xref: /titanic_41/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/princ_comp.c (revision 72f0806acd90f56fb47a8087c33cfeaec527fdda) 
1 /*
2  * lib/krb5/krb/princ_comp.c
3  *
4  * Copyright 1990,1991 by the Massachusetts Institute of Technology.
5  * All Rights Reserved.
6  *
7  * Export of this software from the United States of America may
8  *   require a specific license from the United States Government.
9  *   It is the responsibility of any person or organization contemplating
10  *   export to obtain such a license before exporting.
11  *
12  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13  * distribute this software and its documentation for any purpose and
14  * without fee is hereby granted, provided that the above copyright
15  * notice appear in all copies and that both that copyright notice and
16  * this permission notice appear in supporting documentation, and that
17  * the name of M.I.T. not be used in advertising or publicity pertaining
18  * to distribution of the software without specific, written prior
19  * permission.  Furthermore if you modify this software you must label
20  * your software as modified software and not distribute it in such a
21  * fashion that it might be confused with the original M.I.T. software.
22  * M.I.T. makes no representations about the suitability of
23  * this software for any purpose.  It is provided "as is" without express
24  * or implied warranty.
25  *
26  *
27  * compare two principals, returning a krb5_boolean true if equal, false if
28  * not.
29  */
30 
31 /*
32  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
33  * Use is subject to license terms.
34  */
35 
36 #include <k5-int.h>
37 
38 /*ARGSUSED*/
39 krb5_boolean KRB5_CALLCONV
krb5_realm_compare(krb5_context context,krb5_const_principal princ1,krb5_const_principal princ2)40 krb5_realm_compare(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)
41 {
42     if (krb5_princ_realm(context, princ1)->length !=
43 	krb5_princ_realm(context, princ2)->length ||
44 	memcmp (krb5_princ_realm(context, princ1)->data,
45 	 	krb5_princ_realm(context, princ2)->data,
46 		krb5_princ_realm(context, princ2)->length))
47 	return FALSE;
48 
49     return TRUE;
50 }
51 
52 krb5_boolean KRB5_CALLCONV
krb5_principal_compare(krb5_context context,krb5_const_principal princ1,krb5_const_principal princ2)53 krb5_principal_compare(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)
54 {
55     register int i;
56     krb5_int32 nelem;
57 
58     nelem = krb5_princ_size(context, princ1);
59     if (nelem != krb5_princ_size(context, princ2))
60 	return FALSE;
61 
62     if (! krb5_realm_compare(context, princ1, princ2))
63 	return FALSE;
64 
65     for (i = 0; i < (int) nelem; i++) {
66 	register const krb5_data *p1 = krb5_princ_component(context, princ1, i);
67 	register const krb5_data *p2 = krb5_princ_component(context, princ2, i);
68 	if (p1->length != p2->length ||
69 	    memcmp(p1->data, p2->data, p1->length))
70 	    return FALSE;
71     }
72     return TRUE;
73 }
74 
75 /*
76  * Solaris Kerberos: MS Interop requires that case insensitive comparisons of
77  * service and host components are performed for key table lookup, etc.  Only
78  * called if the private environment variable MS_INTEROP is defined.
79  */
80 krb5_boolean KRB5_CALLCONV
__krb5_principal_compare_case_ins(krb5_context context,krb5_const_principal princ1,krb5_const_principal princ2)81 __krb5_principal_compare_case_ins(krb5_context context,
82     krb5_const_principal princ1, krb5_const_principal princ2)
83 {
84     register int i;
85     krb5_int32 nelem;
86 
87     nelem = krb5_princ_size(context, princ1);
88     if (nelem != krb5_princ_size(context, princ2))
89 	return FALSE;
90 
91     if (! krb5_realm_compare(context, princ1, princ2))
92 	return FALSE;
93 
94     for (i = 0; i < (int) nelem; i++) {
95 	register const krb5_data *p1 = krb5_princ_component(context, princ1, i);
96 	register const krb5_data *p2 = krb5_princ_component(context, princ2, i);
97 	if (p1->length != p2->length ||
98 	    strncasecmp(p1->data, p2->data, p1->length))
99 	    return FALSE;
100     }
101     return TRUE;
102 }
103 
krb5_is_referral_realm(const krb5_data * r)104 krb5_boolean KRB5_CALLCONV krb5_is_referral_realm(const krb5_data *r)
105 {
106     /*
107      * Check for a match with KRB5_REFERRAL_REALM.  Currently this relies
108      * on that string constant being zero-length.  (Unlike principal realm
109      * names, KRB5_REFERRAL_REALM is known to be a string.)
110      */
111 #ifdef DEBUG_REFERRALS
112 #if 0
113     printf("krb5_is_ref_realm: checking <%s> for referralness: %s\n",
114 	   r->data,(r->length==0)?"true":"false");
115 #endif
116 #endif
117     assert(strlen(KRB5_REFERRAL_REALM)==0);
118     if (r->length==0)
119         return TRUE;
120     else
121         return FALSE;
122 }
123