--- kgssapi/gss_accept_sec_context.c.sav 2012-09-26 08:56:45.000000000 -0400 +++ kgssapi/gss_accept_sec_context.c 2012-09-26 10:01:32.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -58,9 +60,16 @@ OM_uint32 gss_accept_sec_context(OM_uint gss_ctx_id_t ctx = *context_handle; gss_name_t name; gss_cred_id_t cred; + CLIENT *cl; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); if (ctx) args.ctx = ctx->handle; @@ -74,7 +83,8 @@ OM_uint32 gss_accept_sec_context(OM_uint args.input_chan_bindings = input_chan_bindings; bzero(&res, sizeof(res)); - stat = gssd_accept_sec_context_1(&args, &res, kgss_gssd_handle); + stat = gssd_accept_sec_context_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_acquire_cred.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_acquire_cred.c 2012-09-26 10:02:16.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -55,9 +57,16 @@ gss_acquire_cred(OM_uint32 *minor_status enum clnt_stat stat; gss_cred_id_t cred; int i; + CLIENT *cl; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); args.uid = curthread->td_ucred->cr_uid; if (desired_name) @@ -69,7 +78,8 @@ gss_acquire_cred(OM_uint32 *minor_status args.cred_usage = cred_usage; bzero(&res, sizeof(res)); - stat = gssd_acquire_cred_1(&args, &res, kgss_gssd_handle); + stat = gssd_acquire_cred_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_canonicalize_name.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_canonicalize_name.c 2012-09-26 10:02:39.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -48,15 +50,23 @@ gss_canonicalize_name(OM_uint32 *minor_s struct canonicalize_name_args args; enum clnt_stat stat; gss_name_t name; + CLIENT *cl; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); args.input_name = input_name->handle; args.mech_type = mech_type; bzero(&res, sizeof(res)); - stat = gssd_canonicalize_name_1(&args, &res, kgss_gssd_handle); + stat = gssd_canonicalize_name_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_delete_sec_context.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_delete_sec_context.c 2012-09-26 10:03:01.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -46,6 +48,7 @@ gss_delete_sec_context(OM_uint32 *minor_ struct delete_sec_context_args args; enum clnt_stat stat; gss_ctx_id_t ctx; + CLIENT *cl; if (!kgss_gssd_handle) return (GSS_S_FAILURE); @@ -60,9 +63,18 @@ gss_delete_sec_context(OM_uint32 *minor_ */ if (ctx->handle) { args.ctx = ctx->handle; + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); + return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); bzero(&res, sizeof(res)); - stat = gssd_delete_sec_context_1(&args, &res, kgss_gssd_handle); + stat = gssd_delete_sec_context_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_display_status.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_display_status.c 2012-09-26 10:03:25.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -49,9 +51,16 @@ gss_display_status(OM_uint32 *minor_stat struct display_status_res res; struct display_status_args args; enum clnt_stat stat; + CLIENT *cl; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); args.status_value = status_value; args.status_type = status_type; @@ -59,7 +68,8 @@ gss_display_status(OM_uint32 *minor_stat args.message_context = *message_context; bzero(&res, sizeof(res)); - stat = gssd_display_status_1(&args, &res, kgss_gssd_handle); + stat = gssd_display_status_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_export_name.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_export_name.c 2012-09-26 10:06:07.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -45,14 +47,22 @@ gss_export_name(OM_uint32 *minor_status, struct export_name_res res; struct export_name_args args; enum clnt_stat stat; + CLIENT *cl; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); args.input_name = input_name->handle; bzero(&res, sizeof(res)); - stat = gssd_export_name_1(&args, &res, kgss_gssd_handle); + stat = gssd_export_name_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_impl.c.sav 2012-09-23 20:22:47.000000000 -0400 +++ kgssapi/gss_impl.c 2012-09-26 10:03:44.000000000 -0400 @@ -31,8 +31,10 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include #include +#include #include #include #include @@ -59,6 +61,7 @@ static bool_t gssd_syscall_registered = struct kgss_mech_list kgss_mechs; CLIENT *kgss_gssd_handle; +struct mtx kgss_gssd_lock; static void kgss_init(void *dummy) @@ -92,14 +95,12 @@ sys_gssd_syscall(struct thread *td, stru struct netconfig *nconf; char path[MAXPATHLEN]; int error; + CLIENT *cl, *oldcl; error = priv_check(td, PRIV_NFS_DAEMON); if (error) return (error); - if (kgss_gssd_handle) - CLNT_DESTROY(kgss_gssd_handle); - error = copyinstr(uap->path, path, sizeof(path), NULL); if (error) return (error); @@ -109,10 +110,20 @@ sys_gssd_syscall(struct thread *td, stru sun.sun_len = SUN_LEN(&sun); nconf = getnetconfigent("local"); - kgss_gssd_handle = clnt_reconnect_create(nconf, + cl = clnt_reconnect_create(nconf, (struct sockaddr *) &sun, GSSD, GSSDVERS, RPC_MAXDATASIZE, RPC_MAXDATASIZE); + mtx_lock(&kgss_gssd_lock); + oldcl = kgss_gssd_handle; + kgss_gssd_handle = cl; + mtx_unlock(&kgss_gssd_lock); + + if (oldcl != NULL) { + CLNT_CLOSE(oldcl); + CLNT_RELEASE(oldcl); + } + return (0); } @@ -280,6 +291,7 @@ kgssapi_modevent(module_t mod, int type, rpc_gss_get_principal_name; rpc_gss_entries.rpc_gss_svc_max_data_length = rpc_gss_svc_max_data_length; + mtx_init(&kgss_gssd_lock, "kgss_gssd_lock", NULL, MTX_DEF); break; case MOD_UNLOAD: /* --- kgssapi/gss_import_name.