bsd/nfs/nfs_gss.c

415 nfs_gss_clnt_cred_put(struct nfsreq *req, struct nfsm_chain *nmc, mbuf_t args)
555 			nfs_gss_append_chain(nmc, args);
572 	 * Now we may have to compute integrity or encrypt the call args
577 		nfs_gss_append_chain(nmc, args);
580 		len = nfs_gss_mchain_length(args);	// Find args length
581 		req->r_gss_arglen = len;		// Stash the args len
586 		req->r_gss_argoff = nfsm_chain_offset(nmc); // Offset to args
590 		nfs_gss_append_chain(nmc, args);	// Append the args mbufs
592 		/* Now compute a checksum over the seqnum + args */
611 		nfs_gss_append_chain(&nmc_tmp, args);		// Append the args mbufs
613 		len = nfs_gss_mchain_length(args);		// Find args length
633 		/* Now compute a checksum over the confounder + seqnum + args */
638 		nfsm_chain_add_32(error, nmc, toklen + len);	// token + args length
644 		nfs_gss_append_chain(nmc, nmc_tmp.nmc_mhead);	// Append the args mbufs
646 		/* Finally, encrypt the args */
897  * However, integrity or privacy both trailer mbufs to the args,
901  * The location and length of the args is marked by two fields
919 	nfsm_chain_adv(error, nmc, req->r_gss_argoff);		// advance to args
931 		 * of the args.
933 		nfsm_chain_adv(error, nmc, req->r_gss_arglen);	// adv to last args mbuf
942 		 * The args are encrypted along with prepended confounders and seqnum.
943 		 * First we decrypt, the confounder, seqnum and args then skip to the
944 		 * final mbuf of the args.
1298  * here might be to allow passing the service principal down in the mount args.
2108 			 * Here's what we expect in the integrity call args:
2110 			 * - length of seq num + call args (4 bytes)
2112 			 * - call args (variable bytes)
2114 			 * - checksum of seqnum + call args (37 bytes)
2116 			nfsm_chain_get_32(error, nmc, arglen);		// length of args
2122 			/* Compute the checksum over the call args */
2127 			 * Get the sequence number prepended to the args
2138 			 * Advance to the end of the args and
2143 			nfsm_chain_adv(error, &nmc_tmp, arglen);	// skip args
2163 			 * Here's what we expect in the privacy call args:
2165 			 * - length of confounder + seq num + token + call args
2169 			 * - call args (encrypted)
2171 			nfsm_chain_get_32(error, nmc, arglen);		// length of args
2177 			/* Get the token that prepends the encrypted args */
2187 			/* decrypt the 8 byte confounder + seqnum + args */
2202 			 * Get the sequence number prepended to the args
3133  * Append an args or results mbuf chain to the header chain