only if the result decodes do we do the checking.

1 files changed, 10 insertions, 7 deletions

diff --git a/lib/ZCkAuth.c b/lib/ZCkAuth.c
index 073a972..1f07a3a 100644
--- a/lib/ZCkAuth.c
+++ b/lib/ZCkAuth.c
@@ -46,13 +46,16 @@ int ZCheckAuthentication(notice, from)
 	result = krb_rd_req(&authent, SERVER_SERVICE, 
 			    SERVER_INSTANCE, from->sin_addr.s_addr, 
 			    &dat, SERVER_SRVTAB);
-	bcopy((char *)dat.session, (char *)__Zephyr_session, 
-	      sizeof(C_Block));
-	(void) sprintf(srcprincipal, "%s%s%s@%s", dat.pname, 
-		       dat.pinst[0]?".":"", dat.pinst, dat.prealm);
-	if (strcmp(srcprincipal, notice->z_sender))
-	    return (0);
-	return (result == RD_AP_OK);
+	if (result == RD_AP_OK) {
+		bcopy((char *)dat.session, (char *)__Zephyr_session, 
+		      sizeof(C_Block));
+		(void) sprintf(srcprincipal, "%s%s%s@%s", dat.pname, 
+			       dat.pinst[0]?".":"", dat.pinst, dat.prealm);
+		if (strcmp(srcprincipal, notice->z_sender))
+			return (0);
+		return(1);
+	} else
+		return (0);		/* didn't decode */
     }
 
     if (result = krb_get_cred(SERVER_SERVICE, SERVER_INSTANCE,