static int ClientPrincipalIsAuthorizedForService (const char *inClientPrincipal)
{
int err = 0;
- krb5_context context = NULL;
- krb5_principal principal = NULL;
-
- if (!inClientPrincipal) { err = EINVAL; }
-
- if (!err) {
- err = krb5_init_context (&context);
- }
-
- if (!err) {
- err = krb5_parse_name (context, inClientPrincipal, &principal);
- }
-
- if (!err) {
/*
* Here is where the server checks to see if the client principal should
* be allowed to use your service. Typically it should check both the name
* realm may be trying to contact your service.
*/
err = 0;
- }
+
- if (principal) { krb5_free_principal (context, principal); }
- if (context ) { krb5_free_context (context); }
return err;
}
// }
//
// if (!err) {
- // servicePrincipal = malloc (nameToken.length + 1);
+ // servic7ePrincipal = malloc (nameToken.length + 1);
// if (servicePrincipal == NULL) { err = ENOMEM; }
// }
//