/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2017 Joyent Inc
 * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
 */

/*
 *  RPC server procedures for the gssapi usermode daemon gssd.
 */

#include <stdio.h>
#include <stdio_ext.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>
#include <strings.h>
#include <limits.h>
#include <sys/param.h>
#include <mechglueP.h>
#include "gssd.h"
#include <gssapi/gssapi.h>
#include <rpc/rpc.h>
#include <stdlib.h>
#include <syslog.h>
#include <sys/resource.h>
#include <sys/debug.h>

#define SRVTAB  ""
#define FDCACHE_PERCENTAGE      .75     /* Percentage of total FD limit */
#define FDCACHE_DEFAULT         16      /* Default LRU cache size */
#define GSSD_FD_LIMIT           255     /* Increase number of fds allowed */

extern int gssd_debug;                  /* declared in gssd.c */
static OM_uint32 gssd_time_verf;        /* verifies same gssd */
static OM_uint32 context_verf;          /* context sequence numbers */

struct gssd_ctx_slot {
        struct gssd_ctx_slot *lru_next;
        struct gssd_ctx_slot *lru_prev;
        bool_t          inuse;
        OM_uint32       create_time;
        OM_uint32       verf;
        gss_ctx_id_t    ctx;
        gss_ctx_id_t    rpcctx;
};

struct gssd_ctx_slot *gssd_ctx_slot_tbl;
struct gssd_ctx_slot *gssd_lru_head;

static int max_contexts;

static int checkfrom(struct svc_req *, uid_t *);
extern void set_gssd_uid(uid_t);
extern int __rpc_get_local_uid(SVCXPRT *, uid_t *);

/*
 * Syslog (and output to stderr if debug set) the GSSAPI major
 * and minor numbers.
 */
static void
syslog_gss_error(OM_uint32 maj_stat, OM_uint32 min_stat, char *errstr)
{
        OM_uint32 gmaj_stat, gmin_stat;
        gss_buffer_desc msg;
        OM_uint32 msg_ctx = 0;


        if (gssd_debug)
                fprintf(stderr,
                    "gssd: syslog_gss_err: called from %s: maj=%d min=%d\n",
                    errstr ? errstr : "<null>", maj_stat, min_stat);

        /* Print the major status error from the mech. */
        /* msg_ctx - skip the check for it as is probably unnecesary */
        gmaj_stat = gss_display_status(&gmin_stat, maj_stat,
            GSS_C_GSS_CODE,
            GSS_C_NULL_OID, &msg_ctx, &msg);
        if ((gmaj_stat == GSS_S_COMPLETE)||
            (gmaj_stat == GSS_S_CONTINUE_NEEDED)) {
                syslog(LOG_DAEMON|LOG_NOTICE,
                    "GSSAPI error major: %s", (char *)msg.value);
                if (gssd_debug)
                        (void) fprintf(stderr,
                            "gssd: GSSAPI error major: %s\n",
                            (char *)msg.value);

                (void) gss_release_buffer(&gmin_stat, &msg);
        }

        /* Print the minor status error from the mech. */
        msg_ctx = 0;
        /* msg_ctx - skip the check for it as is probably unnecesary */
        gmaj_stat = gss_display_status(&gmin_stat, min_stat,
            GSS_C_MECH_CODE,
            GSS_C_NULL_OID,
            &msg_ctx, &msg);
        if ((gmaj_stat == GSS_S_COMPLETE)||
            (gmaj_stat == GSS_S_CONTINUE_NEEDED)) {
                syslog(LOG_DAEMON|LOG_NOTICE,
                    "GSSAPI error minor: %s",
                    (char *)msg.value);
                if (gssd_debug)
                        (void) fprintf(stderr,
                            "gssd: GSSAPI error minor: %s\n",
                            (char *)msg.value);
                (void) gss_release_buffer(&gmin_stat, &msg);
        }
}

void
gssd_setup(char *arg)
{
        int i;
        struct rlimit rl;
        hrtime_t high_res_time;

        gssd_time_verf = (OM_uint32)time(NULL);
        max_contexts = FDCACHE_DEFAULT;

        /*
         * Use low order bits of high resolution time to get a reasonably
         * random number to start the context sequencing.  This alternative
         * to using a time value avoid clock resets via NTP or ntpdate.
         */
        high_res_time = gethrtime();
        context_verf = (OM_uint32)high_res_time;

        /*
         * Increase resource limit of FDs in case we get alot accept/init_
         * sec_context calls before we're able to export them.  This can
         * happen in very heavily load environments where gssd doesn't get
         * much time to work on its backlog.
         */
        if ((getrlimit(RLIMIT_NOFILE, &rl)) == 0) {
                rl.rlim_cur = (rl.rlim_max >= GSSD_FD_LIMIT) ?
                                GSSD_FD_LIMIT : rl.rlim_max;
                if ((setrlimit(RLIMIT_NOFILE, &rl)) == 0)
                        max_contexts = rl.rlim_cur * FDCACHE_PERCENTAGE;
                (void) enable_extended_FILE_stdio(-1, -1);
        }

        gssd_ctx_slot_tbl = (struct gssd_ctx_slot *)
                malloc(sizeof (struct gssd_ctx_slot) * max_contexts);

        if (gssd_ctx_slot_tbl == NULL) {
                (void) fprintf(stderr,
                        gettext("[%s] could not allocate %d byte context table"
                        "\n"), arg,
                        (sizeof (struct gssd_ctx_slot) * max_contexts));
                exit(1);
        }

        for (i = 1; i < max_contexts; i++) {
                gssd_ctx_slot_tbl[i-1].lru_next = &gssd_ctx_slot_tbl[i];
                gssd_ctx_slot_tbl[i].lru_prev = &gssd_ctx_slot_tbl[i-1];
                gssd_ctx_slot_tbl[i].inuse = FALSE;
                gssd_ctx_slot_tbl[i].verf = 0;
                gssd_ctx_slot_tbl[i].create_time = 0;
                gssd_ctx_slot_tbl[i].rpcctx = (gss_ctx_id_t)(i + 1);
        }

        gssd_ctx_slot_tbl[max_contexts - 1].lru_next = &gssd_ctx_slot_tbl[0];
        gssd_ctx_slot_tbl[0].lru_prev = &gssd_ctx_slot_tbl[max_contexts - 1];
        gssd_ctx_slot_tbl[0].inuse = FALSE;
        gssd_ctx_slot_tbl[0].verf = 0;
        gssd_ctx_slot_tbl[0].create_time = 0;
        gssd_ctx_slot_tbl[0].rpcctx = (gss_ctx_id_t)1;

        gssd_lru_head = &gssd_ctx_slot_tbl[0];
}

static OM_uint32 syslog_interval = 60;

static struct gssd_ctx_slot *
gssd_alloc_slot(gss_ctx_id_t ctx)
{
        struct gssd_ctx_slot *lru;
        OM_uint32 current_time;
        static OM_uint32 last_syslog = 0;
        static bool_t first_take = TRUE;
        static int tooks;
        OM_uint32 minor_status;

        lru = gssd_lru_head;
        gssd_lru_head = lru->lru_next;

        current_time = (OM_uint32) time(NULL);

        if (last_syslog == 0)
                last_syslog = current_time;     /* Save 1st alloc time */

        if (lru->inuse) {
                if (lru->ctx != GSS_C_NO_CONTEXT)
                        (void) gss_delete_sec_context(&minor_status,
                                &lru->ctx, NULL);
                tooks++;

                if (((current_time - last_syslog) > syslog_interval) ||
                        first_take) {
                        syslog(LOG_WARNING, gettext("re-used an existing "
                                "context slot of age %u seconds (%d slots re-"
                                "used during last %u seconds)"),
                                current_time - lru->create_time, tooks,
                                current_time - last_syslog);

                        last_syslog = current_time;
                        tooks = 0;
                        first_take = FALSE;
                }
        }

        /*
         * Assign the next context verifier to the context (avoiding zero).
         */
        context_verf++;
        if (context_verf == 0)
                context_verf = 1;
        lru->verf = context_verf;

        lru->create_time = current_time;
        lru->ctx = ctx;
        lru->inuse = TRUE;
        return (lru);
}

/*
 * We always add 1 because we don't want slot 0 to be confused
 * with GSS_C_NO_CONTEXT.
 */

static struct gssd_ctx_slot *
gssd_handle_to_slot(GSS_CTX_ID_T *h)
{
        intptr_t i;

        if (h->GSS_CTX_ID_T_len == 0) {
                return (NULL);
        }
        if (h->GSS_CTX_ID_T_len != sizeof (i))
                return (NULL);

        i = (*(intptr_t *)(h->GSS_CTX_ID_T_val)) - 1;

        if (i < 0 || i >= max_contexts)
                return (NULL);

        return (&gssd_ctx_slot_tbl[i]);
}

static void
gssd_rel_slot(struct gssd_ctx_slot *lru)
{
        struct gssd_ctx_slot *prev, *next;

        if (lru == NULL)
                return;

        lru->inuse = FALSE;

        /*
         * Remove entry from its current location in list
         */
        prev = lru->lru_prev;
        next = lru->lru_next;
        prev->lru_next = next;
        next->lru_prev = prev;

        /*
         * Since it is no longer in use, it is the least recently
         * used.
         */
        prev = gssd_lru_head->lru_prev;
        next = gssd_lru_head;

        prev->lru_next = lru;
        lru->lru_prev = prev;

        next->lru_prev = lru;
        lru->lru_next = next;

        gssd_lru_head = lru;
}

static void
gssd_convert_context_handle(GSS_CTX_ID_T *h,
        gss_ctx_id_t *context_handle,
        OM_uint32 verf,
        bool_t *context_verf_ok,
        struct gssd_ctx_slot **slotp)
{
        struct gssd_ctx_slot *slot;

        *context_verf_ok = FALSE;
        *context_handle = (gss_ctx_id_t)1;
        if (slotp != NULL)
                *slotp = NULL;

        if (h->GSS_CTX_ID_T_len == 0) {
                *context_handle = GSS_C_NO_CONTEXT;
                *context_verf_ok = TRUE;
                return;
        }

        slot = gssd_handle_to_slot(h);

        if (slot == NULL)
                return;

        if (verf != slot->verf)
                return;

