src/protocols/zephyr/ZCkAuth.c

   1 /* This file is part of the Project Athena Zephyr Notification System.
   2  * It contains source for the ZCheckAuthentication function.
   3  *
   4  *      Created by:     Robert French
   5  *
   6  *      $Source$
   7  *      $Author: warmenhoven $
   8  *
   9  *      Copyright (c) 1987,1991 by the Massachusetts Institute of Technology.
  10  *      For copying and distribution information, see the file
  11  *      "mit-copyright.h".
  12  */
  13 /* $Header$ */
  14
  15 #ifndef lint
  16 static char rcsid_ZCheckAuthentication_c[] =
  17     "$Zephyr: /mit/zephyr/src/lib/RCS/ZCheckAuthentication.c,v 1.14 89/03/24 14:17:38 jtkohl Exp Locker: raeburn $";
  18 #endif
  19
  20 #include <internal.h>
  21
  22 /* Check authentication of the notice.
  23    If it looks authentic but fails the Kerberos check, return -1.
  24    If it looks authentic and passes the Kerberos check, return 1.
  25    If it doesn't look authentic, return 0
  26
  27    When not using Kerberos, return true if the notice claims to be authentic.
  28    Only used by clients; the server uses its own routine.
  29  */
  30 Code_t ZCheckAuthentication(notice, from)
  31     ZNotice_t *notice;
  32     struct sockaddr_in *from;
  33 {
  34 #ifdef ZEPHYR_USES_KERBEROS
  35     int result;
  36     ZChecksum_t our_checksum;
  37     CREDENTIALS cred;
  38
  39     /* If the value is already known, return it. */
  40     if (notice->z_checked_auth != ZAUTH_UNSET)
  41         return (notice->z_checked_auth);
  42
  43     if (!notice->z_auth)
  44         return (ZAUTH_NO);
  45
  46     if ((result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
  47                                __Zephyr_realm, &cred)) != 0)
  48         return (ZAUTH_NO);
  49
  50 #ifdef NOENCRYPTION
  51     our_checksum = 0;
  52 #else
  53     our_checksum = des_quad_cksum(notice->z_packet, NULL,
  54                                   notice->z_default_format+
  55                                   strlen(notice->z_default_format)+1-
  56                                   notice->z_packet, 0, cred.session);
  57 #endif
  58     /* if mismatched checksum, then the packet was corrupted */
  59     return ((our_checksum == notice->z_checksum) ? ZAUTH_YES : ZAUTH_FAILED);
  60
  61 #else
  62     return (notice->z_auth ? ZAUTH_YES : ZAUTH_NO);
  63 #endif
  64 }