Update kdc.conf syntax

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6286 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 83 insertions, 10 deletions

diff --git a/src/config-files/ChangeLog b/src/config-files/ChangeLog
index fe4209842..2c10f7bf2 100644
--- a/src/config-files/ChangeLog
+++ b/src/config-files/ChangeLog
@@ -1,4 +1,10 @@
 
+Wed Jul 12 12:06:10 EDT 1995	Paul Park	(pjpark@mit.edu)
+	* kdc.conf[.M] - Change syntax.  KDC now has per-realm information in
+		[realms] section and has [kdcdefaults] to contain global data.
+		Add profile and secondary_port per-realm data.
+
+
 Fri Jun 23 10:36:48 EDT 1995	Paul Park	(pjpark@mit.edu)
 	* kdc.conf[.M] - Add description of new KDC configuration file.
 
diff --git a/src/config-files/kdc.conf b/src/config-files/kdc.conf
index 39d1d033d..25928d168 100644
--- a/src/config-files/kdc.conf
+++ b/src/config-files/kdc.conf
@@ -1,7 +1,14 @@
+[kdcdefaults]
+	primary_ports = 750
+	secondary_ports = 88
 
-[ATHENA.MIT.EDU]
-	database_name = /usr/local/lib/krb5kdc/principal
-	key_stash_file = /usr/local/lib/krb5kdc/stash
-	port = 88
-	max_life = 8h 0m 0s
-	max_renewable_life = 7d 0h 0m 0s
+[realms]
+	ATHENA.MIT.EDU = {
+		profile = /etc/krb5.conf
+		database_name = /usr/local/lib/krb5kdc/principal
+		key_stash_file = /usr/local/lib/krb5kdc/stash
+		port = 750
+		secondary_port = 88
+		max_life = 8h 0m 0s
+		max_renewable_life = 7d 0h 0m 0s
+	}
diff --git a/src/config-files/kdc.conf.M b/src/config-files/kdc.conf.M
index ccc9bf706..ffe06d7af 100644
--- a/src/config-files/kdc.conf.M
+++ b/src/config-files/kdc.conf.M
@@ -33,11 +33,65 @@ file.  For a basic description of the syntax, please refer to the
 .I krb5.conf
 description.
 .PP
-Each section in
+The following sections are currently used in the
 .I kdc.conf
-describes a particular realm and the individual tags describe that
-parameter value for that realm.  The following tags are currently
-used:
+file:
+.IP [kdcdefaults]
+Contains parameters which control the overall behaviour of the KDC.
+.IP [realms]
+Contains subsections keyed by Kerberos realm names which describe per-realm
+KDC parameters.
+.SH KDCDEFAULTS SECTION
+The following relations are defined in the
+.I [kdcdefaults]
+section:
+.IP primary_ports
+This relation lists the primary ports (e.g. ports to serve Kerberos version
+5 requests) to listen on.  This list is a comma separated list of integers.
+If supplied, this list serves as a base list of ports to listen on.  If any
+other ports are named in the
+.I [realms]
+section explicitly; or are named by
+.B kdc
+relations specifying this host in the
+.I krb5.conf
+file specified in the
+.B profile
+entry for a particular realm, then these ports are also listened on.
+.IP secondary_ports
+This relation lists the secondary ports (e.g. ports to serve Kerberos version
+4 requests) to listen on.  If supplied, this list serves as a base list of
+ports to listen on.  If any other ports are named in the
+.I [realms]
+section explicitly; or are named by
+.B v4kdc
+relations specifying this host in the
+.I krb5.conf
+file specified in the
+.B profile
+entry for a particular realm, then these ports are also listened on.
+Further, if this list is specified and the first element is
+.I \-1
+then no secondary ports are listened to, even if specified in the
+.I [realms]
+section.
+.SH REALMS SECTION
+Each tag in the
+.I [realms]
+section of the file names a Kerbveros realm.  The value of the tag is a
+subsection where the relations in that subsection define KDC parameters for
+that particular realm.
+.PP
+For each realm, the following tags may be specified in the
+.I [realms]
+subsection:
+.IP profile
+This
+.B string
+specifies the location of the Kerberos configuration file, e.g. 
+.I krb5.conf
+, for that realm.
+
 .IP database_name
 This
 .B string
@@ -71,6 +125,12 @@ This
 specifies the primary port that the KDC is to listen to for this
 realm.
 
+.IP secondary_port
+This
+.B integer
+specifies the secondary port that the KDC is to listen to for this
+realm.
+
 .IP max_life
 This
 .B string