tests/kdc/krb5.conf.in

   1 [libdefaults]
   2         default_realm = TEST.H5L.SE TEST2.H5L.SE
   3         no-addresses = TRUE
   4         allow_weak_crypto = @WEAK@
   5
   6 [appdefaults]
   7         pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
   8         reconnect-min = 2s
   9         reconnect-backoff = 2s
  10         reconnect-max = 10s
  11
  12 [realms]
  13         TEST.H5L.SE = {
  14                 kdc = localhost:@port@
  15                 admin_server = localhost:@admport@
  16                 kpasswd_server = localhost:@pwport@
  17         }
  18         SUB.TEST.H5L.SE = {
  19                 kdc = localhost:@port@
  20         }
  21         TEST2.H5L.SE = {
  22                 kdc = localhost:@port@
  23                 kpasswd_server = localhost:@pwport@
  24         }
  25         TEST3.H5L.SE = {
  26                 kdc = localhost:@port@
  27         }
  28         TEST4.H5L.SE = {
  29                 kdc = localhost:@port@
  30         }
  31         TEST-HTTP.H5L.SE = {
  32                 kdc = http/localhost:@port@
  33         }
  34
  35 [domain_realm]
  36         .test.h5l.se = TEST.H5L.SE
  37         .sub.test.h5l.se = SUB.TEST.H5L.SE
  38         .example.com = TEST2.H5L.SE
  39         localhost = TEST.H5L.SE
  40
  41
  42 [kdc]
  43         enable-digest = true
  44         allow-anonymous = true
  45         digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
  46
  47         enable-http = true
  48
  49         enable-pkinit = true
  50         pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
  51         pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
  52         pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt
  53 #       pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl
  54         pkinit_mappings_file = @srcdir@/pki-mapping
  55         pkinit_allow_proxy_certificate = true
  56
  57         database = {
  58                 label = {
  59                         dbname = @objdir@/current-db@kdc@
  60                         realm = TEST.H5L.SE
  61                         mkey_file = @objdir@/mkey.file
  62                         acl_file = @srcdir@/heimdal.acl
  63                         log_file = @objdir@/current@kdc@.log
  64                 }
  65                 label2 = {
  66                         dbname = @objdir@/current-db@kdc@
  67                         realm = TEST2.H5L.SE
  68                         mkey_file = @objdir@/mkey.file
  69                         acl_file = @srcdir@/heimdal.acl
  70                         log_file = @objdir@/current@kdc@.log
  71                 }
  72         }
  73
  74         signal_socket = @objdir@/signal
  75         iprop-stats = @objdir@/iprop-stats
  76         iprop-acl = @srcdir@/iprop-acl
  77
  78 [logging]
  79         kdc = 0-/FILE:@objdir@/messages.log
  80         default = 0-/FILE:@objdir@/messages.log
  81
  82 [kadmin]
  83         save-password = true
  84         @dk@
  85
  86 [capaths]
  87         TEST.H5L.SE = {
  88                 TEST3.H5L.SE = TEST2.H5L.SE
  89         }
  90         TEST.H5L.SE = {
  91                 TEST4.H5L.SE = TEST2.H5L.SE
  92                 TEST4.H5L.SE = TEST3.H5L.SE
  93         }