static bool_t
authunix_marshal(AUTH *auth, XDR *xdrs)
{
struct audata *au = AUTH_PRIVATE(auth);
return (XDR_PUTBYTES(xdrs, au->au_marshed, au->au_mpos));
}
/*
* XDR opaque data
* Allows the specification of a fixed size sequence of opaque bytes.
* cp points to the opaque object and cnt gives the byte length.
*/
bool_t
xdr_opaque(
XDR *xdrs,
caddr_t cp,
u_int cnt)
{
u_int rndup;
static int crud[BYTES_PER_XDR_UNIT];
/*
* if no data we are done
*/
if (cnt == 0)
return (TRUE);
/*
* round byte count to full xdr units
*/
rndup = cnt % BYTES_PER_XDR_UNIT;
if (rndup > 0)
rndup = BYTES_PER_XDR_UNIT - rndup;
if (xdrs->x_op == XDR_DECODE) {
if (!XDR_GETBYTES(xdrs, cp, cnt)) {
return (FALSE);
}
if (rndup == 0)
return (TRUE);
return (XDR_GETBYTES(xdrs, (caddr_t)crud, rndup));
}
if (xdrs->x_op == XDR_ENCODE) {
if (!XDR_PUTBYTES(xdrs, cp, cnt)) {
return (FALSE);
}
if (rndup == 0)
return (TRUE);
return (XDR_PUTBYTES(xdrs, xdr_zero, rndup));
}
if (xdrs->x_op == XDR_FREE) {
return (TRUE);
}
return (FALSE);
}
/*ARGSUSED*/
static bool_t
authnone_marshal(AUTH *client, uint32_t xid, XDR *xdrs, struct mbuf *args)
{
struct authnone_private *ap = &authnone_private;
KASSERT(xdrs != NULL, ("authnone_marshal: xdrs is null"));
if (!XDR_PUTBYTES(xdrs, ap->mclient, ap->mcnt))
return (FALSE);
xdrmbuf_append(xdrs, args);
return (TRUE);
}
/*
* XDR opaque data
* Allows the specification of a fixed size sequence of opaque bytes.
* cp points to the opaque object and cnt gives the byte length.
*/
bool_t
xdr_opaque(XDR *xdrs, caddr_t cp, const uint_t cnt)
{
uint_t rndup;
char crud[BYTES_PER_XDR_UNIT];
/*
* if no data we are done
*/
if (cnt == 0)
return (TRUE);
/*
* round byte count to full xdr units
*/
rndup = cnt % BYTES_PER_XDR_UNIT;
if ((int)rndup > 0)
rndup = BYTES_PER_XDR_UNIT - rndup;
switch (xdrs->x_op) {
case XDR_DECODE:
if (!XDR_GETBYTES(xdrs, cp, cnt))
return (FALSE);
if (rndup == 0)
return (TRUE);
return (XDR_GETBYTES(xdrs, crud, rndup));
case XDR_ENCODE:
if (!XDR_PUTBYTES(xdrs, cp, cnt))
return (FALSE);
if (rndup == 0)
return (TRUE);
return (XDR_PUTBYTES(xdrs, (caddr_t)&xdr_zero[0], rndup));
case XDR_FREE:
return (TRUE);
}
return (FALSE);
}
/*ARGSUSED*/
static enum clnt_stat
clnt_raw_send(CLIENT *h, rpcproc_t proc, xdrproc_t xargs, caddr_t argsp)
{
struct clnt_raw_private *clp;
XDR xdrs;
uint_t start;
rpc_callerr.re_errno = 0;
rpc_callerr.re_terrno = 0;
(void) mutex_lock(&clntraw_lock);
clp = clnt_raw_private;
if (clp == NULL) {
(void) mutex_unlock(&clntraw_lock);
return (rpc_callerr.re_status = RPC_FAILED);
}
(void) mutex_unlock(&clntraw_lock);
/*
* send request
*/
xdrmem_create(&xdrs, clp->raw_netbuf->buf, clp->raw_netbuf->maxlen,
XDR_ENCODE);
start = XDR_GETPOS(&xdrs);
/* LINTED pointer alignment */
((struct rpc_msg *)clp->mashl_callmsg)->rm_xid++;
if ((!XDR_PUTBYTES(&xdrs, clp->mashl_callmsg, clp->mcnt)) ||
(!XDR_PUTINT32(&xdrs, (int32_t *)&proc)) ||
(!AUTH_MARSHALL(h->cl_auth, &xdrs)) ||
(!(*xargs)(&xdrs, argsp))) {
XDR_DESTROY(&xdrs);
return (rpc_callerr.re_status = RPC_CANTENCODEARGS);
}
clp->raw_netbuf->len = XDR_GETPOS(&xdrs) - start;
XDR_DESTROY(&xdrs);
/*
* We have to call server input routine here because this is
* all going on in one process.
* By convention using FD_SETSIZE as the pseudo file descriptor.
