------------------------------------------------------------------------
r24074 | tlyu | 2010-05-20 16:42:26 -0400 (Thu, 20 May 2010) | 11 lines
ticket: 6730
subject: kdc_tcp_ports not documented in kdc.conf.M
target_version: 1.8.2
tags: pullup
The kdc.conf setting kdc_tcp_ports was not documented in kdc.conf.M,
though it was documented in doc/admin.texinfo. Copy text from there
for now. The setting defaults to an empty string at the moment,
causing the KDC to not listen on TCP by default, confusing some users.
Changing this behavior is a separate issue.
ticket: 6730
version_fixed: 1.8.2
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@24077
dc483132-0cff-0310-8789-
dd5450dbe970
on, by default. This list is a comma separated list of integers. If
this relation is not specified, the compiled-in default is usually
port 88 and port 750.
+.IP kdc_tcp_ports
+This relation lists the ports on which the Kerberos server should
+listen for TCP connections by default. This list is a comma separated
+list of integers.
+If this relation is not specified, the compiled-in default is not to
+listen for TCP connections at all.
+If you wish to change this (which we do not recommend, because the
+current implementation has little protection against denial-of-service
+attacks), the standard port number assigned for Kerberos TCP traffic
+is port 88.
.IP v4_mode
This
.B string
.I [kdcdefaults]
section is used.
+.IP kdc_tcp_ports
+This
+.B string
+specifies the list of ports that the KDC is to listen to
+for TCP requests for this realm. By default, the value of
+.I kdc_tcp_ports
+as specified in the
+.I [kdcdefaults]
+section is used.
+
.IP master_key_name
This
.B string
projects / krb5.git / commitdiff