xref: /freebsd/lib/libc/rpc/clnt_dg.c (revision e1e636193db45630c7881246d25902e57c43d24e)
1 /*	$NetBSD: clnt_dg.c,v 1.4 2000/07/14 08:40:41 fvdl Exp $	*/
2 
3 /*-
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  * Copyright (c) 2009, Sun Microsystems, Inc.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions are met:
11  * - Redistributions of source code must retain the above copyright notice,
12  *   this list of conditions and the following disclaimer.
13  * - Redistributions in binary form must reproduce the above copyright notice,
14  *   this list of conditions and the following disclaimer in the documentation
15  *   and/or other materials provided with the distribution.
16  * - Neither the name of Sun Microsystems, Inc. nor the names of its
17  *   contributors may be used to endorse or promote products derived
18  *   from this software without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
24  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30  * POSSIBILITY OF SUCH DAMAGE.
31  */
32 /*
33  * Copyright (c) 1986-1991 by Sun Microsystems Inc.
34  */
35 
36 /*
37  * Implements a connectionless client side RPC.
38  */
39 
40 #include "namespace.h"
41 #include "reentrant.h"
42 #include <sys/types.h>
43 #include <sys/event.h>
44 #include <sys/time.h>
45 #include <sys/socket.h>
46 #include <sys/ioctl.h>
47 #include <sys/tree.h>
48 #include <arpa/inet.h>
49 #include <rpc/rpc.h>
50 #include <rpc/rpcsec_gss.h>
51 #include <assert.h>
52 #include <errno.h>
53 #include <pthread.h>
54 #include <stdlib.h>
55 #include <string.h>
56 #include <signal.h>
57 #include <stdbool.h>
58 #include <unistd.h>
59 #include <err.h>
60 #include "un-namespace.h"
61 #include "rpc_com.h"
62 #include "mt_misc.h"
63 
64 
65 #ifdef _FREEFALL_CONFIG
66 /*
67  * Disable RPC exponential back-off for FreeBSD.org systems.
68  */
69 #define	RPC_MAX_BACKOFF		1 /* second */
70 #else
71 #define	RPC_MAX_BACKOFF		30 /* seconds */
72 #endif
73 
74 
75 static struct clnt_ops *clnt_dg_ops(void);
76 static bool_t time_not_ok(struct timeval *);
77 static enum clnt_stat clnt_dg_call(CLIENT *, rpcproc_t, xdrproc_t, void *,
78 	    xdrproc_t, void *, struct timeval);
79 static void clnt_dg_geterr(CLIENT *, struct rpc_err *);
80 static bool_t clnt_dg_freeres(CLIENT *, xdrproc_t, void *);
81 static void clnt_dg_abort(CLIENT *);
82 static bool_t clnt_dg_control(CLIENT *, u_int, void *);
83 static void clnt_dg_destroy(CLIENT *);
84 
85 
86 
87 
88 /*
89  *	This machinery implements per-fd locks for MT-safety.  It is not
90  *	sufficient to do per-CLIENT handle locks for MT-safety because a
91  *	user may create more than one CLIENT handle with the same fd behind
92  *	it.  Therefore, we allocate an associative array of flags and condition
93  *	variables (dg_fd).  The flags and the array are protected by the
94  *	clnt_fd_lock mutex.  dg_fd[fd].lock == 1 => a call is active on some
95  *	CLIENT handle created for that fd.  The current implementation holds
96  *	locks across the entire RPC and reply, including retransmissions.  Yes,
97  *	this is silly, and as soon as this code is proven to work, this should
98  *	be the first thing fixed.  One step at a time.
99  */
100 struct dg_fd {
101 	RB_ENTRY(dg_fd) dg_link;
102 	int fd;
103 	mutex_t mtx;
104 };
105 static inline int
106 cmp_dg_fd(struct dg_fd *a, struct dg_fd *b)
107 {
108 	if (a->fd > b->fd) {
109 		return (1);
110 	} else if (a->fd < b->fd) {
111 		return (-1);
112 	} else {
113 		return (0);
114 	}
115 }
116 RB_HEAD(dg_fd_list, dg_fd);
117 RB_PROTOTYPE(dg_fd_list, dg_fd, dg_link, cmp_dg_fd);
118 RB_GENERATE(dg_fd_list, dg_fd, dg_link, cmp_dg_fd);
119 struct dg_fd_list dg_fd_head = RB_INITIALIZER(&dg_fd_head);
120 
121 /*
122  * Find the lock structure for the given file descriptor, or initialize it if
123  * it does not already exist.  The clnt_fd_lock mutex must be held.
