Add switch to select friendly_name of the certificate.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24195 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-15 04:31:22 +00:00
parent f4aeb0d5cf
commit 0c4d8d3a16
2 changed files with 15 additions and 6 deletions
--- a/kdc/default_config.c
+++ b/kdc/default_config.c
@@ -220,7 +220,7 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config)
 				     "enable-pkinit",
 				     NULL);
    if (c->enable_pkinit) {
-	const char *user_id, *anchors, *ocsp_file;
+	const char *user_id, *anchors, *file;
 	char **pool_list, **revoke_list;

 	user_id =
@@ -242,15 +242,23 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config)
 	    krb5_config_get_strings(context, NULL,
 				    "kdc", "pkinit_revoke", NULL);

-	ocsp_file =
-	    krb5_config_get_string(context, NULL,
-				   "kdc", "pkinit_kdc_ocsp", NULL);
-	if (ocsp_file) {
-	    c->pkinit_kdc_ocsp_file = strdup(ocsp_file);
+	file = krb5_config_get_string(context, NULL,
+				      "kdc", "pkinit_kdc_ocsp", NULL);
+	if (file) {
+	    c->pkinit_kdc_ocsp_file = strdup(file);
 	    if (c->pkinit_kdc_ocsp_file == NULL)
 		krb5_errx(context, 1, "out of memory");
 	}

+	file = krb5_config_get_string(context, NULL,
+				      "kdc", "pkinit_kdc_friendly_name", NULL);
+	if (file) {
+	    c->pkinit_kdc_friendly_name = strdup(file);
+	    if (c->pkinit_kdc_friendly_name == NULL)
+		krb5_errx(context, 1, "out of memory");
+	}
+
+
 	_kdc_pk_initialize(context, c, user_id, anchors,
 			   pool_list, revoke_list);

--- a/kdc/kdc.h
+++ b/kdc/kdc.h
@@ -75,6 +75,7 @@ typedef struct krb5_kdc_configuration {
    krb5_boolean enable_pkinit;
    krb5_boolean pkinit_princ_in_cert;
    char *pkinit_kdc_ocsp_file;
+    char *pkinit_kdc_friendly_name;
    int pkinit_dh_min_bits;
    int pkinit_require_binding;