*/
svc_getreq_common(FD_SETSIZE);
return (rpc_callerr.re_status = RPC_SUCCESS);
}
static enum clnt_stat
clnt_vc_call(CLIENT *cl, rpcproc_t proc, xdrproc_t xdr_args, void *args_ptr,
xdrproc_t xdr_results, void *results_ptr, struct timeval timeout)
{
struct ct_data *ct = (struct ct_data *) cl->cl_private;
XDR *xdrs = &(ct->ct_xdrs);
struct rpc_msg reply_msg;
u_int32_t x_id;
u_int32_t *msg_x_id = &ct->ct_u.ct_mcalli; /* yuk */
bool_t shipnow;
int refreshes = 2;
sigset_t mask, newmask;
int rpc_lock_value;
bool_t reply_stat;
assert(cl != NULL);
sigfillset(&newmask);
thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
mutex_lock(&clnt_fd_lock);
while (vc_fd_locks[ct->ct_fd])
cond_wait(&vc_cv[ct->ct_fd], &clnt_fd_lock);
if (__isthreaded)
rpc_lock_value = 1;
else
rpc_lock_value = 0;
vc_fd_locks[ct->ct_fd] = rpc_lock_value;
mutex_unlock(&clnt_fd_lock);
if (!ct->ct_waitset) {
/* If time is not within limits, we ignore it. */
if (time_not_ok(&timeout) == FALSE)
ct->ct_wait = timeout;
}
shipnow =
(xdr_results == NULL && timeout.tv_sec == 0
&& timeout.tv_usec == 0) ? FALSE : TRUE;
call_again:
xdrs->x_op = XDR_ENCODE;
ct->ct_error.re_status = RPC_SUCCESS;
x_id = ntohl(--(*msg_x_id));
if (cl->cl_auth->ah_cred.oa_flavor != RPCSEC_GSS) {
if ((! XDR_PUTBYTES(xdrs, ct->ct_u.ct_mcallc, ct->ct_mpos)) ||
(! XDR_PUTINT32(xdrs, &proc)) ||
(! AUTH_MARSHALL(cl->cl_auth, xdrs)) ||
(! (*xdr_args)(xdrs, args_ptr))) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTENCODEARGS;
(void)xdrrec_endofrecord(xdrs, TRUE);
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
} else {
*(uint32_t *) &ct->ct_u.ct_mcallc[ct->ct_mpos] = htonl(proc);
if (! __rpc_gss_wrap(cl->cl_auth, ct->ct_u.ct_mcallc,
ct->ct_mpos + sizeof(uint32_t),
xdrs, xdr_args, args_ptr)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTENCODEARGS;
(void)xdrrec_endofrecord(xdrs, TRUE);
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
}
if (! xdrrec_endofrecord(xdrs, shipnow)) {
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status = RPC_CANTSEND);
}
if (! shipnow) {
release_fd_lock(ct->ct_fd, mask);
return (RPC_SUCCESS);
}
/*
* Hack to provide rpc-based message passing
*/
if (timeout.tv_sec == 0 && timeout.tv_usec == 0) {
release_fd_lock(ct->ct_fd, mask);
return(ct->ct_error.re_status = RPC_TIMEDOUT);
}
/*
* Keep receiving until we get a valid transaction id
*/
xdrs->x_op = XDR_DECODE;
while (TRUE) {
reply_msg.acpted_rply.ar_verf = _null_auth;
reply_msg.acpted_rply.ar_results.where = NULL;
reply_msg.acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
if (! xdrrec_skiprecord(xdrs)) {
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
/* now decode and validate the response header */
if (! xdr_replymsg(xdrs, &reply_msg)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
continue;
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
if (reply_msg.rm_xid == x_id)
break;
}
/*
* process header
*/
_seterr_reply(&reply_msg, &(ct->ct_error));
if (ct->ct_error.re_status == RPC_SUCCESS) {
if (! AUTH_VALIDATE(cl->cl_auth,
&reply_msg.acpted_rply.ar_verf)) {
ct->ct_error.re_status = RPC_AUTHERROR;
ct->ct_error.re_why = AUTH_INVALIDRESP;
} else {
if (cl->cl_auth->ah_cred.oa_flavor != RPCSEC_GSS) {
reply_stat = (*xdr_results)(xdrs, results_ptr);
} else {
reply_stat = __rpc_gss_unwrap(cl->cl_auth,
xdrs, xdr_results, results_ptr);
}
if (! reply_stat) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status =
RPC_CANTDECODERES;
}
}
/* free verifier ... */
if (reply_msg.acpted_rply.ar_verf.oa_base != NULL) {
xdrs->x_op = XDR_FREE;
(void)xdr_opaque_auth(xdrs,
&(reply_msg.acpted_rply.ar_verf));
}
} /* end successful completion */
else {
/* maybe our credentials need to be refreshed ... */
if (refreshes-- && AUTH_REFRESH(cl->cl_auth, &reply_msg))
goto call_again;
} /* end of unsuccessful completion */
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
static enum clnt_stat
clnt_dg_send(CLIENT *cl, rpcproc_t proc, xdrproc_t xargs, caddr_t argsp)
{
/* LINTED pointer alignment */
struct cu_data *cu = (struct cu_data *)cl->cl_private;
XDR *xdrs;
int outlen;
struct t_unitdata tu_data;
uint32_t x_id;
if (rpc_fd_lock(dgtbl, cu->cu_fd)) {
rpc_callerr.re_status = RPC_FAILED;
rpc_callerr.re_errno = errno;
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (RPC_FAILED);
}
tu_data.addr = cu->cu_raddr;
xdrs = &(cu->cu_outxdrs);
xdrs->x_op = XDR_ENCODE;
XDR_SETPOS(xdrs, 0);
/*
* Due to little endian byte order, it is necessary to convert to host
* format before incrementing xid.
