1 /* This file is part of the Project Athena Zephyr Notification System.
2 * It contains source for the ZCheckAuthentication function.
3 *
4 * Created by: Robert French
5 *
6 * Copyright (c) 1987,1991 by the Massachusetts Institute of Technology.
7 * For copying and distribution information, see the file
8 * "mit-copyright.h".
9 */
10
11 #include "internal.h"
12
13 /* Check authentication of the notice.
14 If it looks authentic but fails the Kerberos check, return -1.
15 If it looks authentic and passes the Kerberos check, return 1.
16 If it doesn't look authentic, return 0
17
18 When not using Kerberos, return true if the notice claims to be authentic.
19 Only used by clients; the server uses its own routine.
20 */
ZCheckAuthentication(notice,from)21 Code_t ZCheckAuthentication(notice, from)
22 ZNotice_t *notice;
23 struct sockaddr_in *from;
24 {
25 #ifdef ZEPHYR_USES_KERBEROS
26 int result;
27 ZChecksum_t our_checksum;
28 CREDENTIALS cred;
29
30 /* If the value is already known, return it. */
31 if (notice->z_checked_auth != ZAUTH_UNSET)
32 return (notice->z_checked_auth);
33
34 if (!notice->z_auth)
35 return (ZAUTH_NO);
36
37 if ((result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
38 __Zephyr_realm, &cred)) != 0)
39 return (ZAUTH_NO);
40
41 #ifdef NOENCRYPTION
42 our_checksum = 0;
43 #else
44 our_checksum = des_quad_cksum(notice->z_packet, NULL,
45 notice->z_default_format+
46 strlen(notice->z_default_format)+1-
47 notice->z_packet, 0, (C_Block *)cred.session);
48 #endif
49 /* if mismatched checksum, then the packet was corrupted */
50 return ((our_checksum == notice->z_checksum) ? ZAUTH_YES : ZAUTH_FAILED);
51
52 #else
53 return (notice->z_auth ? ZAUTH_YES : ZAUTH_NO);
54 #endif
55 }
56