Each entry may be an interface address, a port number, or an
address and port number separated by a colon. If the address
contains colons, enclose it in square brackets. If no address is
- specified, the wildcard address is used. If kadmind fails to bind
- to any of the specified addresses, it will fail to start. The
- default is to bind to the wildcard address at the port specified
- in **kadmind_port**, or the standard kadmin port (749). New in
+ specified, the wildcard address is used. To disable listening for
+ kadmin RPC connections, set this relation to the empty string with
+ ``kadmind_listen = ""``. If kadmind fails to bind to any of the
+ specified addresses, it will fail to start. The default is to
+ bind to the wildcard address at the port specified in
+ **kadmind_port**, or the standard kadmin port (749). New in
release 1.15.
**kadmind_port**
address and port number separated by a colon. If the address
contains colons, enclose it in square brackets. If no address is
specified, the wildcard address is used. If no port is specified,
- the standard port (88) is used. If the KDC daemon fails to bind
- to any of the specified addresses, it will fail to start. The
- default is to bind to the wildcard address on the standard port.
- New in release 1.15.
+ the standard port (88) is used. To disable listening on UDP, set
+ this relation to the empty string with ``kdc_listen = ""``.
+ If the KDC daemon fails to bind to any of the specified addresses,
+ it will fail to start. The default is to bind to the wildcard
+ address on the standard port. New in release 1.15.
**kdc_ports**
(Whitespace- or comma-separated list, deprecated.) Prior to
an interface address, a port number, or an address and port number
separated by a colon. If the address contains colons, enclose it
in square brackets. If no address is specified, the wildcard
- address is used. If kadmind fails to bind to any of the specified
- addresses, it will fail to start. The default is to bind to the
- wildcard address at the port specified in **kpasswd_port**, or the
- standard kpasswd port (464). New in release 1.15.
+ address is used. To disable listening for kpasswd requests, set
+ this relation to the empty string with ``kpasswd_listen = ""``.
+ If kadmind fails to bind to any of the specified addresses, it
+ will fail to start. The default is to bind to the wildcard
+ address at the port specified in **kpasswd_port**, or the standard
+ kpasswd port (464). New in release 1.15.
**kpasswd_port**
(Port number.) Specifies the port on which the :ref:`kadmind(8)`
/* Add each realm's listener addresses to the loop. */
for (i = 0; i < shandle.kdc_numrealms; i++) {
realm = shandle.kdc_realmlist[i];
- if (*realm->realm_listen != '\0') {
- retval = loop_add_udp_address(KRB5_DEFAULT_PORT,
- realm->realm_listen);
- if (retval)
- goto net_init_error;
- }
- if (*realm->realm_tcp_listen != '\0') {
- retval = loop_add_tcp_address(KRB5_DEFAULT_PORT,
- realm->realm_tcp_listen);
- if (retval)
- goto net_init_error;
- }
+ retval = loop_add_udp_address(KRB5_DEFAULT_PORT, realm->realm_listen);
+ if (retval)
+ goto net_init_error;
+ retval = loop_add_tcp_address(KRB5_DEFAULT_PORT,
+ realm->realm_tcp_listen);
+ if (retval)
+ goto net_init_error;
}
if (workers == 0) {
goto cleanup;
}
- /* Start tokenizing the addresses string. If we get NULL the string
- * contained no addresses, so add a wildcard address. */
+ /* Loop through each address in the string and add it to the loop. */
addr = strtok_r(addresses_copy, ADDRESSES_DELIM, &saveptr);
- if (addr == NULL) {
- ret = loop_add_address(NULL, default_port, type, rpc_data);
- goto cleanup;
- }
-
- /* Loop through each address and add it to the loop. */
for (; addr != NULL; addr = strtok_r(NULL, ADDRESSES_DELIM, &saveptr)) {
/* Parse the host string. */
ret = k5_parse_host_string(addr, default_port, &host, &port);
host = NULL;
}
+ ret = 0;
cleanup:
free(addresses_copy);
free(host);
projects / thirdparty / krb5.git / commitdiff