        *context_verf_ok = TRUE;
        *context_handle = slot->ctx;
        if (slotp != NULL)
                *slotp = slot;
}

bool_t
gss_acquire_cred_1_svc(argp, res, rqstp)
        gss_acquire_cred_arg *argp;
        gss_acquire_cred_res *res;
        struct svc_req *rqstp;
{
        OM_uint32               minor_status;
        gss_name_t              desired_name;
        gss_OID_desc            name_type_desc;
        gss_OID                 name_type = &name_type_desc;
        OM_uint32               time_req;
        gss_OID_set_desc        desired_mechs_desc;
        gss_OID_set             desired_mechs;
        int                     cred_usage;
        gss_cred_id_t           output_cred_handle;
        gss_OID_set             actual_mechs;
        gss_buffer_desc         external_name;
        uid_t                   uid;
        int                     i, j;

        if (gssd_debug)
                fprintf(stderr, gettext("gss_acquire_cred\n"));

        memset(res, 0, sizeof (*res));

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->output_cred_handle.GSS_CRED_ID_T_val = NULL;
                res->actual_mechs.GSS_OID_SET_val = NULL;
                return (FALSE);
        }

/* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

/* convert the desired name from external to internal format */

        external_name.length = argp->desired_name.GSS_BUFFER_T_len;
        external_name.value = (void *)malloc(external_name.length);
        if (!external_name.value)
                return (GSS_S_FAILURE);
        memcpy(external_name.value, argp->desired_name.GSS_BUFFER_T_val,
                external_name.length);

        if (argp->name_type.GSS_OID_len == 0) {
                name_type = GSS_C_NULL_OID;
        } else {
                name_type->length = argp->name_type.GSS_OID_len;
                name_type->elements = (void *)malloc(name_type->length);
                if (!name_type->elements) {
                        free(external_name.value);
                        return (GSS_S_FAILURE);
                }
                memcpy(name_type->elements, argp->name_type.GSS_OID_val,
                        name_type->length);
        }

        if (gss_import_name(&minor_status, &external_name, name_type,
                            &desired_name) != GSS_S_COMPLETE) {

                res->status = (OM_uint32) GSS_S_FAILURE;
                res->minor_status = minor_status;

                free(external_name.value);
                if (name_type != GSS_C_NULL_OID)
                        free(name_type->elements);

                return (TRUE);
        }

/*
 * copy the XDR structured arguments into their corresponding local GSSAPI
 * variables.
 */

        cred_usage = argp->cred_usage;
        time_req = argp->time_req;

        if (argp->desired_mechs.GSS_OID_SET_len != 0) {
                desired_mechs = &desired_mechs_desc;
                desired_mechs->count =
                        (int)argp->desired_mechs.GSS_OID_SET_len;
                desired_mechs->elements = (gss_OID)
                        malloc(sizeof (gss_OID_desc) * desired_mechs->count);
                if (!desired_mechs->elements) {
                        free(external_name.value);
                        free(name_type->elements);
                        return (GSS_S_FAILURE);
                }
                for (i = 0; i < desired_mechs->count; i++) {
                        desired_mechs->elements[i].length =
                                (OM_uint32)argp->desired_mechs.
                                GSS_OID_SET_val[i].GSS_OID_len;
                        desired_mechs->elements[i].elements =
                                (void *)malloc(desired_mechs->elements[i].
                                                length);
                        if (!desired_mechs->elements[i].elements) {
                                free(external_name.value);
                                free(name_type->elements);
                                for (j = 0; j < (i -1); j++) {
                                        free
                                        (desired_mechs->elements[j].elements);
                                }
                                free(desired_mechs->elements);
                                return (GSS_S_FAILURE);
                        }
                        memcpy(desired_mechs->elements[i].elements,
                                argp->desired_mechs.GSS_OID_SET_val[i].
                                GSS_OID_val,
                                desired_mechs->elements[i].length);
                }
        } else
                desired_mechs = GSS_C_NULL_OID_SET;

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_acquire_cred(&res->minor_status,
                                desired_name,
                                time_req,
                                desired_mechs,
                                cred_usage,
                                &output_cred_handle,
                                &actual_mechs,
                                &res->time_rec);

        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result
         */

        res->output_cred_handle.GSS_CRED_ID_T_len = sizeof (gss_cred_id_t);
        res->output_cred_handle.GSS_CRED_ID_T_val =
                (void *)malloc(sizeof (gss_cred_id_t));
        if (!res->output_cred_handle.GSS_CRED_ID_T_val) {
                free(external_name.value);
                free(name_type->elements);
                for (i = 0; i < desired_mechs->count; i++) {
                        free(desired_mechs->elements[i].elements);
                        }
                free(desired_mechs->elements);
                return (GSS_S_FAILURE);
        }
        memcpy(res->output_cred_handle.GSS_CRED_ID_T_val, &output_cred_handle,
                sizeof (gss_cred_id_t));

        if (actual_mechs != GSS_C_NULL_OID_SET) {
                res->actual_mechs.GSS_OID_SET_len =
                        (uint_t)actual_mechs->count;
                res->actual_mechs.GSS_OID_SET_val = (GSS_OID *)
                        malloc(sizeof (GSS_OID) * actual_mechs->count);
                if (!res->actual_mechs.GSS_OID_SET_val) {
                        free(external_name.value);
                        free(name_type->elements);
                        for (i = 0; i < desired_mechs->count; i++) {
                                free(desired_mechs->elements[i].elements);
                        }
                        free(desired_mechs->elements);
                        free(res->output_cred_handle.GSS_CRED_ID_T_val);
                        return (GSS_S_FAILURE);
                }
                for (i = 0; i < actual_mechs->count; i++) {
                        res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_len =
                                (uint_t)actual_mechs->elements[i].length;
                        res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_val =
                                (char *)malloc(actual_mechs->elements[i].
                                                length);
                        if (!res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_val) {
                                free(external_name.value);
                                free(name_type->elements);
                                free(desired_mechs->elements);
                                for (j = 0; j < desired_mechs->count; j++) {
                                        free
                                        (desired_mechs->elements[i].elements);
                                }
                                free(res->actual_mechs.GSS_OID_SET_val);
                                for (j = 0; j < (i - 1); j++) {
                                        free
                                        (res->actual_mechs.
                                                GSS_OID_SET_val[j].GSS_OID_val);
                                }
                                return (GSS_S_FAILURE);
                        }
                        memcpy(res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_val,
                                actual_mechs->elements[i].elements,
                                actual_mechs->elements[i].length);
                }
        } else
                res->actual_mechs.GSS_OID_SET_len = 0;

        /*
         * set the time verifier for credential handle.  To ensure that the
         * timestamp is not the same as previous gssd process, verify that
         * time is not the same as set earlier at start of process.  If it
         * is, sleep one second and reset. (due to one second granularity)
         */

        if (res->status == GSS_S_COMPLETE) {
                res->gssd_cred_verifier = (OM_uint32)time(NULL);
                if (res->gssd_cred_verifier == gssd_time_verf) {
                        sleep(1);
                        gssd_time_verf = (OM_uint32)time(NULL);
                }
                res->gssd_cred_verifier = gssd_time_verf;
        } else
                syslog_gss_error(res->status, res->minor_status,
                    "acquire_cred");

        /*
         * now release the space allocated by the underlying gssapi mechanism
         * library for actual_mechs as well as by this routine for
         * external_name, name_type and desired_name
         */

        free(external_name.value);
        if (name_type != GSS_C_NULL_OID)
                free(name_type->elements);
        gss_release_name(&minor_status, &desired_name);

        if (actual_mechs != GSS_C_NULL_OID_SET) {
                for (i = 0; i < actual_mechs->count; i++)
                        free(actual_mechs->elements[i].elements);
                free(actual_mechs->elements);
                free(actual_mechs);
        }

        if (desired_mechs != GSS_C_NULL_OID_SET) {
                for (i = 0; i < desired_mechs->count; i++)
                        free(desired_mechs->elements[i].elements);
                free(desired_mechs->elements);

        }

/* return to caller */

        return (TRUE);
}

bool_t
gss_add_cred_1_svc(argp, res, rqstp)
        gss_add_cred_arg *argp;
        gss_add_cred_res *res;
        struct svc_req *rqstp;
{

        OM_uint32               minor_status;
        gss_name_t              desired_name;
        gss_OID_desc            name_type_desc;
        gss_OID                 name_type = &name_type_desc;
        gss_OID_desc            desired_mech_type_desc;
        gss_OID                 desired_mech_type = &desired_mech_type_desc;
        int                     cred_usage;
        gss_cred_id_t           input_cred_handle;
        gss_OID_set             actual_mechs;
        gss_buffer_desc         external_name;
        uid_t                   uid;
        int                     i, j;

        if (gssd_debug)
                fprintf(stderr, gettext("gss_add_cred\n"));

        if (argp->gssd_cred_verifier != gssd_time_verf) {
                res->status = (OM_uint32)GSS_S_DEFECTIVE_CREDENTIAL;
                res->minor_status = 0;
                res->actual_mechs.GSS_OID_SET_len = 0;
                res->actual_mechs.GSS_OID_SET_val = NULL;
                res->initiator_time_rec = 0;
                res->acceptor_time_rec = 0;
                fprintf(stderr, gettext("gss_add_cred defective cred\n"));
                return (TRUE);
        }
        memset(res, 0, sizeof (*res));

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                return (FALSE);
        }

/* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

/* convert the desired name from external to internal format */

        external_name.length = argp->desired_name.GSS_BUFFER_T_len;
        external_name.value = (void *)argp->desired_name.GSS_BUFFER_T_val;
        name_type->length = argp->name_type.GSS_OID_len;
        name_type->elements = (void *)argp->name_type.GSS_OID_val;

        if (gss_import_name(&minor_status, &external_name, name_type,
                            &desired_name) != GSS_S_COMPLETE) {

                if (gssd_debug)
                        fprintf(stderr,
                                gettext("gss_add_cred:import name"),
                                gettext(" failed status %d \n"),
                                res->status);
                res->status = (OM_uint32)GSS_S_FAILURE;
                res->minor_status = minor_status;
                return (TRUE);
        }

