Lines Matching refs:ap

271 	rpc_gss_data	*ap;  in rpc_gss_secget()  local
309 ap = AUTH_PRIVATE(current->auth); in rpc_gss_secget()
310 ap->clnt = clnt; in rpc_gss_secget()
312 if (ap->invalid || in rpc_gss_secget()
441 rpc_gss_data *ap = NULL; in rpc_gss_seccreate() local
464 ap = (rpc_gss_data *) kmem_alloc(sizeof (*ap), KM_SLEEP); in rpc_gss_seccreate()
465 if (auth == NULL || ap == NULL) { in rpc_gss_seccreate()
473 bzero((char *)ap, sizeof (*ap)); in rpc_gss_seccreate()
474 ap->clnt = clnt; in rpc_gss_seccreate()
475 ap->version = RPCSEC_GSS_VERSION; in rpc_gss_seccreate()
477 ap->my_cred = options_req->my_cred; in rpc_gss_seccreate()
478 ap->req_flags = options_req->req_flags; in rpc_gss_seccreate()
479 ap->time_req = options_req->time_req; in rpc_gss_seccreate()
480 ap->icb = options_req->input_channel_bindings; in rpc_gss_seccreate()
482 ap->my_cred = GSS_C_NO_CREDENTIAL; in rpc_gss_seccreate()
483 ap->req_flags = GSS_C_MUTUAL_FLAG; in rpc_gss_seccreate()
484 ap->time_req = 0; in rpc_gss_seccreate()
485 ap->icb = GSS_C_NO_CHANNEL_BINDINGS; in rpc_gss_seccreate()
487 if ((ap->service = service_type) == rpc_gss_svc_default) in rpc_gss_seccreate()
488 ap->service = rpc_gss_svc_integrity; in rpc_gss_seccreate()
489 ap->qop = qop; in rpc_gss_seccreate()
490 ap->target_name = target_name; in rpc_gss_seccreate()
496 if (error = rpc_gss_seccreate_pvt(&gssstat, &minor_stat, auth, ap, in rpc_gss_seccreate()
497 mechanism, &ap->mech_type, &ret_flags, &time_rec, cr, 0)) { in rpc_gss_seccreate()
498 if (ap->target_name) { in rpc_gss_seccreate()
499 (void) gss_release_name(&minor_stat, &ap->target_name); in rpc_gss_seccreate()
501 kmem_free((char *)ap, sizeof (*ap)); in rpc_gss_seccreate()
512 if ((ap->service == rpc_gss_svc_privacy && in rpc_gss_seccreate()
526 options_ret->rpcsec_version = ap->version; in rpc_gss_seccreate()
529 options_ret->gss_context = ap->context; in rpc_gss_seccreate()
533 NOT_NULL(ap->mech_type); in rpc_gss_seccreate()
534 __rpc_gss_dup_oid(ap->mech_type, in rpc_gss_seccreate()
547 rpc_gss_seccreate_pvt(gssstat, minor_stat, auth, ap, desired_mech_type, in rpc_gss_seccreate_pvt() argument
552 rpc_gss_data *ap;
560 CLIENT *clnt = ap->clnt;
575 auth->ah_private = (caddr_t)ap;
578 ap->established = FALSE;
579 ap->ctx_handle.length = 0;
580 ap->ctx_handle.value = NULL;
581 ap->context = NULL;
582 ap->seq_num = 0;
583 ap->gss_proc = RPCSEC_GSS_INIT;
600 ap->my_cred,
601 &ap->context,
602 ap->target_name,
604 ap->req_flags,
605 ap->time_req,
732 ap->gss_proc = RPCSEC_GSS_CONTINUE_INIT;
737 if (ap->ctx_handle.length == 0) {
744 GSS_DUP_BUFFER(ap->ctx_handle,
746 } else if (!GSS_BUFFERS_EQUAL(ap->ctx_handle,
777 ap->seq_window = call_res.seq_window;
