outsourcing DCE/RPC to alternate programs - runtime config option

tridge at samba.org tridge at samba.org
Fri Dec 10 20:31:06 GMT 2004


Metze,

 > other transports are not bound to smbd they can directly listen on the socket,
 > but you're right for the pipe vs. interface problem

If you directly listen on the socket, then how do you register with
the endpoint mapper? Also, how do you handle things like schannel
which require state being passed from one pipe to another?

For simple cases where you have a fixed port and no fancy
authentication options then listening on the socket will work, but I
think that if we are going to offer a set of external hooks that we
should allow them to be fully functional.

This also allows the external code not to worry about signing and
sealing. The forwarding code in the samba rpc server would remove the
signing and sealing and pass the naked packets to the unix domain
socket. So a client could negotiate signed/sealed RPC without every
external rpc implementation having to worry about implementing those.
This is especially important given the interactions between the
signing/sealing code and the base SMB authentication code (which must
be done inside smbd for obvious reasons).

Cheers, Tridge


More information about the samba-technical mailing list