Lines Matching +full:mic +full:- +full:offset
1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
147 rpc_gss_ucred_t cl_ucred; /* unix-style credentials */
148 struct ucred *cl_cred; /* kernel-style credentials */
163 * (which is a per-request buffer).
182 "Max number of rpc-gss clients");
186 "Size of rpc-gss client hash table");
191 "Maximum lifetime (seconds) of rpc-gss clients");
196 "Number of rpc-gss clients");
257 scb->cb_callback = *cb; in rpc_gss_set_callback()
272 if (scb->cb_callback.program == cb->program in rpc_gss_clear_callback()
273 && scb->cb_callback.version == cb->version in rpc_gss_clear_callback()
274 && scb->cb_callback.callback == cb->callback) { in rpc_gss_clear_callback()
294 oid_set.elements = sname->sn_mech; in rpc_gss_acquire_svc_cred()
296 namebuf.value = (void *) sname->sn_principal; in rpc_gss_acquire_svc_cred()
297 namebuf.length = strlen(sname->sn_principal); in rpc_gss_acquire_svc_cred()
304 if (sname->sn_cred != GSS_C_NO_CREDENTIAL) in rpc_gss_acquire_svc_cred()
305 gss_release_cred(&min_stat, &sname->sn_cred); in rpc_gss_acquire_svc_cred()
308 sname->sn_req_time, &oid_set, GSS_C_ACCEPT, &sname->sn_cred, in rpc_gss_acquire_svc_cred()
332 sname->sn_principal = strdup(principal, M_RPC); in rpc_gss_set_svc_name()
333 sname->sn_mech = mech_oid; in rpc_gss_set_svc_name()
334 sname->sn_req_time = req_time; in rpc_gss_set_svc_name()
335 sname->sn_cred = GSS_C_NO_CREDENTIAL; in rpc_gss_set_svc_name()
336 sname->sn_program = program; in rpc_gss_set_svc_name()
337 sname->sn_version = version; in rpc_gss_set_svc_name()
340 free(sname->sn_principal, M_RPC); in rpc_gss_set_svc_name()
360 if (sname->sn_program == program in rpc_gss_clear_svc_name()
361 && sname->sn_version == version) { in rpc_gss_clear_svc_name()
365 gss_release_cred(&min_stat, &sname->sn_cred); in rpc_gss_clear_svc_name()
366 free(sname->sn_principal, M_RPC); in rpc_gss_clear_svc_name()
450 result->len = buf.length; in rpc_gss_get_principal_name()
451 memcpy(result->name, buf.value, buf.length); in rpc_gss_get_principal_name()
496 if (req->rq_cred.oa_flavor != RPCSEC_GSS) in rpc_gss_getcred()
499 cc = req->rq_clntcred; in rpc_gss_getcred()
500 client = cc->cc_client; in rpc_gss_getcred()
502 *rcred = &client->cl_rawcred; in rpc_gss_getcred()
504 *ucred = &client->cl_ucred; in rpc_gss_getcred()
506 *cookie = client->cl_cookie; in rpc_gss_getcred()
522 if (req->rq_cred.oa_flavor != RPCSEC_GSS) in rpc_gss_svc_getcred()
525 cc = req->rq_clntcred; in rpc_gss_svc_getcred()
526 client = cc->cc_client; in rpc_gss_svc_getcred()
529 *flavorp = client->cl_rpcflavor; in rpc_gss_svc_getcred()
531 if (client->cl_cred) { in rpc_gss_svc_getcred()
532 *crp = crhold(client->cl_cred); in rpc_gss_svc_getcred()
536 uc = &client->cl_ucred; in rpc_gss_svc_getcred()
537 cr = client->cl_cred = crget(); in rpc_gss_svc_getcred()
538 cr->cr_uid = cr->cr_ruid = cr->cr_svuid = uc->uid; in rpc_gss_svc_getcred()
539 cr->cr_rgid = cr->cr_svgid = uc->gid; in rpc_gss_svc_getcred()
540 crsetgroups_fallback(cr, uc->gidlen, uc->gidlist, uc->gid); in rpc_gss_svc_getcred()
541 cr->cr_prison = curthread->td_ucred->cr_prison; in rpc_gss_svc_getcred()
