1 /* This file is part of the Project Athena Zephyr Notification System.
2 * It contains source for the ZCheckAuthentication function.
4 * Created by: Robert French
6 * $Id: ZCkAuth.c,v 1.23 1999/01/22 23:19:02 ghudson Exp $
8 * Copyright (c) 1987,1991 by the Massachusetts Institute of Technology.
9 * For copying and distribution information, see the file
14 static char rcsid_ZCheckAuthentication_c[] =
15 "$Zephyr: /mit/zephyr/src/lib/RCS/ZCheckAuthentication.c,v 1.14 89/03/24 14:17:38 jtkohl Exp Locker: raeburn $";
20 #if defined(HAVE_KRB5) && !HAVE_KRB5_FREE_DATA
21 #define krb5_free_data(ctx, dat) free((dat)->data)
24 /* Check authentication of the notice.
25 If it looks authentic but fails the Kerberos check, return -1.
26 If it looks authentic and passes the Kerberos check, return 1.
27 If it doesn't look authentic, return 0
29 When not using Kerberos, return true if the notice claims to be authentic.
30 Only used by clients; the server uses its own routine.
32 Code_t ZCheckAuthentication(notice, from)
34 struct sockaddr_in *from;
38 ZChecksum_t our_checksum;
41 /* If the value is already known, return it. */
42 if (notice->z_checked_auth != ZAUTH_UNSET)
43 return (notice->z_checked_auth);
48 if ((result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
49 __Zephyr_realm, &cred)) != 0)
55 our_checksum = des_quad_cksum(notice->z_packet, NULL,
56 notice->z_default_format+
57 strlen(notice->z_default_format)+1-
58 notice->z_packet, 0, cred.session);
60 /* if mismatched checksum, then the packet was corrupted */
61 return ((our_checksum == notice->z_checksum) ? ZAUTH_YES : ZAUTH_FAILED);
64 return (notice->z_auth ? ZAUTH_YES : ZAUTH_NO);