| blob | bdb6cbb258e7c74c2a3f8180e37f4dce6256ad42 |
1 .\" Copyright (c) 2004-2005 Kungliga Tekniska Högskolan
2 .\" (Royal Institute of Technology, Stockholm, Sweden).
3 .\" All rights reserved.
4 .\"
5 .\" Redistribution and use in source and binary forms, with or without
6 .\" modification, are permitted provided that the following conditions
7 .\" are met:
8 .\"
9 .\" 1. Redistributions of source code must retain the above copyright
10 .\" notice, this list of conditions and the following disclaimer.
11 .\"
12 .\" 2. Redistributions in binary form must reproduce the above copyright
13 .\" notice, this list of conditions and the following disclaimer in the
14 .\" documentation and/or other materials provided with the distribution.
15 .\"
16 .\" 3. Neither the name of the Institute nor the names of its contributors
17 .\" may be used to endorse or promote products derived from this software
18 .\" without specific prior written permission.
19 .\"
20 .\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
21 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
24 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 .\" SUCH DAMAGE.
31 .\"
32 .\" $Heimdal: krb5_compare_creds.3 15110 2005-05-10 09:21:06Z lha $
33 .\" $NetBSD$
34 .\"
35 .Dd May 10, 2005
36 .Dt KRB5_COMPARE_CREDS 3
37 .Os
38 .Sh NAME
39 .Nm krb5_compare_creds
40 .Nd compare Kerberos 5 credentials
41 .Sh LIBRARY
42 Kerberos 5 Library (libkrb5, -lkrb5)
43 .Sh SYNOPSIS
44 .In krb5/krb5.h
45 .Ft krb5_boolean
46 .Fo krb5_compare_creds
47 .Fa "krb5_context context"
48 .Fa "krb5_flags whichfields"
49 .Fa "const krb5_creds *mcreds"
50 .Fa "const krb5_creds *creds"
51 .Fc
52 .Sh DESCRIPTION
53 .Fn krb5_compare_creds
54 compares
55 .Fa mcreds
56 (usually filled in by the application)
57 to
58 .Fa creds
59 (most often from a credentials cache)
60 and return
61 .Dv TRUE
62 if they are equal.
63 Unless
64 .Va mcreds-\*[Gt]server
65 is
66 .Dv NULL ,
67 the service of the credentials are always compared. If the client
68 name in
69 .Fa mcreds
70 is present, the client names are also compared. This function is
71 normally only called indirectly via
72 .Xr krb5_cc_retrieve_cred 3 .
73 .Pp
74 The following flags, set in
75 .Fa whichfields ,
76 affects the comparison:
77 .Bl -tag -width KRB5_TC_MATCH_SRV_NAMEONLY -compact -offset indent
78 .It KRB5_TC_MATCH_SRV_NAMEONLY
79 Consider all realms equal when comparing the service principal.
80 .It KRB5_TC_MATCH_KEYTYPE
81 Compare enctypes.
82 .It KRB5_TC_MATCH_FLAGS_EXACT
83 Make sure that the ticket flags are identical.
84 .It KRB5_TC_MATCH_FLAGS
85 Make sure that all ticket flags set in
86 .Fa mcreds
87 are also present in
88 .Fa creds .
89 .It KRB5_TC_MATCH_TIMES_EXACT
90 Compares the ticket times exactly.
91 .It KRB5_TC_MATCH_TIMES
92 Compares only the expiration times of the creds.
93 .It KRB5_TC_MATCH_AUTHDATA
94 Compares the authdata fields.
95 .It KRB5_TC_MATCH_2ND_TKT
96 Compares the second tickets (used by user-to-user authentication).
97 .It KRB5_TC_MATCH_IS_SKEY
98 Compares the existance of the second ticket.
99 .El
100 .Sh SEE ALSO
101 .Xr krb5 3 ,
102 .Xr krb5_cc_retrieve_cred 3 ,
103 .Xr krb5_creds 3 ,
104 .Xr krb5_get_init_creds 3 ,
105 .Xr kerberos 8