/*
 * copy the XDR structured arguments into their corresponding local GSSAPI
 * variables.
 */

        cred_usage = argp->cred_usage;
        if (argp->desired_mech_type.GSS_OID_len == 0)
                desired_mech_type = GSS_C_NULL_OID;
        else {
                desired_mech_type->length =
                        (OM_uint32)argp->desired_mech_type.GSS_OID_len;
                desired_mech_type->elements =
                        (void *)malloc(desired_mech_type->length);
                if (!desired_mech_type->elements) {
                        return (GSS_S_FAILURE);
                }
                memcpy(desired_mech_type->elements,
                        argp->desired_mech_type.GSS_OID_val,
                        desired_mech_type->length);
        }
        input_cred_handle =
                (argp->input_cred_handle.GSS_CRED_ID_T_len == 0 ?
                        GSS_C_NO_CREDENTIAL :
                        /*LINTED*/
                        *((gss_cred_id_t *)argp->input_cred_handle.
                                GSS_CRED_ID_T_val));

        if (input_cred_handle != GSS_C_NO_CREDENTIAL)
        /* verify the input_cred_handle */
                if (argp->gssd_cred_verifier != gssd_time_verf) {
                        res->status = (OM_uint32)GSS_S_DEFECTIVE_CREDENTIAL;
                        res->minor_status = 0;
                        return (TRUE);
                }

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_add_cred(&res->minor_status,
                                input_cred_handle,
                                desired_name,
                                desired_mech_type,
                                cred_usage,
                                argp->initiator_time_req,
                                argp->acceptor_time_req,
                                NULL,
                                &actual_mechs,
                                &res->initiator_time_rec,
                                &res->acceptor_time_rec);

        if ((res->status != GSS_S_COMPLETE) &&
                (res->status != GSS_S_DUPLICATE_ELEMENT))
                syslog_gss_error(res->status, res->minor_status, "add_cred");

        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result
         */
        if (actual_mechs != GSS_C_NULL_OID_SET) {
                res->actual_mechs.GSS_OID_SET_len =
                        (uint_t)actual_mechs->count;
                res->actual_mechs.GSS_OID_SET_val = (GSS_OID *)
                        malloc(sizeof (GSS_OID) * actual_mechs->count);
                if (!res->actual_mechs.GSS_OID_SET_val) {
                        free(desired_mech_type->elements);
                        free(desired_mech_type);
                        return (GSS_S_FAILURE);
                }
                for (i = 0; i < actual_mechs->count; i++) {
                        res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_len =
                                (uint_t)actual_mechs->elements[i].length;
                        res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_val =
                                (char *)malloc(actual_mechs->elements[i].
                                                length);
                        if (!res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_val) {
                                free(desired_mech_type->elements);
                                free(desired_mech_type);
                                free(res->actual_mechs.GSS_OID_SET_val);
                                for (j = 0; j < (i - 1); j++) {
                                        free
                                        (res->actual_mechs.
                                                GSS_OID_SET_val[j].GSS_OID_val);
                                }
                                return (GSS_S_FAILURE);
                        }
                        memcpy(res->actual_mechs.GSS_OID_SET_val[i].GSS_OID_val,
                                actual_mechs->elements[i].elements,
                                actual_mechs->elements[i].length);
                }
        } else
                res->actual_mechs.GSS_OID_SET_len = 0;

        /*
         * now release the space allocated for
         * desired_name  and desired_mech_type
         */

        gss_release_name(&minor_status, &desired_name);
        free(desired_mech_type->elements);
        gss_release_oid_set(&minor_status, &actual_mechs);
        /*
         * if (actual_mechs != GSS_C_NULL_OID_SET) {
         *      for (i = 0; i < actual_mechs->count; i++)
         *              free(actual_mechs->elements[i].elements);
         *      free(actual_mechs->elements);
         *      free(actual_mechs);
         * }
         */


/* return to caller */

        return (TRUE);
}

bool_t
gss_release_cred_1_svc(argp, res, rqstp)
gss_release_cred_arg *argp;
gss_release_cred_res *res;
struct svc_req *rqstp;
{

        uid_t uid;
        gss_cred_id_t cred_handle;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_release_cred\n"));

        if (checkfrom(rqstp, &uid) == 0)
                return (FALSE);

        /* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

        /*
         * if the cred_handle verifier is not correct,
         * set status to GSS_S_DEFECTIVE_CREDENTIAL and return
         */

        if (argp->gssd_cred_verifier != gssd_time_verf) {
                res->status = (OM_uint32)GSS_S_DEFECTIVE_CREDENTIAL;
                return (TRUE);
        }

        /*
         * if the cred_handle length is 0
         * set cred_handle argument to GSS_S_NO_CREDENTIAL
         */

        if (argp->cred_handle.GSS_CRED_ID_T_len == 0)
                cred_handle = GSS_C_NO_CREDENTIAL;
        else
                cred_handle =
                (gss_cred_id_t)argp->cred_handle.GSS_CRED_ID_T_val;

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_release_cred(&res->minor_status,
                                        &cred_handle);

        /* return to caller */

        return (TRUE);
}

bool_t
gss_init_sec_context_1_svc(argp, res, rqstp)
gss_init_sec_context_arg *argp;
gss_init_sec_context_res *res;
struct svc_req *rqstp;
{

        OM_uint32       minor_status;
        gss_ctx_id_t    context_handle;
        bool_t context_verf_ok;
        gss_cred_id_t   claimant_cred_handle;
        gss_buffer_desc external_name;
        gss_OID_desc    name_type_desc;
        gss_OID         name_type = &name_type_desc;
        gss_name_t      internal_name;

        gss_OID_desc    mech_type_desc;
        gss_OID         mech_type = &mech_type_desc;
        struct gss_channel_bindings_struct
                        input_chan_bindings;
        gss_channel_bindings_t input_chan_bindings_ptr;
        gss_buffer_desc input_token;
        gss_buffer_desc output_token;
        gss_buffer_t input_token_ptr;
        gss_OID actual_mech_type;
        struct gssd_ctx_slot *slot = NULL;

        uid_t uid;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_init_sec_context\n"));

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->context_handle.GSS_CTX_ID_T_val =  NULL;
                res->actual_mech_type.GSS_OID_val = NULL;
                res->output_token.GSS_BUFFER_T_val = NULL;
                return (FALSE);
        }

/* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

/*
 * copy the supplied context handle into the local context handle, so it
 * can be supplied to the gss_init_sec_context call
 */

        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, &slot);

        claimant_cred_handle =
                (argp->claimant_cred_handle.GSS_CRED_ID_T_len == 0 ?
                GSS_C_NO_CREDENTIAL :
                /*LINTED*/
                *((gss_cred_id_t *)argp->claimant_cred_handle.
                        GSS_CRED_ID_T_val));

        if (claimant_cred_handle != GSS_C_NO_CREDENTIAL) {
                /* verify the verifier_cred_handle */
                if (argp->gssd_cred_verifier != gssd_time_verf) {
                        res->context_handle.GSS_CTX_ID_T_val = NULL;
                        res->output_token.GSS_BUFFER_T_val = NULL;
                        res->actual_mech_type.GSS_OID_val = NULL;
                        res->context_handle.GSS_CTX_ID_T_len = 0;
                        res->output_token.GSS_BUFFER_T_len = 0;
                        res->actual_mech_type.GSS_OID_len = 0;
                        res->status = (OM_uint32)GSS_S_DEFECTIVE_CREDENTIAL;
                        res->minor_status = 0;
                        return (TRUE);
                }
        }

        if (context_handle != GSS_C_NO_CONTEXT) {
                /* verify the verifier_context_handle */

                if (!context_verf_ok) {
                        res->context_handle.GSS_CTX_ID_T_val = NULL;
                        res->output_token.GSS_BUFFER_T_val = NULL;
                        res->actual_mech_type.GSS_OID_val = NULL;
                        res->context_handle.GSS_CTX_ID_T_len = 0;
                        res->output_token.GSS_BUFFER_T_len = 0;
                        res->actual_mech_type.GSS_OID_len = 0;
                        res->status = (OM_uint32)GSS_S_NO_CONTEXT;
                        res->minor_status = 0;
                        return (TRUE);
                }
        }

        /* convert the target name from external to internal format */

        external_name.length = argp->target_name.GSS_BUFFER_T_len;
        external_name.value = (void *)argp->target_name.GSS_BUFFER_T_val;

        if (argp->name_type.GSS_OID_len == 0) {
                name_type = GSS_C_NULL_OID;
        } else {
                name_type->length = argp->name_type.GSS_OID_len;
                name_type->elements = (void *)malloc(name_type->length);
                if (!name_type->elements)
                        return (GSS_S_FAILURE);
                memcpy(name_type->elements, argp->name_type.GSS_OID_val,
                        name_type->length);
        }

        if (argp->mech_type.GSS_OID_len == 0)
                mech_type = GSS_C_NULL_OID;
        else {
                mech_type->length = (OM_uint32)argp->mech_type.GSS_OID_len;
                mech_type->elements = (void *)argp->mech_type.GSS_OID_val;
        }

        if (gss_import_name(&minor_status, &external_name, name_type,
                            &internal_name) != GSS_S_COMPLETE) {

                if (name_type != GSS_C_NULL_OID)
                        free(name_type->elements);
                res->status = (OM_uint32)GSS_S_FAILURE;
                res->minor_status = minor_status;

                return (TRUE);
        }
/*
 * copy the XDR structured arguments into their corresponding local GSSAPI
 * variables.
 */