124  */
125 static struct dg_fd *
126 dg_fd_find(int fd)
127 {
128 	struct dg_fd key, *elem;
129 
130 	key.fd = fd;
131 	elem = RB_FIND(dg_fd_list, &dg_fd_head, &key);
132 	if (elem == NULL) {
133 		elem = calloc(1, sizeof(*elem));
134 		elem->fd = fd;
135 		mutex_init(&elem->mtx, NULL);
136 		RB_INSERT(dg_fd_list, &dg_fd_head, elem);
137 	}
138 	return (elem);
139 }
140 
141 static void
142 release_fd_lock(struct dg_fd *elem, sigset_t mask)
143 {
144 	mutex_unlock(&elem->mtx);
145 	thr_sigsetmask(SIG_SETMASK, &mask, NULL);
146 }
147 
148 static const char mem_err_clnt_dg[] = "clnt_dg_create: out of memory";
149 
150 /* VARIABLES PROTECTED BY clnt_fd_lock: dg_fd */
151 
152 #define	MCALL_MSG_SIZE 24
153 
154 /*
155  * Private data kept per client handle
156  */
157 struct cu_data {
158 	int			cu_fd;		/* connections fd */
159 	bool_t			cu_closeit;	/* opened by library */
160 	struct sockaddr_storage	cu_raddr;	/* remote address */
161 	int			cu_rlen;
162 	struct timeval		cu_wait;	/* retransmit interval */
163 	struct timeval		cu_total;	/* total time for the call */
164 	struct rpc_err		cu_error;
165 	XDR			cu_outxdrs;
166 	u_int			cu_xdrpos;
167 	u_int			cu_sendsz;	/* send size */
168 	char			cu_outhdr[MCALL_MSG_SIZE];
169 	char			*cu_outbuf;
170 	u_int			cu_recvsz;	/* recv size */
171 	int			cu_async;
172 	int			cu_connect;	/* Use connect(). */
173 	int			cu_connected;	/* Have done connect(). */
174 	struct kevent		cu_kin;
175 	int			cu_kq;
176 	char			cu_inbuf[1];
177 };
178 
179 /*
180  * Connection less client creation returns with client handle parameters.
181  * Default options are set, which the user can change using clnt_control().
182  * fd should be open and bound.
183  * NB: The rpch->cl_auth is initialized to null authentication.
184  * 	Caller may wish to set this something more useful.
185  *
186  * sendsz and recvsz are the maximum allowable packet sizes that can be
187  * sent and received. Normally they are the same, but they can be
188  * changed to improve the program efficiency and buffer allocation.
189  * If they are 0, use the transport default.
190  *
191  * If svcaddr is NULL, returns NULL.
192  *
193  * fd      - open file descriptor
194  * svcaddr - servers address
195  * program - program number
196  * version - version number
197  * sendsz  - buffer recv size
198  * recvsz  - buffer send size
199  */
200 CLIENT *
201 clnt_dg_create(int fd, const struct netbuf *svcaddr, rpcprog_t program,
202     rpcvers_t version, u_int sendsz, u_int recvsz)
203 {
204 	CLIENT *cl = NULL;		/* client handle */
205 	struct cu_data *cu = NULL;	/* private data */
206 	struct timeval now;
207 	struct rpc_msg call_msg;
208 	struct __rpc_sockinfo si;
209 	int one = 1;
210 
211 	if (svcaddr == NULL) {
212 		rpc_createerr.cf_stat = RPC_UNKNOWNADDR;
213 		return (NULL);
214 	}
215 
216 	if (!__rpc_fd2sockinfo(fd, &si)) {
217 		rpc_createerr.cf_stat = RPC_TLIERROR;
218 		rpc_createerr.cf_error.re_errno = 0;
219 		return (NULL);
220 	}
221 	/*
222 	 * Find the receive and the send size
223 	 */
224 	sendsz = __rpc_get_t_size(si.si_af, si.si_proto, (int)sendsz);
225 	recvsz = __rpc_get_t_size(si.si_af, si.si_proto, (int)recvsz);
226 	if ((sendsz == 0) || (recvsz == 0)) {
227 		rpc_createerr.cf_stat = RPC_TLIERROR; /* XXX */
228 		rpc_createerr.cf_error.re_errno = 0;
229 		return (NULL);
230 	}
231 
232 	if ((cl = mem_alloc(sizeof (CLIENT))) == NULL)
233 		goto err1;
234 	/*
235 	 * Should be multiple of 4 for XDR.
