allow a NULL server argument to mean "take anything"
authorJohn Kohl <jtkohl@mit.edu>
Wed, 12 Dec 1990 15:26:10 +0000 (15:26 +0000)
committerJohn Kohl <jtkohl@mit.edu>
Wed, 12 Dec 1990 15:26:10 +0000 (15:26 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1540 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/rd_req_dec.c

index b12a97829a9ac064a2c1f1efaa655807f16771e1..11f65db58cfcb9b044aed33d916e7e819a2e1d9e 100644 (file)
@@ -28,7 +28,9 @@ static char rcsid_rd_req_dec_c[] =
 /*
  Parses a KRB_AP_REQ message, returning its contents.
 
- server specifies the expected server's name for the ticket.
+ server specifies the expected server's name for the ticket; if NULL, then
+ any server will be accepted if the key can be found, and the caller should
+ verify that the principal is something it trusts.
 
  sender_addr specifies the address(es) expected to be present in the
  ticket.
@@ -82,7 +84,8 @@ krb5_tkt_authent *tktauthent;
     krb5_timestamp currenttime;
 
 
-    if (!krb5_principal_compare(server, req->ticket->server))
+    if ((server != NULL) &&
+       (!krb5_principal_compare(server, req->ticket->server))
        return KRB5KRB_AP_WRONG_PRINC;
 
     /* if (req->ap_options & AP_OPTS_USE_SESSION_KEY)