1 /* This file is part of the Project Athena Zephyr Notification System.
2  * It contains source for the ZCheckAuthentication function.
3  *
4  *	Created by:	Robert French
5  *
6  *	Copyright (c) 1987,1991 by the Massachusetts Institute of Technology.
7  *	For copying and distribution information, see the file
8  *	"mit-copyright.h".
9  */
10 
11 #include "internal.h"
12 
13 /* Check authentication of the notice.
14    If it looks authentic but fails the Kerberos check, return -1.
15    If it looks authentic and passes the Kerberos check, return 1.
16    If it doesn't look authentic, return 0
17 
18    When not using Kerberos, return true if the notice claims to be authentic.
19    Only used by clients; the server uses its own routine.
20  */
ZCheckAuthentication(notice,from)21 Code_t ZCheckAuthentication(notice, from)
22     ZNotice_t *notice;
23     struct sockaddr_in *from;
24 {
25 #ifdef ZEPHYR_USES_KERBEROS
26     int result;
27     ZChecksum_t our_checksum;
28     CREDENTIALS cred;
29 
30     /* If the value is already known, return it. */
31     if (notice->z_checked_auth != ZAUTH_UNSET)
32 	return (notice->z_checked_auth);
33 
34     if (!notice->z_auth)
35 	return (ZAUTH_NO);
36 
37     if ((result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
38 			       __Zephyr_realm, &cred)) != 0)
39 	return (ZAUTH_NO);
40 
41 #ifdef NOENCRYPTION
42     our_checksum = 0;
43 #else
44     our_checksum = des_quad_cksum(notice->z_packet, NULL,
45 				  notice->z_default_format+
46 				  strlen(notice->z_default_format)+1-
47 				  notice->z_packet, 0, (C_Block *)cred.session);
48 #endif
49     /* if mismatched checksum, then the packet was corrupted */
50     return ((our_checksum == notice->z_checksum) ? ZAUTH_YES : ZAUTH_FAILED);
51 
52 #else
53     return (notice->z_auth ? ZAUTH_YES : ZAUTH_NO);
54 #endif
55 }
56