| commit | f8c121b2822fac544037e5e9d2258fb88bf477f9 | |
| author | Andrew Bartlett <abartlet@samba.org> | |
| Tue, 4 Aug 2009 07:34:58 +0000 (4 09:34 +0200) | ||
| committer | Love Hornquist Astrand <lha@h5l.org> | |
| Tue, 4 Aug 2009 07:34:58 +0000 (4 09:34 +0200) | ||
| tree | 912acbc682f16a4a64fa86777e5cf5a66d479c47 | treesnapshot (tar.gz zip) |
| parent | 147184381e5159be2f7f3375931a5d41db208416 | commitdiff |
Add support for user principal names in certificates [HEIMDAL-602]
This extends the PKINIT code in Heimdal to ask the HDB layer if the
User Principal Name name in the certificate is an alias (perhaps just
by case change) of the name given in the AS-REQ. (This was a TODO in
the Heimdal KDC)
The testsuite is extended to test this behaviour, and the other PKINIT
certficate (using the standard method to specify a principal name in a
certificate) is updated to use a Administrator (not administrator).
(This fixes the kinit test).
This extends the PKINIT code in Heimdal to ask the HDB layer if the
User Principal Name name in the certificate is an alias (perhaps just
by case change) of the name given in the AS-REQ. (This was a TODO in
the Heimdal KDC)
The testsuite is extended to test this behaviour, and the other PKINIT
certficate (using the standard method to specify a principal name in a
certificate) is updated to use a Administrator (not administrator).
(This fixes the kinit test).
| kdc/kerberos5.c | diffblobblamehistory | |
| kdc/pkinit.c | diffblobblamehistory | |
| lib/hdb/hdb.h | diffblobblamehistory |