dce/rpc "client" api
Gerald Carter
gcarter at valinux.com
Fri Aug 18 06:11:35 GMT 2000
Luke Kenneth Casson Leighton wrote:
>
> andrew would like it to be an smb.conf option because
> he would like a justification for the existence of
> the ncalrpc loop-back transport, given that "ncacn_np
> over SMB over 127.0.0.1 _should_ be sufficient".
I was confused. You mean have an option to
enable this support at all. I thought you meant
an option to set the default transport layer used.
> in TNG, the default transport for DCE/RPC _is_
> ncalrpc. anything else [whether SMB or TCP]
> *redirects* to ncalrpc.
ok...we're moving off scope here a little I think.
This should probably break off into another thread
so as not to confuse everyone from the original
rfc.
> i intend to write a... a... [think-of-a-name,quick!]
> dcetcpd "thing" which will be incredibly simple. it will
> listen on a TCP port, it will send an "anonymous credentials
> setup" over ncalrpc, and from then on it will
> simply read_data() followed by write_data() and
> vice-versa to communicate between the TCP socket
> and the unix domain socket.
ok...I know what you are trying to do here. However (and I've
talked with you and others in the past about this), someone
has to assemble the full PDU, right? Currently in HEAD this
is done prior to passing the PDU to the parsing layer of
the code. I think that the dcetcpd daemon would need to
assemable a full PDU before sending it to the rpc daemon.
Someone has to check for attacks such as sending half a PDU
and then no more. Do you follow me? I'm not a dce/rpc whiz
I will admit.
jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com VA Linux Systems gcarter at valinux.com
http://www.samba.org SAMBA Team jerry at samba.org
http://www.eng.auburn.edu/~cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-technical
mailing list