xref: /illumos-gate/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_rpc.c (revision 67dbe2be0c0f1e2eb428b89088bb5667e8f0b9f6)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #include <sys/types.h>
27 #include <sys/errno.h>
28 #include <setjmp.h>
29 
30 #include <netinet/in.h>
31 #include <netdb.h>
32 
33 #include <sys/tiuser.h>
34 #include <rpc/types.h>
35 #include <rpc/xdr.h>
36 #include <rpc/auth.h>
37 #include <rpc/auth_unix.h>
38 #include <rpc/auth_des.h>
39 #include <rpc/clnt.h>
40 #include <rpc/rpc_msg.h>
41 #include <rpc/pmap_clnt.h>
42 #include <rpc/svc.h>
43 #include <rpcsvc/yp_prot.h>
44 #include <rpc/pmap_prot.h>
45 #include "snoop.h"
46 
47 #ifndef MIN
48 #define	MIN(a, b) ((a) < (b) ? (a) : (b))
49 #endif
50 
51 int pos;
52 struct cache_struct *find_xid();
53 extern jmp_buf xdr_err;
54 void protoprint();
55 void print_rpcsec_gss_cred(int xid, int authlen);
56 char *nameof_prog();
57 char *nameof_astat();
58 char *nameof_why();
59 static void rpc_detail_call(int, int, int, int, int, int, char *, int);
60 static void rpc_detail_reply(int, int, struct cache_struct *, char *, int len);
61 static void print_creds(int);
62 static void print_verif(int);
63 static void stash_xid(ulong_t, int, int, int, int);
64 
65 #define	LAST_FRAG ((ulong_t)1 << 31)
66 
67 int
68 interpret_rpc(int flags, char *rpc, int fraglen, int type)
69 {
70 	ulong_t xid;
71 	int direction;
72 	struct cache_struct *x;
73 	int rpcvers, prog, vers, proc;
74 	int status, astat, rstat, why;
75 	char *lp;
76 	unsigned recmark;
77 	int markpos;
78 	extern int pi_frame;
79 	int lo, hi;
80 
81 	xdr_init(rpc, fraglen);
82 
83 	if (setjmp(xdr_err)) {
84 		if (flags & F_DTAIL)
85 			(void) sprintf(get_line(0, 0),
86 			    "----  short frame ---");
87 		return (fraglen);
88 	}
89 
90 	if (type == IPPROTO_TCP) {	/* record mark */
91 		markpos = getxdr_pos();
92 		recmark = getxdr_long();
93 	}
94 
95 	xid	  = getxdr_u_long();
96 	direction = getxdr_long();
97 
98 	if (direction == CALL) {
99 		rpcvers = getxdr_long();
100 		pos = getxdr_pos();
101 		prog = getxdr_long();
102 		vers = getxdr_long();
103 		proc = getxdr_long();
104 		stash_xid(xid, pi_frame, prog, vers, proc);
105 		if (!(flags & (F_SUM | F_DTAIL))) {
106 			protoprint(flags, CALL, xid, prog, vers, proc,
107 			    rpc, fraglen);
108 		}
109 	} else {
110 		x = find_xid(xid);
111 	}
112 
113 	if (flags & F_SUM) {
114 		switch (direction) {
115 		case CALL:
116 			(void) sprintf(get_sum_line(),
117 			    "RPC C XID=%lu PROG=%d (%s) VERS=%d PROC=%d",
118 			    xid,
119 			    prog, nameof_prog(prog),
120 			    vers, proc);
121 			if (getxdr_long() == RPCSEC_GSS) { /* Cred auth type */
122 				extract_rpcsec_gss_cred_info(xid);
123 				/* RPCSEC_GSS cred auth data */
124 			} else {
125 				xdr_skip(getxdr_long());
126 				/* non RPCSEC_GSS cred auth data */
127 			}
128 			xdr_skip(4);			/* Verf auth type */
129 			xdr_skip(RNDUP(getxdr_long()));	/* Verf auth data */
130 
131 			protoprint(flags, CALL, xid, prog, vers, proc,
132 			    rpc, fraglen);
133 			break;
134 
135 		case REPLY:
136 			lp = get_sum_line();
137 			if (x == NULL)
138 				(void) sprintf(lp, "RPC R XID=%lu", xid);
139 			else
140 				(void) sprintf(lp, "RPC R (#%d) XID=%lu",
