[Cvsnt] gserver impersonation

Tony Hoyle tmh at nothing-on.tv
Fri Mar 1 00:21:31 GMT 2002 

Brian Smith wrote:
> Actually, I changed my mind. I would like to have a seperate DLL
> (gserver_sspi_protocol.dll) for the gserver/sspi.

OK

> My first reason is that I would like the new protocol DLL to be
> responsible for registering/deregistering the service-protocol-name
> (SPN) in Active Directory (AD). I would like to do this by adding two
> functions to protocol_interface:
>         void server_install();  -- called when service gets installed
>         void server_uninstall();-- called when service gets uninstalled

Does this get called by InstallShield then?  I'm probably going to need
to write a post-installation program anyway so it fits in nicely (to
migrate .cvspass and .cvsrc into their new places in the registry).

> gserver mode never supported login anyway and the CVSROOT syntax for
> specifying username and password conflicts with the server at realm sintax
> needed for gserver mode in any case:
>     :gserver:server[@REALM]:/path
>     :sspi:[username[:password]@]server:/path

Hmm I never thought of the @REALM stuff.  I'll have to see how that fits in.

> If we want to support specifying a username & password for gserver, it
> would have to look something like this:
>     :gserver:[username[:password][@user_server[@REALM]]@server[@REAM]:/p

heh.  It would be 'interesting' to parse this...

> When testing :sspi: it didn't work right because the sspi v2 client was
> sending the netogiate line which my sspi code didn't expect. But,
> regardless, I did the merge and it seems to be working (I tried both
> combinations of client/server).

Great.

>> Generally I just do a couple of release bugfixes until everyone is
>> happy, then start another development cycle.  I could create a branch
>> if there was a really good reason for it...  I'd like to avoid releasing
>> off two branches though.
>
>
> That sounds good. A stabilization period is really all I need.

Since there's quite a bit of stuff to go in I'll probably create a
development branch so it can get merged reasonably quickly.  Then when
the release has stabilised I'll merge it all back into the trunk and
carry on as before.

Tony

_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt

More information about the cvsnt mailing list