tests/kdc/krb5-canon.conf.in

   1 [libdefaults]
   2         default_realm = TEST.H5L.SE TEST2.H5L.SE
   3         no-addresses = TRUE
   4         dns_lookup_realm = no
   5         name_canon_rules = as-is:realm=TEST.H5L.SE
   6         name_canon_rules = as-is:realm=TEST2.H5L.SE
   7         name_canon_rules = as-is:realm=TEST3.H5L.SE
   8         name_canon_rules = qualify:domain=test1.h5l.se:realm=TEST.H5L.SE
   9         name_canon_rules = qualify:domain=test1.h5l.se:realm=TEST2.H5L.SE
  10         name_canon_rules = qualify:domain=test2.h5l.se:realm=TEST2.H5L.SE
  11         name_canon_rules = qualify:domain=test3.h5l.se:realm=TEST3.H5L.SE
  12
  13 [appdefaults]
  14         pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
  15         reconnect-min = 2s
  16         reconnect-backoff = 2s
  17         reconnect-max = 10s
  18
  19 [realms]
  20         TEST.H5L.SE = {
  21                 kdc = localhost:@port@
  22                 admin_server = localhost:@admport@
  23                 kpasswd_server = localhost:@pwport@
  24         }
  25         TEST2.H5L.SE = {
  26                 kdc = localhost:@port@
  27                 kpasswd_server = localhost:@pwport@
  28         }
  29         TEST3.H5L.SE = {
  30                 kdc = localhost:@port@
  31         }
  32
  33 [domain_realm]
  34         .test1.h5l.se = TEST.H5L.SE
  35         .test2.h5l.se = TEST2.H5L.SE
  36         .test3.h5l.se = TEST3.H5L.SE
  37         localhost = TEST.H5L.SE
  38
  39
  40 [kdc]
  41         enable-digest = true
  42         allow-anonymous = true
  43         digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
  44
  45         enable-http = true
  46
  47         enable-pkinit = true
  48         pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
  49         pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
  50         pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt
  51 #       pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl
  52         pkinit_mappings_file = @srcdir@/pki-mapping
  53         pkinit_allow_proxy_certificate = true
  54
  55         database = {
  56                 label = {
  57                         dbname = @objdir@/current-db@kdc@
  58                         realm = TEST.H5L.SE
  59                         mkey_file = @objdir@/mkey.file
  60                         acl_file = @srcdir@/heimdal.acl
  61                         log_file = @objdir@/current@kdc@.log
  62                 }
  63                 label2 = {
  64                         dbname = @objdir@/current-db@kdc@
  65                         realm = TEST2.H5L.SE
  66                         mkey_file = @objdir@/mkey.file
  67                         acl_file = @srcdir@/heimdal.acl
  68                         log_file = @objdir@/current@kdc@.log
  69                 }
  70         }
  71
  72         signal_socket = @objdir@/signal
  73         iprop-stats = @objdir@/iprop-stats
  74         iprop-acl = @srcdir@/iprop-acl
  75
  76 [logging]
  77         kdc = 0-/FILE:@objdir@/messages.log
  78         default = 0-/FILE:@objdir@/messages.log
  79
  80 [kadmin]
  81         save-password = true
  82         @dk@
  83
  84 [capaths]
  85         TEST.H5L.SE = {
  86                 TEST3.H5L.SE = .
  87                 TEST2.H5L.SE = .
  88         }
  89         TEST2.H5L.SE = {
  90                 TEST.H5L.SE = .
  91                 TEST3.H5L.SE = .
  92         }
  93         TEST3.H5L.SE = {
  94                 TEST.H5L.SE = .
  95                 TEST2.H5L.SE = .
  96         }