oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

rename ca_dir to pkinit/x509_anchors since its more like that language

Browse Source 
in RFC3280


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13494 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2004-03-09 21:06:10 +00:00
parent 3036c59b11
commit 9197bbb0c8
3 changed files with 21 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
kdc/config.c
View File

@@ -432,7 +432,7 @@ configure(int argc, char **argv)
"enable-pkinit",
NULL);
if (enable_pkinit) {
const char *key_file, *certificate_file, *ca_dir;
const char *key_file, *certificate_file, *x509_anchors;
key_file = krb5_config_get_string(context, NULL,
"kdc",
@@ -448,14 +448,14 @@ configure(int argc, char **argv)
if (certificate_file == NULL)
krb5_errx(context, 1, "pkinit enabled but no certificate");
ca_dir = krb5_config_get_string(context, NULL,
"kdc",
"pki-ca-dir",
NULL);
if (ca_dir == NULL)
krb5_errx(context, 1, "pkinit enabled but no CA directory");
x509_anchors = krb5_config_get_string(context, NULL,
"kdc",
"pki-anchors",
NULL);
if (x509_anchors == NULL)
krb5_errx(context, 1, "pkinit enabled but no X509 anchors");
pk_initialize(certificate_file, key_file, ca_dir);
pk_initialize(certificate_file, key_file, x509_anchors);
}
#endif

10
kuser/kinit.c
View File

@@ -68,7 +68,7 @@ int convert_524 = 0;
int fcache_version;
char *pk_cert_file = NULL;
char *pk_key_file = NULL;
char *pk_ca_dir = NULL;
char *pk_x509_anchors = NULL;
int pk_use_dh = -1;
static char *krb4_cc_name;
@@ -153,7 +153,7 @@ static struct getargs args[] = {
{ "private-key", 'K', arg_string, &pk_key_file,
"principal's private key", "filename" },
{ "ca-dir", 'D', arg_string, &pk_ca_dir,
{ "x509-anchors", 'D', arg_string, &pk_x509_anchors,
"directory with CA certificates", "directory" },
{ "pkinit-use-dh", 0, arg_flag, &pk_use_dh,
@@ -468,7 +468,7 @@ get_new_tickets(krb5_context context,
ret = krb5_get_init_creds_opt_set_pkinit(context, opt,
pk_cert_file,
pk_key_file,
pk_ca_dir,
pk_x509_anchors,
flags,
NULL);
if (ret)
@@ -793,10 +793,10 @@ main (int argc, char **argv)
krb5_principal_get_realm(context, principal),
"afslog", TRUE, &do_afslog);
if (pk_ca_dir == NULL)
if (pk_x509_anchors == NULL)
krb5_appdefault_string(context, "kinit",
krb5_principal_get_realm(context, principal),
"pkinit-ca-dir", NULL, &pk_ca_dir);
"pkinit-anchors", NULL, &pk_x509_anchors);
#ifdef PKINIT
if(pk_use_dh == -1)

16
lib/krb5/pkinit.c
View File

@@ -1611,7 +1611,7 @@ _krb5_pk_load_openssl_id(krb5_context context,
struct krb5_pk_identity **ret_id,
const char *cert_file,
const char *key_file,
const char *ca_dir,
const char *x509_anchors,
char *password)
{
struct krb5_pk_identity *id = NULL;
@@ -1637,7 +1637,7 @@ _krb5_pk_load_openssl_id(krb5_context context,
krb5_set_error_string(context, "key file missing");
return HEIM_PKINIT_NO_PRIVATE_KEY;
}
if (ca_dir == NULL) {
if (x509_anchors == NULL) {
krb5_set_error_string(context, "No root ca directory given\n");
return HEIM_PKINIT_NO_VALID_CA;
}
@@ -1697,16 +1697,16 @@ _krb5_pk_load_openssl_id(krb5_context context,
goto out;
}
/* read ca certificates */
dir = opendir(ca_dir);
dir = opendir(x509_anchors);
if (dir == NULL) {
ret = errno;
krb5_set_error_string(context, "open directory %s: %s",
ca_dir, strerror(ret));
x509_anchors, strerror(ret));
goto out;
}
asprintf(&dirname, "%s%s", ca_dir,
ca_dir[strlen(ca_dir) - 1] == '/' ? "" : "/");
asprintf(&dirname, "%s%s", x509_anchors,
x509_anchors[strlen(x509_anchors) - 1] == '/' ? "" : "/");
trusted_certs = sk_X509_new_null();
while ((file = readdir(dir)) != NULL) {
@@ -1809,7 +1809,7 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context,
krb5_get_init_creds_opt *opt,
const char *cert_file,
const char *key_file,
const char *ca_dir,
const char *x509_anchors,
int flags,
char *password)
{
@@ -1832,7 +1832,7 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context,
&opt->private->pk_init_ctx->id,
cert_file,
key_file,
ca_dir,
x509_anchors,
password);
if (ret) {
free(opt->private->pk_init_ctx);