141 				    x->xid_frame, xid);
142 
143 			lp += strlen(lp);
144 			status = getxdr_long();
145 			switch (status) {
146 			case MSG_ACCEPTED:
147 				/* eat flavor and verifier */
148 				(void) getxdr_long();
149 				xdr_skip(RNDUP(getxdr_long()));
150 				astat = getxdr_long();
151 				(void) sprintf(lp, " %s",
152 				    nameof_astat(astat));
153 				lp += strlen(lp);
154 
155 				switch (astat) {
156 				case SUCCESS:
157 					if (x) {
158 						protoprint(flags, REPLY,
159 						    xid,
160 						    x->xid_prog,
161 						    x->xid_vers,
162 						    x->xid_proc,
163 						    rpc, fraglen);
164 					}
165 					break;
166 
167 				case PROG_UNAVAIL :
168 				case PROG_MISMATCH:
169 				case PROC_UNAVAIL :
170 					lo = getxdr_long();
171 					hi = getxdr_long();
172 					(void) sprintf(lp,
173 					    " (low=%d, high=%d)",
174 					    lo, hi);
175 					break;
176 
177 				case GARBAGE_ARGS:
178 				case SYSTEM_ERR:
179 				default:
180 					;
181 				}
182 				break;
183 
184 			case MSG_DENIED:
185 				rstat = getxdr_long();
186 
187 				switch (rstat) {
188 				case RPC_MISMATCH:
189 					lo = getxdr_long();
190 					hi = getxdr_long();
191 					(void) sprintf(lp,
192 					" Vers mismatch (low=%d, high=%d)",
193 					    lo, hi);
194 					break;
195 
196 				case AUTH_ERROR:
197 					why = getxdr_u_long();
198 					(void) sprintf(lp,
199 					    " Can't authenticate (%s)",
200 					    nameof_why(why));
201 					break;
202 				}
203 			}
204 			break;
205 		}
206 	}
207 
208 	if (flags & F_DTAIL) {
209 		show_header("RPC:  ", "SUN RPC Header", fraglen);
210 		show_space();
211 		if (type == IPPROTO_TCP) {	/* record mark */
212 			(void) sprintf(get_line(markpos, markpos+4),
213 			    "Record Mark: %s fragment, length = %d",
214 			    recmark & LAST_FRAG ? "last" : "",
215 			    recmark & ~LAST_FRAG);
216 		}
217 
218 		(void) sprintf(get_line(0, 0),
219 		    "Transaction id = %lu",
220 		    xid);
221 		(void) sprintf(get_line(0, 0),
222 		    "Type = %d (%s)",
223 		    direction,
224 		    direction == CALL ? "Call":"Reply");
225 
226 		switch (direction) {
227 		case CALL:
228 			rpc_detail_call(flags, xid, rpcvers,
229 			    prog, vers, proc, rpc, fraglen);
230 			break;
231 		case REPLY:
232 			rpc_detail_reply(flags, xid, x, rpc, fraglen);
233 			break;
234 		}
235 	}
236 
237 	return (fraglen);
238 }
239 
240 static void
241 rpc_detail_call(int flags, int xid, int rpcvers, int prog, int vers, int proc,
242     char *data, int len)
243 {
244 	char *nameof_flavor();
245 	char *nameof_prog();
246 
247 	(void) sprintf(get_line(pos, getxdr_pos()),
248 	    "RPC version = %d",
249 	    rpcvers);
250 	(void) sprintf(get_line(pos, getxdr_pos()),
251 	    "Program = %d (%s), version = %d, procedure = %d",
252 	    prog, nameof_prog(prog), vers, proc);
253 	print_creds(xid);
254 	print_verif(CALL);
255 	show_trailer();
256 	protoprint(flags, CALL, xid, prog, vers, proc, data, len);
257 }
258 
259 char *
260 nameof_flavor(flavor)
261 	int flavor;
262 {
263 	switch (flavor) {
264 	case AUTH_NONE : return ("None");
265 	case AUTH_UNIX : return ("Unix");
266 	case AUTH_SHORT: return ("Unix short");
267 	case AUTH_DES  : return ("DES");
268 	case RPCSEC_GSS: return ("RPCSEC_GSS");
