if the Kerberos test fails, return -1 instead of zero (so it can

be distinguished)
author: John Kohl <jtkohl@mit.edu> 1988-06-20 11:14:13 +0000
committer: John Kohl <jtkohl@mit.edu> 1988-06-20 11:14:13 +0000
commit: 19f824e9eb6c227c169ba5fd47e7d674c116afa8 (patch)
tree: 2f664d71099947d60314aaf8fe566c876f0158ee /lib/ZCkAuth.c
parent: 0d26f8e79463eb77a3d3ec6a7d7366dccf6602ce (diff)
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/ZCkAuth.c b/lib/ZCkAuth.c
index 1f07a3a..6bfd6ba 100644
--- a/lib/ZCkAuth.c
+++ b/lib/ZCkAuth.c
@@ -20,6 +20,13 @@ static char rcsid_ZCheckAuthentication_c[] = "$Header$";
 
 #include <zephyr/zephyr_internal.h>
 
+/* Check authentication of the notice.
+   If it looks authentic but fails the Kerberos check, return -1.
+   If it looks authentic and passes the Kerberos check, return 1.
+   If it doesn't look authentic, return 0
+  
+   When not using Kerberos, return (looks-authentic-p)
+ */
 int ZCheckAuthentication(notice, from)
     ZNotice_t *notice;
     struct sockaddr_in *from;
@@ -55,7 +62,7 @@ int ZCheckAuthentication(notice, from)
 			return (0);
 		return(1);
 	} else
-		return (0);		/* didn't decode */
+		return (-1);		/* didn't decode correctly */
     }
 
     if (result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE, 
@@ -67,8 +74,10 @@ int ZCheckAuthentication(notice, from)
 					   strlen(notice->z_default_format)+1-
 					   notice->z_packet, 0, cred.session);
 
-    return (our_checksum == notice->z_checksum);
+    /* if mismatched checksum, then the packet was corrupted */
+    return ((our_checksum == notice->z_checksum) ? 0 : -1);
+
 #else
-    return (notice->z_auth);
+    return (notice->z_auth ? 1 : 0);
 #endif
 }
author	John Kohl <jtkohl@mit.edu>	1988-06-20 11:14:13 +0000
committer	John Kohl <jtkohl@mit.edu>	1988-06-20 11:14:13 +0000
commit	19f824e9eb6c227c169ba5fd47e7d674c116afa8 (patch)
tree	2f664d71099947d60314aaf8fe566c876f0158ee /lib/ZCkAuth.c
parent	0d26f8e79463eb77a3d3ec6a7d7366dccf6602ce (diff)