test HTTP transport

tests/kdc/check-kdc.in

@@ -47,6 +47,7 @@ ${have_db} || exit 77
 
 R=TEST.H5L.SE
 R2=TEST2.H5L.SE
+R3=TEST-HTTP.H5L.SE
 
 port=@port@
 
@@ -97,6 +98,12 @@ ${kadmin} \
     --realm-max-renewable-life=1month \
     ${R2} || exit 1
 
+${kadmin} \
+    init \
+    --realm-max-ticket-life=1day \
+    --realm-max-renewable-life=1month \
+    ${R3} || exit 1
+
 ${kadmin} cpw -r krbtgt/${R}@${R} || exit 1
 ${kadmin} cpw -r krbtgt/${R}@${R} || exit 1
 ${kadmin} cpw -r krbtgt/${R}@${R} || exit 1
@@ -133,6 +140,8 @@ ${kadmin} add -p cross2 --use-defaults krbtgt/${R}@${R2} || exit 1
 ${kadmin} add -p foo --use-defaults pw-expire@${R} || exit 1
 ${kadmin} modify --pw-expiration-time=+1day  pw-expire@${R} || exit 1
 
+${kadmin} add -p foo --use-defaults foo@${R3} || exit 1
+
 echo "Check parser"
 ${kadmin} add -p foo --use-defaults -- -p || exit 1
 ${kadmin} delete -- -p || exit 1
@@ -186,6 +195,11 @@ ${test_ap_req} ${server}@${R} ${keytab} ${cache} || \
 	{ ec=1 ; eval "${testfailed}"; }
 ${kdestroy}
 
+echo "Getting client initial tickets (http transport)"; > messages.log
+${kinit} --password-file=${objdir}/foopassword foo@${R3} || \
+	{ ec=1 ; eval "${testfailed}"; }
+${kdestroy}
+
 echo "Specific enctype"; > messages.log
 ${kinit} --password-file=${objdir}/foopassword \
     -e ${aesenctype} -e ${aesenctype} \

tests/kdc/krb5.conf.in

@@ -28,6 +28,9 @@
 	TEST4.H5L.SE = {
 		kdc = localhost:@port@
 	}
+	TEST-HTTP.H5L.SE = {
+		kdc = http/localhost:@port@
+	}
 
 [domain_realm]
 	.test.h5l.se = TEST.H5L.SE
@@ -41,6 +44,8 @@
 	allow-anonymous = true
 	digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
 
+	enable-http = true
+
 	enable-pkinit = true
 	pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
 	pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt