oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Allow passing in related certificates used to build the chain.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16850 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-03-28 04:38:14 +00:00
parent 27a38bba47
commit cd6acf1200
3 changed files with 41 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
kdc/config.c
View File

@@ -501,7 +501,8 @@ configure(krb5_context context, int argc, char **argv)
"enable-pkinit",
NULL);
if (config->enable_pkinit) {
const char *user_id, *x509_anchors;
const char *user_id, *anchors;
char **chain;
user_id = krb5_config_get_string(context, NULL,
"kdc",
@@ -510,14 +511,21 @@ configure(krb5_context context, int argc, char **argv)
if (user_id == NULL)
krb5_errx(context, 1, "pkinit enabled but no identity");
x509_anchors = krb5_config_get_string(context, NULL,
"kdc",
"pki-anchors",
NULL);
if (x509_anchors == NULL)
anchors = krb5_config_get_string(context, NULL,
"kdc",
"pki-anchors",
NULL);
if (anchors == NULL)
krb5_errx(context, 1, "pkinit enabled but no X509 anchors");
_kdc_pk_initialize(context, config, user_id, x509_anchors);
chain = krb5_config_get_strings(context, NULL,
"kdc",
"pki-chain",
NULL);
_kdc_pk_initialize(context, config, user_id, anchors, chain);
krb5_config_free_strings(chain);
config->enable_pkinit_princ_in_cert =
krb5_config_get_bool_default(context,