1 /* This file is part of the Project Athena Zephyr Notification System.
2 * It contains source for the ZCheckAuthentication function.
4 * Created by: Robert French
8 * Copyright (c) 1987,1991 by the Massachusetts Institute of Technology.
9 * For copying and distribution information, see the file
14 static char rcsid_ZCheckAuthentication_c[] =
15 "$Zephyr: /mit/zephyr/src/lib/RCS/ZCheckAuthentication.c,v 1.14 89/03/24 14:17:38 jtkohl Exp Locker: raeburn $";
20 #if defined(HAVE_KRB5) && !HAVE_KRB5_FREE_DATA
21 #define krb5_free_data(ctx, dat) free((dat)->data)
24 /* Check authentication of the notice.
25 If it looks authentic but fails the Kerberos check, return -1.
26 If it looks authentic and passes the Kerberos check, return 1.
27 If it doesn't look authentic, return 0
29 When not using Kerberos, return true if the notice claims to be authentic.
30 Only used by clients; the server uses its own routine.
32 Code_t ZCheckAuthentication(notice, from)
34 struct sockaddr_in *from;
37 #if defined(HAVE_KRB4) || defined(HAVE_KRB5)
39 ZChecksum_t our_checksum;
42 krb5_creds *creds_out;
46 /* If the value is already known, return it. */
47 if (notice->z_checked_auth != ZAUTH_UNSET)
48 return (notice->z_checked_auth);
54 result = ZGetCreds(&creds_out);
57 /* HOLDING: creds_out */
59 if (creds_out->keyblock.enctype != ENCTYPE_DES_CBC_CRC)
61 session = (C_Block *)creds_out->keyblock.contents;
64 if ((result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
65 __Zephyr_realm, &cred)) != 0)
68 session = (C_Block *)cred.session;
74 our_checksum = des_quad_cksum(notice->z_packet, NULL,
75 notice->z_default_format+
76 strlen(notice->z_default_format)+1-
77 notice->z_packet, 0, session);
79 /* if mismatched checksum, then the packet was corrupted */
80 return ((our_checksum == notice->z_checksum) ? ZAUTH_YES : ZAUTH_FAILED);
83 return (notice->z_auth ? ZAUTH_YES : ZAUTH_NO);
86 ZCheckZcodeAuthentication(notice, from);