mod_auth_smb.c

[Jason Wright]

> > Now, it may come to pass that the request will have to be interrupted.  In
> > that case, you deallocate all that you can and bzero() any passwords you
> > may have running around for safety.  A single static smb authentication
> > block will do, but you have to make sure that you reinitialize it upon
> > entry.
> 
> yes, i will be doing that.  and i will blatantly be copying your code.  if
> you bzero'd the password memory, then so will i :-)
>  
Don't think I did that in my code, but I should have (tell you the truth I
haven't looked at the code in a few months).  Feel free to mangle the
code, but I'll be interested in seeing your results. =)

> > and certainly not an expert in smb authentication,
> 
> don't worry: i've created a single-call library function to do an NT
> Domain "Login".
> 
That's the way to go.  I found enough support in smblib to call (I think)
3 functions and know whether I got in or not.  I was authenticating
against an NT 3.51 machine (no jokes please) and it's IPC$ service.

Doing it the right way (ie. specifying only the domain) is prolly the
right thing to do, but I needed it written quickly =)

Hmm, is this library function a part of samba, or will it be in the
future?

> > so take this with a lot of salt.
>
> pinch, teaspoon or cellar?
> 
Remember Lot's wife?

--Jason