summaryrefslogtreecommitdiffstats
path: root/src/config-files/krb5.conf.M
Commit message (Collapse)AuthorAgeFilesLines
* Add k5_plugin_register_dyn internal APIGreg Hudson2011-06-171-2/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24969 dc483132-0cff-0310-8789-dd5450dbe970
* Improve acceptor name flexibilityGreg Hudson2011-02-071-0/+9
| | | | | | | | | | | | | | | | | | | | | | Be more flexible about the principal names we will accept for a given GSS acceptor name. Also add support for a new libdefaults profile variable ignore_acceptor_hostname, which causes the hostnames of host-based service principals to be ignored when passed by server applications as acceptor names. Note that we still always invoke krb5_sname_to_principal() when importing a gss-krb5 mechanism name, even though we won't always use the result. This is an unfortunate waste of getaddrinfo/getnameinfo queries in some situations, but the code surgery necessary to defer it appears too risky at this time. The project proposal for this change is at: http://k5wiki.kerberos.org/wiki/Projects/Acceptor_Names ticket: 6855 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24616 dc483132-0cff-0310-8789-dd5450dbe970
* Document rdns libdefault settingTom Yu2010-12-201-1/+8
| | | | | | | | ticket: 6794 tags: pullup target_version: 1.9 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24584 dc483132-0cff-0310-8789-dd5450dbe970
* Document kadm5_hook interfaceSam Hartman2010-10-051-0/+8
| | | | | | | | * krb5.conf * admin.texinfo * kadm5_hook_plugin.h: document initvt requirement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24422 dc483132-0cff-0310-8789-dd5450dbe970
* Implement k5login_directory and k5login_authoritative optionsGreg Hudson2010-10-011-0/+14
| | | | | | | | Add and document two new options for controlling k5login behavior. ticket: 6792 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24402 dc483132-0cff-0310-8789-dd5450dbe970
* Password quality pluggable interfaceGreg Hudson2010-09-011-0/+56
| | | | | | | | | | | Merge branches/plugins2 to trunk. Adds a password quality pluggable interface described in this project page: http://k5wiki.kerberos.org/wiki/Projects/Password_quality_pluggable_interface ticket: 6765 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24284 dc483132-0cff-0310-8789-dd5450dbe970
* Revise the profile include design so that included files areGreg Hudson2010-08-251-1/+2
| | | | | | | | syntactically independent of parent files. ticket: 6761 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24256 dc483132-0cff-0310-8789-dd5450dbe970
* add profile include supportGreg Hudson2010-08-241-0/+10
| | | | | | | | | | Add support for "include" and "includedir" directives in profile files. See http://k5wiki.kerberos.org/wiki/Projects/Profile_Includes for more details. ticket: 6761 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24253 dc483132-0cff-0310-8789-dd5450dbe970
* Document the disable_last_success and disable_lockout variables inGreg Hudson2010-05-211-0/+17
| | | | | | | | | krb5.conf.M. Also document database_name in krb5.conf.M and slightly adjust the wording in admin.texinfo. ticket: 6719 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24078 dc483132-0cff-0310-8789-dd5450dbe970
* Document the ticket_lifetime libdefaults setting (which was added inGreg Hudson2010-03-191-0/+4
| | | | | | | | | | r16656, #2656). Based on a patch from nalin@redhat.com. ticket: 6680 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23820 dc483132-0cff-0310-8789-dd5450dbe970
* doc updates for allow_weak_cryptoTom Yu2010-02-251-0/+8
| | | | | | | | | | Update documentation to be more helpful about allow_weak_crypto. ticket: 6669 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23750 dc483132-0cff-0310-8789-dd5450dbe970
* Fix spelling and hyphen errors in man pagesRuss Allbery2009-12-311-2/+2
| | | | | | | | | | | Fix spelling errors in man pages detected by Debian's Lintian program. Also escape some -'s that are intended to be literal ASCII dashes and not Unicode hyphens so that groff won't change them into true hyphens. ticket: 6616 component: krb5-doc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23554 dc483132-0cff-0310-8789-dd5450dbe970
* Unfortunately, pre-1.7 krshd fails to support keyed checksums becauseSam Hartman2009-04-031-1/+1
