It has been discussed for a litle bit that the winbind interface used by
squid needs some stabiliy. In particular, the squid team doesn't want
to have to chase every release (let along alpha) version just to make
their product work.
The initial suggestion was that we create a shared library and that this
would provide the stablity. I talked to tridge about this, and was
reminded why shared libraries are such a pain in the first place...
Tridge suggested that it would be better to have a standalone binary,
with a sane, machine-parseable interface....
As such, my proposal is that the Squid helper protocol form the basis
for this interface, and that code implementing this protocol (or a
compatible derivitive of it) should be included in future samba
releases.
Being a seperate execuable, licencing issues are overcome (not an issue
for squid, but we
can now allow the same thing for apache). I hope that we can also use
the same NTLMSSP implementation inside Samba - which should ensure its
maintainence into the future.
Conceptually, it would be a simple code import from squid's current
helper's directory. In practice, a lot of the code will need to be
reoganised and rewritten (simply due to differences between the
projects). In particular, I would like to leverage tridge's RPC
encoder/decoder, and try to get a relitivly simple code-path going.
One change I would make: Allow one helper to issue a challange, and
another to pick it up. This could be done by sending the second helper
the challange packet, with a tag to say 'pretend you sent this'.
How does this sound?
Andrew Bartlett
-- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.netReceived on Sat May 25 2002 - 00:55:47 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:30 MST