safety

6 files changed, 56 insertions, 34 deletions

diff --git a/lib/ZFmtAuth.c b/lib/ZFmtAuth.c
index cd131fa..5849345 100644
--- a/lib/ZFmtAuth.c
+++ b/lib/ZFmtAuth.c
@@ -25,28 +25,25 @@ Code_t ZFormatAuthenticNotice(notice,buffer,buffer_len,len,session)
 {
 	char *ptr;
 	int result,retval,hdrlen;
-	AUTH_DAT dat;
-	KTEXT_ST authent;
-	ZChecksum_t our_checksum;
 	CREDENTIALS cred;
 
 	notice->z_auth = 1;
 	notice->z_authent_len = 0;
-	notice->z_ascii_authent = (KTEXT)"";
+	notice->z_ascii_authent = (char *)"";
 	
 	if ((retval = Z_FormatRawHeader(notice,buffer,buffer_len,&hdrlen))
 	    != ZERR_NONE)
 		return (retval);
 
-	for (hdrlen--;buffer[hdrlen];hdrlen--)
+	for (hdrlen--;buffer[hdrlen-1];hdrlen--)
 		;
 	
-	if (result = get_credentials(SERVER_SERVICE,SERVER_INSTANCE,
+/*	if (result = get_credentials(SERVER_SERVICE,SERVER_INSTANCE,
 			    __Zephyr_realm,&cred))
 		return (result+krb_err_base);
-
+*/
 	notice->z_checksum = (ZChecksum_t)quad_cksum(buffer,NULL,hdrlen,0,
-						     cred.session);
+						     session);
 
 	if ((retval = Z_FormatRawHeader(notice,buffer,buffer_len,&hdrlen))
 	    != ZERR_NONE)
diff --git a/lib/ZLocateU.c b/lib/ZLocateU.c
index b1e6e69..6f47a8d 100644
--- a/lib/ZLocateU.c
+++ b/lib/ZLocateU.c
@@ -45,14 +45,17 @@ Code_t ZLocateUser(user,nlocs)
 		return (retval);
 
 	if ((retval = ZIfNotice(buffer,sizeof buffer,&retnotice,&auth,
-				locate_pred,(char *)&notice.z_uid)) !=
+				Z_UIDpred,(char *)&notice.z_uid)) !=
 	    ZERR_NONE)
 		return (retval);
 
+	if (retnotice.z_kind == SERVNAK)
+		return (ZERR_SERVNAK);
+	
 	if (retnotice.z_kind != SERVACK)
 		return (ZERR_INTERNAL);
 
-	end = retnotice.z_message+retnotice.z_message_len+1;
+	end = retnotice.z_message+retnotice.z_message_len;
 
 	__locate_num = 0;
 	
@@ -77,10 +80,3 @@ Code_t ZLocateUser(user,nlocs)
 	
 	return (ZERR_NONE);
 }
-
-static int locate_pred(notice,uid)
-	ZNotice_t *notice;
-	ZUnique_Id_t *uid;
-{
-	return (ZCompareUID(uid,&notice->z_uid));
-}
diff --git a/lib/ZLocations.c b/lib/ZLocations.c
index 670a61c..e9cc83c 100644
--- a/lib/ZLocations.c
+++ b/lib/ZLocations.c
@@ -16,18 +16,45 @@
 
 #include <zephyr/zephyr_internal.h>
 
+#include <pwd.h>
+#include <sys/file.h>
+
 Code_t ZSetLocation()
 {
-	ZNotice_t notice;
-
-	notice.z_kind = UNACKED;
+	int retval,quiet;
+	ZNotice_t notice,retnotice;
+	ZPacket_t buffer;
+	char bfr[BUFSIZ];
+	struct passwd *pw;
+	
+        quiet = 0;
+	if (pw = getpwuid(getuid())) {
+		sprintf(bfr,"%s/.hideme",pw->pw_dir);
+		quiet = !access(bfr,F_OK);
+	} 
+	
+	notice.z_kind = ACKED;
 	notice.z_port = 0;
 	notice.z_class = LOGIN_CLASS;
-	notice.z_class_inst = (char *)Z_GetSender();
-	notice.z_opcode = LOGIN_USER_LOGIN;
+	notice.z_class_inst = ZGetSender();
+	notice.z_opcode = quiet?LOGIN_QUIET_LOGIN:LOGIN_USER_LOGIN;
 	notice.z_sender = 0;
 	notice.z_recipient = "";
 	notice.z_message_len = 0;
 