        if (argp->input_chan_bindings.present == YES) {
                input_chan_bindings_ptr = &input_chan_bindings;
                input_chan_bindings.initiator_addrtype =
                        (OM_uint32)argp->input_chan_bindings.
                        initiator_addrtype;
                input_chan_bindings.initiator_address.length =
                        (uint_t)argp->input_chan_bindings.initiator_address.
                        GSS_BUFFER_T_len;
                input_chan_bindings.initiator_address.value =
                        (void *)argp->input_chan_bindings.initiator_address.
                        GSS_BUFFER_T_val;
                input_chan_bindings.acceptor_addrtype =
                        (OM_uint32)argp->input_chan_bindings.acceptor_addrtype;
                input_chan_bindings.acceptor_address.length =
                        (uint_t)argp->input_chan_bindings.acceptor_address.
                        GSS_BUFFER_T_len;
                input_chan_bindings.acceptor_address.value =
                        (void *)argp->input_chan_bindings.acceptor_address.
                        GSS_BUFFER_T_val;
                input_chan_bindings.application_data.length =
                        (uint_t)argp->input_chan_bindings.application_data.
                        GSS_BUFFER_T_len;
                input_chan_bindings.application_data.value =
                        (void *)argp->input_chan_bindings.application_data.
                        GSS_BUFFER_T_val;
        } else {
                input_chan_bindings_ptr = GSS_C_NO_CHANNEL_BINDINGS;
                input_chan_bindings.initiator_addrtype = 0;
                input_chan_bindings.initiator_address.length = 0;
                input_chan_bindings.initiator_address.value = 0;
                input_chan_bindings.acceptor_addrtype = 0;
                input_chan_bindings.acceptor_address.length = 0;
                input_chan_bindings.acceptor_address.value = 0;
                input_chan_bindings.application_data.length = 0;
                input_chan_bindings.application_data.value = 0;
        }

        if (argp->input_token.GSS_BUFFER_T_len == 0) {
                input_token_ptr = GSS_C_NO_BUFFER;
        } else {
                input_token_ptr = &input_token;
                input_token.length = (size_t)
                                argp->input_token.GSS_BUFFER_T_len;
                input_token.value = (void *)argp->input_token.GSS_BUFFER_T_val;
        }

/* call the gssapi routine */

        res->status = (OM_uint32)gss_init_sec_context(&res->minor_status,
                        (gss_cred_id_t)argp->claimant_cred_handle.
                                                GSS_CRED_ID_T_val,
                                        &context_handle,
                                        internal_name,
                                        mech_type,
                                        argp->req_flags,
                                        argp->time_req,
                                        input_chan_bindings_ptr,
                                        input_token_ptr,
                                        &actual_mech_type,
                                        &output_token,
                                        &res->ret_flags,
                                        &res->time_rec);

        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result
         */

        if (res->status == (OM_uint32)GSS_S_COMPLETE ||
                res->status == (OM_uint32)GSS_S_CONTINUE_NEEDED) {

                if (slot == NULL || slot->ctx != context_handle) {
                        /*
                         * Note that gssd_alloc_slot() will delete ctx's as long
                         * as we don't call gssd_rel_slot().
                         */
                        slot = gssd_alloc_slot(context_handle);
                }

                res->gssd_context_verifier = slot->verf;

                res->context_handle.GSS_CTX_ID_T_len = sizeof (gss_ctx_id_t);
                res->context_handle.GSS_CTX_ID_T_val =
                        (void *)malloc(sizeof (gss_ctx_id_t));
                if (!res->context_handle.GSS_CTX_ID_T_val) {
                        free(name_type->elements);
                        return (GSS_S_FAILURE);
                }

                memcpy(res->context_handle.GSS_CTX_ID_T_val, &slot->rpcctx,
                        sizeof (gss_ctx_id_t));

                res->output_token.GSS_BUFFER_T_len =
                        (uint_t)output_token.length;
                res->output_token.GSS_BUFFER_T_val =
                        (char *)output_token.value;

                /*
                 * the actual mech type parameter
                 * is ready only upon GSS_S_COMPLETE
                 */
                if (res->status == GSS_S_COMPLETE) {
                        res->actual_mech_type.GSS_OID_len =
                                (uint_t)actual_mech_type->length;
                        res->actual_mech_type.GSS_OID_val =
                                (void *)malloc(actual_mech_type->length);
                        if (!res->actual_mech_type.GSS_OID_val) {
                                free(name_type->elements);
                                free(res->context_handle.GSS_CTX_ID_T_val);
                                return (GSS_S_FAILURE);
                        }
                        memcpy(res->actual_mech_type.GSS_OID_val,
                                (char *)actual_mech_type->elements,
                                actual_mech_type->length);
                } else
                        res->actual_mech_type.GSS_OID_len = 0;
        } else {
                syslog_gss_error(res->status, res->minor_status,
                            "init_sec_context");
                if (context_handle != GSS_C_NO_CONTEXT) {
                        (void) gss_delete_sec_context(&minor_status,
                                &context_handle, NULL);
                }
                res->context_handle.GSS_CTX_ID_T_len = 0;
                res->actual_mech_type.GSS_OID_len = 0;
                res->output_token.GSS_BUFFER_T_len = 0;
        }

        /*
         * now release the space allocated by the underlying gssapi mechanism
         * library for internal_name and for the name_type.
         */

        gss_release_name(&minor_status, &internal_name);
        if (name_type != GSS_C_NULL_OID)
                free(name_type->elements);


        /* return to caller */
        return (TRUE);
}

bool_t
gss_accept_sec_context_1_svc(argp, res, rqstp)
gss_accept_sec_context_arg *argp;
gss_accept_sec_context_res *res;
struct svc_req *rqstp;
{
        uid_t uid;
        OM_uint32 minor_status;
        gss_ctx_id_t context_handle = NULL;
        gss_cred_id_t verifier_cred_handle;
        gss_buffer_desc external_name;
        gss_name_t internal_name = NULL;

        gss_buffer_desc input_token_buffer;
        gss_buffer_t input_token_buffer_ptr;
        struct gss_channel_bindings_struct
                        input_chan_bindings;
        gss_channel_bindings_t input_chan_bindings_ptr;
        gss_OID mech_type;
        gss_buffer_desc output_token;
        gss_cred_id_t delegated_cred_handle;
        bool_t context_verf_ok;
        struct gssd_ctx_slot *slot = NULL;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_accept_sec_context\n"));

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->context_handle.GSS_CTX_ID_T_val = NULL;
                res->src_name.GSS_BUFFER_T_val = NULL;
                res->mech_type.GSS_OID_val = NULL;
                res->output_token.GSS_BUFFER_T_val = NULL;
                res->delegated_cred_handle.GSS_CRED_ID_T_val = NULL;
                return (FALSE);
        }

        /* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

        /*
         * copy the supplied context handle into the local context handle, so
         * it can be supplied to the gss_accept_sec_context call
         */

        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, &slot);

        if (context_handle != GSS_C_NO_CONTEXT)
                /* verify the context_handle */
                if (!context_verf_ok) {
                        res->context_handle.GSS_CTX_ID_T_val = NULL;
                        res->src_name.GSS_BUFFER_T_val = NULL;
                        res->mech_type.GSS_OID_val = NULL;
                        res->output_token.GSS_BUFFER_T_val = NULL;
                        res->delegated_cred_handle.GSS_CRED_ID_T_val = NULL;
                        res->src_name.GSS_BUFFER_T_len = 0;
                        res->context_handle.GSS_CTX_ID_T_len = 0;
                        res->delegated_cred_handle.GSS_CRED_ID_T_len = 0;
                        res->output_token.GSS_BUFFER_T_len = 0;
                        res->mech_type.GSS_OID_len = 0;
                        res->status = (OM_uint32)GSS_S_NO_CONTEXT;
                        res->minor_status = 0;
                        return (TRUE);
                }

        /*
         * copy the XDR structured arguments into their corresponding local
         * GSSAPI variable equivalents.
         */


        verifier_cred_handle =
                (argp->verifier_cred_handle.GSS_CRED_ID_T_len == 0 ?
                        GSS_C_NO_CREDENTIAL :
                        /*LINTED*/
                        *((gss_cred_id_t *)argp->verifier_cred_handle.
                                GSS_CRED_ID_T_val));

        if (verifier_cred_handle != GSS_C_NO_CREDENTIAL)
        /* verify the verifier_cred_handle */
                if (argp->gssd_cred_verifier != gssd_time_verf) {
                        res->context_handle.GSS_CTX_ID_T_val = NULL;
                        res->src_name.GSS_BUFFER_T_val = NULL;
                        res->mech_type.GSS_OID_val = NULL;
                        res->output_token.GSS_BUFFER_T_val = NULL;
                        res->delegated_cred_handle.GSS_CRED_ID_T_val = NULL;
                        res->src_name.GSS_BUFFER_T_len = 0;
                        res->context_handle.GSS_CTX_ID_T_len = 0;
                        res->delegated_cred_handle.GSS_CRED_ID_T_len = 0;
                        res->output_token.GSS_BUFFER_T_len = 0;
                        res->mech_type.GSS_OID_len = 0;
                        res->status = (OM_uint32)GSS_S_DEFECTIVE_CREDENTIAL;
                        res->minor_status = 0;
                        return (TRUE);
                }

        input_token_buffer_ptr = &input_token_buffer;
        input_token_buffer.length = (size_t)argp->input_token_buffer.
                GSS_BUFFER_T_len;
        input_token_buffer.value = (void *)argp->input_token_buffer.
                GSS_BUFFER_T_val;

        if (argp->input_chan_bindings.present == YES) {
                input_chan_bindings_ptr = &input_chan_bindings;
                input_chan_bindings.initiator_addrtype =
                        (OM_uint32)argp->input_chan_bindings.
                                        initiator_addrtype;
                input_chan_bindings.initiator_address.length =
                        (uint_t)argp->input_chan_bindings.initiator_address.
                                        GSS_BUFFER_T_len;
                input_chan_bindings.initiator_address.value =
                        (void *)argp->input_chan_bindings.initiator_address.
                                        GSS_BUFFER_T_val;
                input_chan_bindings.acceptor_addrtype =
                        (OM_uint32)argp->input_chan_bindings.
                                        acceptor_addrtype;
                input_chan_bindings.acceptor_address.length =
                        (uint_t)argp->input_chan_bindings.acceptor_address.
                                        GSS_BUFFER_T_len;
                input_chan_bindings.acceptor_address.value =
                        (void *)argp->input_chan_bindings.acceptor_address.
                                        GSS_BUFFER_T_val;
                input_chan_bindings.application_data.length =
                        (uint_t)argp->input_chan_bindings.application_data.
                                        GSS_BUFFER_T_len;
                input_chan_bindings.application_data.value =
                        (void *)argp->input_chan_bindings.application_data.
                                        GSS_BUFFER_T_val;
        } else {
                input_chan_bindings_ptr = GSS_C_NO_CHANNEL_BINDINGS;
                input_chan_bindings.initiator_addrtype = 0;
                input_chan_bindings.initiator_address.length = 0;
                input_chan_bindings.initiator_address.value = 0;
                input_chan_bindings.acceptor_addrtype = 0;
                input_chan_bindings.acceptor_address.length = 0;
                input_chan_bindings.acceptor_address.value = 0;
                input_chan_bindings.application_data.length = 0;
                input_chan_bindings.application_data.value = 0;
        }


