (rqst->rq_proc != NULLPROC) {
1497 result = AUTH_REJECTEDCRED;
1501 call_stat = svc_sendreply(rqst,
1502 (xdrproc_t) xdr_void, (caddr_t) NULL);
1505 result = AUTH_FAILED;
1509 svc_rpc_gss_forget_client(client);
1511 result = RPCSEC_GSS_NODISPATCH;
1517 result = AUTH_BADCRED;
1522 svc_rpc_gss_release_client(client);
1524 xdr_free((xdrproc_t) xdr_rpc_gss_cred, (char *) &gc);
1529 svc_rpc_gss_wrap(SVCAUTH *auth, struct mbuf **mp)
1531 struct svc_rpc_gss_cookedcred *cc;
1532 struct svc_rpc_gss_client *client;
1534 rpc_gss_log_debug("in svc_rpc_gss_wrap()");
1536 cc = (struct svc_rpc_gss_cookedcred *) auth->svc_ah_private;
1537 client = cc->cc_client;
1538 if (client->cl_state != CLIENT_ESTABLISHED
1539 || cc->cc_service == rpc_gss_svc_none || *mp == NULL) {
1543 return (xdr_rpc_gss_wrap_data(mp,
1544 client->cl_ctx, client->cl_qop,
1545 cc->cc_service, cc->cc_seq));
1549 svc_rpc_gss_unwrap(SVCAUTH *auth, struct mbuf **mp)
1551 struct svc_rpc_gss_cookedcred *cc;
1552 struct svc_rpc_gss_client *client;
1554 rpc_gss_log_debug("in svc_rpc_gss_unwrap()");
1556 cc = (struct svc_rpc_gss_cookedcred *) auth->svc_ah_private;
1557 client = cc->cc_client;
1558 if (client->cl_state != CLIENT_ESTABLISHED
1559 || cc->cc_service == rpc_gss_svc_none) {
1563 return (xdr_rpc_gss_unwrap_data(mp,
1564 client->cl_ctx, client->cl_qop,
1565 cc->cc_service, cc->cc_seq));
1569 svc_rpc_gss_release(SVCAUTH *auth)
1571 struct svc_rpc_gss_cookedcred *cc;
1572 struct svc_rpc_gss_client *client;
1574 rpc_gss_log_debug("in svc_rpc_gss_release()");
1576 cc = (struct svc_rpc_gss_cookedcred *) auth->svc_ah_private;
1577 client = cc->cc_client;
1578 svc_rpc_gss_release_client(client);
projects / FreeBSD / FreeBSD.git / blob