diff options
Diffstat (limited to 'third_party/heimdal/tests/gss/krb5.conf.in')
-rw-r--r-- | third_party/heimdal/tests/gss/krb5.conf.in | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/third_party/heimdal/tests/gss/krb5.conf.in b/third_party/heimdal/tests/gss/krb5.conf.in new file mode 100644 index 0000000..01c4c2e --- /dev/null +++ b/third_party/heimdal/tests/gss/krb5.conf.in @@ -0,0 +1,54 @@ +include @srcdirabs@/include-krb5.conf + +[libdefaults] + default_keytab_name = @objdir@/server.keytab + enable-kx509 = yes + kx509_store = PEM-FILE:/tmp/cert_%{euid}.pem + default_realm = TEST.H5L.SE + kuserok = SYSTEM-K5LOGIN:@srcdir@/../kdc/k5login + kuserok = USER-K5LOGIN + kuserok = SIMPLE + +[realms] + TEST.H5L.SE = { + kdc = localhost:@port@ + auth_to_local_names = { + user1 = mapped_user1 + } + } + +[kdc] + enable-digest = true + allow-anonymous = true + digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2 + strict-nametypes = true + synthetic_clients = true + enable_gss_preauth = true + gss_mechanisms_allowed = sanon-x25519 + enable-pkinit = true + pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key + pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt + pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt +# pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl + pkinit_mappings_file = @srcdir@/pki-mapping + pkinit_allow_proxy_certificate = true + + database = { + dbname = @objdir@/current-db + realm = TEST.H5L.SE + mkey_file = @objdir@/mkey.file + log_file = @objdir@/current.log + } + +[hdb] + db-dir = @objdir@ + enable_virtual_hostbased_princs = true + virtual_hostbased_princ_mindots = 1 + virtual_hostbased_princ_maxdots = 3 + same_realm_aliases_are_soft = true + +[logging] + kdc = 0-/FILE:@objdir@/messages.log + default = 0-/FILE:@objdir@/messages.log + +include @srcdirabs@/missing-krb5.conf |