236 	 */
237 	sendsz = ((sendsz + 3) / 4) * 4;
238 	recvsz = ((recvsz + 3) / 4) * 4;
239 	cu = mem_alloc(sizeof (*cu) + sendsz + recvsz);
240 	if (cu == NULL)
241 		goto err1;
242 	(void) memcpy(&cu->cu_raddr, svcaddr->buf, (size_t)svcaddr->len);
243 	cu->cu_rlen = svcaddr->len;
244 	cu->cu_outbuf = &cu->cu_inbuf[recvsz];
245 	/* Other values can also be set through clnt_control() */
246 	cu->cu_wait.tv_sec = 15;	/* heuristically chosen */
247 	cu->cu_wait.tv_usec = 0;
248 	cu->cu_total.tv_sec = -1;
249 	cu->cu_total.tv_usec = -1;
250 	cu->cu_sendsz = sendsz;
251 	cu->cu_recvsz = recvsz;
252 	cu->cu_async = FALSE;
253 	cu->cu_connect = FALSE;
254 	cu->cu_connected = FALSE;
255 	(void) gettimeofday(&now, NULL);
256 	call_msg.rm_xid = __RPC_GETXID(&now);
257 	call_msg.rm_call.cb_prog = program;
258 	call_msg.rm_call.cb_vers = version;
259 	xdrmem_create(&(cu->cu_outxdrs), cu->cu_outhdr, MCALL_MSG_SIZE,
260 	    XDR_ENCODE);
261 	if (! xdr_callhdr(&cu->cu_outxdrs, &call_msg)) {
262 		rpc_createerr.cf_stat = RPC_CANTENCODEARGS;  /* XXX */
263 		rpc_createerr.cf_error.re_errno = 0;
264 		goto err2;
265 	}
266 	cu->cu_xdrpos = XDR_GETPOS(&(cu->cu_outxdrs));
267 	XDR_DESTROY(&cu->cu_outxdrs);
268 	xdrmem_create(&cu->cu_outxdrs, cu->cu_outbuf, sendsz, XDR_ENCODE);
269 
270 	/* XXX fvdl - do we still want this? */
271 #if 0
272 	(void)bindresvport_sa(fd, (struct sockaddr *)svcaddr->buf);
273 #endif
274 	_ioctl(fd, FIONBIO, (char *)(void *)&one);
275 
276 	/*
277 	 * By default, closeit is always FALSE. It is users responsibility
278 	 * to do a close on it, else the user may use clnt_control
279 	 * to let clnt_destroy do it for him/her.
280 	 */
281 	cu->cu_closeit = FALSE;
282 	cu->cu_fd = fd;
283 	cl->cl_ops = clnt_dg_ops();
284 	cl->cl_private = (caddr_t)(void *)cu;
285 	cl->cl_auth = authnone_create();
286 	cl->cl_tp = NULL;
287 	cl->cl_netid = NULL;
288 	cu->cu_kq = -1;
289 	EV_SET(&cu->cu_kin, cu->cu_fd, EVFILT_READ, EV_ADD, 0, 0, 0);
290 	return (cl);
291 err1:
292 	warnx(mem_err_clnt_dg);
293 	rpc_createerr.cf_stat = RPC_SYSTEMERROR;
294 	rpc_createerr.cf_error.re_errno = errno;
295 err2:
296 	if (cl) {
297 		mem_free(cl, sizeof (CLIENT));
298 		if (cu)
299 			mem_free(cu, sizeof (*cu) + sendsz + recvsz);
300 	}
301 	return (NULL);
302 }
303 
304 /*
305  * cl       - client handle
306  * proc     - procedure number
307  * xargs    - xdr routine for args
308  * argsp    - pointer to args
309  * xresults - xdr routine for results
310  * resultsp - pointer to results
311  * utimeout - seconds to wait before giving up
312  */
313 static enum clnt_stat
314 clnt_dg_call(CLIENT *cl, rpcproc_t proc, xdrproc_t xargs, void *argsp,
315     xdrproc_t xresults, void *resultsp, struct timeval utimeout)
316 {
317 	struct cu_data *cu = (struct cu_data *)cl->cl_private;
318 	XDR *xdrs;
319 	size_t outlen = 0;
320 	struct rpc_msg reply_msg;
321 	XDR reply_xdrs;
322 	bool_t ok;
323 	int nrefreshes = 2;		/* number of times to refresh cred */
324 	int nretries = 0;		/* number of times we retransmitted */
325 	struct timeval timeout;
326 	struct timeval retransmit_time;
327 	struct timeval next_sendtime, starttime, time_waited, tv;
328 	struct timespec ts;
329 	struct kevent kv;
