CVS update: tng/source/passdb
Luke Kenneth Casson Leighton
lkcl at samba-tng.org
Wed Jan 9 17:12:20 GMT 2002
On Wed, Jan 09, 2002 at 02:56:36PM -0500, Cole, Timothy D. wrote:
> Open-source would fail to provide a viable alternative to Microsoft
> services. The relatively open infrastructure that permitted open source
> would deteriorate from disuse in corporate environments.
> This is the default.
> Other possibilities:
> * Somebody (the "Apache" project would be the natural candidate) writes an
> "HTTP multiplexer" which permits "Apache", "OpenMSMail" and other standalone
> applications requiring an HTTP transport for whatever to collaborate in a
> generalist way on the same server. Again, the main practical roadblock to
> implementing MS-SMTP and other services over HTTP is removed.
in fact, you are pretty close to the mark: more than you realise!
the reason is that microsoft has added to the list of dce/rpc
transports that they support - get this: ncacn_http!
so yes, absolutely, writing a mod_freedce_http.so _is_ on the
TODO list, and it's exactly the same principles.
do some HTTP headers (including AUTH headers), and then
once you've authenticated and passed the auth info over
some communication mechanism to the freedce security
subsystem, proxy any data transfers occuring
on port 80 _straight_ over to the freedce subsystem
for _it_ to deal with.
the exact same thing needs to happen in samba on ports
445 and 139, except on the IPC$ "named pipes".
martin [pool], i didn't mention this before, but this is a good
as the above ncacn_http example demonstrates, and also the
ncacn_np example, the involvement by apache [in ncacn_http]
and the involvement by samba [in ncacn_np] in actual dce/rpc
packets is NIL! nothing! zip!
you don't even have to parse them, you just act as a proxy.
p.s. the reason that ms added ncacn_http is because well
"*duur* the web _is_ the internet, right????"
More information about the samba-technical