[Dovecot] [Patch v2] Samba's proposed "ntlm_auth + winbind" support for dovecot-auth

Dmitry Butskoy buc at odusz.so-cdu.ru
Tue Jul 3 18:03:00 EEST 2007


Version 2 of the patch.

Options "auth_winbind_helper_ntlm" and "auth_winbind_helper_spnego" added.
(The default values for them are actually placed in mech-winbind.c .
Hmm... )

dup2() and fork() errors reported.
Don't want to report close() errors here :)

Usernames in form "DOMAIN\user" are transformed to "user at DOMAIN"
(call to auth_request_set_username() is used).

Still don't want to simplify output by "write_full()" -- for more clean
code it is better to do input/output in a similar style.
Does an extra "ostream" grab a significant amount of resources?

I've not found an easy way how the io can be re-coded "non-blocking". I
hope in the case of the network failures (where Dovecot is reachable,
but domain controller not) the winbind daemon itself can do timeouts
(which will be "transferred" then to the pending ntlm_auth etc.)
Maybe to leave things as is (i.e. blocking), and later some new common
code (a worker for mech) could help for all such mechanisms (including
gssapi) ?


Regards,
Dmitry Butskoy


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dovecot-1.0.1-winbind.patch-v2
Url: http://dovecot.org/pipermail/dovecot/attachments/20070703/0b9aa8e0/attachment.pl 


More information about the dovecot mailing list