From 1e12165c58e7c6d26bd4d501556287de1a1856b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 11 May 2006 10:16:01 +0000
Subject: [PATCH] (krb5_get_init_creds_opt_set_pkinit): move parsing of the
 configuration file to the library so application doesn't need to deal with
 it.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17529 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/pkinit.c | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/lib/krb5/pkinit.c b/lib/krb5/pkinit.c
index d85eef18c..ffafbc13f 100644
--- a/lib/krb5/pkinit.c
+++ b/lib/krb5/pkinit.c
@@ -1769,7 +1769,7 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context,
 				   krb5_principal principal,
 				   const char *user_id,
 				   const char *x509_anchors,
-				   char * const * chain,
+				   char * const * pool,
 				   char * const * revoke,
 				   int flags,
 				   krb5_prompter_fct prompter,
@@ -1797,11 +1797,30 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context,
     opt->opt_private->pk_init_ctx->require_eku = 1;
     opt->opt_private->pk_init_ctx->require_krbtgt_otherName = 1;
 
+
+    /* XXX implement krb5_appdefault_strings  */
+    if (pool == NULL)
+	pool = krb5_config_get_strings(context, NULL,
+				       "appdefaults", 
+				       "pkinit-pool", 
+				       NULL);
+
+    if (revoke == NULL)
+	revoke = krb5_config_get_strings(context, NULL,
+					 "appdefaults", 
+					 "pkinit-revoke", 
+					 NULL);
+
+    if (x509_anchors == NULL)
+	krb5_appdefault_string(context, "kinit",
+			       krb5_principal_get_realm(context, principal), 
+			       "pkinit-anchors", NULL, &x509_anchors);
+
     ret = _krb5_pk_load_id(context,
 			   &opt->opt_private->pk_init_ctx->id,
 			   user_id,
 			   x509_anchors,
-			   chain,
+			   pool,
 			   revoke,
 			   prompter,
 			   prompter_data,