330 	struct sockaddr *sa;
331 	struct dg_fd *elem;
332 	sigset_t mask;
333 	sigset_t newmask;
334 	socklen_t salen;
335 	ssize_t recvlen = 0;
336 	int kin_len, n;
337 	u_int32_t xid;
338 
339 	outlen = 0;
340 	sigfillset(&newmask);
341 	thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
342 	mutex_lock(&clnt_fd_lock);
343 	elem = dg_fd_find(cu->cu_fd);
344 	mutex_unlock(&clnt_fd_lock);
345 	mutex_lock(&elem->mtx);
346 	if (cu->cu_total.tv_usec == -1) {
347 		timeout = utimeout;	/* use supplied timeout */
348 	} else {
349 		timeout = cu->cu_total;	/* use default timeout */
350 	}
351 
352 	if (cu->cu_connect && !cu->cu_connected) {
353 		if (_connect(cu->cu_fd, (struct sockaddr *)&cu->cu_raddr,
354 		    cu->cu_rlen) < 0) {
355 			cu->cu_error.re_errno = errno;
356 			cu->cu_error.re_status = RPC_CANTSEND;
357 			goto out;
358 		}
359 		cu->cu_connected = 1;
360 	}
361 	if (cu->cu_connected) {
362 		sa = NULL;
363 		salen = 0;
364 	} else {
365 		sa = (struct sockaddr *)&cu->cu_raddr;
366 		salen = cu->cu_rlen;
367 	}
368 	time_waited.tv_sec = 0;
369 	time_waited.tv_usec = 0;
370 	retransmit_time = next_sendtime = cu->cu_wait;
371 	gettimeofday(&starttime, NULL);
372 
373 	/* Clean up in case the last call ended in a longjmp(3) call. */
374 	if (cu->cu_kq >= 0)
375 		_close(cu->cu_kq);
376 	if ((cu->cu_kq = kqueue()) < 0) {
377 		cu->cu_error.re_errno = errno;
378 		cu->cu_error.re_status = RPC_CANTSEND;
379 		goto out;
380 	}
381 	kin_len = 1;
382 
383 call_again:
384 	if (cu->cu_async == TRUE && xargs == NULL)
385 		goto get_reply;
386 	/*
387 	 * the transaction is the first thing in the out buffer
388 	 * XXX Yes, and it's in network byte order, so we should to
389 	 * be careful when we increment it, shouldn't we.
390 	 */
391 	xid = ntohl(*(u_int32_t *)(void *)(cu->cu_outhdr));
392 	xid++;
393 	*(u_int32_t *)(void *)(cu->cu_outhdr) = htonl(xid);
394 call_again_same_xid:
395 	xdrs = &(cu->cu_outxdrs);
396 	xdrs->x_op = XDR_ENCODE;
397 	XDR_SETPOS(xdrs, 0);
398 
399 	if (cl->cl_auth->ah_cred.oa_flavor != RPCSEC_GSS) {
400 		if ((! XDR_PUTBYTES(xdrs, cu->cu_outhdr, cu->cu_xdrpos)) ||
401 		    (! XDR_PUTINT32(xdrs, &proc)) ||
402 		    (! AUTH_MARSHALL(cl->cl_auth, xdrs)) ||
403 		    (! (*xargs)(xdrs, argsp))) {
404 			cu->cu_error.re_status = RPC_CANTENCODEARGS;
405 			goto out;
406 		}
407 	} else {
408 		*(uint32_t *) &cu->cu_outhdr[cu->cu_xdrpos] = htonl(proc);
409 		if (!__rpc_gss_wrap(cl->cl_auth, cu->cu_outhdr,
410 			cu->cu_xdrpos + sizeof(uint32_t),
411 			xdrs, xargs, argsp)) {
412 			cu->cu_error.re_status = RPC_CANTENCODEARGS;
413 			goto out;
414 		}
415 	}
416 	outlen = (size_t)XDR_GETPOS(xdrs);
417 
418 send_again:
419 	if (_sendto(cu->cu_fd, cu->cu_outbuf, outlen, 0, sa, salen) != outlen) {
420 		cu->cu_error.re_errno = errno;
421 		cu->cu_error.re_status = RPC_CANTSEND;
422 		goto out;
423 	}
424 
425 	/*
426 	 * Hack to provide rpc-based message passing
427 	 */
428 	if (timeout.tv_sec == 0 && timeout.tv_usec == 0) {
429 		cu->cu_error.re_status = RPC_TIMEDOUT;
430 		goto out;
431 	}
432 
433 get_reply:
434 
435 	/*
436 	 * sub-optimal code appears here because we have
437 	 * some clock time to spare while the packets are in flight.
