the ID sent accross in the packet. The information in the packet
was created in the following way:
+ The database used to contain encrypted IDs. Now we don't encrypt
+ them in the database, although there are still some encrypted IDs
+ there.
+
The plain text ID number was encrypted via EncryptID() resulting
in the form that would appear in the Moira database. This is
concatinated to the plain text ID so that the ID string contains plain
thing is then DES encrypted using the encrypted ID as the source of
the key.
- This routine tries each encrypted ID in the database that belongs
+ This routine tries each ID in the database that belongs
to someone with this user's first and last name and tries to
decrypt the packet with this information. If it succeeds, it returns
zero and initializes all the fields of the formatted packet structure
/* Find out how much more room there is. */
len = message->encrypted_len - (temp - decrypt);
- /* Now compare encrypted ID's don't match. */
- if (strcmp(hashid, data->mit_id)) status = FAILURE;
- if (status == SUCCESS)
- {
- EncryptID(recrypt, idnumber, message->first, message->last);
- /* Now compare encrypted plain text to ID from database. */
- if (strcmp(recrypt, data->mit_id)) status = FAILURE;
- }
+ /* Now compare encrypted ID and clear text ID for a match. */
+ if (strcmp(hashid, data->mit_id) &&
+ strcmp(idnumber, data->mit_id))
+ status = FAILURE;
if (status == SUCCESS)
{