Added sample (un)defines for KRBCONF_VAGUE_ERRORS and

author Theodore Tso <tytso@mit.edu>

Thu, 24 Sep 1992 23:19:55 +0000 (23:19 +0000)

committer Theodore Tso <tytso@mit.edu>

Thu, 24 Sep 1992 23:19:55 +0000 (23:19 +0000)
author Theodore Tso <tytso@mit.edu>
Thu, 24 Sep 1992 23:19:55 +0000 (23:19 +0000)
committer Theodore Tso <tytso@mit.edu>
Thu, 24 Sep 1992 23:19:55 +0000 (23:19 +0000)
diff --git a/src/include/krb5/stock/config.h b/src/include/krb5/stock/config.h

index 314ee1f793c84be8c844b94e59d8121e649b058d..2d6a1f3a05a169c0b2f3ed9db0e4ce94bf7e3a6b 100644 (file)
--- a/src/include/krb5/stock/config.h
+++ b/src/include/krb5/stock/config.h
@@ -154,5 +154,23 @@ typedef int krb5_sigtype;
  #define        KRB5_KDB_MAX_RLIFE      (60*60*24*7) /* one week */
  #define        KRB5_KDB_EXPIRATION     2145830400 /* Thu Jan  1 00:00:00 2038 UTC */
  
+/*
+ * For paranoid DOE types that don't want to give helpful error
+ * messages to the client....er, attacker
+ */
+#undef KRBCONF_VAGUE_ERRORS
+
+/*
+ * Define this if you want the KDC to modify the Kerberos database;
+ * this allows the last request information to be updated, as well as
+ * the failure count information.
+ * 
+ * Note that this doesn't work if you're using slave servers!!!  It
+ * also causes the database to be modified (and thus need to be
+ * locked) frequently.
+ */
+#undef KRBCONF_KDC_MODIFIES_KDB
+    
+
  #endif /* KRB5_CONFIG__ */
author	Theodore Tso <tytso@mit.edu>
	Thu, 24 Sep 1992 23:19:55 +0000 (23:19 +0000)
committer	Theodore Tso <tytso@mit.edu>
	Thu, 24 Sep 1992 23:19:55 +0000 (23:19 +0000)