269 	default: return ("unknown");
270 	}
271 }
272 
273 char *
274 tohex(char *p, int len)
275 {
276 	int i, j;
277 	static char hbuff[1024];
278 	static char *hexstr = "0123456789ABCDEF";
279 	char toobig = 0;
280 
281 	if (len * 2 > sizeof (hbuff)) {
282 		toobig++;
283 		len = sizeof (hbuff) / 2;
284 	}
285 
286 	j = 0;
287 	for (i = 0; i < len; i++) {
288 		hbuff[j++] = hexstr[p[i] >> 4	& 0x0f];
289 		hbuff[j++] = hexstr[p[i]	& 0x0f];
290 	}
291 
292 	if (toobig) {
293 		hbuff[len * 2 - strlen("<Too Long>")] = '\0';
294 		strcat(hbuff, "<Too Long>");
295 	} else
296 		hbuff[j] = '\0';
297 
298 	return (hbuff);
299 }
300 
301 static void
302 print_creds(int xid)
303 {
304 	int pos, flavor, authlen;
305 	int uid, gid, len;
306 	int tlen, idlen;
307 	int i, namekind;
308 	char *p, *line;
309 
310 	pos = getxdr_pos();
311 	flavor  = getxdr_long();
312 	authlen = getxdr_long();
313 	(void) sprintf(get_line(pos, getxdr_pos()),
314 	    "Credentials: Flavor = %d (%s), len = %d bytes",
315 	    flavor, nameof_flavor(flavor), authlen);
316 	if (authlen <= 0)
317 		return;
318 
319 	switch (flavor) {
320 	case AUTH_UNIX:
321 		(void) showxdr_time("   Time = %s");
322 		(void) showxdr_string(MAX_MACHINE_NAME, "   Hostname = %s");
323 		pos = getxdr_pos();
324 		uid = getxdr_u_long();
325 		gid = getxdr_u_long();
326 		(void) sprintf(get_line(pos, getxdr_pos()),
327 		    "   Uid = %d, Gid = %d",
328 		    uid, gid);
329 		len = getxdr_u_long();
330 		line = get_line(pos, len * 4);
331 		if (len == 0)
332 			(void) sprintf(line, "   Groups = (none)");
333 		else {
334 			(void) sprintf(line, "   Groups = ");
335 			line += strlen(line);
336 			while (len--) {
337 				gid = getxdr_u_long();
338 				(void) sprintf(line, "%d ", gid);
339 				line += strlen(line);
340 			}
341 		}
342 		break;
343 
344 	case AUTH_DES:
345 		namekind = getxdr_u_long();
346 		(void) sprintf(get_line(pos, getxdr_pos()),
347 		    "   Name kind = %d (%s)",
348 		    namekind,
349 		    namekind == ADN_FULLNAME ?
350 		    "fullname" : "nickname");
351 		switch (namekind) {
352 		case ADN_FULLNAME:
353 			(void) showxdr_string(64,
354 			    "   Network name = %s");
355 			(void) showxdr_hex(8,
356 			    "   Conversation key = 0x%s (DES encrypted)");
357 			(void) showxdr_hex(4,
358 			    "   Window = 0x%s (DES encrypted)");
359 			break;
360 
361 		case ADN_NICKNAME:
362 			(void) showxdr_hex(4, "   Nickname = 0x%s");
363 			break;
364 		};
365 		break;
366 
367 	case RPCSEC_GSS:
368 		print_rpcsec_gss_cred(xid, authlen);
369 		break;
370 
371 	default:
372 		(void) showxdr_hex(authlen, "[%s]");
373 		break;
374 	}
375 }
376 
377 static void
378 print_verif(int direction)
379 {
380 	int pos, flavor, verlen;
381 
382 	pos = getxdr_pos();
383 	flavor = getxdr_long();
384 	verlen = getxdr_long();
385 	(void) sprintf(get_line(pos, getxdr_pos()),
386 	    "Verifier   : Flavor = %d (%s), len = %d bytes",
387 	    flavor, nameof_flavor(flavor), verlen);
388 	if (verlen == 0)
389 		return;
390 
391 	switch (flavor) {
392 	case AUTH_DES:
393 		(void) showxdr_hex(8, "   Timestamp = 0x%s (DES encrypted)");
394 		if (direction == CALL)
395 			(void) showxdr_hex(4,
396 			    "   Window    = 0x%s (DES encrypted)");
