ncacn_http for 4.2? (Re: RPC over HTTP (ncacn_http) implementation for DCERPC client libraries)
Samuel Cabrero
scabrero at zentyal.com
Tue Sep 16 10:27:12 MDT 2014
Hi Stefan, Andrew,
another iteration. The changes:
* The TLS flag on the binding structure has been changed to a string
option, so all changes to binding structure are dropped now.
* NTLM support. After having a look to gensec I have added three
mechanisms for the HTTP library (http_basic, http_ntlm and
http_negotiate). The http_ntlm and http_negotiate are just wrappers
which start a gensec sub context and only encode/decode the blobs in
base64.
* Small changes in the HTTP library interface.
In my tests the three mechanisms are working against IIS, but I have not
added the option to use the negotiate scheme for ncacn_http because only
NTLM and basic are supported ([MS-RPCH] Sec. 1.7). When I tried to use
it, the server was closing the connection after authentication.
Samuel.
On sáb, 2014-09-13 at 18:46 +0200, Stefan (metze) Metzmacher wrote:
> Hi Samuel,
>
> > I removed the modifications of the binding structure,
>
> Please use a binding option like http_encryption=tls or http_tls=true,
> instead of adding "tls" as magic option.
>
> > implemented the HTTP NTLM authentication, squashed last two patches and formatted the
> > code following the code style (you are free to correct it if I miss
> > something).
>
> Thanks!
>
> > I hope it is not too late to merge them for 4.2.
>
> I plan to work on them next week after I'm done with my SDC talk.
>
> metze
>
>
>
--
Samuel Cabrero - Developer
scabrero at zentyal.com
Zentyal - Active Exchange
www.zentyal.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ncacn_http-Add-http-library.patch.gz
Type: application/gzip
Size: 6569 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140916/d188cf1e/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-ncacn_http-Authentication-modules-for-http-library.patch.gz
Type: application/gzip
Size: 4747 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140916/d188cf1e/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-ncacn_http-Client-implementation.patch.gz
Type: application/gzip
Size: 9467 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140916/d188cf1e/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-ncacn_http-DCERPC-pipe-open-using-http-transport.patch.gz
Type: application/gzip
Size: 2306 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140916/d188cf1e/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140916/d188cf1e/attachment.pgp>
More information about the samba-technical
mailing list