Add pool of certificates to help certificate path building for clients

sending incomplete path in the signedData.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16856 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-03-30 03:12:06 +00:00
parent 945efb8a96
commit 145960cda9

View File

@@ -70,6 +70,7 @@ int convert_524 = 0;
int fcache_version;
char *pk_user_id = NULL;
char *pk_x509_anchors = NULL;
char **pk_x509_pool = NULL;
static char *krb4_cc_name;
@@ -464,6 +465,7 @@ get_new_tickets(krb5_context context,
principal,
pk_user_id,
pk_x509_anchors,
pk_x509_pool,
0,
NULL,
NULL,
@@ -800,6 +802,12 @@ main (int argc, char **argv)
krb5_principal_get_realm(context, principal),
"afslog", TRUE, &do_afslog);
/* XXX implement krb5_appdefault_strings */
pk_x509_pool = krb5_config_get_strings(context, NULL,
"appdefaults",
"pkinit-pool",
NULL);
if (pk_x509_anchors == NULL)
krb5_appdefault_string(context, "kinit",
krb5_principal_get_realm(context, principal),