| | | | | | | | | | | | | | | | it uses the wrong API and wrong key usage. So, if the auth_context has an explicit checksum type set, then respect that. kcmd sets such a checksum type. Also, because other applications may have the same problem, allow the config file variable if set to override the default checksum. * kcmd.c: Force use of rsa_md5 * init_ctx.c: do not default to md5 * mk_req_ext.c: allow auth_context to override ticket: 1624 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22160 dc483132-0cff-0310-8789-dd5450dbe970
* Use the preferred checksum for non-DES keys in the kdc_req path andSam Hartman2009-04-011-7/+3
| | | | | | | | | | | | all the time in the ap_req checksum path. This breaks code to support DCE versions prior to 1.1 but uses the correct checksum for protocol compatibility. ticket: 1624 Target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22154 dc483132-0cff-0310-8789-dd5450dbe970
* remove some remnants of krb4-related config file optionsKen Raeburn2009-01-281-12/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21818 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new fallback host-to-realm heuristic to try the components of theGreg Hudson2008-12-241-0/+10
| | | | | | | | | | | hostname as domains. The heuristic is off by default and is controlled by the realm_try_domains variable under libdefaults. Based on a patch submitted by Mark Phalan from Sun. ticket: 6031 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21588 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a typo in krb5.conf: ldap_server should be ldap_servers, as theRuss Allbery2008-05-111-2/+2
| | | | | | | | | latter is what the LDAP KDB plugin looks for. Ticket: 5544 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20316 dc483132-0cff-0310-8789-dd5450dbe970
* Preauthentication Plugin FrameworkSam Hartman2006-10-031-1/+7
| | | | | | | | | | | | | Patch from Nalin Dahyabhai at Redhat to implement a preauthentication framework based on the plugin architecture. Currently. the API is considered internal and the header is not installed. See src/include/krb5/preauth_plugin.h for the interface. ticket: new Tags: enhancement Status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18641 dc483132-0cff-0310-8789-dd5450dbe970
* Savitha's patches for:Ken Raeburn2006-09-181-10/+3
| | | | | | | | | - LDAP URI support for specifying server and port - support for ldapi interface - updated to newer LDAP APIs - updated documentation git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18592 dc483132-0cff-0310-8789-dd5450dbe970
* Merge remaining changes from LDAP integration branchKen Raeburn2006-07-181-0/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | | | svn+ssh://svn.mit.edu/krb5/branches/ldap-integ@18333. * plugins/kdb/ldap: New directory. * aclocal.m4 (WITH_LDAP): New macro. (CONFIG_RULES): Invoke it. * configure.in: Test ldap option, maybe configure and generate makefiles for new directories, and set and substitute ldap_plugin_dir. * Makefile.in (SUBDIRS): Add @ldap_plugin_dir@. * kdc/krb5kdc.M, kadmin/server/kadmind.M, kadmin/cli/kadmin.M, config-files/krb5.conf.M: Document LDAP changes (new options, config file entries, etc). * lib/kdb/kdb5.c (kdb_load_library): Put more info in error message. * lib/kadm5/admin.h (KADM5_CPW_FUNCTION, KADM5_RANDKEY_USED, KADM5_CONFIG_PASSWD_SERVER): New macros, disabled for now. (struct _kadm5_config_params): New field kpasswd_server, commented out for now. * lib/krb5/error_tables/kdb5_err.et: Add error codes KRB5_KDB_ACCESS_ERROR, KRB5_KDB_INTERNAL_ERROR, KRB5_KDB_CONSTRAINT_VIOLATION. ticket: 2935 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18334 dc483132-0cff-0310-8789-dd5450dbe970
* krb5.conf option name is udp_preference_limit, not udp_preference_listRuss Allbery2006-06-121-2/+2
| | | | | | | Ticket: 3468 Version_Reported: 1.4.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18108 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5.conf.M: Sync with doc/krb5conf.texinfoTom Yu2003-06-201-4/+44
| | | | | | | ticket: 1085 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15641 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5.conf.M: Remove "kdc =" lines from "realms" section example, andKen Raeburn2003-05-311-4/+2
