NAME
krb5_compare_creds
- compare Kerberos 5 credentials
LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS
krb5_boolean
krb5_compare_creds(
krb5_context context
krb5_flags whichfields
const krb5_creds *mcreds
const krb5_creds *creds
)
DESCRIPTION
krb5_compare_creds(
)
compares
mcreds
(usually filled in by the application)
to
creds
(most often from a credentials cache)
and return
TRUE
if they are equal.
Unless
mcreds->server
is
NULL
,
the service of the credentials are always compared. If the client
name in
mcreds
is present, the client names are also compared. This function is
normally only called indirectly via
krb5_cc_retrieve_cred(3).
The following flags, set in
whichfields
,
affects the comparison:
- KRB5_TC_MATCH_SRV_NAMEONLY
-
Consider all realms equal when comparing the service principal.
- KRB5_TC_MATCH_KEYTYPE
-
Compare enctypes.
- KRB5_TC_MATCH_FLAGS_EXACT
-
Make sure that the ticket flags are identical.
- KRB5_TC_MATCH_FLAGS
-
Make sure that all ticket flags set in
mcreds
are also present in
creds
.
- KRB5_TC_MATCH_TIMES_EXACT
-
Compares the ticket times exactly.
- KRB5_TC_MATCH_TIMES
-
Compares only the expiration times of the creds.
- KRB5_TC_MATCH_AUTHDATA
-
Compares the authdata fields.
- KRB5_TC_MATCH_2ND_TKT
-
Compares the second tickets (used by user-to-user authentication).
- KRB5_TC_MATCH_IS_SKEY
-
Compares the existance of the second ticket.
SEE ALSO
krb5(3),
krb5_cc_retrieve_cred(3),
krb5_creds(3),
krb5_get_init_creds(3),
kerberos(8)