542 prison_hold(cr->cr_prison); in rpc_gss_svc_getcred()
551 struct svc_rpc_gss_cookedcred *cc = req->rq_clntcred; in rpc_gss_svc_max_data_length()
552 struct svc_rpc_gss_client *client = cc->cc_client; in rpc_gss_svc_max_data_length()
558 switch (client->cl_rawcred.service) { in rpc_gss_svc_max_data_length()
576 maj_stat = gss_wrap_size_limit(&min_stat, client->cl_ctx, want_conf, in rpc_gss_svc_max_data_length()
577 client->cl_qop, max_tp_unit_len, &max); in rpc_gss_svc_max_data_length()
585 rpc_gss_log_status("gss_wrap_size_limit", client->cl_mech, in rpc_gss_svc_max_data_length()
599 rpc_gss_log_debug("in svc_rpc_gss_find_client(%d)", id->ci_id); in svc_rpc_gss_find_client()
601 getcredhostid(curthread->td_ucred, &hostid); in svc_rpc_gss_find_client()
603 if (id->ci_hostid != hostid || id->ci_boottime != boottime.tv_sec) in svc_rpc_gss_find_client()
607 [id->ci_id % svc_rpc_gss_client_hash_size]; in svc_rpc_gss_find_client()
610 if (client->cl_id.ci_id == id->ci_id) { in svc_rpc_gss_find_client()
619 refcount_acquire(&client->cl_refs); in svc_rpc_gss_find_client()
645 refcount_init(&client->cl_refs, 2); in svc_rpc_gss_create_client()
646 sx_init(&client->cl_lock, "GSS-client"); in svc_rpc_gss_create_client()
647 getcredhostid(curthread->td_ucred, &hostid); in svc_rpc_gss_create_client()
648 client->cl_id.ci_hostid = hostid; in svc_rpc_gss_create_client()
650 client->cl_id.ci_boottime = boottime.tv_sec; in svc_rpc_gss_create_client()
651 client->cl_id.ci_id = KGSS_VNET(svc_rpc_gss_next_clientid)++; in svc_rpc_gss_create_client()
657 client->cl_state = CLIENT_NEW; in svc_rpc_gss_create_client()
658 client->cl_locked = FALSE; in svc_rpc_gss_create_client()
659 client->cl_expiration = time_uptime + 5*60; in svc_rpc_gss_create_client()
662 [client->cl_id.ci_id % svc_rpc_gss_client_hash_size]; in svc_rpc_gss_create_client()
678 if (client->cl_ctx) in svc_rpc_gss_destroy_client()
680 &client->cl_ctx, GSS_C_NO_BUFFER); in svc_rpc_gss_destroy_client()
682 if (client->cl_cname) in svc_rpc_gss_destroy_client()
683 gss_release_name(&min_stat, &client->cl_cname); in svc_rpc_gss_destroy_client()
685 if (client->cl_rawcred.client_principal) in svc_rpc_gss_destroy_client()
686 mem_free(client->cl_rawcred.client_principal, in svc_rpc_gss_destroy_client()
687 sizeof(*client->cl_rawcred.client_principal) in svc_rpc_gss_destroy_client()
688 + client->cl_rawcred.client_principal->len); in svc_rpc_gss_destroy_client()
690 if (client->cl_cred) in svc_rpc_gss_destroy_client()
691 crfree(client->cl_cred); in svc_rpc_gss_destroy_client()
693 sx_destroy(&client->cl_lock); in svc_rpc_gss_destroy_client()
704 if (!refcount_release(&client->cl_refs)) in svc_rpc_gss_release_client()
720 [client->cl_id.ci_id % svc_rpc_gss_client_hash_size]; in svc_rpc_gss_forget_client_locked()
723 svc_rpc_gss_client_count--; in svc_rpc_gss_forget_client_locked()
736 [client->cl_id.ci_id % svc_rpc_gss_client_hash_size]; in svc_rpc_gss_forget_client()
779 if (client->cl_state == CLIENT_STALE in svc_rpc_gss_timeout_clients()
780 || now > client->cl_expiration) { in svc_rpc_gss_timeout_clients()
794 * OID<->string routines. These are uuuuugly.