        /* call the gssapi routine */

        res->status = (OM_uint32)gss_accept_sec_context(&res->minor_status,
                                                &context_handle,
                                                verifier_cred_handle,
                                                input_token_buffer_ptr,
                                                input_chan_bindings_ptr,
                                                &internal_name,
                                                &mech_type,
                                                &output_token,
                                                &res->ret_flags,
                                                &res->time_rec,
                                                &delegated_cred_handle);

        /* convert the src name from internal to external format */

        if (res->status == (OM_uint32)GSS_S_COMPLETE ||
                res->status == (OM_uint32)GSS_S_CONTINUE_NEEDED) {

                /*
                 * upon GSS_S_CONTINUE_NEEDED only the following
                 * parameters are ready: minor, ctxt, and output token
                 */
                res->context_handle.GSS_CTX_ID_T_len = sizeof (gss_ctx_id_t);
                res->context_handle.GSS_CTX_ID_T_val =
                        (void *)malloc(sizeof (gss_ctx_id_t));
                if (!res->context_handle.GSS_CTX_ID_T_val) {
                        res->status = (OM_uint32)GSS_S_FAILURE;
                        res->minor_status = 0;
                        return (TRUE);
                }

                if (slot == NULL || slot->ctx != context_handle) {
                        /*
                         * Note that gssd_alloc_slot() will delete ctx's as long
                         * as we don't call gssd_rel_slot().
                         */
                        slot = gssd_alloc_slot(context_handle);
                }

                memcpy(res->context_handle.GSS_CTX_ID_T_val, &slot->rpcctx,
                        sizeof (gss_ctx_id_t));
                res->gssd_context_verifier = slot->verf;

                res->output_token.GSS_BUFFER_T_len =
                                (uint_t)output_token.length;
                res->output_token.GSS_BUFFER_T_val =
                                (char *)output_token.value;

                if (res->status == GSS_S_COMPLETE) {
                        if (gss_export_name(&minor_status, internal_name,
                                        &external_name)
                                != GSS_S_COMPLETE) {

                                res->status = (OM_uint32)GSS_S_FAILURE;
                                res->minor_status = minor_status;
                                gss_release_name(&minor_status, &internal_name);
                                gss_delete_sec_context(&minor_status,
                                                &context_handle, NULL);
                                free(res->context_handle.GSS_CTX_ID_T_val);
                                res->context_handle.GSS_CTX_ID_T_val = NULL;
                                res->context_handle.GSS_CTX_ID_T_len = 0;
                                gss_release_buffer(&minor_status,
                                                &output_token);
                                res->output_token.GSS_BUFFER_T_len = 0;
                                res->output_token.GSS_BUFFER_T_val = NULL;
                                return (TRUE);
                        }
                        res->src_name.GSS_BUFFER_T_len =
                                (uint_t)external_name.length;
                        res->src_name.GSS_BUFFER_T_val =
                                (void *)external_name.value;

                        res->delegated_cred_handle.GSS_CRED_ID_T_len =
                                sizeof (gss_cred_id_t);
                        res->delegated_cred_handle.GSS_CRED_ID_T_val =
                                (void *)malloc(sizeof (gss_cred_id_t));
                        if (!res->delegated_cred_handle.GSS_CRED_ID_T_val) {
                                free(res->context_handle.GSS_CTX_ID_T_val);
                                gss_release_name(&minor_status, &internal_name);
                                gss_delete_sec_context(&minor_status,
                                                &context_handle, NULL);
                                gss_release_buffer(&minor_status,
                                                &external_name);
                                res->status = (OM_uint32)GSS_S_FAILURE;
                                res->minor_status = 0;
                                return (TRUE);
                        }
                        memcpy(res->delegated_cred_handle.GSS_CRED_ID_T_val,
                                &delegated_cred_handle,
                                sizeof (gss_cred_id_t));

                        res->mech_type.GSS_OID_len = (uint_t)mech_type->length;
                        res->mech_type.GSS_OID_val =
                                (void *)malloc(mech_type->length);
                        if (!res->mech_type.GSS_OID_val) {
                            free(res->context_handle.GSS_CTX_ID_T_val);
                            free(res->delegated_cred_handle.GSS_CRED_ID_T_val);
                            gss_release_name(&minor_status, &internal_name);
                            gss_delete_sec_context(&minor_status,
                                                &context_handle, NULL);
                            gss_release_buffer(&minor_status, &external_name);
                            res->status = (OM_uint32)GSS_S_FAILURE;
                            res->minor_status = 0;
                            return (TRUE);
                        }
                        memcpy(res->mech_type.GSS_OID_val, mech_type->elements,
                                mech_type->length);

                        /* release the space allocated for internal_name */
                        gss_release_name(&minor_status, &internal_name);

                } else {    /* GSS_S_CONTINUE_NEEDED */
                        res->src_name.GSS_BUFFER_T_len = 0;
                        res->delegated_cred_handle.GSS_CRED_ID_T_len = 0;
                        res->mech_type.GSS_OID_len = 0;
                }
        } else {
                syslog_gss_error(res->status, res->minor_status,
                            "accept_sec_context");

                if (context_handle != GSS_C_NO_CONTEXT) {
                        (void) gss_delete_sec_context(&minor_status,
                                &context_handle, NULL);
                }
                res->src_name.GSS_BUFFER_T_len = 0;
                res->context_handle.GSS_CTX_ID_T_len = 0;
                res->delegated_cred_handle.GSS_CRED_ID_T_len = 0;
                res->output_token.GSS_BUFFER_T_len =
                        (uint_t)output_token.length;
                res->output_token.GSS_BUFFER_T_val =
                        (char *)output_token.value;

                res->mech_type.GSS_OID_len = 0;
        }

/* return to caller */

        return (TRUE);
}

bool_t
gss_process_context_token_1_svc(argp, res, rqstp)
gss_process_context_token_arg *argp;
gss_process_context_token_res *res;
struct svc_req *rqstp;
{

        uid_t uid;
        gss_buffer_desc token_buffer;
        gss_ctx_id_t context_handle;
        bool_t context_verf_ok;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_process_context_token\n"));

        if (checkfrom(rqstp, &uid) == 0)
                return (FALSE);

        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, NULL);

        /* verify the context_handle */

        if (!context_verf_ok) {
                res->status = (OM_uint32) GSS_S_NO_CONTEXT;
                res->minor_status = 0;
                return (TRUE);
        }

        /* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

        /*
         * copy the XDR structured arguments into their corresponding local
         * GSSAPI variable equivalents.
         */

        token_buffer.length = (size_t)argp->token_buffer.GSS_BUFFER_T_len;
        token_buffer.value = (void *)argp->token_buffer.GSS_BUFFER_T_val;


        /* call the gssapi routine */

        res->status = (OM_uint32)gss_process_context_token(&res->minor_status,
                                context_handle,
                                &token_buffer);

        if (GSS_ERROR(res->status))
                syslog_gss_error(res->status, res->minor_status,
                            "process_context_token");

        /* return to caller */

        return (TRUE);
}

bool_t
gss_delete_sec_context_1_svc(argp, res, rqstp)
gss_delete_sec_context_arg *argp;
gss_delete_sec_context_res *res;
struct svc_req *rqstp;
{
        uid_t uid;
        gss_ctx_id_t  context_handle;
        gss_buffer_desc output_token;
        bool_t context_verf_ok;
        struct gssd_ctx_slot *slot = NULL;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_delete_sec_context\n"));


        /*
         * copy the supplied context handle into the local context handle, so it
         * can be supplied to the gss_delete_sec_context call
         */
        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, &slot);

        /* verify the context_handle */
        if (!context_verf_ok) {
                res->context_handle.GSS_CTX_ID_T_val = NULL;
                res->context_handle.GSS_CTX_ID_T_len = 0;
                res->output_token.GSS_BUFFER_T_val = NULL;
                res->output_token.GSS_BUFFER_T_len = 0;
                res->status = (OM_uint32)GSS_S_NO_CONTEXT;
                res->minor_status = 0;
                return (TRUE);
        }

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->context_handle.GSS_CTX_ID_T_val = NULL;
                res->output_token.GSS_BUFFER_T_val = NULL;
                return (FALSE);
        }

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_delete_sec_context(&res->minor_status,
                                                &context_handle,
                                                &output_token);

        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result. If the delete succeeded, return a zero
         * context handle.
         */

        if (res->status == GSS_S_COMPLETE) {
                if (context_handle != GSS_C_NO_CONTEXT)
                        return (GSS_S_FAILURE);
                res->context_handle.GSS_CTX_ID_T_len = 0;
                res->context_handle.GSS_CTX_ID_T_val = NULL;
                res->output_token.GSS_BUFFER_T_len =
                        (uint_t)output_token.length;
                res->output_token.GSS_BUFFER_T_val =
                        (char *)output_token.value;

                if (slot != NULL) {
                        /*
                         * gss_delete_sec_context deletes the context if it
                         * succeeds so clear slot->ctx to avoid a dangling
                         * reference.
                         */
                        slot->ctx = GSS_C_NO_CONTEXT;
                        gssd_rel_slot(slot);
                }
        } else {
                res->context_handle.GSS_CTX_ID_T_len = sizeof (gss_ctx_id_t);
                res->context_handle.GSS_CTX_ID_T_val =
                        (void *)malloc(sizeof (gss_ctx_id_t));
                if (!res->context_handle.GSS_CTX_ID_T_val) {
                        return (GSS_S_FAILURE);
                }

                if (slot == NULL || slot->ctx != context_handle) {
                        /*
                         * Note that gssd_alloc_slot() will delete ctx's as long
                         * as we don't call gssd_rel_slot().
                         */
                        slot = gssd_alloc_slot(context_handle);
                        /*
                         * Note that no verifier is returned in the .x
                         * protocol. So if the context changes, we won't
                         * be able to release it now. So it will have to
                         * be LRUed out.
                         */
                }

                memcpy(res->context_handle.GSS_CTX_ID_T_val, &slot->rpcctx,
                        sizeof (gss_ctx_id_t));

                res->output_token.GSS_BUFFER_T_len = 0;
                res->output_token.GSS_BUFFER_T_val = NULL;
        }