*/
/* LINTED pointer alignment */
x_id = ntohl(*(uint32_t *)(cu->cu_outbuf)) + 1; /* set XID */
/* LINTED pointer cast */
*(uint32_t *)cu->cu_outbuf = htonl(x_id);
if (cl->cl_auth->ah_cred.oa_flavor != RPCSEC_GSS) {
if ((!XDR_PUTBYTES(xdrs, cu->cu_outbuf, cu->cu_xdrpos)) ||
(!XDR_PUTINT32(xdrs, (int32_t *)&proc)) ||
(!AUTH_MARSHALL(cl->cl_auth, xdrs)) ||
(!xargs(xdrs, argsp))) {
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTENCODEARGS);
}
} else {
/* LINTED pointer alignment */
uint32_t *u = (uint32_t *)&cu->cu_outbuf[cu->cu_xdrpos];
IXDR_PUT_U_INT32(u, proc);
if (!__rpc_gss_wrap(cl->cl_auth, cu->cu_outbuf,
((char *)u) - cu->cu_outbuf, xdrs, xargs, argsp)) {
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTENCODEARGS);
}
}
outlen = (int)XDR_GETPOS(xdrs);
tu_data.udata.buf = cu->cu_outbuf_start;
tu_data.udata.len = outlen;
tu_data.opt.len = 0;
if (t_sndudata(cu->cu_fd, &tu_data) == -1) {
rpc_callerr.re_terrno = t_errno;
rpc_callerr.re_errno = errno;
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTSEND);
}
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_SUCCESS);
}
static enum clnt_stat
clnt_dg_call(CLIENT *cl, rpcproc_t proc, xdrproc_t xargs, caddr_t argsp,
xdrproc_t xresults, caddr_t resultsp, struct timeval utimeout)
{
/* LINTED pointer alignment */
struct cu_data *cu = (struct cu_data *)cl->cl_private;
XDR *xdrs;
int outlen;
struct rpc_msg reply_msg;
XDR reply_xdrs;
struct timeval time_waited;
bool_t ok;
int nrefreshes = 2; /* number of times to refresh cred */
struct timeval timeout;
struct timeval retransmit_time;
struct timeval poll_time;
struct timeval startime, curtime;
struct t_unitdata tu_data;
int res; /* result of operations */
uint32_t x_id;
if (rpc_fd_lock(dgtbl, cu->cu_fd)) {
rpc_callerr.re_status = RPC_FAILED;
rpc_callerr.re_errno = errno;
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (RPC_FAILED);
}
if (cu->cu_total.tv_usec == -1) {
timeout = utimeout; /* use supplied timeout */
} else {
timeout = cu->cu_total; /* use default timeout */
}
time_waited.tv_sec = 0;
time_waited.tv_usec = 0;
retransmit_time = cu->cu_wait;
tu_data.addr = cu->cu_raddr;
call_again:
xdrs = &(cu->cu_outxdrs);
xdrs->x_op = XDR_ENCODE;
XDR_SETPOS(xdrs, 0);
/*
* Due to little endian byte order, it is necessary to convert to host
* format before incrementing xid.
*/
/* LINTED pointer cast */
x_id = ntohl(*(uint32_t *)(cu->cu_outbuf)) + 1; /* set XID */
/* LINTED pointer cast */
*(uint32_t *)cu->cu_outbuf = htonl(x_id);
if (cl->cl_auth->ah_cred.oa_flavor != RPCSEC_GSS) {
if ((!XDR_PUTBYTES(xdrs, cu->cu_outbuf, cu->cu_xdrpos)) ||
(!XDR_PUTINT32(xdrs, (int32_t *)&proc)) ||
(!AUTH_MARSHALL(cl->cl_auth, xdrs)) ||
(!xargs(xdrs, argsp))) {
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTENCODEARGS);
}
} else {
/* LINTED pointer alignment */
uint32_t *u = (uint32_t *)&cu->cu_outbuf[cu->cu_xdrpos];
IXDR_PUT_U_INT32(u, proc);
if (!__rpc_gss_wrap(cl->cl_auth, cu->cu_outbuf,
((char *)u) - cu->cu_outbuf, xdrs, xargs, argsp)) {
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTENCODEARGS);
}
}
outlen = (int)XDR_GETPOS(xdrs);
send_again:
tu_data.udata.buf = cu->cu_outbuf_start;
tu_data.udata.len = outlen;
tu_data.opt.len = 0;
if (t_sndudata(cu->cu_fd, &tu_data) == -1) {
rpc_callerr.re_terrno = t_errno;
rpc_callerr.re_errno = errno;
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTSEND);
}
/*
* Hack to provide rpc-based message passing
*/
if (timeout.tv_sec == 0 && timeout.tv_usec == 0) {
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_TIMEDOUT);
}
/*
* sub-optimal code appears here because we have
* some clock time to spare while the packets are in flight.
* (We assume that this is actually only executed once.)
*/
reply_msg.acpted_rply.ar_verf = _null_auth;
reply_msg.acpted_rply.ar_results.where = NULL;
reply_msg.acpted_rply.ar_results.proc = xdr_void;
/*
* Set polling time so that we don't wait for
* longer than specified by the total time to wait,
* or the retransmit time.
*/
poll_time.tv_sec = timeout.tv_sec - time_waited.tv_sec;
poll_time.tv_usec = timeout.tv_usec - time_waited.tv_usec;
while (poll_time.tv_usec < 0) {
poll_time.tv_usec += 1000000;
poll_time.tv_sec--;
}
if (poll_time.tv_sec < 0 || (poll_time.tv_sec == 0 &&
poll_time.tv_usec == 0)) {
/*
* this could happen if time_waited >= timeout
*/
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_TIMEDOUT);
}
if (poll_time.tv_sec > retransmit_time.tv_sec ||
(poll_time.tv_sec == retransmit_time.tv_sec &&
poll_time.tv_usec > retransmit_time.tv_usec))
poll_time = retransmit_time;
for (;;) {
(void) gettimeofday(&startime, NULL);
switch (poll(&cu->pfdp, 1,
__rpc_timeval_to_msec(&poll_time))) {
case -1:
if (errno != EINTR && errno != EAGAIN) {
rpc_callerr.re_errno = errno;
rpc_callerr.re_terrno = 0;
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTRECV);
}
/*FALLTHROUGH*/
case 0:
/*
* update time waited
*/
timeout: (void) gettimeofday(&curtime, NULL);
time_waited.tv_sec += curtime.tv_sec - startime.tv_sec;
time_waited.tv_usec += curtime.tv_usec -
startime.tv_usec;
while (time_waited.tv_usec >= 1000000) {
time_waited.tv_usec -= 1000000;
time_waited.tv_sec++;
}
while (time_waited.tv_usec < 0) {
time_waited.tv_usec += 1000000;
time_waited.tv_sec--;
}
/*
* decrement time left to poll by same amount
*/
poll_time.tv_sec -= curtime.tv_sec - startime.tv_sec;
poll_time.tv_usec -= curtime.tv_usec - startime.tv_usec;
while (poll_time.tv_usec >= 1000000) {
poll_time.tv_usec -= 1000000;
poll_time.tv_sec++;
}
while (poll_time.tv_usec < 0) {
poll_time.tv_usec += 1000000;
poll_time.tv_sec--;
}
/*
* if there's time left to poll, poll again
*/
if (poll_time.tv_sec > 0 ||
(poll_time.tv_sec == 0 && poll_time.tv_usec > 0))
continue;
/*
* if there's more time left, retransmit;
* otherwise, return timeout error
*/
if (time_waited.tv_sec < timeout.tv_sec ||
(time_waited.tv_sec == timeout.tv_sec &&
time_waited.tv_usec < timeout.tv_usec)) {
/*
* update retransmit_time
*/
retransmit_time.tv_usec *= 2;
retransmit_time.tv_sec *= 2;
while (retransmit_time.tv_usec >= 1000000) {
retransmit_time.tv_usec -= 1000000;
retransmit_time.tv_sec++;
}
if (retransmit_time.tv_sec >= RPC_MAX_BACKOFF) {
retransmit_time.tv_sec =
RPC_MAX_BACKOFF;
retransmit_time.tv_usec = 0;
}
/*
* redo AUTH_MARSHAL if AUTH_DES or RPCSEC_GSS.