813 cp = (unsigned char *) oid->elements; in gss_oid_to_str()
819 for (i=1; i<oid->length; i++) { in gss_oid_to_str()
848 cp = (unsigned char *) oid->elements; in gss_oid_to_str()
849 for (i=1; i<oid->length; i++) { in gss_oid_to_str()
858 oid_str->length = strlen(bp)+1; in gss_oid_to_str()
859 oid_str->value = (void *) bp; in gss_oid_to_str()
873 rpc_gss_ucred_t *uc = &client->cl_ucred; in svc_rpc_gss_build_ucred()
876 uc->uid = 65534; in svc_rpc_gss_build_ucred()
877 uc->gid = 65534; in svc_rpc_gss_build_ucred()
878 uc->gidlist = client->cl_gid_storage; in svc_rpc_gss_build_ucred()
881 maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech, in svc_rpc_gss_build_ucred()
882 &uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]); in svc_rpc_gss_build_ucred()
884 uc->gidlen = 0; in svc_rpc_gss_build_ucred()
886 uc->gidlen = numgroups; in svc_rpc_gss_build_ucred()
899 if (kgss_oid_equal(client->cl_mech, &krb5_mech_oid)) { in svc_rpc_gss_set_flavor()
900 switch (client->cl_rawcred.service) { in svc_rpc_gss_set_flavor()
903 client->cl_rpcflavor = RPCSEC_GSS_KRB5; in svc_rpc_gss_set_flavor()
906 client->cl_rpcflavor = RPCSEC_GSS_KRB5I; in svc_rpc_gss_set_flavor()
909 client->cl_rpcflavor = RPCSEC_GSS_KRB5P; in svc_rpc_gss_set_flavor()
913 client->cl_rpcflavor = RPCSEC_GSS; in svc_rpc_gss_set_flavor()
937 client->cl_state = CLIENT_STALE; in svc_rpc_gss_accept_sec_context()
946 if (!client->cl_sname) { in svc_rpc_gss_accept_sec_context()
949 if (sname->sn_program == rqst->rq_prog in svc_rpc_gss_accept_sec_context()
950 && sname->sn_version == rqst->rq_vers) { in svc_rpc_gss_accept_sec_context()
952 gr->gr_major = gss_accept_sec_context( in svc_rpc_gss_accept_sec_context()
953 &gr->gr_minor, in svc_rpc_gss_accept_sec_context()
954 &client->cl_ctx, in svc_rpc_gss_accept_sec_context()
955 sname->sn_cred, in svc_rpc_gss_accept_sec_context()
958 &client->cl_cname, in svc_rpc_gss_accept_sec_context()
960 &gr->gr_token, in svc_rpc_gss_accept_sec_context()
963 &client->cl_creds); in svc_rpc_gss_accept_sec_context()
964 if (gr->gr_major == in svc_rpc_gss_accept_sec_context()
974 client->cl_sname = sname; in svc_rpc_gss_accept_sec_context()
985 gr->gr_major = gss_accept_sec_context( in svc_rpc_gss_accept_sec_context()
986 &gr->gr_minor, in svc_rpc_gss_accept_sec_context()
987 &client->cl_ctx, in svc_rpc_gss_accept_sec_context()
988 client->cl_sname->sn_cred, in svc_rpc_gss_accept_sec_context()
991 &client->cl_cname, in svc_rpc_gss_accept_sec_context()
993 &gr->gr_token, in svc_rpc_gss_accept_sec_context()
1007 if (gr->gr_major != GSS_S_COMPLETE && in svc_rpc_gss_accept_sec_context()
1008 gr->gr_major != GSS_S_CONTINUE_NEEDED) { in svc_rpc_gss_accept_sec_context()
1009 rpc_gss_log_status("accept_sec_context", client->cl_mech, in svc_rpc_gss_accept_sec_context()
1010 gr->gr_major, gr->gr_minor); in svc_rpc_gss_accept_sec_context()
1011 client->cl_state = CLIENT_STALE; in svc_rpc_gss_accept_sec_context()
1015 gr->gr_handle.value = &client->cl_id; in svc_rpc_gss_accept_sec_context()
1016 gr->gr_handle.length = sizeof(client->cl_id); in svc_rpc_gss_accept_sec_context()
1017 gr->gr_win = SVC_RPC_GSS_SEQWINDOW; in svc_rpc_gss_accept_sec_context()
1020 client->cl_mech = mech; in svc_rpc_gss_accept_sec_context()