        /* return to caller */


        return (TRUE);
}


bool_t
gss_export_sec_context_1_svc(argp, res, rqstp)
        gss_export_sec_context_arg *argp;
        gss_export_sec_context_res *res;
        struct svc_req *rqstp;
{

        uid_t           uid;
        gss_ctx_id_t    context_handle;
        gss_buffer_desc output_token;
        bool_t          context_verf_ok;
        struct gssd_ctx_slot *slot = NULL;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, "gss_export_sec_context\n");

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->context_handle.GSS_CTX_ID_T_val = NULL;
                res->output_token.GSS_BUFFER_T_val = NULL;
                return (FALSE);
        }

/*
 * copy the supplied context handle into the local context handle, so it
 * can be supplied to the gss_export_sec_context call
 */

        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, &slot);

        /* verify the context_handle */

        if (!context_verf_ok) {
                res->status = (OM_uint32)GSS_S_NO_CONTEXT;
                /* the rest of "res" was cleared by a previous memset() */
                return (TRUE);
        }

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_export_sec_context(&res->minor_status,
                                        &context_handle,
                                        &output_token);

/*
 * convert the output args from the parameter given in the call to the
 * variable in the XDR result. If the delete succeeded, return a zero context
 * handle.
 */
        if (res->status == GSS_S_COMPLETE) {
                if (context_handle != GSS_C_NO_CONTEXT)
                        return (GSS_S_FAILURE);
                res->context_handle.GSS_CTX_ID_T_len = 0;
                res->context_handle.GSS_CTX_ID_T_val = NULL;
                res->output_token.GSS_BUFFER_T_len =
                                                (uint_t)output_token.length;
                res->output_token.GSS_BUFFER_T_val =
                                                (char *)output_token.value;

                if (slot != NULL) {
                        /*
                         * gss_export_sec_context deletes the context if it
                         * succeeds so set slot->ctx to avoid a dangling
                         * reference.
                         */
                        slot->ctx = GSS_C_NO_CONTEXT;
                        gssd_rel_slot(slot);
                }
        } else {
                res->context_handle.GSS_CTX_ID_T_len = sizeof (gss_ctx_id_t);
                res->context_handle.GSS_CTX_ID_T_val =
                                        (void *)malloc(sizeof (gss_ctx_id_t));

                if (slot == NULL || slot->ctx != context_handle) {
                        /*
                         * Note that gssd_alloc_slot() will delete ctx's as long
                         * as we don't call gssd_rel_slot().
                         */
                        slot = gssd_alloc_slot(context_handle);
                        /*
                         * Note that no verifier is returned in the .x
                         * protocol. So if the context changes, we won't
                         * be able to release it now. So it will have to
                         * be LRUed out.
                         */
                }

                memcpy(res->context_handle.GSS_CTX_ID_T_val, &slot->rpcctx,
                        sizeof (gss_ctx_id_t));
                res->output_token.GSS_BUFFER_T_len = 0;
                res->output_token.GSS_BUFFER_T_val = NULL;
        }


        /* return to caller */

        return (TRUE);
}

/*
 * This routine doesn't appear to ever be called.
 */
bool_t
gss_import_sec_context_1_svc(argp, res, rqstp)
        gss_import_sec_context_arg *argp;
        gss_import_sec_context_res *res;
        struct svc_req *rqstp;
{

        uid_t           uid;
        gss_ctx_id_t    context_handle;
        gss_buffer_desc input_token;
        gss_buffer_t input_token_ptr;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, "gss_export_sec_context\n");

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->context_handle.GSS_CTX_ID_T_val = NULL;
                return (FALSE);
        }


        if (argp->input_token.GSS_BUFFER_T_len == 0) {
                input_token_ptr = GSS_C_NO_BUFFER;
        } else {
                input_token_ptr = &input_token;
                input_token.length = (size_t)
                                argp->input_token.GSS_BUFFER_T_len;
                input_token.value = (void *) argp->input_token.GSS_BUFFER_T_val;
        }


/* call the gssapi routine */

        res->status = (OM_uint32) gss_import_sec_context(&res->minor_status,
                                        input_token_ptr,
                                        &context_handle);

/*
 * convert the output args from the parameter given in the call to the
 * variable in the XDR result. If the delete succeeded, return a zero context
 * handle.
 */
        if (res->status == GSS_S_COMPLETE) {
                res->context_handle.GSS_CTX_ID_T_len = sizeof (gss_ctx_id_t);
                res->context_handle.GSS_CTX_ID_T_val =
                                        (void *) malloc(sizeof (gss_ctx_id_t));
                memcpy(res->context_handle.GSS_CTX_ID_T_val, &context_handle,
                        sizeof (gss_ctx_id_t));
        } else {
                res->context_handle.GSS_CTX_ID_T_len = 0;
                res->context_handle.GSS_CTX_ID_T_val = NULL;
        }


        /* return to caller */

        return (TRUE);
}

bool_t
gss_context_time_1_svc(argp, res, rqstp)
gss_context_time_arg *argp;
gss_context_time_res *res;
struct svc_req *rqstp;
{
        uid_t uid;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_context_time\n"));

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0)
                return (FALSE);

        /* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

        /* Semantics go here */

        return (TRUE);
}

bool_t
gss_sign_1_svc(argp, res, rqstp)
gss_sign_arg *argp;
gss_sign_res *res;
struct svc_req *rqstp;
{

        uid_t uid;

        gss_buffer_desc message_buffer;
        gss_buffer_desc msg_token;
        gss_ctx_id_t    context_handle;
        bool_t context_verf_ok;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_sign\n"));

        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, NULL);

        /* verify the context_handle */
        if (!context_verf_ok) {
                res->msg_token.GSS_BUFFER_T_val = NULL;
                res->msg_token.GSS_BUFFER_T_len = 0;
                res->status = (OM_uint32) GSS_S_NO_CONTEXT;
                res->minor_status = 0;
                return (TRUE);
        }


        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->msg_token.GSS_BUFFER_T_val = NULL;
                return (FALSE);
        }

        /*
         * copy the XDR structured arguments into their corresponding local
         * GSSAPI variable equivalents.
         */

        message_buffer.length = (size_t)argp->message_buffer.GSS_BUFFER_T_len;
        message_buffer.value = (void *)argp->message_buffer.GSS_BUFFER_T_val;

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_sign(&res->minor_status,
                                        context_handle,
                                        argp->qop_req,
                                        (gss_buffer_t)&message_buffer,
                                        (gss_buffer_t)&msg_token);
        /*
         * convert the output args from the parameter given in the call to
         * the variable in the XDR result
         */

        if (res->status == GSS_S_COMPLETE) {
                res->msg_token.GSS_BUFFER_T_len = (uint_t)msg_token.length;
                res->msg_token.GSS_BUFFER_T_val = (char *)msg_token.value;
        } else
                syslog_gss_error(res->status, res->minor_status, "sign");

        /* return to caller */

        return (TRUE);
}

bool_t
gss_verify_1_svc(argp, res, rqstp)
gss_verify_arg *argp;
gss_verify_res *res;
struct svc_req *rqstp;
{

        uid_t uid;

        gss_buffer_desc message_buffer;
        gss_buffer_desc token_buffer;
        gss_ctx_id_t context_handle;
        bool_t context_verf_ok;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_verify\n"));

        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, NULL);

        /* verify the context_handle */
        if (!context_verf_ok) {
                res->status = (OM_uint32) GSS_S_NO_CONTEXT;
                res->minor_status = 0;
                return (TRUE);
        }

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0)
                return (FALSE);

        /*
         * copy the XDR structured arguments into their corresponding local
         * GSSAPI variable equivalents.
         */

        message_buffer.length = (size_t)argp->message_buffer.GSS_BUFFER_T_len;
        message_buffer.value = (void *)argp->message_buffer.GSS_BUFFER_T_val;

        token_buffer.length = (size_t)argp->token_buffer.GSS_BUFFER_T_len;
        token_buffer.value = (void *)argp->token_buffer.GSS_BUFFER_T_val;

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_verify(&res->minor_status,
                                context_handle,
                                &message_buffer,
                                &token_buffer,
                                &res->qop_state);

        if (GSS_ERROR(res->status))
                syslog_gss_error(res->status, res->minor_status, "verify");

        /* return to caller */
        return (TRUE);
}

bool_t
gss_seal_1_svc(argp, res, rqstp)
gss_seal_arg *argp;
gss_seal_res *res;
struct svc_req *rqstp;
{
        uid_t uid;

        gss_buffer_desc input_message_buffer;
        gss_buffer_desc output_message_buffer;
        gss_ctx_id_t context_handle;
        bool_t context_verf_ok;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_seal\n"));

        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, NULL);

        /* verify the context_handle */

        if (!context_verf_ok) {
                res->output_message_buffer.GSS_BUFFER_T_val = NULL;
                res->output_message_buffer.GSS_BUFFER_T_len = 0;
                res->status = (OM_uint32) GSS_S_NO_CONTEXT;
                res->minor_status = 0;
                return (TRUE);
        }

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->output_message_buffer.GSS_BUFFER_T_val = NULL;
                return (FALSE);

        }


        /*
         * copy the XDR structured arguments into their corresponding local
         * GSSAPI variable equivalents.
         */

        input_message_buffer.length = (size_t)argp->input_message_buffer.
                                        GSS_BUFFER_T_len;
        input_message_buffer.value = (void *)argp->input_message_buffer.
                                        GSS_BUFFER_T_val;


