It has been discussed for a litle bit that the winbind interface used by squid needs some stabiliy. In particular, the squid team doesn't want to have to chase every release (let along alpha) version just to make their product work.
The initial suggestion was that we create a shared library and that this would provide the stablity. I talked to tridge about this, and was reminded why shared libraries are such a pain in the first place... Tridge suggested that it would be better to have a standalone binary, with a sane, machine-parseable interface.... As such, my proposal is that the Squid helper protocol form the basis for this interface, and that code implementing this protocol (or a compatible derivitive of it) should be included in future samba releases. Being a seperate execuable, licencing issues are overcome (not an issue for squid, but we can now allow the same thing for apache). I hope that we can also use the same NTLMSSP implementation inside Samba - which should ensure its maintainence into the future. Conceptually, it would be a simple code import from squid's current helper's directory. In practice, a lot of the code will need to be reoganised and rewritten (simply due to differences between the projects). In particular, I would like to leverage tridge's RPC encoder/decoder, and try to get a relitivly simple code-path going. One change I would make: Allow one helper to issue a challange, and another to pick it up. This could be done by sending the second helper the challange packet, with a tag to say 'pretend you sent this'. How does this sound? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net