| | | | | | | | | recommend not using it unless DNS info isn't available. ticket: 1190 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15535 dc483132-0cff-0310-8789-dd5450dbe970
* * kdc.conf.M: added descriptions of some tagsJen Selby2002-07-221-0/+88
| | | | | | | * krb5.conf.M: added a description of the [login] section and some tags. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14664 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5.conf.M: Update description of safe_checksum_type for recentTom Yu2001-04-041-5/+8
| | | | | | changes. [pullup from krb5-1-2-2-branch] git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13143 dc483132-0cff-0310-8789-dd5450dbe970
* pullup from 1.2-beta4Ken Raeburn2000-07-011-2/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12498 dc483132-0cff-0310-8789-dd5450dbe970
* copyright notice updates from 1.1 branchKen Raeburn1999-09-241-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11853 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5.conf.M: Note change in default_keytab_nameTom Yu1996-11-151-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9420 dc483132-0cff-0310-8789-dd5450dbe970
* remove ".so man1/header.doc" and extra args to .THTom Yu1996-09-101-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9069 dc483132-0cff-0310-8789-dd5450dbe970
* Added [login] sectionJeff Bigler1996-09-061-146/+142
| | | | | | Changed [domain_name] typo to [domain_realm]. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9049 dc483132-0cff-0310-8789-dd5450dbe970
* krb5.conf.M: Document kdc_req_checksumtype, as_req_checksum_type, andTheodore Tso1996-05-201-1/+15
| | | | | | | | | safe_checksum_type. krb5.conf: Remove the tkt_lifetime parameter altogether. We may end up doing it slightly differently post-Beta 6... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8067 dc483132-0cff-0310-8789-dd5450dbe970
* Tue Apr 2 22:31:48 1996 Mark Eichin <eichin@cygnus.com>Ken Raeburn1996-05-041-0/+4
| | | | | | | | | | | | * krb5.conf.M, krb5.conf: add default_tkt_enctypes. Wed Mar 27 22:44:36 1996 Mark Eichin <eichin@cygnus.com> * krb5.conf, kdc.conf: specify des-cbc-crc as the only valid enctype (but permit normal, v4, norealm, onlyrealm, and afs3 salttypes.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7892 dc483132-0cff-0310-8789-dd5450dbe970
* fix some of the names..Mark Eichin1996-03-141-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7631 dc483132-0cff-0310-8789-dd5450dbe970
* Added documentation for the DCE compat options, plus the capathsTheodore Tso1996-01-111-0/+127
| | | | | | section. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7303 dc483132-0cff-0310-8789-dd5450dbe970
* * krb5.conf.M: describe new option default_tgs_enctypesRichard Basch1995-12-111-0/+5
| | | | | | for specifying the default session key types. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7189 dc483132-0cff-0310-8789-dd5450dbe970
* Add documentation for the clockskew and kdc_timesync relations in theTheodore Tso1995-09-021-0/+12
| | | | | | libdefaults section. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6655 dc483132-0cff-0310-8789-dd5450dbe970
* Add description of logging sectionPaul Park1995-06-081-0/+82
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5978 dc483132-0cff-0310-8789-dd5450dbe970
* krb5.conf: Add example of the new [realms]/<realm>/v4_instance_convert/Theodore Tso1995-05-051-0/+10
| | | | | | | | <instance> form used by krb5_425_convert_principal. krb5.conf.M: Document new v4_instance_convert subsection. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5728 dc483132-0cff-0310-8789-dd5450dbe970
* Made further spelling/grammar fixes to the man pageTheodore Tso1995-04-261-8/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5492 dc483132-0cff-0310-8789-dd5450dbe970
* krb5.conf.M: New file added to document the new krb5.confTheodore Tso1995-04-261-0/+156
format. krb5.conf: New file added as a demo version of the new krb5.conf format. convert-config-files: New file to convert old-style krb.conf and krb.realms file to use the new krb5.conf format. krb.conf, krb.realms, krb.conf.M, krb.realms.M: Removed. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5491 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-11-06 06:26:04 +0000