795 *gssstat = kgss_export_sec_context(minor_stat, ap->context,
808 &ap->context, NULL);
816 &ap->context, NULL);
821 ap->context);
830 &ap->context, NULL);
840 if (!validate_seqwin(ap)) {
849 ap->established = TRUE;
850 ap->seq_num = 1;
851 ap->gss_proc = RPCSEC_GSS_DATA;
852 ap->invalid = FALSE;
871 if (ap->context != NULL) {
882 marshall_creds(ap, xdrs, cred_buf_len) in marshall_creds() argument
883 rpc_gss_data *ap; in marshall_creds()
892 ag_creds.version = ap->version;
893 ag_creds.gss_proc = ap->gss_proc;
894 ag_creds.seq_num = ap->seq_num;
895 ag_creds.service = ap->service;
900 if (ap->ctx_handle.length > 0)
901 ag_creds.ctx_handle = ap->ctx_handle;
937 marshall_verf(ap, xdrs, buf) in marshall_verf() argument
938 rpc_gss_data *ap; in marshall_verf()
950 if (!ap->established) {
960 if ((major = kgss_sign(&minor, ap->context, ap->qop, &in_buf,
963 ap->invalid = TRUE;
984 validate_seqwin(rpc_gss_data *ap) in validate_seqwin() argument
991 ASSERT(ap->verifier); in validate_seqwin()
992 ASSERT(ap->context); in validate_seqwin()
993 seq_win_net = (uint_t)htonl(ap->seq_window); in validate_seqwin()
996 tok_buf.length = ap->verifier->oa_length; in validate_seqwin()
997 tok_buf.value = ap->verifier->oa_base; in validate_seqwin()
998 major = kgss_verify(&minor, ap->context, &msg_buf, &tok_buf, in validate_seqwin()
1005 RPCGSS_LOG1(1, "seq_window %d, verf len %d ", ap->seq_window, in validate_seqwin()
1006 ap->verifier->oa_length); in validate_seqwin()
1021 rpc_gss_data *ap = AUTH_PRIVATE(auth); local
1032 if (!ap->established) {
1033 if (ap->verifier == NULL) {
1034 ap->verifier = kmem_zalloc(sizeof (struct opaque_auth),
1037 ap->verifier->oa_base = kmem_zalloc(verf->oa_length,
1040 if (ap->verifier->oa_length > 0)
1041 kmem_free(ap->verifier->oa_base, ap->verifier->oa_length);
1043 ap->verifier->oa_base = kmem_zalloc(verf->oa_length,
1046 ap->verifier->oa_length = verf->oa_length;
1047 bcopy(verf->oa_base, ap->verifier->oa_base, verf->oa_length);
1051 seq_num_net = (uint_t)htonl(ap->seq_num);
1056 major = kgss_verify(&minor, ap->context, &msg_buf, &tok_buf,
1078 rpc_gss_data *ap = AUTH_PRIVATE(auth); local
1097 !ap->established) {
1103 if (ap->context != NULL) {
1104 ctx_sav = ap->context;
1105 ap->context = NULL;
1107 if (ap->ctx_handle.length != 0) {
1108 ctx_hdle_sav.length = ap->ctx_handle.length;
1109 ctx_hdle_sav.value = ap->ctx_handle.value;
1110 ap->ctx_handle.length = 0;
1111 ap->ctx_handle.value = NULL;
1118 if (!ap->established) {
1119 ap->invalid = TRUE;
1126 est_sav = ap->established;
1127 sn_sav = ap->seq_num;
1128 proc_sav = ap->gss_proc;
1134 ap, ap->mech_type, (gss_OID *)NULL, (int *)NULL,
1147 if (ap->context != NULL) {
1149 &ap->context, NULL);
1151 if (ap->ctx_handle.length != 0) {
1153 &ap->ctx_handle);