438 	 * (We assume that this is actually only executed once.)
439 	 */
440 	reply_msg.acpted_rply.ar_verf = _null_auth;
441 	if (cl->cl_auth->ah_cred.oa_flavor != RPCSEC_GSS) {
442 		reply_msg.acpted_rply.ar_results.where = resultsp;
443 		reply_msg.acpted_rply.ar_results.proc = xresults;
444 	} else {
445 		reply_msg.acpted_rply.ar_results.where = NULL;
446 		reply_msg.acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
447 	}
448 
449 	for (;;) {
450 		/* Decide how long to wait. */
451 		if (timercmp(&next_sendtime, &timeout, <))
452 			timersub(&next_sendtime, &time_waited, &tv);
453 		else
454 			timersub(&timeout, &time_waited, &tv);
455 		if (tv.tv_sec < 0 || tv.tv_usec < 0)
456 			tv.tv_sec = tv.tv_usec = 0;
457 		TIMEVAL_TO_TIMESPEC(&tv, &ts);
458 
459 		n = _kevent(cu->cu_kq, &cu->cu_kin, kin_len, &kv, 1, &ts);
460 		/* We don't need to register the event again. */
461 		kin_len = 0;
462 
463 		if (n == 1) {
464 			if (kv.flags & EV_ERROR) {
465 				cu->cu_error.re_errno = kv.data;
466 				cu->cu_error.re_status = RPC_CANTRECV;
467 				goto out;
468 			}
469 			/* We have some data now */
470 			do {
471 				recvlen = _recvfrom(cu->cu_fd, cu->cu_inbuf,
472 				    cu->cu_recvsz, 0, NULL, NULL);
473 			} while (recvlen < 0 && errno == EINTR);
474 			if (recvlen < 0 && errno != EWOULDBLOCK) {
475 				cu->cu_error.re_errno = errno;
476 				cu->cu_error.re_status = RPC_CANTRECV;
477 				goto out;
478 			}
479 			if (recvlen >= sizeof(u_int32_t) &&
480 			    (cu->cu_async == TRUE ||
481 			    *((u_int32_t *)(void *)(cu->cu_inbuf)) ==
482 			    *((u_int32_t *)(void *)(cu->cu_outbuf)))) {
483 				/* We now assume we have the proper reply. */
484 				break;
485 			}
486 		}
487 		if (n == -1 && errno != EINTR) {
488 			cu->cu_error.re_errno = errno;
489 			cu->cu_error.re_status = RPC_CANTRECV;
490 			goto out;
491 		}
492 		gettimeofday(&tv, NULL);
493 		timersub(&tv, &starttime, &time_waited);
494 
495 		/* Check for timeout. */
496 		if (timercmp(&time_waited, &timeout, >)) {
497 			cu->cu_error.re_status = RPC_TIMEDOUT;
498 			goto out;
499 		}
500 
501 		/* Retransmit if necessary. */
502 		if (timercmp(&time_waited, &next_sendtime, >)) {
503 			/* update retransmit_time */
504 			if (retransmit_time.tv_sec < RPC_MAX_BACKOFF)
505 				timeradd(&retransmit_time, &retransmit_time,
506 				    &retransmit_time);
507 			timeradd(&next_sendtime, &retransmit_time,
508 			    &next_sendtime);
509 			nretries++;
510 
511 			/*
512 			 * When retransmitting a RPCSEC_GSS message,
513 			 * we must use a new sequence number (handled
514 			 * by __rpc_gss_wrap above).
