File: ZCkAuth.c

package info (click to toggle)
tzc 2.6.15-5.4
  • links: PTS
  • area: main
  • in suites: bullseye, buster, sid, stretch
  • size: 240 kB
  • ctags: 361
  • sloc: ansic: 3,931; makefile: 42
file content (79 lines) | stat: -rw-r--r-- 2,526 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
/* Modifications for tzc by Darrell Kindred <dkindred@cmu.edu>, April 1997:
 *   - cache the kerberos credentials, so we can continue to check auth
 *     even if the user re-kinits.
 */

/* This file is part of the Project Athena Zephyr Notification System.
 * It contains source for the ZCheckAuthentication function.
 *
 *	Created by:	Robert French
 *
 *	/mit/zephyr/src/CVS/zephyr/lib/zephyr/ZCkAuth.c,v
 *	ghudson
 *
 *	Copyright (c) 1987,1991 by the Massachusetts Institute of Technology.
 *	For copying and distribution information, see the file
 *	"mit-copyright.h".
 */
/* /mit/zephyr/src/CVS/zephyr/lib/zephyr/ZCkAuth.c,v 1.21 1995/06/30 22:03:53 ghudson Exp */

#ifndef lint
static char rcsid_ZCheckAuthentication_c[] =
    "$Zephyr: /mit/zephyr/src/lib/RCS/ZCheckAuthentication.c,v 1.14 89/03/24 14:17:38 jtkohl Exp Locker: raeburn $";
#endif

#if 0
#include <internal.h>
#else
#include <zephyr/zephyr.h>
#define ZAUTH_UNSET (-3)      /* from internal.h */
#include <stdio.h>	      /* for NULL */
#endif

/* Check authentication of the notice.
   If it looks authentic but fails the Kerberos check, return -1.
   If it looks authentic and passes the Kerberos check, return 1.
   If it doesn't look authentic, return 0

   When not using Kerberos, return true if the notice claims to be authentic.
   Only used by clients; the server uses its own routine.
 */
Code_t ZCheckAuthentication(notice, from)
    ZNotice_t *notice;
    struct sockaddr_in *from;
{
#ifdef ZEPHYR_USES_KERBEROS
    int result;
    ZChecksum_t our_checksum;
    static CREDENTIALS cred;
    static int got_cred = 0;

    /* If the value is already known, return it. */
    if (notice->z_checked_auth != ZAUTH_UNSET)
	return (notice->z_checked_auth);

    if (!notice->z_auth)
	return (ZAUTH_NO);

    if (!got_cred &&
	(result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,
			       __Zephyr_realm, &cred)) != 0)
      return (ZAUTH_NO);

    got_cred = 1;

#ifdef NOENCRYPTION
    our_checksum = 0;
#else /* NOENCRYPTION */
    our_checksum = des_quad_cksum(notice->z_packet, NULL,
                                notice->z_default_format+
                                strlen(notice->z_default_format)+1-
                                notice->z_packet, 0, cred.session);
#endif /* NOENCRYPTION */
    /* if mismatched checksum, then the packet was corrupted */
    return ((our_checksum == notice->z_checksum) ? ZAUTH_YES : ZAUTH_FAILED);

#else /* ZEPHYR_USES_KERBEROS */
    return (notice->z_auth ? ZAUTH_YES : ZAUTH_NO);
#endif
}