1 /* 2 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 7 /* 8 * include/krb5/stock/osconf.h 9 * 10 * Copyright 1990,1991 by the Massachusetts Institute of Technology. 11 * All Rights Reserved. 12 * 13 * Export of this software from the United States of America may 14 * require a specific license from the United States Government. 15 * It is the responsibility of any person or organization contemplating 16 * export to obtain such a license before exporting. 17 * 18 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 19 * distribute this software and its documentation for any purpose and 20 * without fee is hereby granted, provided that the above copyright 21 * notice appear in all copies and that both that copyright notice and 22 * this permission notice appear in supporting documentation, and that 23 * the name of M.I.T. not be used in advertising or publicity pertaining 24 * to distribution of the software without specific, written prior 25 * permission. Furthermore if you modify this software you must label 26 * your software as modified software and not distribute it in such a 27 * fashion that it might be confused with the original M.I.T. software. 28 * M.I.T. makes no representations about the suitability of 29 * this software for any purpose. It is provided "as is" without express 30 * or implied warranty. 31 * 32 * 33 * Site- and OS- dependant configuration. 34 */ 35 36 #ifndef KRB5_OSCONF__ 37 #define KRB5_OSCONF__ 38 39 #if !defined(_WIN32) 40 /* Don't try to pull in autoconf.h for Windows, since it's not used */ 41 #ifndef KRB5_AUTOCONF__ 42 #define KRB5_AUTOCONF__ 43 #include "autoconf.h" 44 #endif 45 #endif 46 47 #if defined(__MACH__) && defined(__APPLE__) 48 # include <TargetConditionals.h> 49 #endif 50 51 #if defined(_WIN32) 52 #define DEFAULT_PROFILE_FILENAME "krb5.ini" 53 #define DEFAULT_LNAME_FILENAME "/aname" 54 #define DEFAULT_KEYTAB_NAME "FILE:%s\\krb5kt" 55 #else /* !_WINDOWS */ 56 #if TARGET_OS_MAC 57 #define DEFAULT_SECURE_PROFILE_PATH "/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:@SYSCONFDIR/krb5.conf" 58 #define DEFAULT_PROFILE_PATH ("~/Library/Preferences/edu.mit.Kerberos" ":" DEFAULT_SECURE_PROFILE_PATH) 59 #define KRB5_PLUGIN_BUNDLE_DIR "/System/Library/KerberosPlugins/KerberosFrameworkPlugins" 60 #define KDB5_PLUGIN_BUNDLE_DIR "/System/Library/KerberosPlugins/KerberosDatabasePlugins" 61 #else 62 /* Solaris Kerberos */ 63 #define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5/krb5.conf" 64 #define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH 65 #endif 66 /* Solaris Kerberos */ 67 #define DEFAULT_KEYTAB_NAME "FILE:/etc/krb5/krb5.keytab" 68 #endif /* _WINDOWS */ 69 70 /* Solaris Kerberos: default for where ldap bind passwds stored */ 71 #define DEF_SERVICE_PASSWD_FILE "/var/krb5/service_passwd" 72 73 /* Solaris Kerberos */ 74 #define DEFAULT_KDB_FILE "/var/krb5/principal" 75 #define DEFAULT_KEYFILE_STUB "/var/krb5/.k5." 76 #define KRB5_DEFAULT_ADMIN_ACL "/etc/krb5/krb5_adm.acl" 77 78 #define DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/kadm_old.acl" 79 80 /* Location of KDC profile */ 81 /* Solaris Kerberos */ 82 #define DEFAULT_KDC_PROFILE "/etc/krb5/kdc.conf" 83 #define KDC_PROFILE_ENV "KRB5_KDC_PROFILE" 84 85 #if TARGET_OS_MAC 86 #define DEFAULT_KDB_LIB_PATH { KDB5_PLUGIN_BUNDLE_DIR, "@MODULEDIR/kdb", NULL } 87 #else 88 /* Solaris Kerberos */ 89 #define DEFAULT_KDB_LIB_PATH { "/usr/lib/krb5", NULL } 90 #endif 91 92 /* 93 * SUNW14resync 94 * MIT 1.4 has changed to ENCTYPE_DES3_CBC_SHA1 but we stick with the old one 95 * for backward compat. 96 */ 97 #define DEFAULT_KDC_ENCTYPE ENCTYPE_DES_CBC_CRC 98 #define KDCRCACHE "dfl:krb5kdc_rcache" 99 100 #define KDC_PORTNAME "kerberos" /* for /etc/services or equiv. */ 101 #define KDC_SECONDARY_PORTNAME "kerberos-sec" /* For backwards */ 102 /* compatibility with */ 103 /* port 750 clients */ 104 105 #define KRB5_DEFAULT_PORT 88 106 #define KRB5_DEFAULT_SEC_PORT 750 107 108 #define DEFAULT_KPASSWD_PORT 464 109 #define KPASSWD_PORTNAME "kpasswd" 110 111 #define DEFAULT_KDC_UDP_PORTLIST "88,750" 112 /* Solaris Kerberos: enabled TCP by default on port 88 */ 113 #define DEFAULT_KDC_TCP_PORTLIST "88" 114 115 /* Solaris Kerberos: control # of kdc tcp connection */ 116 #define DEFAULT_KDC_TCP_CONNECTIONS 30 117 #define MIN_KDC_TCP_CONNECTIONS 10 118 119 /* 120 * Defaults for the KADM5 admin system. 121 */ 122 /* Solaris Kerberos */ 123 #define DEFAULT_KADM5_KEYTAB "/etc/krb5/kadm5.keytab" 124 #define DEFAULT_KADM5_ACL_FILE "/etc/krb5/kadm5.acl" 125 #define DEFAULT_KADM5_PORT 749 /* assigned by IANA */ 126 127 #define MAX_DGRAM_SIZE 4096 128 #define MAX_SKDC_TIMEOUT 30 129 #define SKDC_TIMEOUT_SHIFT 2 /* left shift of timeout for backoff */ 130 #define SKDC_TIMEOUT_1 1 /* seconds for first timeout */ 131 132 #define KRB5_ENV_CCNAME "KRB5CCNAME" 133 134 /* 135 * krb5 slave support follows 136 */ 137 138 /* Solaris Kerberos */ 139 #define KPROP_DEFAULT_FILE "/var/krb5/slave_datatrans" 140 #define KPROPD_DEFAULT_FILE "/var/krb5/from_master" 141 #define KPROPD_DEFAULT_KDB5_UTIL "/usr/sbin/kdb5_util" 142 #define KPROPD_DEFAULT_KDB5_EDIT "/usr/sbin/kdb5_edit" 143 #define KPROPD_DEFAULT_KRB_DB DEFAULT_KDB_FILE 144 #define KPROPD_ACL_FILE "/etc/krb5/kpropd.acl" 145 146 #endif /* KRB5_OSCONF__ */ 147