diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-11-11 11:27:33 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-11-15 01:25:06 +0000 |
| commit | 1342185e333cb8139b7a70b7fe43571bcc2716a7 (patch) | |
| tree | 0e1cb8d3cfc437bd7cc3a97f2bdc472f54d95dbd /source4/heimdal/kdc | |
| parent | 13fd22f61017124d2d4964db3e32c667d119b56c (diff) | |
| download | samba-1342185e333cb8139b7a70b7fe43571bcc2716a7.tar.gz samba-1342185e333cb8139b7a70b7fe43571bcc2716a7.tar.bz2 samba-1342185e333cb8139b7a70b7fe43571bcc2716a7.zip | |
s4:heimdal: import lorikeet-heimdal-201011102149 (commit 5734d03c20e104c8f45533d07f2a2cbbd3224f29)
Diffstat (limited to 'source4/heimdal/kdc')
| -rw-r--r-- | source4/heimdal/kdc/default_config.c | 44 |
1 files changed, 25 insertions, 19 deletions
diff --git a/source4/heimdal/kdc/default_config.c b/source4/heimdal/kdc/default_config.c index 118bdf97aa..f745183e51 100644 --- a/source4/heimdal/kdc/default_config.c +++ b/source4/heimdal/kdc/default_config.c @@ -258,37 +258,43 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) 0, "kdc", "pkinit_dh_min_bits", NULL); + *config = c; + return 0; +} + +krb5_error_code +krb5_kdc_pkinit_config(krb5_context context, krb5_kdc_configuration *config) +{ +#ifdef PKINIT #ifdef __APPLE__ - c->enable_pkinit = 1; + config->enable_pkinit = 1; - if (c->pkinit_kdc_identity == NULL) { - if (c->pkinit_kdc_friendly_name == NULL) - c->pkinit_kdc_friendly_name = + if (config->pkinit_kdc_identity == NULL) { + if (config->pkinit_kdc_friendly_name == NULL) + config->pkinit_kdc_friendly_name = strdup("O=System Identity,CN=com.apple.kerberos.kdc"); - c->pkinit_kdc_identity = strdup("KEYCHAIN:"); + config->pkinit_kdc_identity = strdup("KEYCHAIN:"); } - if (c->pkinit_kdc_anchors == NULL) - c->pkinit_kdc_anchors = strdup("KEYCHAIN:"); + if (config->pkinit_kdc_anchors == NULL) + config->pkinit_kdc_anchors = strdup("KEYCHAIN:"); -#endif +#endif /* __APPLE__ */ - if (c->enable_pkinit) { - if (c->pkinit_kdc_identity == NULL) + if (config->enable_pkinit) { + if (config->pkinit_kdc_identity == NULL) krb5_errx(context, 1, "pkinit enabled but no identity"); - if (c->pkinit_kdc_anchors == NULL) + if (config->pkinit_kdc_anchors == NULL) krb5_errx(context, 1, "pkinit enabled but no X509 anchors"); - krb5_kdc_pk_initialize(context, c, - c->pkinit_kdc_identity, - c->pkinit_kdc_anchors, - c->pkinit_kdc_cert_pool, - c->pkinit_kdc_revoke); + krb5_kdc_pk_initialize(context, config, + config->pkinit_kdc_identity, + config->pkinit_kdc_anchors, + config->pkinit_kdc_cert_pool, + config->pkinit_kdc_revoke); } - *config = c; - - return 0; +#endif /* PKINIT */ } |