From 0c4d8d3a16f78bad9ea3a271eecb3a9aef6714f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Mon, 15 Dec 2008 04:31:22 +0000
Subject: [PATCH] Add switch to select friendly_name of the certificate.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24195 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/default_config.c | 20 ++++++++++++++------
 kdc/kdc.h            |  1 +
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/kdc/default_config.c b/kdc/default_config.c
index 60fbc9290..a59d2f40f 100644
--- a/kdc/default_config.c
+++ b/kdc/default_config.c
@@ -220,7 +220,7 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config)
 				     "enable-pkinit",
 				     NULL);
     if (c->enable_pkinit) {
-	const char *user_id, *anchors, *ocsp_file;
+	const char *user_id, *anchors, *file;
 	char **pool_list, **revoke_list;
 
 	user_id =
@@ -242,15 +242,23 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config)
 	    krb5_config_get_strings(context, NULL,
 				    "kdc", "pkinit_revoke", NULL);
 
-	ocsp_file =
-	    krb5_config_get_string(context, NULL,
-				   "kdc", "pkinit_kdc_ocsp", NULL);
-	if (ocsp_file) {
-	    c->pkinit_kdc_ocsp_file = strdup(ocsp_file);
+	file = krb5_config_get_string(context, NULL,
+				      "kdc", "pkinit_kdc_ocsp", NULL);
+	if (file) {
+	    c->pkinit_kdc_ocsp_file = strdup(file);
 	    if (c->pkinit_kdc_ocsp_file == NULL)
 		krb5_errx(context, 1, "out of memory");
 	}
 
+	file = krb5_config_get_string(context, NULL,
+				      "kdc", "pkinit_kdc_friendly_name", NULL);
+	if (file) {
+	    c->pkinit_kdc_friendly_name = strdup(file);
+	    if (c->pkinit_kdc_friendly_name == NULL)
+		krb5_errx(context, 1, "out of memory");
+	}
+
+
 	_kdc_pk_initialize(context, c, user_id, anchors,
 			   pool_list, revoke_list);
 
diff --git a/kdc/kdc.h b/kdc/kdc.h
index 843bd5fa5..bb9b2bd14 100644
--- a/kdc/kdc.h
+++ b/kdc/kdc.h
@@ -75,6 +75,7 @@ typedef struct krb5_kdc_configuration {
     krb5_boolean enable_pkinit;
     krb5_boolean pkinit_princ_in_cert;
     char *pkinit_kdc_ocsp_file;
+    char *pkinit_kdc_friendly_name;
     int pkinit_dh_min_bits;
     int pkinit_require_binding;