515 			 */
516 			if (cl->cl_auth->ah_cred.oa_flavor != RPCSEC_GSS)
517 				goto send_again;
518 			else
519 				goto call_again_same_xid;
520 		}
521 	}
522 
523 	/*
524 	 * now decode and validate the response
525 	 */
526 
527 	xdrmem_create(&reply_xdrs, cu->cu_inbuf, (u_int)recvlen, XDR_DECODE);
528 	ok = xdr_replymsg(&reply_xdrs, &reply_msg);
529 	/* XDR_DESTROY(&reply_xdrs);	save a few cycles on noop destroy */
530 	if (ok) {
531 		if ((reply_msg.rm_reply.rp_stat == MSG_ACCEPTED) &&
532 			(reply_msg.acpted_rply.ar_stat == SUCCESS))
533 			cu->cu_error.re_status = RPC_SUCCESS;
534 		else
535 			_seterr_reply(&reply_msg, &(cu->cu_error));
536 
537 		if (cu->cu_error.re_status == RPC_SUCCESS) {
538 			if (! AUTH_VALIDATE(cl->cl_auth,
539 					    &reply_msg.acpted_rply.ar_verf)) {
540 				if (nretries &&
541 				    cl->cl_auth->ah_cred.oa_flavor
542 				    == RPCSEC_GSS)
543 					/*
544 					 * If we retransmitted, its
545 					 * possible that we will
546 					 * receive a reply for one of
547 					 * the earlier transmissions
548 					 * (which will use an older
549 					 * RPCSEC_GSS sequence
550 					 * number). In this case, just
551 					 * go back and listen for a
552 					 * new reply. We could keep a
553 					 * record of all the seq
554 					 * numbers we have transmitted
555 					 * so far so that we could
556 					 * accept a reply for any of
557 					 * them here.
558 					 */
559 					goto get_reply;
560 				cu->cu_error.re_status = RPC_AUTHERROR;
561 				cu->cu_error.re_why = AUTH_INVALIDRESP;
562 			} else {
563 				if (cl->cl_auth->ah_cred.oa_flavor
564 				    == RPCSEC_GSS) {
565 					if (!__rpc_gss_unwrap(cl->cl_auth,
566 						&reply_xdrs, xresults,
567 						resultsp))
568 						cu->cu_error.re_status =
569 							RPC_CANTDECODERES;
570 				}
571 			}
572 			if (reply_msg.acpted_rply.ar_verf.oa_base != NULL) {
573 				xdrs->x_op = XDR_FREE;
574 				(void) xdr_opaque_auth(xdrs,
575 					&(reply_msg.acpted_rply.ar_verf));
576 			}
577 		}		/* end successful completion */
578 		/*
579 		 * If unsuccessful AND error is an authentication error
580 		 * then refresh credentials and try again, else break
581 		 */
582 		else if (cu->cu_error.re_status == RPC_AUTHERROR)
583 			/* maybe our credentials need to be refreshed ... */
584 			if (nrefreshes > 0 &&
585 			    AUTH_REFRESH(cl->cl_auth, &reply_msg)) {
586 				nrefreshes--;
587 				goto call_again;
588 			}
589 		/* end of unsuccessful completion */
590 	}	/* end of valid reply message */
591 	else {
592 		cu->cu_error.re_status = RPC_CANTDECODERES;
593 
594 	}
595 out:
596 	if (cu->cu_kq >= 0)
597 		_close(cu->cu_kq);
598 	cu->cu_kq = -1;
599 	release_fd_lock(elem, mask);
600 	return (cu->cu_error.re_status);
601 }
602 
603 static void
604 clnt_dg_geterr(CLIENT *cl, struct rpc_err *errp)
605 {
606 	struct cu_data *cu = (struct cu_data *)cl->cl_private;
607 
608 	*errp = cu->cu_error;
609 }
610 
611 static bool_t
612 clnt_dg_freeres(CLIENT *cl, xdrproc_t xdr_res, void *res_ptr)
