08d6ee6d8a
This implements a sequence number cache of the last three (right now hardcoded) sent sequence numbers for a given XID, as suggested by the RFC. From RFC2203 5.3.3.1: "Note that the sequence number algorithm requires that the client increment the sequence number even if it is retrying a request with the same RPC transaction identifier. It is not infrequent for clients to get into a situation where they send two or more attempts and a slow server sends the reply for the first attempt. With RPCSEC_GSS, each request and reply will have a unique sequence number. If the client wishes to improve turn around time on the RPC call, it can cache the RPCSEC_GSS sequence number of each request it sends. Then when it receives a response with a matching RPC transaction identifier, it can compute the checksum of each sequence number in the cache to try to match the checksum in the reply's verifier." Signed-off-by: Nikhil Jha <njha@janestreet.com> Acked-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Anna Schumaker <anna.schumaker@oracle.com> |
||
|---|---|---|
| .. | ||
| Makefile | ||
| auth_gss.c | ||
| auth_gss_internal.h | ||
| gss_krb5_crypto.c | ||
| gss_krb5_internal.h | ||
| gss_krb5_keys.c | ||
| gss_krb5_mech.c | ||
| gss_krb5_seal.c | ||
| gss_krb5_test.c | ||
| gss_krb5_unseal.c | ||
| gss_krb5_wrap.c | ||
| gss_mech_switch.c | ||
| gss_rpc_upcall.c | ||
| gss_rpc_upcall.h | ||
| gss_rpc_xdr.c | ||
| gss_rpc_xdr.h | ||
| svcauth_gss.c | ||
| trace.c | ||