1021 client->cl_qop = GSS_C_QOP_DEFAULT; in svc_rpc_gss_accept_sec_context()
1022 client->cl_done_callback = FALSE; in svc_rpc_gss_accept_sec_context()
1024 if (gr->gr_major == GSS_S_COMPLETE) { in svc_rpc_gss_accept_sec_context()
1042 client->cl_expiration = time_uptime + cred_lifetime; in svc_rpc_gss_accept_sec_context()
1047 client->cl_rawcred.version = RPCSEC_GSS_VERSION; in svc_rpc_gss_accept_sec_context()
1048 rpc_gss_oid_to_mech(mech, &client->cl_rawcred.mechanism); in svc_rpc_gss_accept_sec_context()
1049 maj_stat = gss_export_name(&min_stat, client->cl_cname, in svc_rpc_gss_accept_sec_context()
1052 rpc_gss_log_status("gss_export_name", client->cl_mech, in svc_rpc_gss_accept_sec_context()
1056 client->cl_rawcred.client_principal = in svc_rpc_gss_accept_sec_context()
1057 mem_alloc(sizeof(*client->cl_rawcred.client_principal) in svc_rpc_gss_accept_sec_context()
1059 client->cl_rawcred.client_principal->len = export_name.length; in svc_rpc_gss_accept_sec_context()
1060 memcpy(client->cl_rawcred.client_principal->name, in svc_rpc_gss_accept_sec_context()
1063 client->cl_rawcred.svc_principal = in svc_rpc_gss_accept_sec_context()
1064 client->cl_sname->sn_principal; in svc_rpc_gss_accept_sec_context()
1065 client->cl_rawcred.service = gc->gc_svc; in svc_rpc_gss_accept_sec_context()
1071 svc_rpc_gss_build_ucred(client, client->cl_cname); in svc_rpc_gss_accept_sec_context()
1073 gss_release_name(&min_stat, &client->cl_cname); in svc_rpc_gss_accept_sec_context()
1083 client->cl_rawcred.client_principal->name, in svc_rpc_gss_accept_sec_context()
1085 client->cl_qop, client->cl_rawcred.service); in svc_rpc_gss_accept_sec_context()
1111 IXDR_PUT_LONG(buf, msg->rm_xid); in svc_rpc_gss_validate()
1112 IXDR_PUT_ENUM(buf, msg->rm_direction); in svc_rpc_gss_validate()
1113 IXDR_PUT_LONG(buf, msg->rm_call.cb_rpcvers); in svc_rpc_gss_validate()
1114 IXDR_PUT_LONG(buf, msg->rm_call.cb_prog); in svc_rpc_gss_validate()
1115 IXDR_PUT_LONG(buf, msg->rm_call.cb_vers); in svc_rpc_gss_validate()
1116 IXDR_PUT_LONG(buf, msg->rm_call.cb_proc); in svc_rpc_gss_validate()
1117 oa = &msg->rm_call.cb_cred; in svc_rpc_gss_validate()
1118 IXDR_PUT_ENUM(buf, oa->oa_flavor); in svc_rpc_gss_validate()
1119 IXDR_PUT_LONG(buf, oa->oa_length); in svc_rpc_gss_validate()
1120 if (oa->oa_length) { in svc_rpc_gss_validate()
1121 memcpy((caddr_t)buf, oa->oa_base, oa->oa_length); in svc_rpc_gss_validate()
1122 buf += RNDUP(oa->oa_length) / sizeof(int32_t); in svc_rpc_gss_validate()
1125 rpcbuf.length = (u_char *)buf - (u_char *)rpchdr; in svc_rpc_gss_validate()
1127 checksum.value = msg->rm_call.cb_verf.oa_base; in svc_rpc_gss_validate()
1128 checksum.length = msg->rm_call.cb_verf.oa_length; in svc_rpc_gss_validate()
1130 maj_stat = gss_verify_mic(&min_stat, client->cl_ctx, &rpcbuf, &checksum, in svc_rpc_gss_validate()
1134 rpc_gss_log_status("gss_verify_mic", client->cl_mech, in svc_rpc_gss_validate()
1145 client->cl_state = CLIENT_STALE; in svc_rpc_gss_validate()
1158 gss_buffer_desc mic; in svc_rpc_gss_nextverf() local
1168 maj_stat = gss_get_mic(&min_stat, client->cl_ctx, client->cl_qop, in svc_rpc_gss_nextverf()
1169 &signbuf, &mic); in svc_rpc_gss_nextverf()
