oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: _krb5_principal_is_anonymous() helper API

Browse Source 
Add _krb5_principal_is_anonymous() private API for checking if a principal is
anonymous or not. The third argument determines whether to match authenticated
anonymous, unauthenticated anonymous, or both types of principal.
This commit is contained in:
Luke Howard
2019-05-04 16:10:13 +10:00
committed by Jeffrey Altman
parent 4559618391
commit bcc90f1b87
8 changed files with 38 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
lib/krb5/principal.c
View File

@@ -1247,6 +1247,32 @@ krb5_principal_is_root_krbtgt(krb5_context context, krb5_const_principal p)
strcmp(p->name.name_string.val[1], p->realm) == 0;
}
/**
* Returns true iff name is WELLKNOWN/ANONYMOUS
*
* @ingroup krb5_principal
*/
krb5_boolean KRB5_LIB_FUNCTION
_krb5_principal_is_anonymous(krb5_context context,
krb5_const_principal p,
unsigned int flags)
{
int anon_realm;
if ((p->name.name_type != KRB5_NT_WELLKNOWN &&
p->name.name_type != KRB5_NT_UNKNOWN) ||
p->name.name_string.len != 2 ||
strcmp(p->name.name_string.val[0], KRB5_WELLKNOWN_NAME) != 0 ||
strcmp(p->name.name_string.val[1], KRB5_ANON_NAME) != 0)
return FALSE;
anon_realm = strcmp(p->realm, KRB5_ANON_REALM) == 0;
return ((flags & KRB5_ANON_MATCH_AUTHENTICATED) && !anon_realm) ||
((flags & KRB5_ANON_MATCH_UNAUTHENTICATED) && anon_realm);
}
static int
tolower_ascii(int c)
{