Use macros for config parameters

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21879 dc483132-0cff-0310-8789-dd5450dbe970
author: Zhanna Tsitkov <tsitkova@mit.edu> 2009-02-04 17:08:44 +0000
committer: Zhanna Tsitkov <tsitkova@mit.edu> 2009-02-04 17:08:44 +0000
commit: 918aa74cabf0b9ac1aef18d6afb7e2a82b415531 (patch)
tree: 5d2a67bf23a134469ffe55d98ad4bd20ea6ccdcc /src/plugins/preauth
parent: 8808f5363b1a3872a5e19ce1197d26e1d8aea5a1 (diff)
download: krb5-918aa74cabf0b9ac1aef18d6afb7e2a82b415531.tar.gz
krb5-918aa74cabf0b9ac1aef18d6afb7e2a82b415531.tar.xz
krb5-918aa74cabf0b9ac1aef18d6afb7e2a82b415531.zip
4 files changed, 28 insertions, 28 deletions
diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
index 0d6da4dc5..13651c57a 100644
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -548,7 +548,7 @@ verify_kdc_san(krb5_context context,
 
     retval = pkinit_libdefault_strings(context,
 				       krb5_princ_realm(context, kdcprinc), 
-				       "pkinit_kdc_hostname",
+				       KRB5_CONF_PKINIT_KDC_HOSTNAME,
 				       &cfghosts);
     if (retval || cfghosts == NULL) {
 	pkiDebug("%s: No pkinit_kdc_hostname values found in config file\n",
@@ -936,19 +936,19 @@ pkinit_client_profile(krb5_context context,
 	     context, plgctx, reqctx, request);
 
     pkinit_libdefault_boolean(context, &request->server->realm,
-			      "pkinit_win2k",
+			      KRB5_CONF_PKINIT_WIN2K,
 			      reqctx->opts->win2k_target,
 			      &reqctx->opts->win2k_target);
     pkinit_libdefault_boolean(context, &request->server->realm,
-			      "pkinit_win2k_require_binding",
+			      KRB5_CONF_PKINIT_WIN2K_REQUIRE_BINDING,
 			      reqctx->opts->win2k_require_cksum,
 			      &reqctx->opts->win2k_require_cksum);
     pkinit_libdefault_boolean(context, &request->server->realm,
-			      "pkinit_require_crl_checking",
+			      KRB5_CONF_PKINIT_REQUIRE_CRL_CHECKING,
 			      reqctx->opts->require_crl_checking,
 			      &reqctx->opts->require_crl_checking);
     pkinit_libdefault_integer(context, &request->server->realm,
-			      "pkinit_dh_min_bits",
+			      KRB5_CONF_PKINIT_DH_MIN_BITS,
 			      reqctx->opts->dh_size,
 			      &reqctx->opts->dh_size);
     if (reqctx->opts->dh_size != 1024 && reqctx->opts->dh_size != 2048
@@ -959,7 +959,7 @@ pkinit_client_profile(krb5_context context,
 	reqctx->opts->dh_size = PKINIT_DEFAULT_DH_MIN_BITS;
     }
     pkinit_libdefault_string(context, &request->server->realm,
-			     "pkinit_eku_checking",
+			     KRB5_CONF_PKINIT_EKU_CHECKING,
 			     &eku_string);
     if (eku_string != NULL) {
 	if (strcasecmp(eku_string, "kpKDC") == 0) {
@@ -980,7 +980,7 @@ pkinit_client_profile(krb5_context context,
 #ifdef LONGHORN_BETA_COMPAT
     /* Temporarily just set global flag from config file */
     pkinit_libdefault_boolean(context, &request->server->realm,
-			      "pkinit_longhorn",
+			      KRB5_CONF_PKINIT_LONGHORN,
 			      0,
 			      &longhorn);
 #endif
@@ -988,16 +988,16 @@ pkinit_client_profile(krb5_context context,
     /* Only process anchors here if they were not specified on command line */
     if (reqctx->idopts->anchors == NULL)
 	pkinit_libdefault_strings(context, &request->server->realm,
-				  "pkinit_anchors",
+				  KRB5_CONF_PKINIT_ANCHORS,
 				  &reqctx->idopts->anchors);
     pkinit_libdefault_strings(context, &request->server->realm,
-			      "pkinit_pool",
+			      KRB5_CONF_PKINIT_POOL,
 			      &reqctx->idopts->intermediates);
     pkinit_libdefault_strings(context, &request->server->realm,
-			      "pkinit_revoke",
+			      KRB5_CONF_PKINIT_REVOKE,
 			      &reqctx->idopts->crls);
     pkinit_libdefault_strings(context, &request->server->realm,
-			      "pkinit_identities",
+			      KRB5_CONF_PKINIT_IDENTITIES,
 			      &reqctx->idopts->identity_alt);
 }
 
