dce/rpc "client" api

Gerald Carter gcarter at valinux.com
Fri Aug 18 06:11:35 GMT 2000

Luke Kenneth Casson Leighton wrote:
> andrew would like it to be an smb.conf option because 
> he would like a justification for the existence of 
> the ncalrpc loop-back transport, given that "ncacn_np 
> over SMB over _should_ be sufficient".

I was confused.  You mean have an option to 
enable this support at all.  I thought you meant 
an option to set the default transport layer used.

> in TNG, the default transport for DCE/RPC _is_ 
> ncalrpc.  anything else [whether SMB or TCP] 
> *redirects* to ncalrpc.

ok...we're moving off scope here a little I think.
This should probably break off into another thread
so as not to confuse everyone from the original

> i intend to write a... a... [think-of-a-name,quick!] 
> dcetcpd "thing" which will be incredibly simple.  it will 
> listen on a TCP port, it will send an "anonymous credentials 
> setup" over ncalrpc, and from then on it will
> simply read_data() followed by write_data() and 
> vice-versa to communicate between the TCP socket 
> and the unix domain socket.

ok...I know what you are trying to do here.  However (and I've
talked with you and others in the past about this), someone
has to assemble the full PDU, right?  Currently in HEAD this 
is done prior to passing the PDU to the parsing layer of 
the code.  I think that the dcetcpd daemon would need to 
assemable a full PDU before sending it to the rpc daemon.
Someone has to check for attacks such as sending half a PDU
and then no more.  Do you follow me?  I'm not a dce/rpc whiz 
I will admit.

   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com  VA Linux Systems    gcarter at valinux.com
       http://www.samba.org       SAMBA Team           jerry at samba.org

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

More information about the samba-technical mailing list