diff options
| author | Stefan Metzmacher <metze@samba.org> | 2011-03-04 10:05:13 +0100 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2011-03-04 21:19:05 +0100 |
| commit | a8b3958f38805f18f300aed64bf567339f75e8b3 (patch) | |
| tree | 7fe483301d78097f8caa6e63e0b96f858c0baee4 /selftest | |
| parent | 8002406c51cf1f9f6daebef7e03bfef77f56cf38 (diff) | |
| download | samba-a8b3958f38805f18f300aed64bf567339f75e8b3.tar.gz samba-a8b3958f38805f18f300aed64bf567339f75e8b3.tar.bz2 samba-a8b3958f38805f18f300aed64bf567339f75e8b3.zip | |
selftest/target/Samba4: splitout a mk_krb5_conf() function
metze
Diffstat (limited to 'selftest')
| -rw-r--r-- | selftest/target/Samba4.pm | 95 |
1 files changed, 51 insertions, 44 deletions
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index d4817bb5c7..c1d2862ff7 100644 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -459,6 +459,56 @@ Wfz/8alZ5aMezCQzXJyIaJsCLeKABosSwHcpAFmxlQ== EOF } +sub mk_krb5_conf($$) +{ + my ($self, $ctx) = @_; + + unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) { + warn("can't open $ctx->{krb5_conf}$?"); + return undef; + } + print KRB5CONF " +#Generated krb5.conf for $ctx->{realm} + +[libdefaults] + default_realm = $ctx->{realm} + dns_lookup_realm = false + dns_lookup_kdc = false + ticket_lifetime = 24h + forwardable = yes + allow_weak_crypto = yes + +[realms] + $ctx->{realm} = { + kdc = $ctx->{kdc_ipv4}:88 + admin_server = $ctx->{kdc_ipv4}:88 + default_domain = $ctx->{dnsname} + } + $ctx->{dnsname} = { + kdc = $ctx->{kdc_ipv4}:88 + admin_server = $ctx->{kdc_ipv4}:88 + default_domain = $ctx->{dnsname} + } + $ctx->{domain} = { + kdc = $ctx->{kdc_ipv4}:88 + admin_server = $ctx->{kdc_ipv4}:88 + default_domain = $ctx->{dnsname} + } + +[appdefaults] + pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem + +[kdc] + enable-pkinit = true + pkinit_identity = FILE:$ctx->{tlsdir}/kdc.pem,$ctx->{tlsdir}/key.pem + pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem + +[domain_realm] + .$ctx->{dnsname} = $ctx->{realm} +"; + close(KRB5CONF); +} + sub provision_raw_prepare($$$$$$$$$$) { my ($self, $prefix, $server_role, $netbiosname, $netbiosalias, @@ -635,50 +685,7 @@ sub provision_raw_step1($$) $self->mk_keyblobs($ctx->{tlsdir}); - unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) { - warn("can't open $ctx->{krb5_conf}$?"); - return undef; - } - print KRB5CONF " -#Generated krb5.conf for $ctx->{realm} - -[libdefaults] - default_realm = $ctx->{realm} - dns_lookup_realm = false - dns_lookup_kdc = false - ticket_lifetime = 24h - forwardable = yes - allow_weak_crypto = yes - -[realms] - $ctx->{realm} = { - kdc = $ctx->{kdc_ipv4}:88 - admin_server = $ctx->{kdc_ipv4}:88 - default_domain = $ctx->{dnsname} - } - $ctx->{dnsname} = { - kdc = $ctx->{kdc_ipv4}:88 - admin_server = $ctx->{kdc_ipv4}:88 - default_domain = $ctx->{dnsname} - } - $ctx->{domain} = { - kdc = $ctx->{kdc_ipv4}:88 - admin_server = $ctx->{kdc_ipv4}:88 - default_domain = $ctx->{dnsname} - } - -[appdefaults] - pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem - -[kdc] - enable-pkinit = true - pkinit_identity = FILE:$ctx->{tlsdir}/kdc.pem,$ctx->{tlsdir}/key.pem - pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem - -[domain_realm] - .$ctx->{dnsname} = $ctx->{realm} -"; - close(KRB5CONF); + $self->mk_krb5_conf($ctx); open(PWD, ">$ctx->{nsswrap_passwd}"); print PWD " |