        /* call the gssapi routine */

        res->status = (OM_uint32)gss_seal(&res->minor_status,
                                context_handle,
                                argp->conf_req_flag,
                                argp->qop_req,
                                &input_message_buffer,
                                &res->conf_state,
                                &output_message_buffer);
        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result
         */

        if (res->status == GSS_S_COMPLETE) {
                res->output_message_buffer.GSS_BUFFER_T_len =
                                (uint_t)output_message_buffer.length;
                res->output_message_buffer.GSS_BUFFER_T_val =
                                (char *)output_message_buffer.value;
        } else
                syslog_gss_error(res->status, res->minor_status, "seal");

/* return to caller */

        return (TRUE);
}

bool_t
gss_unseal_1_svc(argp, res, rqstp)
gss_unseal_arg *argp;
gss_unseal_res *res;
struct svc_req *rqstp;
{

        uid_t uid;

        gss_buffer_desc input_message_buffer;
        gss_buffer_desc output_message_buffer;
        gss_ctx_id_t context_handle;
        bool_t context_verf_ok;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_unseal\n"));

        /* verify the context_handle */
        gssd_convert_context_handle(&argp->context_handle, &context_handle,
                argp->gssd_context_verifier, &context_verf_ok, NULL);

        /* verify the context_handle */
        if (!context_verf_ok) {
                res->output_message_buffer.GSS_BUFFER_T_val = NULL;
                res->output_message_buffer.GSS_BUFFER_T_len = 0;
                res->status = (OM_uint32)GSS_S_NO_CONTEXT;
                res->minor_status = 0;
                return (TRUE);
        }

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->output_message_buffer.GSS_BUFFER_T_val = NULL;
                return (FALSE);
        }


        /*
         * copy the XDR structured arguments into their corresponding local
         * GSSAPI variable equivalents.
         */

        input_message_buffer.length = (size_t)argp->input_message_buffer.
                                        GSS_BUFFER_T_len;
        input_message_buffer.value = (void *)argp->input_message_buffer.
                                        GSS_BUFFER_T_val;

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_unseal(&res->minor_status,
                                context_handle,
                                &input_message_buffer,
                                &output_message_buffer,
                                &res->conf_state,
                                &res->qop_state);

        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result
         */

        if (res->status == GSS_S_COMPLETE) {
                res->output_message_buffer.GSS_BUFFER_T_len =
                                (uint_t)output_message_buffer.length;
                res->output_message_buffer.GSS_BUFFER_T_val =
                                (char *)output_message_buffer.value;
        } else
                syslog_gss_error(res->status, res->minor_status, "unseal");


        /* return to caller */

        return (TRUE);
}

bool_t
gss_display_status_1_svc(argp, res, rqstp)
gss_display_status_arg *argp;
gss_display_status_res *res;
struct svc_req *rqstp;
{
        uid_t uid;
        gss_OID mech_type;
        gss_OID_desc mech_type_desc;
        gss_buffer_desc status_string;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_display_status\n"));

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->status_string.GSS_BUFFER_T_val = NULL;
                return (FALSE);
        }

        /* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

        /*
         * copy the XDR structured arguments into their corresponding local
         * GSSAPI variables.
         */

        if (argp->mech_type.GSS_OID_len == 0)
                mech_type = GSS_C_NULL_OID;
        else {
                mech_type = &mech_type_desc;
                mech_type_desc.length = (OM_uint32) argp->mech_type.GSS_OID_len;
                mech_type_desc.elements = (void *) argp->mech_type.GSS_OID_val;
        }


        /* call the gssapi routine */

        res->status = (OM_uint32) gss_display_status(&res->minor_status,
                                        argp->status_value,
                                        argp->status_type,
                                        mech_type,
                                        (OM_uint32 *)&res->message_context,
                                        &status_string);

        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result
         */

        if (res->status == GSS_S_COMPLETE) {
                res->status_string.GSS_BUFFER_T_len =
                        (uint_t)status_string.length;
                res->status_string.GSS_BUFFER_T_val =
                        (char *)status_string.value;
        }

        return (TRUE);

}

/*ARGSUSED*/
bool_t
gss_indicate_mechs_1_svc(argp, res, rqstp)
        void *argp;
        gss_indicate_mechs_res *res;
        struct svc_req *rqstp;
{
        gss_OID_set oid_set;
        uid_t uid;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_indicate_mechs\n"));

        res->mech_set.GSS_OID_SET_val = NULL;

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                return (FALSE);
        }

        res->status = gss_indicate_mechs(&res->minor_status, &oid_set);

        if (res->status == GSS_S_COMPLETE) {
                int i, j;

                res->mech_set.GSS_OID_SET_len = oid_set->count;
                res->mech_set.GSS_OID_SET_val = (void *)
                                malloc(oid_set->count * sizeof (GSS_OID));
                if (!res->mech_set.GSS_OID_SET_val) {
                        return (GSS_S_FAILURE);
                }
                for (i = 0; i < oid_set->count; i++) {
                        res->mech_set.GSS_OID_SET_val[i].GSS_OID_len =
                                oid_set->elements[i].length;
                        res->mech_set.GSS_OID_SET_val[i].GSS_OID_val =
                                (char *)malloc(oid_set->elements[i].length);
                        if (!res->mech_set.GSS_OID_SET_val[i].GSS_OID_val) {
                                for (j = 0; j < (i -1); j++) {
                                free
                                (res->mech_set.GSS_OID_SET_val[i].GSS_OID_val);
                                }
                                free(res->mech_set.GSS_OID_SET_val);
                                return (GSS_S_FAILURE);
                        }
                        memcpy(res->mech_set.GSS_OID_SET_val[i].GSS_OID_val,
                                oid_set->elements[i].elements,
                                oid_set->elements[i].length);
                }
        }

        return (TRUE);
}

bool_t
gss_inquire_cred_1_svc(argp, res, rqstp)
gss_inquire_cred_arg *argp;
gss_inquire_cred_res *res;
struct svc_req *rqstp;
{

        uid_t uid;

        OM_uint32 minor_status;
        gss_cred_id_t cred_handle;
        gss_buffer_desc external_name;
        gss_OID name_type;
        gss_name_t internal_name;
        gss_OID_set mechanisms;
        int i, j;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_inquire_cred\n"));

        /* verify the verifier_cred_handle */

        if (argp->gssd_cred_verifier != gssd_time_verf) {
                res->name.GSS_BUFFER_T_val = NULL;
                res->name_type.GSS_OID_val = NULL;
                res->mechanisms.GSS_OID_SET_val = NULL;
                res->status = (OM_uint32) GSS_S_DEFECTIVE_CREDENTIAL;
                res->minor_status = 0;
                return (TRUE);
        }

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                res->name.GSS_BUFFER_T_val = NULL;
                res->name_type.GSS_OID_val = NULL;
                res->mechanisms.GSS_OID_SET_val = NULL;
                return (FALSE);
        }

        /* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

        cred_handle = (argp->cred_handle.GSS_CRED_ID_T_len == 0 ?
                        GSS_C_NO_CREDENTIAL :
                        /*LINTED*/
                        *((gss_cred_id_t *)argp->cred_handle.
                                GSS_CRED_ID_T_val));

        /* call the gssapi routine */

        res->status = (OM_uint32)gss_inquire_cred(&res->minor_status,
                                        cred_handle,
                                        &internal_name,
                                        &res->lifetime,
                                        &res->cred_usage,
                                        &mechanisms);

        if (res->status != GSS_S_COMPLETE) {
                syslog_gss_error(res->status, res->minor_status,
                                "inquire_cred");
                return (TRUE);
        }

        /* convert the returned name from internal to external format */

        if (gss_display_name(&minor_status, internal_name,
                                &external_name, &name_type)
                        != GSS_S_COMPLETE) {

                res->status = (OM_uint32)GSS_S_FAILURE;
                res->minor_status = minor_status;

                gss_release_name(&minor_status, &internal_name);

                if (mechanisms != GSS_C_NULL_OID_SET) {
                        for (i = 0; i < mechanisms->count; i++)
                                free(mechanisms->elements[i].elements);
                        free(mechanisms->elements);
                        free(mechanisms);
                }

                return (TRUE);
        }

        /*
         * convert the output args from the parameter given in the call to the
         * variable in the XDR result
         */


        res->name.GSS_BUFFER_T_len = (uint_t)external_name.length;
        res->name.GSS_BUFFER_T_val = (void *)external_name.value;

        /*
         * we have to allocate storage for name_type here, since the value
         * returned from gss_display_name points to the underlying mechanism
         * static storage. If we didn't allocate storage, the next time
         * through this routine, the xdr_free() call at the beginning would
         * try to free up that static storage.
         */

        res->name_type.GSS_OID_len = (uint_t)name_type->length;
        res->name_type.GSS_OID_val = (void *)malloc(name_type->length);
        if (!res->name_type.GSS_OID_val) {
                return (GSS_S_FAILURE);
        }
        memcpy(res->name_type.GSS_OID_val, name_type->elements,
                name_type->length);

        if (mechanisms != GSS_C_NULL_OID_SET) {
                res->mechanisms.GSS_OID_SET_len =
                        (uint_t)mechanisms->count;
                res->mechanisms.GSS_OID_SET_val = (GSS_OID *)
                                malloc(sizeof (GSS_OID) * mechanisms->count);
                if (!res->mechanisms.GSS_OID_SET_val) {
                        free(res->name_type.GSS_OID_val);
                        return (GSS_S_FAILURE);
                }
                for (i = 0; i < mechanisms->count; i++) {
                        res->mechanisms.GSS_OID_SET_val[i].GSS_OID_len =
                                (uint_t)mechanisms->elements[i].length;
                        res->mechanisms.GSS_OID_SET_val[i].GSS_OID_val =
                                (char *)malloc(mechanisms->elements[i].
                                                length);
                        if (!res->mechanisms.GSS_OID_SET_val[i].GSS_OID_val) {
                                free(res->name_type.GSS_OID_val);
                                for (j = 0; j < i; j++) {
                                free(res->mechanisms.
                                        GSS_OID_SET_val[i].GSS_OID_val);
                                }
                                free(res->mechanisms.GSS_OID_SET_val);
                                return (GSS_S_FAILURE);
                        }
                        memcpy(res->mechanisms.GSS_OID_SET_val[i].GSS_OID_val,
                                mechanisms->elements[i].elements,
                                mechanisms->elements[i].length);
                }
        } else
                res->mechanisms.GSS_OID_SET_len = 0;

