krb5_kdc_windc_init(context);
-#ifdef __APPLE__
- config->enable_pkinit = 1;
-
- if (config->pkinit_kdc_identity == NULL) {
- if (config->pkinit_kdc_friendly_name == NULL)
- config->pkinit_kdc_friendly_name =
- strdup("O=System Identity,CN=com.apple.kerberos.kdc");
- config->pkinit_kdc_identity = strdup("KEYCHAIN:");
- }
- if (config->pkinit_kdc_anchors == NULL)
- config->pkinit_kdc_anchors = strdup("KEYCHAIN:");
-
-#endif
-
- if (config->enable_pkinit) {
- if (config->pkinit_kdc_identity == NULL)
- krb5_errx(context, 1, "pkinit enabled but no identity");
-
- if (config->pkinit_kdc_anchors == NULL)
- krb5_errx(context, 1, "pkinit enabled but no X509 anchors");
-
- krb5_kdc_pk_initialize(context, config,
- config->pkinit_kdc_identity,
- config->pkinit_kdc_anchors,
- config->pkinit_kdc_cert_pool,
- config->pkinit_kdc_revoke);
-
- }
-
return config;
}
"kdc", "pkinit_dh_min_bits", NULL);
+#ifdef __APPLE__
+ c->enable_pkinit = 1;
+
+ if (c->pkinit_kdc_identity == NULL) {
+ if (c->pkinit_kdc_friendly_name == NULL)
+ c->pkinit_kdc_friendly_name =
+ strdup("O=System Identity,CN=com.apple.kerberos.kdc");
+ c->pkinit_kdc_identity = strdup("KEYCHAIN:");
+ }
+ if (c->pkinit_kdc_anchors == NULL)
+ c->pkinit_kdc_anchors = strdup("KEYCHAIN:");
+
+#endif
+
+ if (c->enable_pkinit) {
+ if (c->pkinit_kdc_identity == NULL)
+ krb5_errx(context, 1, "pkinit enabled but no identity");
+
+ if (c->pkinit_kdc_anchors == NULL)
+ krb5_errx(context, 1, "pkinit enabled but no X509 anchors");
+
+ krb5_kdc_pk_initialize(context, c,
+ c->pkinit_kdc_identity,
+ c->pkinit_kdc_anchors,
+ c->pkinit_kdc_cert_pool,
+ c->pkinit_kdc_revoke);
+
+ }
+
*config = c;
return 0;