1172 rpc_gss_log_status("gss_get_mic", client->cl_mech, maj_stat, min_stat); in svc_rpc_gss_nextverf()
1173 client->cl_state = CLIENT_STALE; in svc_rpc_gss_nextverf()
1177 KASSERT(mic.length <= MAX_AUTH_BYTES, in svc_rpc_gss_nextverf()
1178 ("MIC too large for RPCSEC_GSS")); in svc_rpc_gss_nextverf()
1180 rqst->rq_verf.oa_flavor = RPCSEC_GSS; in svc_rpc_gss_nextverf()
1181 rqst->rq_verf.oa_length = mic.length; in svc_rpc_gss_nextverf()
1182 bcopy(mic.value, rqst->rq_verf.oa_base, mic.length); in svc_rpc_gss_nextverf()
1184 gss_release_buffer(&min_stat, &mic); in svc_rpc_gss_nextverf()
1203 if (scb->cb_callback.program == rqst->rq_prog in svc_rpc_gss_callback()
1204 && scb->cb_callback.version == rqst->rq_vers) { in svc_rpc_gss_callback()
1210 lock.raw_cred = &client->cl_rawcred; in svc_rpc_gss_callback()
1211 cb_res = scb->cb_callback.callback(rqst, in svc_rpc_gss_callback()
1212 client->cl_creds, in svc_rpc_gss_callback()
1213 client->cl_ctx, in svc_rpc_gss_callback()
1218 client->cl_state = CLIENT_STALE; in svc_rpc_gss_callback()
1224 * The callback accepted the connection - it in svc_rpc_gss_callback()
1225 * is responsible for freeing client->cl_creds in svc_rpc_gss_callback()
1228 client->cl_creds = GSS_C_NO_CREDENTIAL; in svc_rpc_gss_callback()
1229 client->cl_locked = lock.locked; in svc_rpc_gss_callback()
1230 client->cl_cookie = cookie; in svc_rpc_gss_callback()
1240 if (client->cl_creds) { in svc_rpc_gss_callback()
1242 gss_release_cred(&min_ver, &client->cl_creds); in svc_rpc_gss_callback()
1250 uint32_t offset; in svc_rpc_gss_check_replay() local
1254 sx_xlock(&client->cl_lock); in svc_rpc_gss_check_replay()
1255 if (seq <= client->cl_seqlast) { in svc_rpc_gss_check_replay()
1263 offset = client->cl_seqlast - seq; in svc_rpc_gss_check_replay()
1264 if (offset >= SVC_RPC_GSS_SEQWINDOW) { in svc_rpc_gss_check_replay()
1268 word = offset / 32; in svc_rpc_gss_check_replay()
1269 bit = offset % 32; in svc_rpc_gss_check_replay()
1270 if (client->cl_seqmask[word] & (1 << bit)) { in svc_rpc_gss_check_replay()
1278 sx_xunlock(&client->cl_lock); in svc_rpc_gss_check_replay()
1285 int offset, i, word, bit; in svc_rpc_gss_update_seq() local
1288 sx_xlock(&client->cl_lock); in svc_rpc_gss_update_seq()
1289 if (seq > client->cl_seqlast) { in svc_rpc_gss_update_seq()
1297 offset = seq - client->cl_seqlast; in svc_rpc_gss_update_seq()
1298 while (offset > 32) { in svc_rpc_gss_update_seq()
1299 for (i = (SVC_RPC_GSS_SEQWINDOW / 32) - 1; in svc_rpc_gss_update_seq()
1300 i > 0; i--) { in svc_rpc_gss_update_seq()
1301 client->cl_seqmask[i] = client->cl_seqmask[i-1]; in svc_rpc_gss_update_seq()
1303 client->cl_seqmask[0] = 0; in svc_rpc_gss_update_seq()
1304 offset -= 32; in svc_rpc_gss_update_seq()
1308 newcarry = client->cl_seqmask[i] >> (32 - offset); in svc_rpc_gss_update_seq()
1309 client->cl_seqmask[i] = in svc_rpc_gss_update_seq()
1310 (client->cl_seqmask[i] << offset) | carry; in svc_rpc_gss_update_seq()
1313 client->cl_seqmask[0] |= 1; in svc_rpc_gss_update_seq()
1314 client->cl_seqlast = seq; in svc_rpc_gss_update_seq()
1316 offset = client->cl_seqlast - seq; in svc_rpc_gss_update_seq()
1317 word = offset / 32; in svc_rpc_gss_update_seq()
1318 bit = offset % 32; in svc_rpc_gss_update_seq()