397 		else
398 			(void) showxdr_hex(4, "   Nickname  = 0x%s");
399 		break;
400 
401 	/* For other flavors like AUTH_NONE, AUTH_UNIX, RPCSEC_GSS etc. */
402 	default:
403 		(void) showxdr_hex(verlen, "[%s]");
404 		break;
405 	}
406 }
407 
408 struct rpcnames {
409 	int   rp_prog;
410 	char *rp_name;
411 } rpcnames[] = {
412 100000, "PMAP",			/* Portmapper */
413 100001, "RSTAT",		/* Remote stats */
414 100002, "RUSERS",		/* Remote users */
415 100003, "NFS",			/* Nfs */
416 100004, "NIS",			/* Network Information Service */
417 100005, "MOUNT",		/* Mount demon */
418 100006, "DBX",			/* Remote dbx */
419 100007, "NISBIND",		/* NIS binder */
420 100008, "WALL",			/* Shutdown msg */
421 100009, "NISPASSWD",		/* Yppasswd server */
422 100010, "ETHERSTAT",		/* Ether stats */
423 100011, "RQUOTA",		/* Disk quotas */
424 100012, "SPRAY",		/* Spray packets */
425 100013, "IBM3270",		/* 3270 mapper */
426 100014, "IBMRJE",		/* RJE mapper */
427 100015, "SELNSVC",		/* Selection service */
428 100016, "RDATABASE",		/* Remote database access */
429 100017, "REX",			/* Remote execution */
430 100018, "ALICE",		/* Alice Office Automation */
431 100019, "SCHED",		/* Scheduling service */
432 100020, "LLM",			/* Local lock manager */
433 100021, "NLM",			/* Network lock manager */
434 100022, "X25INR",		/* X.25 inr protocol */
435 100023, "STATMON1",		/* Status monitor 1 */
436 100024, "STATMON2",		/* Status monitor 2 */
437 100025, "SELNLIB",		/* Selection library */
438 100026, "BOOTPARAM",		/* Boot parameters service */
439 100027, "MAZEPROG",		/* Mazewars game */
440 100028, "NISUPDATE",		/* NIS update */
441 100029, "KEYSERVE",		/* Key server */
442 100030, "SECURECMD",		/* Secure login */
443 100031, "NETFWDI",		/* NFS net forwarder init */
444 100032, "NETFWDT",		/* NFS net forwarder trans */
445 100033, "SUNLINKMAP",		/* Sunlink MAP */
446 100034, "NETMON",		/* Network monitor */
447 100035, "DBASE",		/* Lightweight database */
448 100036, "PWDAUTH",		/* Password authorization */
449 100037, "TFS",			/* Translucent file svc */
450 100038, "NSE",			/* NSE server */
451 100039, "NSE_ACTIVATE",		/* NSE activate daemon */
452 100040, "SUNVIEW_HELP",		/* Sunview help */
453 100041, "PNP",			/* PNP install */
454 100042, "IPADDR_ALLOC",		/* IP addr allocator */
455 100043, "FILEHANDLE",		/* Show filehandle */
456 100044, "MVSNFS",		/* MVS NFS mount  */
457 100045, "REM_FILEOP_USER",	/* Remote user file operations */
458 100046, "BATCH_NISUPDATE",	/* Batched ypupdate */
459 100047, "NEM",			/* Network execution mgr */
460 100048, "RAYTRACE_RD",		/* Raytrace/mandelbrot remote daemon */
461 100049, "RAYTRACE_LD",		/* Raytrace/mandelbrot local daemon */
462 100050, "REM_FILEOP_GROUP",	/* Remote group file operations */
463 100051, "REM_FILEOP_SYSTEM",	/* Remote system file operations */
464 100052, "REM_SYSTEM_ROLE",	/* Remote system role operations */
465 100055, "IOADMD",		/* Ioadmd */
466 100056, "FILEMERGE",		/* Filemerge */
467 100057, "NAMEBIND",		/* Name Binding Program */
468 100058, "NJE",			/* Sunlink NJE */
469 100059, "MVSATTR",		/* MVSNFS get attribute service */
470 100060, "RMGR",			/* SunAccess/SunLink resource manager */
471 100061, "UIDALLOC",		/* UID allocation service */