*/
if (cl->cl_auth->ah_cred.oa_flavor ==
AUTH_DES ||
cl->cl_auth->ah_cred.oa_flavor ==
RPCSEC_GSS)
goto call_again;
else
goto send_again;
}
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_TIMEDOUT);
default:
break;
}
if (cu->pfdp.revents & POLLNVAL || (cu->pfdp.revents == 0)) {
rpc_callerr.re_status = RPC_CANTRECV;
/*
* Note: we're faking errno here because we
* previously would have expected select() to
* return -1 with errno EBADF. Poll(BA_OS)
* returns 0 and sets the POLLNVAL revents flag
* instead.
*/
rpc_callerr.re_errno = errno = EBADF;
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (-1);
}
/* We have some data now */
do {
int moreflag; /* flag indicating more data */
moreflag = 0;
res = t_rcvudata(cu->cu_fd, cu->cu_tr_data, &moreflag);
if (moreflag & T_MORE) {
/*
* Drop this packet. I aint got any
* more space.
*/
res = -1;
/* I should not really be doing this */
errno = 0;
/*
* XXX: Not really Buffer overflow in the
* sense of TLI.
*/
t_errno = TBUFOVFLW;
}
} while (res < 0 && (t_errno == TSYSERR && errno == EINTR));
if (res < 0) {
int err, errnoflag = FALSE;
#ifdef sun
if (t_errno == TSYSERR && errno == EWOULDBLOCK)
#else
if (t_errno == TSYSERR && errno == EAGAIN)
#endif
continue;
if (t_errno == TLOOK) {
if ((err = _rcv_unitdata_err(cu)) == 0)
continue;
else if (err == 1)
errnoflag = TRUE;
} else {
rpc_callerr.re_terrno = t_errno;
}
if (errnoflag == FALSE)
rpc_callerr.re_errno = errno;
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status = RPC_CANTRECV);
}
if (cu->cu_tr_data->udata.len < (uint_t)sizeof (uint32_t))
continue;
/* see if reply transaction id matches sent id */
/* LINTED pointer alignment */
if (*((uint32_t *)(cu->cu_inbuf)) !=
/* LINTED pointer alignment */
*((uint32_t *)(cu->cu_outbuf)))
goto timeout;
/* we now assume we have the proper reply */
break;
}
/*
* now decode and validate the response
*/
xdrmem_create(&reply_xdrs, cu->cu_inbuf,
(uint_t)cu->cu_tr_data->udata.len, XDR_DECODE);
ok = xdr_replymsg(&reply_xdrs, &reply_msg);
/* XDR_DESTROY(&reply_xdrs); save a few cycles on noop destroy */
if (ok) {
if ((reply_msg.rm_reply.rp_stat == MSG_ACCEPTED) &&
(reply_msg.acpted_rply.ar_stat == SUCCESS))
rpc_callerr.re_status = RPC_SUCCESS;
else
__seterr_reply(&reply_msg, &(rpc_callerr));
if (rpc_callerr.re_status == RPC_SUCCESS) {
if (!AUTH_VALIDATE(cl->cl_auth,
&reply_msg.acpted_rply.ar_verf)) {
rpc_callerr.re_status = RPC_AUTHERROR;
rpc_callerr.re_why = AUTH_INVALIDRESP;
} else if (cl->cl_auth->ah_cred.oa_flavor !=
RPCSEC_GSS) {
if (!(*xresults)(&reply_xdrs, resultsp)) {
if (rpc_callerr.re_status ==
RPC_SUCCESS)
rpc_callerr.re_status =
RPC_CANTDECODERES;
}
} else if (!__rpc_gss_unwrap(cl->cl_auth, &reply_xdrs,
xresults, resultsp)) {
if (rpc_callerr.re_status == RPC_SUCCESS)
rpc_callerr.re_status =
RPC_CANTDECODERES;
}
} /* end successful completion */
/*
* If unsuccesful AND error is an authentication error
* then refresh credentials and try again, else break
*/
else if (rpc_callerr.re_status == RPC_AUTHERROR)
/* maybe our credentials need to be refreshed ... */
if (nrefreshes-- &&
AUTH_REFRESH(cl->cl_auth, &reply_msg))
goto call_again;
else
/*
* We are setting rpc_callerr here given that
* libnsl is not reentrant thereby
* reinitializing the TSD. If not set here then
* success could be returned even though refresh
* failed.