1319 client->cl_seqmask[word] |= (1 << bit); in svc_rpc_gss_update_seq()
1321 sx_xunlock(&client->cl_lock); in svc_rpc_gss_update_seq()
1345 rqst->rq_verf = _null_auth; in svc_rpc_gss()
1348 if (rqst->rq_cred.oa_length <= 0) { in svc_rpc_gss()
1355 xdrmem_create(&xdrs, rqst->rq_cred.oa_base, in svc_rpc_gss()
1356 rqst->rq_cred.oa_length, XDR_DECODE); in svc_rpc_gss()
1390 * Can't find the client - we may have in svc_rpc_gss()
1391 * destroyed it - tell the other side to in svc_rpc_gss()
1392 * re-authenticate. in svc_rpc_gss()
1398 cc = rqst->rq_clntcred; in svc_rpc_gss()
1399 cc->cc_client = client; in svc_rpc_gss()
1400 cc->cc_service = gc.gc_svc; in svc_rpc_gss()
1401 cc->cc_seq = gc.gc_seq; in svc_rpc_gss()
1433 if (rqst->rq_proc != NULLPROC) { in svc_rpc_gss()
1449 rqst->rq_verf = msg->rm_call.cb_verf; in svc_rpc_gss()
1455 rqst->rq_verf = _null_auth; in svc_rpc_gss()
1470 client->cl_state = CLIENT_ESTABLISHED; in svc_rpc_gss()
1491 rqst->rq_verf = msg->rm_call.cb_verf; in svc_rpc_gss()
1502 * and wrap the result. The caller will re-set this on in svc_rpc_gss()
1508 refcount_acquire(&client->cl_refs); in svc_rpc_gss()
1509 rqst->rq_auth.svc_ah_ops = &svc_auth_gss_ops; in svc_rpc_gss()
1510 rqst->rq_auth.svc_ah_private = cc; in svc_rpc_gss()
1517 sx_xlock(&client->cl_lock); in svc_rpc_gss()
1518 if (!client->cl_done_callback) { in svc_rpc_gss()
1519 client->cl_done_callback = TRUE; in svc_rpc_gss()
1520 client->cl_qop = qop; in svc_rpc_gss()
1521 client->cl_rawcred.qop = _rpc_gss_num_to_qop( in svc_rpc_gss()
1522 client->cl_rawcred.mechanism, qop); in svc_rpc_gss()
1525 sx_xunlock(&client->cl_lock); in svc_rpc_gss()
1529 sx_xunlock(&client->cl_lock); in svc_rpc_gss()
1536 if (client->cl_locked) { in svc_rpc_gss()
1537 if (client->cl_rawcred.service != gc.gc_svc) { in svc_rpc_gss()
1540 } else if (client->cl_qop != qop) { in svc_rpc_gss()
1550 if (client->cl_qop != qop) { in svc_rpc_gss()
1551 client->cl_qop = qop; in svc_rpc_gss()
1552 client->cl_rawcred.qop = _rpc_gss_num_to_qop( in svc_rpc_gss()
1553 client->cl_rawcred.mechanism, qop); in svc_rpc_gss()
1560 if (client->cl_rawcred.service != gc.gc_svc) { in svc_rpc_gss()
1561 client->cl_rawcred.service = gc.gc_svc; in svc_rpc_gss()
1567 if (rqst->rq_proc != NULLPROC) { in svc_rpc_gss()
1608 cc = (struct svc_rpc_gss_cookedcred *) auth->svc_ah_private; in svc_rpc_gss_wrap()
1609 client = cc->cc_client; in svc_rpc_gss_wrap()
1610 if (client->cl_state != CLIENT_ESTABLISHED in svc_rpc_gss_wrap()
1611 || cc->cc_service == rpc_gss_svc_none || *mp == NULL) { in svc_rpc_gss_wrap()
1616 client->cl_ctx, client->cl_qop, in svc_rpc_gss_wrap()
1617 cc->cc_service, cc->cc_seq)); in svc_rpc_gss_wrap()
1628 cc = (struct svc_rpc_gss_cookedcred *) auth->svc_ah_private; in svc_rpc_gss_unwrap()
1629 client = cc->cc_client; in svc_rpc_gss_unwrap()
1630 if (client->cl_state != CLIENT_ESTABLISHED in svc_rpc_gss_unwrap()
1631 || cc->cc_service == rpc_gss_svc_none) { in svc_rpc_gss_unwrap()
1636 client->cl_ctx, client->cl_qop, in svc_rpc_gss_unwrap()
1637 cc->cc_service, cc->cc_seq)); in svc_rpc_gss_unwrap()
1648 cc = (struct svc_rpc_gss_cookedcred *) auth->svc_ah_private; in svc_rpc_gss_release()
1649 client = cc->cc_client; in svc_rpc_gss_release()