Lines Matching defs:rqstp
644 * @rqstp: RPC Call to use when reporting errors
652 * %true: @rqstp's GSS sequence number is inside the window
653 * %false: @rqstp's GSS sequence number is outside the window
655 static bool gss_check_seq_num(const struct svc_rqst *rqstp, struct rsc *rsci,
685 trace_rpcgss_svc_seqno_low(rqstp, seq_num,
690 trace_rpcgss_svc_seqno_seen(rqstp, seq_num);
702 svcauth_gss_verify_header(struct svc_rqst *rqstp, struct rsc *rsci,
705 struct xdr_stream *xdr = &rqstp->rq_arg_stream;
724 rqstp->rq_auth_stat = rpc_autherr_badverf;
728 rqstp->rq_auth_stat = rpc_autherr_badverf;
732 if (rqstp->rq_deferred)
736 trace_rpcgss_svc_mic(rqstp, maj_stat);
737 rqstp->rq_auth_stat = rpcsec_gsserr_credproblem;
742 trace_rpcgss_svc_seqno_large(rqstp, gc->gc_seq);
743 rqstp->rq_auth_stat = rpcsec_gsserr_ctxproblem;
746 if (!gss_check_seq_num(rqstp, rsci, gc->gc_seq))
757 svcauth_gss_encode_verf(struct svc_rqst *rqstp, struct gss_ctx *ctx_id, u32 seq)
759 struct gss_svc_data *gsd = rqstp->rq_auth_data;
775 return xdr_stream_encode_opaque_auth(&rqstp->rq_res_stream, RPC_AUTH_GSS,
779 trace_rpcgss_svc_get_mic(rqstp, maj_stat);
860 svcauth_gss_unwrap_integ(struct svc_rqst *rqstp, u32 seq, struct gss_ctx *ctx)
862 struct gss_svc_data *gsd = rqstp->rq_auth_data;
863 struct xdr_stream *xdr = &rqstp->rq_arg_stream;
870 if (rqstp->rq_deferred)
913 trace_rpcgss_svc_unwrap_failed(rqstp);
916 trace_rpcgss_svc_seqno_bad(rqstp, seq, seq_num);
919 trace_rpcgss_svc_mic(rqstp, maj_stat);
936 svcauth_gss_unwrap_priv(struct svc_rqst *rqstp, u32 seq, struct gss_ctx *ctx)
938 struct xdr_stream *xdr = &rqstp->rq_arg_stream;
945 if (rqstp->rq_deferred) {
969 trace_rpcgss_svc_unwrap_failed(rqstp);
972 trace_rpcgss_svc_seqno_bad(rqstp, seq, seq_num);
975 trace_rpcgss_svc_unwrap(rqstp, maj_stat);
980 svcauth_gss_set_client(struct svc_rqst *rqstp)
982 struct gss_svc_data *svcdata = rqstp->rq_auth_data;
987 rqstp->rq_auth_stat = rpc_autherr_badcred;
998 rqstp->rq_gssclient = find_gss_auth_domain(rsci->mechctx, gc->gc_svc);
999 if (rqstp->rq_gssclient == NULL)
1001 stat = svcauth_unix_set_client(rqstp);
1005 rqstp->rq_auth_stat = rpc_auth_ok;
1010 svcauth_gss_proc_init_verf(struct cache_detail *cd, struct svc_rqst *rqstp,
1014 struct xdr_stream *xdr = &rqstp->rq_res_stream;
1026 rc = svcauth_gss_encode_verf(rqstp, rsci->mechctx, seq_num);
1045 static int gss_read_proxy_verf(struct svc_rqst *rqstp,
1050 struct xdr_stream *xdr = &rqstp->rq_arg_stream;
1090 from_offs = rqstp->rq_arg.page_base;
1101 page_address(rqstp->rq_arg.pages[pgfrom]) + pgfrom_offs,
1154 svcauth_gss_legacy_init(struct svc_rqst *rqstp,
1157 struct xdr_stream *xdr = &rqstp->rq_arg_stream;
1162 struct sunrpc_net *sn = net_generic(SVC_NET(rqstp), sunrpc_net_id);
1197 if (cache_check(sn->rsi_cache, &rsip->h, &rqstp->rq_chandle) < 0)
1202 if (!svcauth_gss_proc_init_verf(sn->rsc_cache, rqstp, &rsip->out_handle,
1205 if (!svcxdr_set_accept_stat(rqstp))
1207 if (!svcxdr_encode_gss_init_res(&rqstp->rq_res_stream, &rsip->out_handle,
1290 static int svcauth_gss_proxy_init(struct svc_rqst *rqstp,
1298 struct net *net = SVC_NET(rqstp);
1302 ret = gss_read_proxy_verf(rqstp, gc, &ud.in_handle, &ud.in_token);
1313 trace_rpcgss_svc_accept_upcall(rqstp, ud.major_status, ud.minor_status);
1330 if (!svcauth_gss_proc_init_verf(sn->rsc_cache, rqstp, &cli_handle,
1333 if (!svcxdr_set_accept_stat(rqstp))
1335 if (!svcxdr_encode_gss_init_res(&rqstp->rq_res_stream, &cli_handle,
1375 svcauth_gss_proc_init(struct svc_rqst *rqstp, struct rpc_gss_wire_cred *gc)
1377 struct xdr_stream *xdr = &rqstp->rq_arg_stream;
1385 rqstp->rq_auth_stat = rpc_autherr_badverf;
1390 rqstp->rq_auth_stat = rpc_autherr_badcred;
1394 if (!use_gss_proxy(SVC_NET(rqstp)))
1395 return svcauth_gss_legacy_init(rqstp, gc);
1396 return svcauth_gss_proxy_init(rqstp, gc);
1610 * @rqstp: RPC transaction
1619 * The rqstp->rq_auth_stat field is also set (see RFCs 2203 and 5531).
