Add switch to select friendly_name of the certificate.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24195 ec53bebd-3082-4978-b11e-865c3cabbd6b

kdc/default_config.c

@@ -220,7 +220,7 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config)
 				     "enable-pkinit",
 				     NULL);
     if (c->enable_pkinit) {
-	const char *user_id, *anchors, *ocsp_file;
+	const char *user_id, *anchors, *file;
 	char **pool_list, **revoke_list;
 
 	user_id =
@@ -242,15 +242,23 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config)
 	    krb5_config_get_strings(context, NULL,
 				    "kdc", "pkinit_revoke", NULL);
 
-	ocsp_file =
+	file = krb5_config_get_string(context, NULL,
-	    krb5_config_get_string(context, NULL,
+				      "kdc", "pkinit_kdc_ocsp", NULL);
-				   "kdc", "pkinit_kdc_ocsp", NULL);
+	if (file) {
-	if (ocsp_file) {
+	    c->pkinit_kdc_ocsp_file = strdup(file);
-	    c->pkinit_kdc_ocsp_file = strdup(ocsp_file);
 	    if (c->pkinit_kdc_ocsp_file == NULL)
 		krb5_errx(context, 1, "out of memory");
 	}
 
+	file = krb5_config_get_string(context, NULL,
+				      "kdc", "pkinit_kdc_friendly_name", NULL);
+	if (file) {
+	    c->pkinit_kdc_friendly_name = strdup(file);
+	    if (c->pkinit_kdc_friendly_name == NULL)
+		krb5_errx(context, 1, "out of memory");
+	}
+
+
 	_kdc_pk_initialize(context, c, user_id, anchors,
 			   pool_list, revoke_list);
 

kdc/kdc.h

@@ -75,6 +75,7 @@ typedef struct krb5_kdc_configuration {
     krb5_boolean enable_pkinit;
     krb5_boolean pkinit_princ_in_cert;
     char *pkinit_kdc_ocsp_file;
+    char *pkinit_kdc_friendly_name;
     int pkinit_dh_min_bits;
     int pkinit_require_binding;