613 {
614 	struct cu_data *cu = (struct cu_data *)cl->cl_private;
615 	struct dg_fd *elem;
616 	XDR *xdrs = &(cu->cu_outxdrs);
617 	bool_t dummy;
618 	sigset_t mask;
619 	sigset_t newmask;
620 
621 	sigfillset(&newmask);
622 	thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
623 	mutex_lock(&clnt_fd_lock);
624 	elem = dg_fd_find(cu->cu_fd);
625 	mutex_lock(&elem->mtx);
626 	xdrs->x_op = XDR_FREE;
627 	dummy = (*xdr_res)(xdrs, res_ptr);
628 	mutex_unlock(&clnt_fd_lock);
629 	release_fd_lock(elem, mask);
630 	return (dummy);
631 }
632 
633 /*ARGSUSED*/
634 static void
635 clnt_dg_abort(CLIENT *h)
636 {
637 }
638 
639 static bool_t
640 clnt_dg_control(CLIENT *cl, u_int request, void *info)
641 {
642 	struct cu_data *cu = (struct cu_data *)cl->cl_private;
643 	struct netbuf *addr;
644 	struct dg_fd *elem;
645 	sigset_t mask;
646 	sigset_t newmask;
647 
648 	sigfillset(&newmask);
649 	thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
650 	mutex_lock(&clnt_fd_lock);
651 	elem = dg_fd_find(cu->cu_fd);
652 	mutex_unlock(&clnt_fd_lock);
653 	mutex_lock(&elem->mtx);
654 	switch (request) {
655 	case CLSET_FD_CLOSE:
656 		cu->cu_closeit = TRUE;
657 		release_fd_lock(elem, mask);
658 		return (TRUE);
659 	case CLSET_FD_NCLOSE:
660 		cu->cu_closeit = FALSE;
661 		release_fd_lock(elem, mask);
662 		return (TRUE);
663 	}
664 
665 	/* for other requests which use info */
666 	if (info == NULL) {
667 		release_fd_lock(elem, mask);
668 		return (FALSE);
669 	}
670 	switch (request) {
671 	case CLSET_TIMEOUT:
672 		if (time_not_ok((struct timeval *)info)) {
673 			release_fd_lock(elem, mask);
674 			return (FALSE);
675 		}
676 		cu->cu_total = *(struct timeval *)info;
677 		break;
678 	case CLGET_TIMEOUT:
679 		*(struct timeval *)info = cu->cu_total;
680 		break;
681 	case CLGET_SERVER_ADDR:		/* Give him the fd address */
682 		/* Now obsolete. Only for backward compatibility */
683 		(void) memcpy(info, &cu->cu_raddr, (size_t)cu->cu_rlen);
684 		break;
685 	case CLSET_RETRY_TIMEOUT:
686 		if (time_not_ok((struct timeval *)info)) {
687 			release_fd_lock(elem, mask);
688 			return (FALSE);
689 		}
690 		cu->cu_wait = *(struct timeval *)info;
691 		break;
692 	case CLGET_RETRY_TIMEOUT:
693 		*(struct timeval *)info = cu->cu_wait;
694 		break;
695 	case CLGET_FD:
696 		*(int *)info = cu->cu_fd;
697 		break;
698 	case CLGET_SVC_ADDR:
699 		addr = (struct netbuf *)info;
700 		addr->buf = &cu->cu_raddr;
701 		addr->len = cu->cu_rlen;
702 		addr->maxlen = sizeof cu->cu_raddr;
703 		break;
704 	case CLSET_SVC_ADDR:		/* set to new address */
705 		addr = (struct netbuf *)info;
706 		if (addr->len < sizeof cu->cu_raddr) {
707 			release_fd_lock(elem, mask);
708 			return (FALSE);
709 		}
710 		(void) memcpy(&cu->cu_raddr, addr->buf, addr->len);
711 		cu->cu_rlen = addr->len;
712 		break;
713 	case CLGET_XID:
714 		/*
715 		 * use the knowledge that xid is the
716 		 * first element in the call structure *.
