#define KRB5_TC_MATCH_TIMES_EXACT 0x00000008
#define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010
#define KRB5_TC_MATCH_AUTHDATA 0x00000020
+#define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040
/* for set_flags and other functions */
#define KRB5_TC_OPENCLOSE 0x00000001
PROTOTYPE((const krb5_creds *,
const krb5_creds *));
+static krb5_boolean srvname_match
+ PROTOTYPE((const krb5_creds *,
+ const krb5_creds *));
+
static krb5_boolean authdata_match
PROTOTYPE ((krb5_authdata * const *, krb5_authdata * const *));
return kret;
while ((kret = krb5_fcc_next_cred(id, &cursor, &fetchcreds)) == KRB5_OK) {
- if (standard_fields_match(mcreds, &fetchcreds)
+ if (((set(KRB5_TC_MATCH_SRV_NAMEONLY) &&
+ srvname_match(mcreds, &fetchcreds)) ||
+ standard_fields_match(mcreds, &fetchcreds))
&&
(! set(KRB5_TC_MATCH_IS_SKEY) ||
mcreds->is_skey == fetchcreds.is_skey)
krb5_principal_compare(mcreds->server,creds->server));
}
+/* only match the server name portion, not the server realm portion */
+
+static krb5_boolean
+srvname_match(mcreds, creds)
+register const krb5_creds *mcreds, *creds;
+{
+ krb5_boolean retval;
+ retval = krb5_principal_compare(mcreds->client,creds->client);
+ if (retval != TRUE)
+ return retval;
+ return krb5_principal_compare(&(mcreds->server[1]),&(creds->server[1]));
+}
+
static krb5_boolean
authdata_match(mdata, data)
register krb5_authdata * const *mdata, * const *data;
krb5_principal_compare(mcreds->server,creds->server));
}
+/* only match the server name portion, not the server realm portion */
+
+static krb5_boolean
+srvname_match(mcreds, creds)
+register const krb5_creds *mcreds, *creds;
+{
+ krb5_boolean retval;
+ retval = krb5_principal_compare(mcreds->client,creds->client);
+ if (retval != TRUE)
+ return retval;
+ return krb5_principal_compare(&(mcreds->server[1]),&(creds->server[1]));
+}
+
+
static krb5_boolean
authdata_match(mdata, data)
krb5_authdata *const *mdata, *const *data;
return kret;
while ((kret = krb5_scc_next_cred(id, &cursor, &fetchcreds)) == KRB5_OK) {
- if (standard_fields_match(mcreds, &fetchcreds)
+ if (((set(KRB5_TC_MATCH_SRV_NAMEONLY) &&
+ srvname_match(mcreds, &fetchcreds)) ||
+ standard_fields_match(mcreds, &fetchcreds))
&&
(! set(KRB5_TC_MATCH_IS_SKEY) ||
mcreds->is_skey == fetchcreds.is_skey)