472 100062, "LBSERVER",		/* License broker */
473 100063, "LBBINDER",		/* NETlicense client binder */
474 100064, "GIDALLOC",		/* GID allocation service */
475 100065, "SUNISAM",		/* SunIsam */
476 100066, "RDBSRV",		/* Remote Debug Server */
477 100067, "NETDIR",		/* Network directory daemon */
478 100068, "CMSD",			/* Network calendar program */
479 100069, "NISXFR",		/* NIS transfer */
480 100070, "TIMED",		/* RPC.timed */
481 100071, "BUGTRAQ",		/* Bugtraqd */
482 100072, "NeFS",			/* Internal use only */
483 100073, "BILLBOARD",		/* Connectathon Billboard - NFS */
484 100074, "BILLBOARD",		/* Connectathon Billboard - X */
485 100075, "SCHEDROOM",		/* Sun meeting room scheduler */
486 100076, "AUTHNEGOTIATE",	/* Authentication negotiation */
487 100077, "ATTRPROG",		/* Database manipulation */
488 100080, "AUTODUMP",		/* Sun consulting special */
489 100081, "EVENT_SVC",		/* Event protocol */
490 100085,	"ARM_PSD",		/* ARM policy */
491 100086,	"ARMTOD",		/* ARM TOD */
492 100087, "NA.ADMIN",		/* Sun (SNAG) administration agent */
493 100099, "PLD",			/* Genesil 8.1 hot plot */
494 100101, "NA.EVENT",		/* SNM (SunNet Manager) event dispatcher */
495 100102, "NA.LOGGER",		/* SNM report logger */
496 100103, "NA.DISCOVER",		/* SNM network discovery agent */
497 100104, "NA.SYNC",		/* SNM sync interface agent */
498 100105, "NA.DISKINFO",		/* SNM disk info agent */
499 100106, "NA.IOSTAT",		/* SNM iostat agent */
500 100107, "NA.HOSTPERF",		/* SNM rstat proxy agent */
501 100108, "NA.CONFIG",		/* SNM host configuration agent */
502 100109, "NA.ACTIVITY",		/* SNM activity daemon */
503 100111, "NA.LPSTAT",		/* SNM printer agent */
504 100112, "NA.HOSTMEM",		/* SNM host network memory agent */
505 100113, "NA.SAMPLE",		/* SNM sample agent */
506 100114, "NA.X25",		/* SNM X.25 agent */
507 100115,	"NA.PING",		/* SNM ping proxy agent */
508 100116,	"NA.RPCNFS",		/* SNM rpc and nfs agent */
509 100117,	"NA.HOSTIF",		/* SNM host interface agent */
510 100118,	"NA.ETHERIF",		/* SNM ethernet interface agent */
511 100119,	"NA.IPPATH",		/* SNM traceroute proxy agent */
512 100120,	"NA.IPROUTES",		/* SNM routing table agent */
513 100121,	"NA.LAYERS",		/* SNM protocol layers gent */
514 100122,	"NA.SNMP",		/* SNM SNMP proxy agent */
515 100123,	"NA.TRAFFIC",		/* SNM network traffic agent */
516 100124, "NA.DNI",		/* DNI (DECnet) proxy agent */
517 100125, "NA.CHAT",		/* IBM Channel attach proxy agent */
518 100126, "NA.FDDI",		/* FDDI agent */
519 100127, "NA.FDDISMT",		/* FDDI SMT proxy agent */
520 100128, "NA.MHS",		/* MHS agent */
521 100130, "SNM_GRAPHER",		/* SNM 3D grapher */
522 100132, "NA.TR",		/* Token Ring agent */
523 100134, "NA.TOKENRING",		/* Token Ring agent */
524 100136, "NA.FRAMERELAY",	/* Frame Relay agent */
525 100175, "NA.SNMPTRAP",		/* SNM SNMP trap daemon */
526 100180, "NA.MIPROUTES",		/* SNM multicast routing table agent */
527 100201, "MVSNFSSTAT",		/* MVS/NFS Memory usage statistic server */
528 100227, "NFS_ACL",		/* NFS ACL support */
529 100300, "NIS+",			/* NIS+ name service */
530 100302, "NIS+ CB",		/* NIS+ callbacks */
531 101002, "NSELINKTOOL",		/* NSE link daemon */
532 101003, "NSELINKAPP",		/* NSE link application */
533 110001, "GOLABEL",		/* SunOS MLS  */