1160 ap->context = ctx_sav;
1161 ap->ctx_handle.length = ctx_hdle_sav.length;
1162 ap->ctx_handle.value = ctx_hdle_sav.value;
1163 ap->established = est_sav;
1164 ap->seq_num = sn_sav;
1165 ap->gss_proc = proc_sav;
1170 ap->invalid = TRUE;
1198 rpc_gss_data *ap = AUTH_PRIVATE(auth); local
1207 kmem_free((char *)ap, sizeof (*ap));
1220 rpc_gss_data *ap = AUTH_PRIVATE(auth); local
1222 if (ap->ctx_handle.length != 0) {
1223 (void) gss_release_buffer(&minor_stat, &ap->ctx_handle);
1224 ap->ctx_handle.length = 0;
1225 ap->ctx_handle.value = NULL;
1231 if (ap->context != NULL) {
1232 (void) kgss_delete_sec_context(&minor_stat, &ap->context, NULL);
1233 ap->context = NULL;
1240 if (ap->my_cred == GSS_C_NO_CREDENTIAL)
1241 (void) kgss_release_cred(&minor_stat, &ap->my_cred,
1247 if (ap->target_name != NULL) {
1248 (void) gss_release_name(&minor_stat, &ap->target_name);
1249 ap->target_name = NULL;
1255 if (ap->mech_type != NULL) {
1256 kgss_free_oid(ap->mech_type);
1257 ap->mech_type = NULL;
1263 if (ap->verifier != NULL) {
1264 if (ap->verifier->oa_length > 0) {
1265 kmem_free(ap->verifier->oa_base, ap->verifier->oa_length);
1267 kmem_free(ap->verifier, sizeof (struct opaque_auth));
1268 ap->verifier = NULL;
1286 rpc_gss_data *ap = AUTH_PRIVATE(auth);
1292 if (ap->ctx_handle.length != 0) {
1296 ap->gss_proc = RPCSEC_GSS_DESTROY;
1299 (void) CLNT_CONTROL(ap->clnt, CLGET_XID, (char *)&oldxid);
1300 (void) CLNT_CONTROL(ap->clnt, CLSET_XID, (char *)&zeroxid);
1301 (void) clnt_call(ap->clnt, NULLPROC, xdr_void, NULL,
1303 (void) CLNT_CONTROL(ap->clnt, CLSET_XID, (char *)&oldxid);
1325 rpc_gss_data *ap = AUTH_PRIVATE(auth); local
1342 if (ap->invalid) {
1350 if (ap->established)
1351 ap->seq_num++;
1357 cred_buf_len = RNDUP(sizeof (ap->version) + sizeof (ap->gss_proc) +
1358 sizeof (ap->seq_num) + sizeof (ap->service) +
1359 sizeof (ap->ctx_handle) + ap->ctx_handle.length);
1374 if (!marshall_creds(ap, &xdrs, cred_buf_len)) {
1383 if (!marshall_verf(ap, &xdrs, tmp_buf)) {
1404 if (!ap->established || ap->service == rpc_gss_svc_none) {
1408 return (__rpc_gss_wrap_data(ap->service, ap->qop, ap->context,
1409 ap->seq_num, out_xdrs, xdr_func, xdr_ptr));
1422 rpc_gss_data *ap = AUTH_PRIVATE(auth); local
1428 if (!ap->established || ap->service == rpc_gss_svc_none)
1431 return (__rpc_gss_unwrap_data(ap->service,
1432 ap->context,
1433 ap->seq_num,
1434 ap->qop,
1446 rpc_gss_data *ap; in rpc_gss_revauth() local
1461 ap = AUTH_PRIVATE(cur->auth); in rpc_gss_revauth()
1462 if (__rpc_gss_oids_equal(ap->mech_type, in rpc_gss_revauth()
1468 ap->invalid = TRUE; in rpc_gss_revauth()
1581 rpc_gss_data *ap = AUTH_PRIVATE(auth); in rpc_gss_get_service_type() local
1583 return (ap->service); in rpc_gss_get_service_type()