ncacn_http for 4.2? (Re: RPC over HTTP (ncacn_http) implementation for DCERPC client libraries)

Andrew Bartlett abartlet at
Fri Sep 12 19:48:50 MDT 2014

On Fri, 2014-09-12 at 16:44 +0200, Samuel Cabrero wrote:
> Hi Stefan, Andrew,
> I removed the modifications of the binding structure, implemented the
> HTTP NTLM authentication, squashed last two patches and formatted the
> code following the code style (you are free to correct it if I miss
> something). I hope it is not too late to merge them for 4.2.

Thanks.  On the NTLM support, you should not be including 
#include "auth/ntlmssp/ntlmssp_private.h", or using any of the functions
found in there,

You need to be more generic, and start the mechanism using one of the
gensec_start_mech_by_*() functions.  This will allow you to make this
generic enough to also support Negotiate (SPNEGO) and therefore

You should also avoid hard-coding the NTLM steps, instead use the output
of gensec_update() to work out if you need to send another packet.


Andrew Bartlett

Andrew Bartlett             
Authentication Developer, Samba Team
Samba Developer, Catalyst IT

More information about the samba-technical mailing list