534 110002, "PUC",			/* SunOS MLS  */
535 150001, "PCNFSD",		/* PC passwd authorization */
536 150002, "TOPS",			/* TOPS name mapping */
537 150003, "TOPS",			/* TOPS external attribute storage */
538 150004, "TOPS",			/* TOPS hierarchical file system */
539 150005, "TOPS",			/* TOPS NFS transparency extensions */
540 150006, "SOLARNET_FW",		/* SolarNet Framework protocol */
541 160001, "CM",			/* Nihon Sun - Japanese Input system */
542 300004, "FRAME 1",		/* Frame program 1 */
543 300009, "FRAME 2",		/* Frame program 2 */
544 390101, "RAP",			/* Legato RAP protocol */
545 390102, "RAPRD",		/* Legato RAP resource dir protocol */
546 500021, "ZNS",			/* Zeus Network Service */
547 };
548 
549 int
550 compare(a, b)
551 	register struct rpcnames *a, *b;
552 {
553 	return (a->rp_prog - b->rp_prog);
554 }
555 
556 char *
557 nameof_prog(prog)
558 	int prog;
559 {
560 	struct rpcnames *r;
561 	struct rpcnames *bsearch();
562 	int elems = sizeof (rpcnames) / sizeof (*r);
563 
564 	r = bsearch(&prog, rpcnames, elems, sizeof (*r), compare);
565 	if (r)
566 		return (r->rp_name);
567 
568 	if (prog >= 0x40000000 && prog <= 0x5fffffff)
569 		return ("transient");
570 
571 	return ("?");
572 }
573 
574 char *
575 nameof_astat(status)
576 	int status;
577 {
578 	switch (status) {
579 	case SUCCESS	  : return ("Success");
580 	case PROG_UNAVAIL : return ("Program unavailable");
581 	case PROG_MISMATCH: return ("Program number mismatch");
582 	case PROC_UNAVAIL : return ("Procedure unavailable");
583 	case GARBAGE_ARGS : return ("Garbage arguments");
584 	case SYSTEM_ERR   : return ("System error");
585 	default: return ("unknown");
586 	}
587 }
588 
589 char *
590 nameof_why(why)
591 	int why;
592 {
593 	switch (why) {
594 	case AUTH_BADCRED:	return ("bogus credentials (seal broken)");
595 	case AUTH_REJECTEDCRED:	return ("client should begin new session");
596 	case AUTH_BADVERF:	return ("bogus verifier (seal broken)");
597 	case AUTH_REJECTEDVERF:	return ("verifier expired or was replayed");
598 	case AUTH_TOOWEAK:	return ("too weak");
599 	case AUTH_INVALIDRESP:	return ("bogus response verifier");
600 	case AUTH_TIMEEXPIRE:	return ("time of credential expired");
601 	case AUTH_TKT_FILE:	return ("something wrong with ticket file");
602 	case AUTH_DECODE:	return ("can't decode authenticator");
603 	case AUTH_NET_ADDR:	return ("net address in ticket wrong");
604 	case RPCSEC_GSS_NOCRED:	return ("no credentials for user");
605 	case RPCSEC_GSS_FAILED:	return ("GSS failure, credentials deleted");
606 	case AUTH_FAILED:
607 	default:
608 		return ("unknown reason");
609 	}
610 }
611 
612 static void
613 rpc_detail_reply(int flags, int xid, struct cache_struct *x, char *data,
614     int len)
615 {
616 	int status;
617 	int astat, rstat, why;
618 	int pos;
619 
620 	if (x) {
621 		(void) sprintf(get_line(0, 0),
622 		    "This is a reply to frame %d",
623 		    x->xid_frame);
624 	}
625 	pos = getxdr_pos();
626 	status = getxdr_long();
627 	(void) sprintf(get_line(pos, getxdr_pos()),
628 	    "Status = %d (%s)",
629 	    status, status ? "Denied" : "Accepted");
630 
631 	switch (status) {
632 	case MSG_ACCEPTED:
633 		print_verif(REPLY);
634 		pos = getxdr_pos();
635 		astat = getxdr_long();