-	return (ZSendNotice(&notice,1));
+	if ((retval = ZSendNotice(&notice,1)) != ZERR_NONE)
+		return (retval);
+
+	if ((retval = ZIfNotice(buffer,sizeof buffer,&retnotice,0,
+			        Z_UIDpred,(char *)&notice.z_uid)) !=
+	    ZERR_NONE)
+		return (retval);
+
+	if (retnotice.z_kind == SERVNAK)
+		return (ZERR_SERVNAK);
+	
+	if (retnotice.z_kind != SERVACK)
+		return (ZERR_INTERNAL);
+
+	return (ZERR_NONE);
 }
diff --git a/lib/ZOpenPort.c b/lib/ZOpenPort.c
index 46ae4af..9374b78 100644
--- a/lib/ZOpenPort.c
+++ b/lib/ZOpenPort.c
@@ -33,7 +33,7 @@ Code_t ZOpenPort(port)
 	bindin.sin_family = AF_INET;
 
 	if (port && *port)
-		bindin.sin_port = htons(*port);
+		bindin.sin_port = *port;
 	else
 		bindin.sin_port = htons(((getpid()*8)&0xfff)+
 					((random()>>4)&0xf)+1024);
@@ -55,11 +55,11 @@ Code_t ZOpenPort(port)
 		}
 	} while (retval < 0 && port);
 
-	__Zephyr_port = ntohs(bindin.sin_port);
+	__Zephyr_port = bindin.sin_port;
 	__Zephyr_open = 1;
 
 	if (port)
-		*port = ntohs(bindin.sin_port);
+		*port = bindin.sin_port;
 
 	return (ZERR_NONE);
 }
diff --git a/lib/ZParseNot.c b/lib/ZParseNot.c
index 3dfd657..2f74fd4 100644
--- a/lib/ZParseNot.c
+++ b/lib/ZParseNot.c
@@ -23,7 +23,7 @@ Code_t ZParseNotice(buffer,len,notice,auth,from)
 	int		*auth;
 	struct		sockaddr_in *from;
 {
-	char *ptr,*cksum;
+	char *ptr,*cksum,srcprincipal[ANAME_SZ+INST_SZ+REALM_SZ+4];
 	int result;
 	unsigned int temp[3];
 	AUTH_DAT dat;
@@ -107,16 +107,17 @@ Code_t ZParseNotice(buffer,len,notice,auth,from)
 				   &dat,SERVER_SRVTAB);
 		bcopy(dat.session,__Zephyr_session,sizeof(C_Block));
 		*auth = (result == RD_AP_OK);
+		sprintf(srcprincipal,"%s%s%s@%s",dat.pname,
+			dat.pinst[0]?".":"",dat.pinst,dat.prealm);
+		if (strcmp(srcprincipal,notice->z_sender))
+			*auth = 0;
 		return (ZERR_NONE);
 	}
 
 	if (result = get_credentials(SERVER_SERVICE,SERVER_INSTANCE,
-			    __Zephyr_realm,&cred))
+				     __Zephyr_realm,&cred))
 		return (result+krb_err_base);
 
-/*	if (result = key_sched(cred.session,sess_sched))
-		return (result+krb_err_base);
-*/
 	our_checksum = (ZChecksum_t)quad_cksum(buffer,NULL,cksum-buffer,0,
 					       cred.session);
 
diff --git a/lib/ZSendPkt.c b/lib/ZSendPkt.c
index bfc6bc8..58b630c 100644
--- a/lib/ZSendPkt.c
+++ b/lib/ZSendPkt.c
@@ -45,13 +45,14 @@ Code_t ZSendPacket(packet,len)
 	ZParseNotice(packet,len,&notice,0,0);
 
 	if (notice.z_kind == UNSAFE || notice.z_kind == HMACK ||
-	    notice.z_kind == SERVACK || __HM_set)
+	    notice.z_kind == SERVACK || notice.z_kind == CLIENTACK ||
+	    __Zephyr_server || __HM_set)
 		return (ZERR_NONE);
 	
 	tv.tv_sec = 0;
-	tv.tv_usec = 400000;
+	tv.tv_usec = 500000;
 	
-	for (i=0;i<12;i++) {
+	for (i=0;i<HM_TIMEOUT*2;i++) {
 		select(0,&t1,&t2,&t3,&tv);
 		retval = ZCheckIfNotice(ackpack,sizeof ackpack,&notice,
 					&auth,findack,(char *)&notice.z_uid);