1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2 /* 3 * Copyright 1990,1991,2008 by the Massachusetts Institute of Technology. 4 * All Rights Reserved. 5 * 6 * Export of this software from the United States of America may 7 * require a specific license from the United States Government. 8 * It is the responsibility of any person or organization contemplating 9 * export to obtain such a license before exporting. 10 * 11 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 12 * distribute this software and its documentation for any purpose and 13 * without fee is hereby granted, provided that the above copyright 14 * notice appear in all copies and that both that copyright notice and 15 * this permission notice appear in supporting documentation, and that 16 * the name of M.I.T. not be used in advertising or publicity pertaining 17 * to distribution of the software without specific, written prior 18 * permission. Furthermore if you modify this software you must label 19 * your software as modified software and not distribute it in such a 20 * fashion that it might be confused with the original M.I.T. software. 21 * M.I.T. makes no representations about the suitability of 22 * this software for any purpose. It is provided "as is" without express 23 * or implied warranty. 24 */ 25 26 /* Site- and OS- dependent configuration */ 27 28 #ifndef KRB5_OSCONF__ 29 #define KRB5_OSCONF__ 30 31 #if !defined(_WIN32) 32 /* Don't try to pull in autoconf.h for Windows, since it's not used */ 33 #ifndef KRB5_AUTOCONF__ 34 #define KRB5_AUTOCONF__ 35 #include "autoconf.h" 36 #endif 37 #endif 38 39 #if defined(__MACH__) && defined(__APPLE__) 40 # include <TargetConditionals.h> 41 #endif 42 43 #if defined(_WIN32) 44 #define DEFAULT_PROFILE_FILENAME "krb5.ini" 45 #else /* !_WINDOWS */ 46 #if TARGET_OS_MAC 47 #define DEFAULT_SECURE_PROFILE_PATH "/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:/usr/local/etc/krb5.conf" 48 #define DEFAULT_PROFILE_PATH ("~/Library/Preferences/edu.mit.Kerberos" ":" DEFAULT_SECURE_PROFILE_PATH) 49 #define KRB5_PLUGIN_BUNDLE_DIR "/System/Library/KerberosPlugins/KerberosFrameworkPlugins" 50 #define KDB5_PLUGIN_BUNDLE_DIR "/System/Library/KerberosPlugins/KerberosDatabasePlugins" 51 #define KRB5_AUTHDATA_PLUGIN_BUNDLE_DIR "/System/Library/KerberosPlugins/KerberosAuthDataPlugins" 52 #else 53 #define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5.conf" 54 #define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH 55 #endif 56 #endif /* _WINDOWS */ 57 58 #ifdef _WIN32 59 #define DEFAULT_PLUGIN_BASE_DIR "%{LIBDIR}\\plugins" 60 #else 61 #define DEFAULT_PLUGIN_BASE_DIR "/usr/local/lib/krb5/plugins" 62 #endif 63 64 #if defined(_WIN64) 65 #define PLUGIN_EXT "64.dll" 66 #elif defined(_WIN32) 67 #define PLUGIN_EXT "32.dll" 68 #else 69 #define PLUGIN_EXT ".so" 70 #endif 71 72 #define KDC_DIR "/var/db/krb5kdc" 73 #define KDC_RUN_DIR "/var/run/krb5kdc" 74 #define DEFAULT_KDB_FILE KDC_DIR "/principal" 75 #define DEFAULT_KEYFILE_STUB KDC_DIR "/.k5." 76 #define KRB5_DEFAULT_ADMIN_ACL KDC_DIR "/krb5_adm.acl" 77 /* Used by old admin server */ 78 #define DEFAULT_ADMIN_ACL KDC_DIR "/kadm_old.acl" 79 80 /* Location of KDC profile */ 81 #define DEFAULT_KDC_PROFILE KDC_DIR "/kdc.conf" 82 #define KDC_PROFILE_ENV "KRB5_KDC_PROFILE" 83 84 #if TARGET_OS_MAC 85 #define DEFAULT_KDB_LIB_PATH { KDB5_PLUGIN_BUNDLE_DIR, "/usr/lib/krb5/plugins/kdb", NULL } 86 #else 87 #define DEFAULT_KDB_LIB_PATH { "/usr/lib/krb5/plugins/kdb", NULL } 88 #endif 89 90 #define DEFAULT_KDC_ENCTYPE ENCTYPE_AES256_CTS_HMAC_SHA1_96 91 #define KDCRCACHE "dfl:krb5kdc_rcache" 92 93 #define KDC_PORTNAME "kerberos" /* for /etc/services or equiv. */ 94 95 #define KRB5_DEFAULT_PORT 88 96 97 #define DEFAULT_KPASSWD_PORT 464 98 99 #define DEFAULT_KDC_PORTLIST "88" 100 #define DEFAULT_TCP_LISTEN_BACKLOG 5 101 102 /* 103 * Defaults for the KADM5 admin system. 104 */ 105 #define DEFAULT_KADM5_KEYTAB KDC_DIR "/kadm5.keytab" 106 #define DEFAULT_KADM5_ACL_FILE KDC_DIR "/kadm5.acl" 107 #define DEFAULT_KADM5_PORT 749 /* assigned by IANA */ 108 109 #define KRB5_DEFAULT_SUPPORTED_ENCTYPES \ 110 "aes256-cts-hmac-sha1-96:normal " \ 111 "aes128-cts-hmac-sha1-96:normal" 112 113 #define MAX_DGRAM_SIZE 65536 114 115 #define RCTMPDIR "/var/tmp" /* directory to store replay caches */ 116 117 #define KRB5_PATH_TTY "/dev/tty" 118 #define KRB5_PATH_LOGIN "/usr/sbin/login.krb5" 119 #define KRB5_PATH_RLOGIN "/usr/bin/rlogin" 120 121 #define KRB5_ENV_CCNAME "KRB5CCNAME" 122 123 /* 124 * krb5 replica support follows 125 */ 126 127 #define KPROP_DEFAULT_FILE KDC_DIR "/replica_datatrans" 128 #define KPROPD_DEFAULT_FILE KDC_DIR "/from_master" 129 #define KPROPD_DEFAULT_KDB5_UTIL "/usr/sbin/kdb5_util" 130 #define KPROPD_DEFAULT_KPROP "/usr/sbin/kprop" 131 #define KPROPD_DEFAULT_KRB_DB DEFAULT_KDB_FILE 132 #define KPROPD_ACL_FILE KDC_DIR "/kpropd.acl" 133 134 /* 135 * GSS mechglue 136 */ 137 #define MECH_CONF "/usr/etc/gss/mech" 138 #define MECH_LIB_PREFIX "/usr/lib/gss/" 139 140 #endif /* KRB5_OSCONF__ */ 141