Fixing libwbclient struct wbcAuthUserInfo
gd at samba.org
Thu May 28 22:17:12 GMT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Steven Danneman wrote:
>> Andrew Bartlett schrieb:
>>> On Thu, 2009-05-28 at 10:28 +0200, Volker Lendecke wrote:
>>>> On Thu, May 28, 2009 at 06:23:58PM +1000, Andrew Bartlett wrote:
>>>>> I really, really want the NDR encoded 'info3' (actually, I want
>>>>> level 6) transported intact between winbindd and Samba. Going back
>>>>> and forth via another structure is not only a pain, it is error
>>>>> prone. If we do this right, and Microsoft adds extra information
>>>>> the 'reserved' fields (or another level), then we simply pass on
>> that information.
>>>> The problem with NDR in the winbind pipe protocol is that it pulls
>>>> GPL code (the NDR base libs) into something that will be linked into
>>>> pam_winbind and nss_winbind.
>>> No, the NDR blob is passed to the caller for it to interpret. It
>>> remains opaque to wbclient and other users.
>> Then we need a wbcAuthenticateUserEx2() and pass a wbcBlob list in and
>> out. That way we could also pass the names for NTLMv2 via such blobs.
> An In/Out blob list makes more sense, as if we're expecting info3/6 structures to come back through the interface, we should support sending the full SPNEGO blob into it.
Just wondering, wouldn't wbcLogonUser easily allow that already?
It already takes an array of wbcNamedBlobs in the [in]
wbcLogonUserParams and can give back an array of wbcNamedBlobs on [out]
Günther Deschner GPG-ID: 8EE11688
Red Hat gdeschner at redhat.com
Samba Team gd at samba.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba-technical