        /* release the space allocated for internal_name and mechanisms */
        gss_release_name(&minor_status, &internal_name);

        if (mechanisms != GSS_C_NULL_OID_SET) {
                for (i = 0; i < mechanisms->count; i++)
                        free(mechanisms->elements[i].elements);
                free(mechanisms->elements);
                free(mechanisms);
        }

        /* return to caller */
        return (TRUE);
}


bool_t
gss_inquire_cred_by_mech_1_svc(argp, res, rqstp)
gss_inquire_cred_by_mech_arg *argp;
gss_inquire_cred_by_mech_res *res;
struct svc_req *rqstp;
{

        uid_t uid;

        gss_cred_id_t cred_handle;
        gss_OID_desc            mech_type_desc;
        gss_OID                 mech_type = &mech_type_desc;

        memset(res, 0, sizeof (*res));

        if (gssd_debug)
                fprintf(stderr, gettext("gss_inquire_cred\n"));

        /* verify the verifier_cred_handle */

        if (argp->gssd_cred_verifier != gssd_time_verf) {
                res->status = (OM_uint32) GSS_S_DEFECTIVE_CREDENTIAL;
                res->minor_status = 0;
                return (TRUE);
        }

        /*
         * if the request isn't from root, null out the result pointer
         * entries, so the next time through xdr_free won't try to
         * free unmalloc'd memory and then return NULL
         */

        if (checkfrom(rqstp, &uid) == 0) {
                return (FALSE);
        }

        /* set the uid sent as the RPC argument */

        uid = argp->uid;
        set_gssd_uid(uid);

        cred_handle = (argp->cred_handle.GSS_CRED_ID_T_len == 0 ?
                        GSS_C_NO_CREDENTIAL :
                        /*LINTED*/
                        *((gss_cred_id_t *)argp->cred_handle.
                                GSS_CRED_ID_T_val));

        /* call the gssapi routine */

        if (argp->mech_type.GSS_OID_len == 0)
                mech_type = GSS_C_NULL_OID;
        else {
                mech_type->length =
                        (OM_uint32)argp->mech_type.GSS_OID_len;
                mech_type->elements =
                        (void *)malloc(mech_type->length);
                if (!mech_type->elements) {
                        return (GSS_S_FAILURE);
                }
                memcpy(mech_type->elements,
                        argp->mech_type.GSS_OID_val,
                        mech_type->length);
        }
        res->status = (OM_uint32)gss_inquire_cred_by_mech(
                                        &res->minor_status, cred_handle,
                                        mech_type, NULL, NULL,
                                        NULL, NULL);

        /* return to caller */
        return (TRUE);
}


bool_t
gsscred_name_to_unix_cred_1_svc(argsp, res, rqstp)
gsscred_name_to_unix_cred_arg *argsp;
gsscred_name_to_unix_cred_res *res;
struct svc_req *rqstp;
{
        uid_t uid;
        gss_OID_desc oid;
        gss_name_t gssName;
        gss_buffer_desc gssBuf = GSS_C_EMPTY_BUFFER;
        OM_uint32 minor;
        int gidsLen;
        gid_t *gids, gidOut;

        if (gssd_debug)
                fprintf(stderr, gettext("gsscred_name_to_unix_cred\n"));

        memset(res, 0, sizeof (*res));

        /*
         * check the request originator
         */
        if (checkfrom(rqstp, &uid) == 0)
                return (FALSE);

        /* set the uid from the rpc request */
        uid = argsp->uid;
        set_gssd_uid(uid);

        /*
         * convert the principal name to gss internal format
         * need not malloc the input parameters
         */
        gssBuf.length = argsp->pname.GSS_BUFFER_T_len;
        gssBuf.value = (void*)argsp->pname.GSS_BUFFER_T_val;
        oid.length = argsp->name_type.GSS_OID_len;
        oid.elements = (void*)argsp->name_type.GSS_OID_val;

        res->major = gss_import_name(&minor, &gssBuf, &oid, &gssName);
        if (res->major != GSS_S_COMPLETE)
                return (TRUE);

        /* retrieve the mechanism type from the arguments */
        oid.length = argsp->mech_type.GSS_OID_len;
        oid.elements = (void*)argsp->mech_type.GSS_OID_val;

        /* call the gss extensions to map the principal name to unix creds */
        res->major = gsscred_name_to_unix_cred(gssName, &oid, &uid, &gidOut,
                                        &gids, &gidsLen);
        gss_release_name(&minor, &gssName);

        if (res->major == GSS_S_COMPLETE) {
                res->uid = uid;
                res->gid = gidOut;
                res->gids.GSSCRED_GIDS_val = gids;
                res->gids.GSSCRED_GIDS_len = gidsLen;
        }

        return (TRUE);
} /* gsscred_name_to_unix_cred_svc_1 */

bool_t
gsscred_expname_to_unix_cred_1_svc(argsp, res, rqstp)
gsscred_expname_to_unix_cred_arg *argsp;
gsscred_expname_to_unix_cred_res *res;
struct svc_req *rqstp;
{
        uid_t uid;
        gss_buffer_desc expName = GSS_C_EMPTY_BUFFER;
        int gidsLen;
        gid_t *gids, gidOut;

        if (gssd_debug)
                fprintf(stderr, gettext("gsscred_expname_to_unix_cred\n"));

        memset(res, 0, sizeof (*res));

        /*
         * check the request originator
         */
        if (checkfrom(rqstp, &uid) == 0)
                return (FALSE);

        /* set the uid from the rpc request */
        uid = argsp->uid;
        set_gssd_uid(uid);

        /*
         * extract the export name from arguments
         * need not malloc the input parameters
         */
        expName.length = argsp->expname.GSS_BUFFER_T_len;
        expName.value = (void*)argsp->expname.GSS_BUFFER_T_val;

        res->major = gsscred_expname_to_unix_cred(&expName, &uid,
                                        &gidOut, &gids, &gidsLen);

        if (res->major == GSS_S_COMPLETE) {
                res->uid = uid;
                res->gid = gidOut;
                res->gids.GSSCRED_GIDS_val = gids;
                res->gids.GSSCRED_GIDS_len = gidsLen;
        }

        return (TRUE);
} /* gsscred_expname_to_unix_cred_1_svc */

bool_t
gss_get_group_info_1_svc(argsp, res, rqstp)
gss_get_group_info_arg *argsp;
gss_get_group_info_res *res;
struct svc_req *rqstp;
{
        uid_t uid;
        int gidsLen;
        gid_t *gids, gidOut;

        if (gssd_debug)
                fprintf(stderr, gettext("gss_get_group_info\n"));

        memset(res, 0, sizeof (*res));

        /*
         * check the request originator
         */
        if (checkfrom(rqstp, &uid) == 0)
                return (FALSE);

        /* set the uid from the rpc request */
        uid = argsp->uid;
        set_gssd_uid(uid);

        /*
         * extract the uid from the arguments
         */
        uid = argsp->puid;
        res->major = gss_get_group_info(uid, &gidOut, &gids, &gidsLen);
        if (res->major == GSS_S_COMPLETE) {
                res->gid = gidOut;
                res->gids.GSSCRED_GIDS_val = gids;
                res->gids.GSSCRED_GIDS_len = gidsLen;
        }

        return (TRUE);
} /* gss_get_group_info_1_svc */

/*ARGSUSED*/
bool_t
gss_get_kmod_1_svc(argsp, res, rqstp)
        gss_get_kmod_arg *argsp;
        gss_get_kmod_res *res;
        struct svc_req *rqstp;
{
        gss_OID_desc oid;
        char *kmodName;

        if (gssd_debug)
                fprintf(stderr, gettext("gss_get_kmod\n"));

        res->module_follow = FALSE;
        oid.length = argsp->mech_oid.GSS_OID_len;
        oid.elements = (void *)argsp->mech_oid.GSS_OID_val;
        kmodName = __gss_get_kmodName(&oid);

        if (kmodName != NULL) {
                res->module_follow = TRUE;
                res->gss_get_kmod_res_u.modname = kmodName;
        }

        return (TRUE);
}

/*
 *  Returns 1 if caller is ok, else 0.
 *  If caller ok, the uid is returned in uidp.
 */
static int
checkfrom(rqstp, uidp)
struct svc_req *rqstp;
uid_t *uidp;
{
        SVCXPRT *xprt = rqstp->rq_xprt;
        struct authunix_parms *aup;
        uid_t uid;

        /* check client agent uid to ensure it is privileged */
        if (__rpc_get_local_uid(xprt, &uid) < 0) {
                syslog(LOG_ERR, gettext("__rpc_get_local_uid failed %s %s"),
                        xprt->xp_netid, xprt->xp_tp);
                goto weakauth;
        }
        if (gssd_debug)
                fprintf(stderr, gettext("checkfrom: local_uid  %d\n"), uid);
        if (uid != 0) {
                syslog(LOG_ERR,
                        gettext("checkfrom: caller (uid %d) not privileged"),
                        uid);
                goto weakauth;
        }

        /*
         *  Request came from local privileged process.
         *  Proceed to get uid of client if needed by caller.
         */
        if (uidp) {
                if (rqstp->rq_cred.oa_flavor != AUTH_SYS) {
                syslog(LOG_ERR, gettext("checkfrom: not UNIX credentials"));
                        goto weakauth;
                }
                CTASSERT(sizeof (struct authunix_parms) <= RQCRED_SIZE);
                /*LINTED*/
                aup = (struct authunix_parms *)rqstp->rq_clntcred;
                *uidp = aup->aup_uid;
                if (gssd_debug) {
                        fprintf(stderr,
                                gettext("checkfrom: caller's uid %d\n"), *uidp);
                }
        }
        return (1);

        weakauth:
        svcerr_weakauth(xprt);
        return (0);
}