*/
rpc_callerr.re_status = RPC_AUTHERROR;
/* end of unsuccessful completion */
/* free verifier */
if (reply_msg.rm_reply.rp_stat == MSG_ACCEPTED &&
reply_msg.acpted_rply.ar_verf.oa_base != NULL) {
xdrs->x_op = XDR_FREE;
(void) xdr_opaque_auth(xdrs,
&(reply_msg.acpted_rply.ar_verf));
}
} /* end of valid reply message */
else {
rpc_callerr.re_status = RPC_CANTDECODERES;
}
rpc_fd_unlock(dgtbl, cu->cu_fd);
return (rpc_callerr.re_status);
}
static enum clnt_stat
clnttcp_call(CLIENT *h, u_long proc, xdrproc_t xdr_args, caddr_t args_ptr,
xdrproc_t xdr_results, caddr_t results_ptr, struct timeval timeout)
{
struct ct_data *ct = (struct ct_data *) h->cl_private;
XDR *xdrs = &(ct->ct_xdrs);
struct rpc_msg reply_msg;
u_long x_id;
u_int32_t *msg_x_id = (u_int32_t *)(ct->ct_mcall); /* yuk */
bool_t shipnow;
int refreshes = 2;
if (!ct->ct_waitset) {
ct->ct_wait = timeout;
}
shipnow =
(xdr_results == NULL && timeout.tv_sec == 0
&& timeout.tv_usec == 0) ? FALSE : TRUE;
call_again:
xdrs->x_op = XDR_ENCODE;
ct->ct_error.re_status = RPC_SUCCESS;
x_id = ntohl(--(*msg_x_id));
if ((! XDR_PUTBYTES(xdrs, ct->ct_mcall, ct->ct_mpos)) ||
(! XDR_PUTLONG(xdrs, (long *)&proc)) ||
(! AUTH_MARSHALL(h->cl_auth, xdrs)) ||
(! (*xdr_args)(xdrs, args_ptr))) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTENCODEARGS;
(void)xdrrec_endofrecord(xdrs, TRUE);
return (ct->ct_error.re_status);
}
if (! xdrrec_endofrecord(xdrs, shipnow))
return (ct->ct_error.re_status = RPC_CANTSEND);
if (! shipnow)
return (RPC_SUCCESS);
/*
* Hack to provide rpc-based message passing
*/
if (timeout.tv_sec == 0 && timeout.tv_usec == 0) {
return(ct->ct_error.re_status = RPC_TIMEDOUT);
}
/*
* Keep receiving until we get a valid transaction id
*/
xdrs->x_op = XDR_DECODE;
while (TRUE) {
reply_msg.acpted_rply.ar_verf = _null_auth;
reply_msg.acpted_rply.ar_results.where = NULL;
reply_msg.acpted_rply.ar_results.proc = xdr_void;
if (! xdrrec_skiprecord(xdrs))
return (ct->ct_error.re_status);
/* now decode and validate the response header */
if (! xdr_replymsg(xdrs, &reply_msg)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
continue;
return (ct->ct_error.re_status);
}
if (reply_msg.rm_xid == x_id)
break;
}
/*
* process header
*/
_seterr_reply(&reply_msg, &(ct->ct_error));
if (ct->ct_error.re_status == RPC_SUCCESS) {
if (! AUTH_VALIDATE(h->cl_auth, &reply_msg.acpted_rply.ar_verf)) {
ct->ct_error.re_status = RPC_AUTHERROR;
ct->ct_error.re_why = AUTH_INVALIDRESP;
} else if (! (*xdr_results)(xdrs, results_ptr)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTDECODERES;
}
/* free verifier ... */
if (reply_msg.acpted_rply.ar_verf.oa_base != NULL) {
xdrs->x_op = XDR_FREE;
(void)xdr_opaque_auth(xdrs, &(reply_msg.acpted_rply.ar_verf));
}
} /* end successful completion */
else {
/* maybe our credentials need to be refreshed ... */
if (refreshes-- && AUTH_REFRESH(h->cl_auth))
goto call_again;
} /* end of unsuccessful completion */
return (ct->ct_error.re_status);
}
static enum clnt_stat
clnt_vc_call(
CLIENT *h,
rpcproc_t proc,
xdrproc_t xdr_args,
const char *args_ptr,
xdrproc_t xdr_results,
caddr_t results_ptr,
struct timeval timeout
)
{
struct ct_data *ct;
XDR *xdrs;
struct rpc_msg reply_msg;
u_int32_t x_id;
u_int32_t *msg_x_id;
bool_t shipnow;
int refreshes = 2;
#ifdef _REENTRANT
sigset_t mask, newmask;
#endif
_DIAGASSERT(h != NULL);
ct = (struct ct_data *) h->cl_private;
#ifdef _REENTRANT
__clnt_sigfillset(&newmask);
thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
mutex_lock(&clnt_fd_lock);
while (vc_fd_locks[ct->ct_fd])
cond_wait(&vc_cv[ct->ct_fd], &clnt_fd_lock);
vc_fd_locks[ct->ct_fd] = __rpc_lock_value;
mutex_unlock(&clnt_fd_lock);
#endif
xdrs = &(ct->ct_xdrs);
msg_x_id = &ct->ct_u.ct_mcalli;
if (!ct->ct_waitset) {
if (time_not_ok(&timeout) == FALSE)
ct->ct_wait = timeout;
}
shipnow =
(xdr_results == NULL && timeout.tv_sec == 0
&& timeout.tv_usec == 0) ? FALSE : TRUE;
call_again:
xdrs->x_op = XDR_ENCODE;
ct->ct_error.re_status = RPC_SUCCESS;
x_id = ntohl(--(*msg_x_id));
if ((! XDR_PUTBYTES(xdrs, ct->ct_u.ct_mcallc, ct->ct_mpos)) ||
(! XDR_PUTINT32(xdrs, (int32_t *)&proc)) ||
(! AUTH_MARSHALL(h->cl_auth, xdrs)) ||
(! (*xdr_args)(xdrs, __UNCONST(args_ptr)))) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTENCODEARGS;
(void)xdrrec_endofrecord(xdrs, TRUE);
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
if (! xdrrec_endofrecord(xdrs, shipnow)) {
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status = RPC_CANTSEND);
}
if (! shipnow) {
release_fd_lock(ct->ct_fd, mask);
return (RPC_SUCCESS);
}
/*
* Hack to provide rpc-based message passing
*/
if (timeout.tv_sec == 0 && timeout.tv_usec == 0) {
release_fd_lock(ct->ct_fd, mask);