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_import_name.c 2012-09-26 10:04:02.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -48,18 +50,26 @@ gss_import_name(OM_uint32 *minor_status, struct import_name_args args; enum clnt_stat stat; gss_name_t name; + CLIENT *cl; *minor_status = 0; *output_name = GSS_C_NO_NAME; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); args.input_name_buffer = *input_name_buffer; args.input_name_type = input_name_type; bzero(&res, sizeof(res)); - stat = gssd_import_name_1(&args, &res, kgss_gssd_handle); + stat = gssd_import_name_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_init_sec_context.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_init_sec_context.c 2012-09-26 10:04:24.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -60,11 +62,18 @@ gss_init_sec_context(OM_uint32 * minor_s struct init_sec_context_args args; enum clnt_stat stat; gss_ctx_id_t ctx = *context_handle; + CLIENT *cl; *minor_status = 0; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); args.uid = curthread->td_ucred->cr_uid; if (initiator_cred_handle) @@ -88,7 +97,8 @@ gss_init_sec_context(OM_uint32 * minor_s } bzero(&res, sizeof(res)); - stat = gssd_init_sec_context_1(&args, &res, kgss_gssd_handle); + stat = gssd_init_sec_context_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_pname_to_uid.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_pname_to_uid.c 2012-09-26 10:04:41.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -45,20 +47,28 @@ gss_pname_to_uid(OM_uint32 *minor_status struct pname_to_uid_res res; struct pname_to_uid_args args; enum clnt_stat stat; + CLIENT *cl; *minor_status = 0; - if (!kgss_gssd_handle) - return (GSS_S_FAILURE); - if (pname == GSS_C_NO_NAME) return (GSS_S_BAD_NAME); + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); + return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); + args.pname = pname->handle; args.mech = mech; bzero(&res, sizeof(res)); - stat = gssd_pname_to_uid_1(&args, &res, kgss_gssd_handle); + stat = gssd_pname_to_uid_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); @@ -83,20 +93,28 @@ gss_pname_to_unix_cred(OM_uint32 *minor_ struct pname_to_uid_args args; enum clnt_stat stat; int i, n; + CLIENT *cl; *minor_status = 0; - if (!kgss_gssd_handle) - return (GSS_S_FAILURE); - if (pname == GSS_C_NO_NAME) return (GSS_S_BAD_NAME); + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); + return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); + args.pname = pname->handle; args.mech = mech; bzero(&res, sizeof(res)); - stat = gssd_pname_to_uid_1(&args, &res, kgss_gssd_handle); + stat = gssd_pname_to_uid_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_release_cred.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_release_cred.c 2012-09-26 10:04:59.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -44,13 +46,24 @@ gss_release_cred(OM_uint32 *minor_status struct release_cred_res res; struct release_cred_args args; enum clnt_stat stat; + CLIENT *cl; if (!kgss_gssd_handle) return (GSS_S_FAILURE); if (*cred_handle) { args.cred = (*cred_handle)->handle; - stat = gssd_release_cred_1(&args, &res, kgss_gssd_handle); + + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); + return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); + stat = gssd_release_cred_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_release_name.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_release_name.c 2012-09-26 10:05:14.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -45,6 +47,7 @@ gss_release_name(OM_uint32 *minor_status struct release_name_args args; enum clnt_stat stat; gss_name_t name; + CLIENT *cl; if (!kgss_gssd_handle) return (GSS_S_FAILURE); @@ -53,7 +56,16 @@ gss_release_name(OM_uint32 *minor_status name = *input_name; args.input_name = name->handle; - stat = gssd_release_name_1(&args, &res, kgss_gssd_handle); + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); + return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); + stat = gssd_release_name_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; return (GSS_S_FAILURE); --- kgssapi/gss_set_cred_option.c.sav 2012-09-26 09:01:18.000000000 -0400 +++ kgssapi/gss_set_cred_option.c 2012-09-26 10:05:36.000000000 -0400 @@ -31,7 +31,9 @@ __FBSDID("$FreeBSD: head/sys/kgssapi/gss #include #include #include +#include #include +#include #include #include @@ -47,11 +49,18 @@ gss_set_cred_option(OM_uint32 *minor_sta struct set_cred_option_res res; struct set_cred_option_args args; enum clnt_stat stat; + CLIENT *cl; *minor_status = 0; - if (!kgss_gssd_handle) + mtx_lock(&kgss_gssd_lock); + if (kgss_gssd_handle == NULL) { + mtx_unlock(&kgss_gssd_lock); return (GSS_S_FAILURE); + } + CLNT_ACQUIRE(kgss_gssd_handle); + cl = kgss_gssd_handle; + mtx_unlock(&kgss_gssd_lock); if (cred) args.cred = (*cred)->handle; @@ -61,7 +70,8 @@ gss_set_cred_option(OM_uint32 *minor_sta args.option_value = *option_value; bzero(&res, sizeof(res)); - stat = gssd_set_cred_option_1(&args, &res, kgss_gssd_handle); + stat = gssd_set_cred_option_1(&args, &res, cl); + CLNT_RELEASE(cl); if (stat != RPC_SUCCESS) { *minor_status = stat; --- kgssapi/gssapi_impl.h.sav 2012-09-26 09:46:51.000000000 -0400 +++ kgssapi/gssapi_impl.h 2012-09-26 09:47:25.000000000 -0400 @@ -53,6 +53,7 @@ struct kgss_mech { LIST_HEAD(kgss_mech_list, kgss_mech); extern CLIENT *kgss_gssd_handle; +extern struct mtx kgss_gssd_lock; extern struct kgss_mech_list kgss_mechs; int kgss_oid_equal(const gss_OID oid1, const gss_OID oid2);