636 		(void) sprintf(get_line(pos, getxdr_pos()),
637 		    "Accept status = %d (%s)",
638 		    astat, nameof_astat(astat));
639 
640 		switch (astat) {
641 		case SUCCESS:
642 			if (x) {
643 				show_trailer();
644 				protoprint(flags, REPLY, xid,
645 				    x->xid_prog, x->xid_vers, x->xid_proc,
646 				    data, len);
647 			}
648 			break;
649 		case PROG_UNAVAIL :
650 			break;
651 		case PROG_MISMATCH:
652 		case PROC_UNAVAIL :
653 			showxdr_long("   Low  = %d");
654 			showxdr_long("   High = %d");
655 			break;
656 		case GARBAGE_ARGS:
657 		case SYSTEM_ERR:
658 		default:
659 			;
660 		}
661 
662 		break;
663 
664 	case MSG_DENIED:
665 		pos = getxdr_pos();
666 		rstat = getxdr_long();
667 		(void) sprintf(get_line(pos, getxdr_pos()),
668 		    "Reject status = %d (%s)",
669 		    rstat,
670 		    rstat ? "can't authenticate"
671 		    : "version mismatch");
672 
673 		switch (rstat) {
674 		case RPC_MISMATCH:
675 			showxdr_long("   Low  = %d");
676 			showxdr_long("   High = %d");
677 			break;
678 		case AUTH_ERROR:
679 			why = getxdr_u_long();
680 			(void) sprintf(get_line(pos, getxdr_pos()),
681 			    "   Why = %d (%s)",
682 			    why, nameof_why(why));
683 			break;
684 		}
685 		break;
686 	}
687 }
688 
689 /*
690  * Return true if this is a valid RPC packet
691  */
692 int
693 valid_rpc(char *rpc, int rpclen)
694 {
695 	XDR	xdrm;
696 	struct rpc_msg msg;
697 
698 	if (rpclen < 12)
699 		return (0);
700 
701 	xdrmem_create(&xdrm, rpc, rpclen, XDR_DECODE);
702 	if (xdr_u_int(&xdrm, &msg.rm_xid) &&
703 	    xdr_u_int(&xdrm, (uint_t *)&msg.rm_direction)) {
704 		switch (msg.rm_direction) {
705 		case CALL:
706 			if (xdr_rpcvers(&xdrm, &msg.rm_call.cb_rpcvers) &&
707 			    msg.rm_call.cb_rpcvers == 2)
708 				return (1);
709 			break;
710 		case REPLY:
711 			if (xdr_u_int(&xdrm,
712 			    (uint_t *)&msg.rm_reply.rp_stat) &&
713 			    (msg.rm_reply.rp_stat == MSG_ACCEPTED ||
714 			    msg.rm_reply.rp_stat == MSG_DENIED))
715 				return (1);
716 			break;
717 		}
718 	}
719 
720 	return (0);
721 }
722 
723 struct cache_struct *xcpfirst	= &xid_cache[0];
724 struct cache_struct *xcp	= &xid_cache[0];
725 struct cache_struct *xcplast	= &xid_cache[XID_CACHE_SIZE - 1];
726 
727 struct cache_struct *
728 find_xid(xid)
729 	ulong_t xid;
730 {
731 	struct cache_struct *x;
732 
733 	for (x = xcp; x >= xcpfirst; x--)
734 		if (x->xid_num == xid)
735 			return (x);
736 	for (x = xcplast; x > xcp; x--)
737 		if (x->xid_num == xid)
738 			return (x);
739 	return (NULL);
740 }
741 
742 static void
743 stash_xid(ulong_t xid, int frame, int prog, int vers, int proc)
744 {
745 	struct cache_struct *x;
746 
747 	x = find_xid(xid);
748 	if (x == NULL) {
749 		x = xcp++;
750 		if (xcp > xcplast)
751 			xcp = xcpfirst;
752 		x->xid_num = xid;
753 		x->xid_frame = frame;
754 	}
755 	x->xid_prog = prog;
756 	x->xid_vers = vers;
757 	x->xid_proc = proc;
758 	x->xid_gss_proc = RPCSEC_GSS_DATA;
759 	x->xid_gss_service = rpc_gss_svc_default;
760 }
761 
762 void
763 check_retransmit(line, xid)
764 	char *line;
765 	ulong_t xid;
766 {
767 	struct cache_struct *x;
768 	extern int pi_frame;
769 
770 	x = find_xid(xid);
771 	if (x && x->xid_frame != pi_frame)
772 		(void) strcat(line, " (retransmit)");
773 }
774