return(ct->ct_error.re_status = RPC_TIMEDOUT);
}
/*
* Keep receiving until we get a valid transaction id
*/
xdrs->x_op = XDR_DECODE;
for (;;) {
reply_msg.acpted_rply.ar_verf = _null_auth;
reply_msg.acpted_rply.ar_results.where = NULL;
reply_msg.acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
if (! xdrrec_skiprecord(xdrs)) {
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
/* now decode and validate the response header */
if (! xdr_replymsg(xdrs, &reply_msg)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
continue;
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
if (reply_msg.rm_xid == x_id)
break;
}
/*
* process header
*/
_seterr_reply(&reply_msg, &(ct->ct_error));
if (ct->ct_error.re_status == RPC_SUCCESS) {
if (! AUTH_VALIDATE(h->cl_auth,
&reply_msg.acpted_rply.ar_verf)) {
ct->ct_error.re_status = RPC_AUTHERROR;
ct->ct_error.re_why = AUTH_INVALIDRESP;
} else if (! (*xdr_results)(xdrs, results_ptr)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTDECODERES;
}
/* free verifier ... */
if (reply_msg.acpted_rply.ar_verf.oa_base != NULL) {
xdrs->x_op = XDR_FREE;
(void)xdr_opaque_auth(xdrs,
&(reply_msg.acpted_rply.ar_verf));
}
} /* end successful completion */
else {
/* maybe our credentials need to be refreshed ... */
if (refreshes-- && AUTH_REFRESH(h->cl_auth))
goto call_again;
} /* end of unsuccessful completion */
release_fd_lock(ct->ct_fd, mask);
return (ct->ct_error.re_status);
}
/* ARGSUSED */
static enum clnt_stat
clnt_raw_call(CLIENT *h, AUTH *auth, rpcproc_t proc, xdrproc_t xargs,
void *argsp, xdrproc_t xresults, void *resultsp,
struct timeval timeout)
{
struct clntraw_private *clp = clntraw_private;
XDR *xdrs = &clp->xdr_stream;
struct rpc_msg msg;
enum clnt_stat status;
struct rpc_err error;
assert(h != NULL);
mutex_lock(&clntraw_lock);
if (clp == NULL) {
mutex_unlock(&clntraw_lock);
return (RPC_FAILED);
}
mutex_unlock(&clntraw_lock);
call_again:
/*
* send request
*/
xdrs->x_op = XDR_ENCODE;
XDR_SETPOS(xdrs, 0);
clp->u.mashl_rpcmsg.rm_xid ++ ;
if ((! XDR_PUTBYTES(xdrs, clp->u.mashl_callmsg, clp->mcnt)) ||
(! XDR_PUTINT32(xdrs, (int32_t *)&proc)) ||
(! AUTH_MARSHALL(auth, xdrs)) ||
(! (*xargs)(xdrs, argsp))) {
return (RPC_CANTENCODEARGS);
}
(void)XDR_GETPOS(xdrs); /* called just to cause overhead */
/*
* We have to call server input routine here because this is
* all going on in one process. Yuk.
*/
svc_getreq_common(FD_SETSIZE);
/*
* get results
*/
xdrs->x_op = XDR_DECODE;
XDR_SETPOS(xdrs, 0);
msg.acpted_rply.ar_verf = _null_auth;
msg.acpted_rply.ar_results.where = resultsp;
msg.acpted_rply.ar_results.proc = xresults;
if (! xdr_replymsg(xdrs, &msg)) {
/*
* It's possible for xdr_replymsg() to fail partway
* through its attempt to decode the result from the
* server. If this happens, it will leave the reply
* structure partially populated with dynamically
* allocated memory. (This can happen if someone uses
* clntudp_bufcreate() to create a CLIENT handle and
* specifies a receive buffer size that is too small.)
* This memory must be free()ed to avoid a leak.
*/
int op = xdrs->x_op;
xdrs->x_op = XDR_FREE;
xdr_replymsg(xdrs, &msg);
xdrs->x_op = op;
return (RPC_CANTDECODERES);
}
_seterr_reply(&msg, &error);
status = error.re_status;
if (status == RPC_SUCCESS) {
if (! AUTH_VALIDATE(auth, &msg.acpted_rply.ar_verf)) {
status = RPC_AUTHERROR;
}
} /* end successful completion */
else {
if (AUTH_REFRESH(auth, &msg))
goto call_again;
} /* end of unsuccessful completion */
if (status == RPC_SUCCESS) {
if (! AUTH_VALIDATE(auth, &msg.acpted_rply.ar_verf)) {
status = RPC_AUTHERROR;
}
if (msg.acpted_rply.ar_verf.oa_base != NULL) {
xdrs->x_op = XDR_FREE;
(void)xdr_opaque_auth(xdrs, &(msg.acpted_rply.ar_verf));
}
}
return (status);
}
static enum clnt_stat
clntraw_call (CLIENT *h, u_long proc, xdrproc_t xargs, caddr_t argsp,
xdrproc_t xresults, caddr_t resultsp, struct timeval timeout)
{
struct clntraw_private_s *clp = clntraw_private;
XDR *xdrs = &clp->xdr_stream;
struct rpc_msg msg;
enum clnt_stat status;
struct rpc_err error;
if (clp == NULL)
return RPC_FAILED;
call_again:
/*
* send request
*/
xdrs->x_op = XDR_ENCODE;
XDR_SETPOS (xdrs, 0);
/* Just checking the union definition to access rm_xid is correct. */
if (offsetof (struct rpc_msg, rm_xid) != 0)
abort ();
clp->mashl_callmsg.rm_xid++;
if ((!XDR_PUTBYTES (xdrs, clp->mashl_callmsg.msg, clp->mcnt)) ||
(!XDR_PUTLONG (xdrs, (long *) &proc)) ||
(!AUTH_MARSHALL (h->cl_auth, xdrs)) ||
(!(*xargs) (xdrs, argsp)))
{
return (RPC_CANTENCODEARGS);
}
(void) XDR_GETPOS (xdrs); /* called just to cause overhead */
/*
* We have to call server input routine here because this is
* all going on in one process. Yuk.