717 		 * This will get the xid of the PREVIOUS call
718 		 */
719 		*(u_int32_t *)info =
720 		    ntohl(*(u_int32_t *)(void *)cu->cu_outhdr);
721 		break;
722 
723 	case CLSET_XID:
724 		/* This will set the xid of the NEXT call */
725 		*(u_int32_t *)(void *)cu->cu_outhdr =
726 		    htonl(*(u_int32_t *)info - 1);
727 		/* decrement by 1 as clnt_dg_call() increments once */
728 		break;
729 
730 	case CLGET_VERS:
731 		/*
732 		 * This RELIES on the information that, in the call body,
733 		 * the version number field is the fifth field from the
734 		 * beginning of the RPC header. MUST be changed if the
735 		 * call_struct is changed
736 		 */
737 		*(u_int32_t *)info =
738 		    ntohl(*(u_int32_t *)(void *)(cu->cu_outhdr +
739 		    4 * BYTES_PER_XDR_UNIT));
740 		break;
741 
742 	case CLSET_VERS:
743 		*(u_int32_t *)(void *)(cu->cu_outhdr + 4 * BYTES_PER_XDR_UNIT)
744 			= htonl(*(u_int32_t *)info);
745 		break;
746 
747 	case CLGET_PROG:
748 		/*
749 		 * This RELIES on the information that, in the call body,
750 		 * the program number field is the fourth field from the
751 		 * beginning of the RPC header. MUST be changed if the
752 		 * call_struct is changed
753 		 */
754 		*(u_int32_t *)info =
755 		    ntohl(*(u_int32_t *)(void *)(cu->cu_outhdr +
756 		    3 * BYTES_PER_XDR_UNIT));
757 		break;
758 
759 	case CLSET_PROG:
760 		*(u_int32_t *)(void *)(cu->cu_outhdr + 3 * BYTES_PER_XDR_UNIT)
761 			= htonl(*(u_int32_t *)info);
762 		break;
763 	case CLSET_ASYNC:
764 		cu->cu_async = *(int *)info;
765 		break;
766 	case CLSET_CONNECT:
767 		cu->cu_connect = *(int *)info;
768 		break;
769 	default:
770 		release_fd_lock(elem, mask);
771 		return (FALSE);
772 	}
773 	release_fd_lock(elem, mask);
774 	return (TRUE);
775 }
776 
777 static void
778 clnt_dg_destroy(CLIENT *cl)
779 {
780 	struct cu_data *cu = (struct cu_data *)cl->cl_private;
781 	struct dg_fd *elem;
782 	int cu_fd = cu->cu_fd;
783 	sigset_t mask;
784 	sigset_t newmask;
785 
786 	sigfillset(&newmask);
787 	thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
788 	mutex_lock(&clnt_fd_lock);
789 	elem = dg_fd_find(cu_fd);
790 	mutex_lock(&elem->mtx);
791 	if (cu->cu_closeit)
792 		(void)_close(cu_fd);
793 	if (cu->cu_kq >= 0)
794 		_close(cu->cu_kq);
795 	XDR_DESTROY(&(cu->cu_outxdrs));
796 	mem_free(cu, (sizeof (*cu) + cu->cu_sendsz + cu->cu_recvsz));
797 	if (cl->cl_netid && cl->cl_netid[0])
798 		mem_free(cl->cl_netid, strlen(cl->cl_netid) +1);
799 	if (cl->cl_tp && cl->cl_tp[0])
800 		mem_free(cl->cl_tp, strlen(cl->cl_tp) +1);
801 	mem_free(cl, sizeof (CLIENT));
802 	mutex_unlock(&clnt_fd_lock);
803 	release_fd_lock(elem, mask);
804 }
805 
806 static struct clnt_ops *
807 clnt_dg_ops(void)
808 {
809 	static struct clnt_ops ops;
810 	sigset_t mask;
811 	sigset_t newmask;
812 
813 /* VARIABLES PROTECTED BY ops_lock: ops */
814 
815 	sigfillset(&newmask);
816 	thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
817 	mutex_lock(&ops_lock);
818 	if (ops.cl_call == NULL) {
819 		ops.cl_call = clnt_dg_call;
820 		ops.cl_abort = clnt_dg_abort;
821 		ops.cl_geterr = clnt_dg_geterr;
822 		ops.cl_freeres = clnt_dg_freeres;
823 		ops.cl_destroy = clnt_dg_destroy;
824 		ops.cl_control = clnt_dg_control;
825 	}
826 	mutex_unlock(&ops_lock);
827 	thr_sigsetmask(SIG_SETMASK, &mask, NULL);
828 	return (&ops);
829 }
830 
831 /*
832  * Make sure that the time is not garbage.  -1 value is allowed.
833  */
834 static bool_t
835 time_not_ok(struct timeval *t)
836 {
837 	return (t->tv_sec < -1 || t->tv_sec > 100000000 ||
838 		t->tv_usec < -1 || t->tv_usec > 1000000);
839 }
840 
841