diff --git a/src/plugins/preauth/pkinit/pkinit_matching.c b/src/plugins/preauth/pkinit/pkinit_matching.c
index b790c38f7..65f35993c 100644
--- a/src/plugins/preauth/pkinit/pkinit_matching.c
+++ b/src/plugins/preauth/pkinit/pkinit_matching.c
@@ -746,7 +746,7 @@ pkinit_cert_matching(krb5_context context,
 
     /* If no matching rules, select the default cert and we're done */
     pkinit_libdefault_strings(context, krb5_princ_realm(context, princ),
-			      "pkinit_cert_match", &rules);
+			      KRB5_CONF_PKINIT_CERT_MATCH, &rules);
     if (rules == NULL) {
 	pkiDebug("%s: no matching rules found in config file\n", __FUNCTION__);
 	retval = crypto_cert_select_default(context, plg_cryptoctx,
diff --git a/src/plugins/preauth/pkinit/pkinit_profile.c b/src/plugins/preauth/pkinit/pkinit_profile.c
index 1f7045aca..6b1b45b26 100644
--- a/src/plugins/preauth/pkinit/pkinit_profile.c
+++ b/src/plugins/preauth/pkinit/pkinit_profile.c
@@ -114,7 +114,7 @@ pkinit_kdcdefault_strings(krb5_context context, const char *realmname,
 	 *	    }
 	 */
 
-	names[0] = "realms";
+	names[0] = KRB5_CONF_REALMS;
 	names[1] = realmname;
 	names[2] = option;
 	names[3] = 0;
@@ -130,7 +130,7 @@ pkinit_kdcdefault_strings(krb5_context context, const char *realmname,
      *	    option = <value>
      */
 
-    names[0] = "kdcdefaults";
+    names[0] = KRB5_CONF_KDCDEFAULTS;
     names[1] = option;
     names[2] = 0;
     retval = profile_get_values(profile, names, &values);
@@ -256,7 +256,7 @@ pkinit_libdefault_strings(krb5_context context, const krb5_data *realm,
 	 *	  }
 	 */
 
-	names[0] = "libdefaults";
+	names[0] = KRB5_CONF_LIBDEFAULTS;
 	names[1] = realmstr;
 	names[2] = option;
 	names[3] = 0;
@@ -273,7 +273,7 @@ pkinit_libdefault_strings(krb5_context context, const krb5_data *realm,
 	 *	}
 	 */
 
-	names[0] = "realms";
+	names[0] = KRB5_CONF_REALMS;
 	names[1] = realmstr;
 	names[2] = option;
 	names[3] = 0;
@@ -289,7 +289,7 @@ pkinit_libdefault_strings(krb5_context context, const krb5_data *realm,
      *	      option = <value>
      */
 
-    names[0] = "libdefaults";
+    names[0] = KRB5_CONF_LIBDEFAULTS;
     names[1] = option;
     names[2] = 0;
     retval = profile_get_values(profile, names, &values);
diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c
index 595a3d04d..228815511 100644
--- a/src/plugins/preauth/pkinit/pkinit_srv.c
+++ b/src/plugins/preauth/pkinit/pkinit_srv.c
@@ -1092,7 +1092,7 @@ pkinit_init_kdc_profile(krb5_context context, pkinit_kdc_context plgctx)
 
     pkiDebug("%s: entered for realm %s\n", __FUNCTION__, plgctx->realmname);
     retval = pkinit_kdcdefault_string(context, plgctx->realmname,
-				      "pkinit_identity",
+				      KRB5_CONF_PKINIT_IDENTITY,
 				      &plgctx->idopts->identity);
     if (retval != 0 || NULL == plgctx->idopts->identity) {
 	retval = EINVAL;
@@ -1103,7 +1103,7 @@ pkinit_init_kdc_profile(krb5_context context, pkinit_kdc_context plgctx)
     }
 