1622 svcauth_gss_accept(struct svc_rqst *rqstp)
1624 struct gss_svc_data *svcdata = rqstp->rq_auth_data;
1629 struct sunrpc_net *sn = net_generic(SVC_NET(rqstp), sunrpc_net_id);
1631 rqstp->rq_auth_stat = rpc_autherr_badcred;
1636 rqstp->rq_auth_data = svcdata;
1641 if (!svcauth_gss_decode_credbody(&rqstp->rq_arg_stream, gc, &rpcstart))
1649 if (rqstp->rq_proc != 0)
1651 return svcauth_gss_proc_init(rqstp, gc);
1653 if (rqstp->rq_proc != 0)
1657 rqstp->rq_auth_stat = rpcsec_gsserr_credproblem;
1661 switch (svcauth_gss_verify_header(rqstp, rsci, rpcstart, gc)) {
1671 if (rqstp->rq_proc != 0)
1673 rqstp->rq_auth_stat = rpc_autherr_rejectedcred;
1680 if (!svcauth_gss_encode_verf(rqstp, rsci->mechctx, gc->gc_seq))
1682 if (!svcxdr_set_accept_stat(rqstp))
1688 rqstp->rq_auth_stat = rpcsec_gsserr_ctxproblem;
1689 if (!svcauth_gss_encode_verf(rqstp, rsci->mechctx, gc->gc_seq))
1691 if (!svcxdr_set_accept_stat(rqstp))
1693 svcdata->gsd_databody_offset = xdr_stream_pos(&rqstp->rq_res_stream);
1694 rqstp->rq_cred = rsci->cred;
1696 rqstp->rq_auth_stat = rpc_autherr_badcred;
1702 xdr_reserve_space(&rqstp->rq_res_stream, XDR_UNIT * 2);
1703 if (svcauth_gss_unwrap_integ(rqstp, gc->gc_seq,
1706 svcxdr_set_auth_slack(rqstp, RPC_MAX_AUTH_SIZE);
1710 xdr_reserve_space(&rqstp->rq_res_stream, XDR_UNIT * 2);
1711 if (svcauth_gss_unwrap_priv(rqstp, gc->gc_seq,
1714 svcxdr_set_auth_slack(rqstp, RPC_MAX_AUTH_SIZE * 2);
1721 rqstp->rq_cred.cr_flavor = gss_svc_to_pseudoflavor(
1726 trace_rpcgss_svc_authenticate(rqstp, gc);
1733 xdr_truncate_encode(&rqstp->rq_res_stream, XDR_UNIT * 2);
1748 svcauth_gss_prepare_to_wrap(struct svc_rqst *rqstp, struct gss_svc_data *gsd)
1757 if (rqstp->rq_auth_stat != rpc_auth_ok)
1761 if (*rqstp->rq_accept_statp != rpc_success)
1784 static int svcauth_gss_wrap_integ(struct svc_rqst *rqstp)
1786 struct gss_svc_data *gsd = rqstp->rq_auth_data;
1787 struct xdr_stream *xdr = &rqstp->rq_res_stream;
1794 offset = svcauth_gss_prepare_to_wrap(rqstp, gsd);
1821 trace_rpcgss_svc_get_mic(rqstp, maj_stat);
1824 trace_rpcgss_svc_wrap_failed(rqstp);
1845 static int svcauth_gss_wrap_priv(struct svc_rqst *rqstp)
1847 struct gss_svc_data *gsd = rqstp->rq_auth_data;
1849 struct xdr_buf *buf = &rqstp->rq_res;
1855 offset = svcauth_gss_prepare_to_wrap(rqstp, gsd);
1917 trace_rpcgss_svc_wrap_failed(rqstp);
1920 trace_rpcgss_svc_wrap(rqstp, maj_stat);
1926 * @rqstp: RPC transaction context
1934 svcauth_gss_release(struct svc_rqst *rqstp)
1936 struct sunrpc_net *sn = net_generic(SVC_NET(rqstp), sunrpc_net_id);
1937 struct gss_svc_data *gsd = rqstp->rq_auth_data;
1951 stat = svcauth_gss_wrap_integ(rqstp);
1956 stat = svcauth_gss_wrap_priv(rqstp);
1969 if (rqstp->rq_client)
1970 auth_domain_put(rqstp->rq_client);
1971 rqstp->rq_client = NULL;
1972 if (rqstp->rq_gssclient)
1973 auth_domain_put(rqstp->rq_gssclient);
1974 rqstp->rq_gssclient = NULL;
1975 if (rqstp->rq_cred.cr_group_info)
1976 put_group_info(rqstp->rq_cred.cr_group_info);
1977 rqstp->rq_cred.cr_group_info = NULL;
2001 static rpc_authflavor_t svcauth_gss_pseudoflavor(struct svc_rqst *rqstp)
2003 return svcauth_gss_flavor(rqstp->rq_gssclient);