*/
svc_getreq (1);
/*
* get results
*/
xdrs->x_op = XDR_DECODE;
XDR_SETPOS (xdrs, 0);
msg.acpted_rply.ar_verf = _null_auth;
msg.acpted_rply.ar_results.where = resultsp;
msg.acpted_rply.ar_results.proc = xresults;
if (!xdr_replymsg (xdrs, &msg))
return RPC_CANTDECODERES;
_seterr_reply (&msg, &error);
status = error.re_status;
if (status == RPC_SUCCESS)
{
if (!AUTH_VALIDATE (h->cl_auth, &msg.acpted_rply.ar_verf))
{
status = RPC_AUTHERROR;
}
} /* end successful completion */
else
{
if (AUTH_REFRESH (h->cl_auth))
goto call_again;
} /* end of unsuccessful completion */
if (status == RPC_SUCCESS)
{
if (!AUTH_VALIDATE (h->cl_auth, &msg.acpted_rply.ar_verf))
{
status = RPC_AUTHERROR;
}
if (msg.acpted_rply.ar_verf.oa_base != NULL)
{
xdrs->x_op = XDR_FREE;
(void) xdr_opaque_auth (xdrs, &(msg.acpted_rply.ar_verf));
}
}
return status;
}
/*ARGSUSED*/
static enum clnt_stat
clnt_raw_call(CLIENT *h, rpcproc_t proc, xdrproc_t xargs, caddr_t argsp,
xdrproc_t xresults, caddr_t resultsp, struct timeval timeout)
{
struct clnt_raw_private *clp;
XDR xdrs;
struct rpc_msg msg;
uint_t start;
rpc_callerr.re_errno = 0;
rpc_callerr.re_terrno = 0;
(void) mutex_lock(&clntraw_lock);
clp = clnt_raw_private;
if (clp == NULL) {
(void) mutex_unlock(&clntraw_lock);
return (rpc_callerr.re_status = RPC_FAILED);
}
(void) mutex_unlock(&clntraw_lock);
call_again:
/*
* send request
*/
xdrmem_create(&xdrs, clp->raw_netbuf->buf, clp->raw_netbuf->maxlen,
XDR_ENCODE);
start = XDR_GETPOS(&xdrs);
/* LINTED pointer alignment */
((struct rpc_msg *)clp->mashl_callmsg)->rm_xid++;
if ((!XDR_PUTBYTES(&xdrs, clp->mashl_callmsg, clp->mcnt)) ||
(!XDR_PUTINT32(&xdrs, (int32_t *)&proc)) ||
(!AUTH_MARSHALL(h->cl_auth, &xdrs)) ||
(!(*xargs)(&xdrs, argsp))) {
XDR_DESTROY(&xdrs);
return (rpc_callerr.re_status = RPC_CANTENCODEARGS);
}
clp->raw_netbuf->len = XDR_GETPOS(&xdrs) - start;
XDR_DESTROY(&xdrs);
/*
* We have to call server input routine here because this is
* all going on in one process.
* By convention using FD_SETSIZE as the pseudo file descriptor.
*/
svc_getreq_common(FD_SETSIZE);
/*
* get results
*/
xdrmem_create(&xdrs, clp->raw_netbuf->buf, clp->raw_netbuf->len,
XDR_DECODE);
msg.acpted_rply.ar_verf = _null_auth;
msg.acpted_rply.ar_results.where = resultsp;
msg.acpted_rply.ar_results.proc = xresults;
if (!xdr_replymsg(&xdrs, &msg)) {
XDR_DESTROY(&xdrs);
return (rpc_callerr.re_status = RPC_CANTDECODERES);
}
XDR_DESTROY(&xdrs);
if ((msg.rm_reply.rp_stat == MSG_ACCEPTED) &&
(msg.acpted_rply.ar_stat == SUCCESS))
rpc_callerr.re_status = RPC_SUCCESS;
else
__seterr_reply(&msg, &rpc_callerr);
if (rpc_callerr.re_status == RPC_SUCCESS) {
if (!AUTH_VALIDATE(h->cl_auth, &msg.acpted_rply.ar_verf)) {
rpc_callerr.re_status = RPC_AUTHERROR;
rpc_callerr.re_why = AUTH_INVALIDRESP;
}
if (msg.acpted_rply.ar_verf.oa_base != NULL) {
xdr_free(xdr_opaque_auth,
(char *)&(msg.acpted_rply.ar_verf));
}
/* end successful completion */
} else {
if (AUTH_REFRESH(h->cl_auth, &msg))
goto call_again;
/* end of unsuccessful completion */
}
return (rpc_callerr.re_status);
}
bool_t
__rpc_gss_wrap(AUTH *auth, void *header, size_t headerlen,
XDR* xdrs, xdrproc_t xdr_args, void *args_ptr)
{
XDR tmpxdrs;
char credbuf[MAX_AUTH_BYTES];
char tmpheader[MAX_AUTH_BYTES];
struct opaque_auth creds, verf;
struct rpc_gss_data *gd;
gss_buffer_desc rpcbuf, checksum;
OM_uint32 maj_stat, min_stat;
bool_t xdr_stat;
log_debug("in rpc_gss_wrap()");
gd = AUTH_PRIVATE(auth);
if (gd->gd_state == RPCSEC_GSS_ESTABLISHED)
gd->gd_cred.gc_seq++;
/*
* We need to encode our creds and then put the header and
* creds together in a buffer so that we can create a checksum
* for the verf.
*/
xdrmem_create(&tmpxdrs, credbuf, sizeof(credbuf), XDR_ENCODE);
if (!xdr_rpc_gss_cred(&tmpxdrs, &gd->gd_cred)) {
XDR_DESTROY(&tmpxdrs);
_rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOMEM);
return (FALSE);
}
creds.oa_flavor = RPCSEC_GSS;
creds.oa_base = credbuf;
creds.oa_length = XDR_GETPOS(&tmpxdrs);
XDR_DESTROY(&tmpxdrs);
xdrmem_create(&tmpxdrs, tmpheader, sizeof(tmpheader), XDR_ENCODE);
if (!XDR_PUTBYTES(&tmpxdrs, header, headerlen) ||
!xdr_opaque_auth(&tmpxdrs, &creds)) {
XDR_DESTROY(&tmpxdrs);
_rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOMEM);
return (FALSE);
}
headerlen = XDR_GETPOS(&tmpxdrs);
XDR_DESTROY(&tmpxdrs);
if (!XDR_PUTBYTES(xdrs, tmpheader, headerlen)) {
_rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOMEM);
return (FALSE);
}
if (gd->gd_cred.gc_proc == RPCSEC_GSS_INIT ||
gd->gd_cred.gc_proc == RPCSEC_GSS_CONTINUE_INIT) {
if (!xdr_opaque_auth(xdrs, &_null_auth)) {
_rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOMEM);
return (FALSE);
}
} else {
/*
* Checksum serialized RPC header, up to and including
* credential.
