channel_bindings

A virtual server that is used to validate channel-bindings.

server channel_bindings

Only the "authorize" section is needed.

authorize {
	if (GSS-Acceptor-Service-Name && (outer.request:GSS-Acceptor-Service-Name != GSS-Acceptor-Service-Name)) {
		reject
	}

	if (GSS-Acceptor-Service-Name || GSS-Acceptor-Realm-Name || GSS-Acceptor-Host-Name) {
		update control {
			Chbind-Response-Code := success
		}
		update reply {
			GSS-Acceptor-Service-Name = &GSS-Acceptor-Service-Name
			GSS-Acceptor-Host-Name = &GSS-Acceptor-Host-Name
			GSS-Acceptor-Realm-Name = &GSS-Acceptor-Realm-Name
		}
	}
	handled
}
}