Import new release

[1ts-debian.git] / zephyr / server / kstuff.c

diff --git a/zephyr/server/kstuff.c b/zephyr/server/kstuff.c
index 04c7113630c9563ff6e586d0dc924afe2648e3b6..5fd31c9f2a0e57b54938a9c012c3028314e457d3 100644 (file)
--- a/zephyr/server/kstuff.c
+++ b/zephyr/server/kstuff.c
@@ -8,14 +8,15 @@
  *     "mit-copyright.h". 
  */
 /*
- *     $Id: kstuff.c,v 1.22 2000/02/11 20:59:35 ghudson Exp $
+ *     $Source: /afs/dev.mit.edu/source/repository/athena/lib/zephyr/server/kstuff.c,v $
+ *     $Header: /afs/dev.mit.edu/source/repository/athena/lib/zephyr/server/kstuff.c,v 1.26 2001/04/10 23:28:20 ghudson Exp $
  */
 
 #include "zserver.h"
 
 #ifndef lint
 #ifndef SABER
-static const char rcsid_kstuff_c[] = "$Id: kstuff.c,v 1.22 2000/02/11 20:59:35 ghudson Exp $";
+static const char rcsid_kstuff_c[] = "$Id: kstuff.c,v 1.26 2001/04/10 23:28:20 ghudson Exp $";
 #endif
 #endif
 
@@ -121,7 +122,6 @@ SendKerberosData(fd, ticket, service, host)
 {
     int rem;
     char p[32];
-    char krb_realm[REALM_SZ];
     int written;
     int size_to_write;
 
@@ -190,8 +190,18 @@ ZCheckRealmAuthentication(notice, from, realm)
         checksum = compute_rlm_checksum(notice, session_key);
 
         /* If checksum matches, packet is authentic.  If not, we might
-        * have an outdated session key, so keep going the slow way.
-        */
+         * have an outdated session key, so keep going the slow way.
+         */
+        if (checksum == notice->z_checksum) {
+          (void) memcpy((char *)__Zephyr_session, (char *)session_key, 
+                        sizeof(C_Block)); /* For control_dispatch() */
+          return ZAUTH_YES;
+        }
+
+        /* Try again. This way we can switch to the same checksums
+         * that the rest of Zephyr uses at a future date, but for now 
+         * we need to be compatible */
+        checksum = compute_checksum(notice, session_key);
         if (checksum == notice->z_checksum) {
            memcpy(__Zephyr_session, session_key, sizeof(C_Block));
            return ZAUTH_YES;
@@ -212,12 +222,17 @@ ZCheckRealmAuthentication(notice, from, realm)
 
     /* Check the cryptographic checksum. */
 #ifdef NOENCRYPTION
-    our_checksum = 0;
+    checksum = 0;
 #else
     checksum = compute_rlm_checksum(notice, dat.session);
 #endif
-    if (checksum != notice->z_checksum)
+    if (checksum != notice->z_checksum) {
+#ifndef NOENCRYPTION
+      checksum = compute_checksum(notice, dat.session);
+      if (checksum != notice->z_checksum)
+#endif
         return ZAUTH_FAILED;
+    }
 
     /* Record the session key, expiry time, and source principal in the
      * hash table, so we can do a fast check next time. */
@@ -296,7 +311,7 @@ ZCheckAuthentication(notice, from)
 
     /* Check the cryptographic checksum. */
 #ifdef NOENCRYPTION
-    our_checksum = 0;
+    checksum = 0;
 #else
     checksum = compute_checksum(notice, dat.session);
 #endif