|
14192
|
1 /* This file is part of the Project Athena Zephyr Notification System.
|
|
|
2 * It contains source for the ZCheckAuthentication function.
|
|
|
3 *
|
|
|
4 * Created by: Robert French
|
|
|
5 *
|
|
|
6 * Copyright (c) 1987,1991 by the Massachusetts Institute of Technology.
|
|
|
7 * For copying and distribution information, see the file
|
|
|
8 * "mit-copyright.h".
|
|
|
9 */
|
|
|
10
|
|
|
11 #include "internal.h"
|
|
|
12
|
|
|
13 /* Check authentication of the notice.
|
|
|
14 If it looks authentic but fails the Kerberos check, return -1.
|
|
|
15 If it looks authentic and passes the Kerberos check, return 1.
|
|
|
16 If it doesn't look authentic, return 0
|
|
|
17
|
|
|
18 When not using Kerberos, return true if the notice claims to be authentic.
|
|
|
19 Only used by clients; the server uses its own routine.
|
|
|
20 */
|
|
|
21 Code_t ZCheckAuthentication(notice, from)
|
|
|
22 ZNotice_t *notice;
|
|
|
23 struct sockaddr_in *from;
|
|
|
24 {
|
|
|
25 #ifdef ZEPHYR_USES_KERBEROS
|
|
|
26 int result;
|
|
|
27 ZChecksum_t our_checksum;
|
|
|
28 CREDENTIALS cred;
|
|
|
29
|
|
|
30 /* If the value is already known, return it. */
|
|
|
31 if (notice->z_checked_auth != ZAUTH_UNSET)
|
|
|
32 return (notice->z_checked_auth);
|
|
|
33
|
|
|
34 if (!notice->z_auth)
|
|
|
35 return (ZAUTH_NO);
|
|
|
36
|
|
|
37 if ((result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
|
|
|
38 __Zephyr_realm, &cred)) != 0)
|
|
|
39 return (ZAUTH_NO);
|
|
|
40
|
|
|
41 #ifdef NOENCRYPTION
|
|
|
42 our_checksum = 0;
|
|
|
43 #else
|
|
|
44 our_checksum = des_quad_cksum(notice->z_packet, NULL,
|
|
|
45 notice->z_default_format+
|
|
|
46 strlen(notice->z_default_format)+1-
|
|
|
47 notice->z_packet, 0, (C_Block *)cred.session);
|
|
|
48 #endif
|
|
|
49 /* if mismatched checksum, then the packet was corrupted */
|
|
|
50 return ((our_checksum == notice->z_checksum) ? ZAUTH_YES : ZAUTH_FAILED);
|
|
|
51
|
|
|
52 #else
|
|
|
53 return (notice->z_auth ? ZAUTH_YES : ZAUTH_NO);
|
|
|
54 #endif
|
|
|
55 }
|