     retval = pkinit_kdcdefault_strings(context, plgctx->realmname,
-				       "pkinit_anchors",
+				       KRB5_CONF_PKINIT_ANCHORS,
 				       &plgctx->idopts->anchors);
     if (retval != 0 || NULL == plgctx->idopts->anchors) {
 	retval = EINVAL;
@@ -1114,26 +1114,26 @@ pkinit_init_kdc_profile(krb5_context context, pkinit_kdc_context plgctx)
     }
 
     pkinit_kdcdefault_strings(context, plgctx->realmname,
-			      "pkinit_pool",
+			      KRB5_CONF_PKINIT_POOL,
 			      &plgctx->idopts->intermediates);
 
     pkinit_kdcdefault_strings(context, plgctx->realmname,
-			      "pkinit_revoke",
+			      KRB5_CONF_PKINIT_REVOKE,
 			      &plgctx->idopts->crls);
 
     pkinit_kdcdefault_string(context, plgctx->realmname,
-			     "pkinit_kdc_ocsp",
+			     KRB5_CONF_PKINIT_KDC_OCSP,
 			     &plgctx->idopts->ocsp);
 
     pkinit_kdcdefault_string(context, plgctx->realmname,
-			     "pkinit_mappings_file",
+			     KRB5_CONF_PKINIT_MAPPING_FILE,
 			     &plgctx->idopts->dn_mapping_file);
 
     pkinit_kdcdefault_integer(context, plgctx->realmname,
-			      "pkinit_dh_min_bits",
+			      KRB5_CONF_PKINIT_DH_MIN_BITS,
 			      PKINIT_DEFAULT_DH_MIN_BITS,
 			      &plgctx->opts->dh_min_bits);
-    if (plgctx->opts->dh_min_bits < 1024) {
+    if (plgctx->opts->dh_min_bits < PKINIT_DEFAULT_DH_MIN_BITS) {
 	pkiDebug("%s: invalid value (%d) for pkinit_dh_min_bits, "
 		 "using default value (%d) instead\n", __FUNCTION__,
 		 plgctx->opts->dh_min_bits, PKINIT_DEFAULT_DH_MIN_BITS);
@@ -1141,15 +1141,15 @@ pkinit_init_kdc_profile(krb5_context context, pkinit_kdc_context plgctx)
     }
 
     pkinit_kdcdefault_boolean(context, plgctx->realmname,
-			      "pkinit_allow_upn",
+			      KRB5_CONF_PKINIT_ALLOW_UPN,
 			      0, &plgctx->opts->allow_upn);
 
     pkinit_kdcdefault_boolean(context, plgctx->realmname,
-			      "pkinit_require_crl_checking",
+			      KRB5_CONF_PKINIT_REQUIRE_CRL_CHECKING,
 			      0, &plgctx->opts->require_crl_checking);
 
     pkinit_kdcdefault_string(context, plgctx->realmname,
-			     "pkinit_eku_checking",
+			     KRB5_CONF_PKINIT_EKU_CHECKING,
 			     &eku_string);
     if (eku_string != NULL) {
 	if (strcasecmp(eku_string, "kpClientAuth") == 0) {
author	Zhanna Tsitkov <tsitkova@mit.edu>	2009-02-04 17:08:44 +0000
committer	Zhanna Tsitkov <tsitkova@mit.edu>	2009-02-04 17:08:44 +0000
commit	918aa74cabf0b9ac1aef18d6afb7e2a82b415531 (patch)
tree	5d2a67bf23a134469ffe55d98ad4bd20ea6ccdcc /src/plugins/preauth
parent	8808f5363b1a3872a5e19ce1197d26e1d8aea5a1 (diff)
download	krb5-918aa74cabf0b9ac1aef18d6afb7e2a82b415531.tar.gz krb5-918aa74cabf0b9ac1aef18d6afb7e2a82b415531.tar.xz krb5-918aa74cabf0b9ac1aef18d6afb7e2a82b415531.zip