*/
rpcbuf.length = headerlen;
rpcbuf.value = tmpheader;
maj_stat = gss_get_mic(&min_stat, gd->gd_ctx, gd->gd_qop,
&rpcbuf, &checksum);
if (maj_stat != GSS_S_COMPLETE) {
log_status("gss_get_mic", gd->gd_mech,
maj_stat, min_stat);
if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
rpc_gss_destroy_context(auth, TRUE);
}
_rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, EPERM);
return (FALSE);
}
verf.oa_flavor = RPCSEC_GSS;
verf.oa_base = checksum.value;
verf.oa_length = checksum.length;
xdr_stat = xdr_opaque_auth(xdrs, &verf);
gss_release_buffer(&min_stat, &checksum);
if (!xdr_stat) {
_rpc_gss_set_error(RPC_GSS_ER_SYSTEMERROR, ENOMEM);
return (FALSE);
}
}
if (gd->gd_state != RPCSEC_GSS_ESTABLISHED ||
gd->gd_cred.gc_svc == rpc_gss_svc_none) {
return (xdr_args(xdrs, args_ptr));
}
return (xdr_rpc_gss_wrap_data(xdrs, xdr_args, args_ptr,
gd->gd_ctx, gd->gd_qop, gd->gd_cred.gc_svc,
gd->gd_cred.gc_seq));
}
static enum clnt_stat
clnttcp_call(
CLIENT *h,
rpcproc_t proc,
xdrproc_t xdr_args,
void * args_ptr,
xdrproc_t xdr_results,
void * results_ptr,
struct timeval timeout)
{
struct ct_data *ct = h->cl_private;
XDR *xdrs = &ct->ct_xdrs;
struct rpc_msg reply_msg;
uint32_t x_id;
uint32_t *msg_x_id = &ct->ct_u.ct_mcalli; /* yuk */
bool_t shipnow;
int refreshes = 2;
long procl = proc;
if (!ct->ct_waitset) {
ct->ct_wait = timeout;
}
shipnow =
(xdr_results == (xdrproc_t)0 && timeout.tv_sec == 0
&& timeout.tv_usec == 0) ? FALSE : TRUE;
call_again:
xdrs->x_op = XDR_ENCODE;
ct->ct_error.re_status = RPC_SUCCESS;
x_id = ntohl(--(*msg_x_id));
if ((! XDR_PUTBYTES(xdrs, ct->ct_u.ct_mcall, ct->ct_mpos)) ||
(! XDR_PUTLONG(xdrs, &procl)) ||
(! AUTH_MARSHALL(h->cl_auth, xdrs)) ||
(! AUTH_WRAP(h->cl_auth, xdrs, xdr_args, args_ptr))) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTENCODEARGS;
(void)xdrrec_endofrecord(xdrs, TRUE);
return (ct->ct_error.re_status);
}
if (! xdrrec_endofrecord(xdrs, shipnow))
return (ct->ct_error.re_status = RPC_CANTSEND);
if (! shipnow)
return (RPC_SUCCESS);
/*
* Hack to provide rpc-based message passing
*/
if (timeout.tv_sec == 0 && timeout.tv_usec == 0) {
return(ct->ct_error.re_status = RPC_TIMEDOUT);
}
/*
* Keep receiving until we get a valid transaction id
*/
xdrs->x_op = XDR_DECODE;
while (TRUE) {
reply_msg.acpted_rply.ar_verf = gssrpc__null_auth;
reply_msg.acpted_rply.ar_results.where = NULL;
reply_msg.acpted_rply.ar_results.proc = xdr_void;
if (! xdrrec_skiprecord(xdrs))
return (ct->ct_error.re_status);
/* now decode and validate the response header */
if (! xdr_replymsg(xdrs, &reply_msg)) {
/*
* Free some stuff allocated by xdr_replymsg()
* to avoid leaks, since it may allocate
* memory from partially successful decodes.
*/
enum xdr_op op = xdrs->x_op;
xdrs->x_op = XDR_FREE;
xdr_replymsg(xdrs, &reply_msg);
xdrs->x_op = op;
if (ct->ct_error.re_status == RPC_SUCCESS)
continue;
return (ct->ct_error.re_status);
}
if (reply_msg.rm_xid == x_id)
break;
}
/*
* process header
*/
gssrpc__seterr_reply(&reply_msg, &(ct->ct_error));
if (ct->ct_error.re_status == RPC_SUCCESS) {
if (! AUTH_VALIDATE(h->cl_auth, &reply_msg.acpted_rply.ar_verf)) {
ct->ct_error.re_status = RPC_AUTHERROR;
ct->ct_error.re_why = AUTH_INVALIDRESP;
} else if (! AUTH_UNWRAP(h->cl_auth, xdrs,
xdr_results, results_ptr)) {
if (ct->ct_error.re_status == RPC_SUCCESS)
ct->ct_error.re_status = RPC_CANTDECODERES;
}
} /* end successful completion */
else {
/* maybe our credentials need to be refreshed ... */
if (refreshes-- && AUTH_REFRESH(h->cl_auth, &reply_msg))
goto call_again;
} /* end of unsuccessful completion */
/* free verifier ... */
if ((reply_msg.rm_reply.rp_stat == MSG_ACCEPTED) &&
(reply_msg.acpted_rply.ar_verf.oa_base != NULL)) {
xdrs->x_op = XDR_FREE;
(void)xdr_opaque_auth(xdrs, &(reply_msg.acpted_rply.ar_verf));
}
return (ct->ct_error.re_status);
}