krb5-canon.conf.in - OpenGrok cross reference for /netbsd/src/crypto/external/bsd/heimdal/dist/tests/kdc/krb5-canon.conf.in

[libdefaults]
          default_realm = TEST.H5L.SE TEST2.H5L.SE
          no-addresses = TRUE
          dns_lookup_realm = no
          name_canon_rules = as-is:realm=TEST.H5L.SE
          name_canon_rules = as-is:realm=TEST2.H5L.SE
          name_canon_rules = as-is:realm=TEST3.H5L.SE
          name_canon_rules = qualify:domain=test1.h5l.se:realm=TEST.H5L.SE
          name_canon_rules = qualify:domain=test1.h5l.se:realm=TEST2.H5L.SE
          name_canon_rules = qualify:domain=test2.h5l.se:realm=TEST2.H5L.SE
          name_canon_rules = qualify:domain=test3.h5l.se:realm=TEST3.H5L.SE

[appdefaults]
          pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
          reconnect-min = 2s
          reconnect-backoff = 2s
          reconnect-max = 10s

[realms]
          TEST.H5L.SE = {
                    kdc = localhost:@port@
                    admin_server = localhost:@admport@
                    kpasswd_server = localhost:@pwport@
          }
          TEST2.H5L.SE = {
                    kdc = localhost:@port@
                    kpasswd_server = localhost:@pwport@
          }
          TEST3.H5L.SE = {
                    kdc = localhost:@port@
          }

[domain_realm]
          .test1.h5l.se = TEST.H5L.SE
          .test2.h5l.se = TEST2.H5L.SE
          .test3.h5l.se = TEST3.H5L.SE
          localhost = TEST.H5L.SE


[kdc]
          enable-digest = true
          allow-anonymous = true
          digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2
        strict-nametypes = true

          enable-http = true

          enable-pkinit = true
          pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key
          pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt
          pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt
#         pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl
          pkinit_mappings_file = @srcdir@/pki-mapping
          pkinit_allow_proxy_certificate = true

          database = {
                    label = {
                              dbname = @objdir@/current-db@kdc@
                              realm = TEST.H5L.SE
                              mkey_file = @objdir@/mkey.file
                              acl_file = @srcdir@/heimdal.acl
                              log_file = @objdir@/current@kdc@.log
                    }
                    label2 = {
                              dbname = @objdir@/current-db@kdc@
                              realm = TEST2.H5L.SE
                              mkey_file = @objdir@/mkey.file
                              acl_file = @srcdir@/heimdal.acl
                              log_file = @objdir@/current@kdc@.log
                    }
          }

          signal_socket = @objdir@/signal
          iprop-stats = @objdir@/iprop-stats
          iprop-acl = @srcdir@/iprop-acl

[hdb]
          db-dir = @objdir@

[logging]
          kdc = 0-/FILE:@objdir@/messages.log
          default = 0-/FILE:@objdir@/messages.log

[kadmin]
          save-password = true
          @dk@

[capaths]
          TEST.H5L.SE = {
                    TEST3.H5L.SE = .
                    TEST2.H5L.SE = .
          }
          TEST2.H5L.SE = {
                    TEST.H5L.SE = .
                    TEST3.H5L.SE = .
          }
          TEST3.H5L.SE = {
                    TEST.H5L.SE = .
                    TEST2.H5L.SE = .
          }