2086
|
1 /* This file is part of the Project Athena Zephyr Notification System.
|
|
2 * It contains source for the ZMakeAuthentication function.
|
|
3 *
|
|
4 * Created by: Robert French
|
|
5 *
|
|
6 * $Source$
|
8217
|
7 * $Author: lschiere $
|
2086
|
8 *
|
|
9 * Copyright (c) 1987 by the Massachusetts Institute of Technology.
|
|
10 * For copying and distribution information, see the file
|
|
11 * "mit-copyright.h".
|
|
12 */
|
8217
|
13 /* $Id: ZMkAuth.c 8940 2004-02-07 17:40:57Z lschiere $ */
|
2086
|
14
|
|
15 #include <internal.h>
|
|
16
|
|
17 #ifndef lint
|
8217
|
18 static const char rcsid_ZMakeAuthentication_c[] = "$Id: ZMkAuth.c 8940 2004-02-07 17:40:57Z lschiere $";
|
2086
|
19 #endif
|
|
20
|
|
21 #ifdef ZEPHYR_USES_KERBEROS
|
|
22 #include <krb_err.h>
|
|
23 static long last_authent_time = 0L;
|
|
24 static KTEXT_ST last_authent;
|
|
25 #endif
|
|
26
|
|
27 Code_t ZResetAuthentication () {
|
|
28 #ifdef ZEPHYR_USES_KERBEROS
|
|
29 last_authent_time = 0L;
|
|
30 #endif
|
|
31 return ZERR_NONE;
|
|
32 }
|
|
33
|
|
34 Code_t ZMakeAuthentication(notice, buffer, buffer_len, len)
|
|
35 register ZNotice_t *notice;
|
|
36 char *buffer;
|
|
37 int buffer_len;
|
|
38 int *len;
|
|
39 {
|
|
40 #ifdef ZEPHYR_USES_KERBEROS
|
|
41 int result;
|
|
42 time_t now;
|
|
43 KTEXT_ST authent;
|
|
44 char *cstart, *cend;
|
|
45 ZChecksum_t checksum;
|
|
46 CREDENTIALS cred;
|
|
47 extern unsigned long des_quad_cksum();
|
|
48
|
|
49 now = time(0);
|
|
50 if (last_authent_time == 0 || (now - last_authent_time > 120)) {
|
|
51 result = krb_mk_req(&authent, SERVER_SERVICE,
|
|
52 SERVER_INSTANCE, __Zephyr_realm, 0);
|
|
53 if (result != MK_AP_OK) {
|
|
54 last_authent_time = 0;
|
8217
|
55 return (result+ERROR_TABLE_BASE_krb);
|
2086
|
56 }
|
|
57 last_authent_time = now;
|
|
58 last_authent = authent;
|
|
59 }
|
|
60 else {
|
|
61 authent = last_authent;
|
|
62 }
|
|
63 notice->z_auth = 1;
|
|
64 notice->z_authent_len = authent.length;
|
|
65 notice->z_ascii_authent = (char *)malloc((unsigned)authent.length*3);
|
|
66 /* zero length authent is an error, so malloc(0) is not a problem */
|
|
67 if (!notice->z_ascii_authent)
|
|
68 return (ENOMEM);
|
|
69 if ((result = ZMakeAscii(notice->z_ascii_authent,
|
|
70 authent.length*3,
|
|
71 authent.dat,
|
|
72 authent.length)) != ZERR_NONE) {
|
|
73 free(notice->z_ascii_authent);
|
|
74 return (result);
|
|
75 }
|
|
76 result = Z_FormatRawHeader(notice, buffer, buffer_len, len, &cstart,
|
|
77 &cend);
|
|
78 free(notice->z_ascii_authent);
|
|
79 notice->z_authent_len = 0;
|
|
80 if (result)
|
|
81 return(result);
|
|
82
|
|
83 /* Compute a checksum over the header and message. */
|
|
84 if ((result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
|
|
85 __Zephyr_realm, &cred)) != 0)
|
|
86 return result;
|
|
87 checksum = des_quad_cksum(buffer, NULL, cstart - buffer, 0, cred.session);
|
|
88 checksum ^= des_quad_cksum(cend, NULL, buffer + *len - cend, 0,
|
|
89 cred.session);
|
|
90 checksum ^= des_quad_cksum(notice->z_message, NULL, notice->z_message_len,
|
|
91 0, cred.session);
|
|
92 notice->z_checksum = checksum;
|
|
93 ZMakeAscii32(cstart, buffer + buffer_len - cstart, checksum);
|
|
94
|
|
95 return (ZERR_NONE);
|
|
96 #else
|
|
97 notice->z_checksum = 0;
|
|
98 notice->z_auth = 1;
|
|
99 notice->z_authent_len = 0;
|
|
100 notice->z_ascii_authent = "";
|
|
101 return (Z_FormatRawHeader(notice, buffer, buffer_len, len, NULL, NULL));
|
|
102 #endif
|
|
103 }
|