ASN.1 parser

Andrew Bartlett abartlet at samba.org
Sun Nov 19 23:51:47 CST 2006 

On Sat, 2006-11-18 at 09:10 +0100, Kai Blin wrote:
> On Saturday 18 November 2006 01:12, Juan Lang wrote:
> > Hi Kai,
> >
> > > I'm just looking into implementing Kerberos and Negotiate for SSPI. It
> > > seems like I'll need an ASN.1 parser for both of those. I know you have
> > > a partial implementation of an ASN.1 DER parser in crypt32, but I think
> > > it would be kind of silly to keep two seperate copies. Think it would
> > > make sense to create our own asn dll? Or is there any method to find out
> > > what functions msasn1.dll provides?
> > 
> > I think you could get Kerberos and Negotiate working quicker just by
> > copying code as needed.  No non-MS application I'm aware of uses msasn1
> > directly, so Wine wouldn't gain much from a compatible version.  Doing the
> > "right" thing could be sort of a hassle for crypt32 too (not that so many
> > apps use it right now.)
> 
> Ok, never mind then. I'll trust you on that one. :)
> 
> > The only thing is how much duplicated code offends you.  I'm trying to
> > prevent you from diving into a black hole, like I did with crypt32 when
> > what I was really after was SSL ;)
> 
> Well, an alternative option for Kerberos and Negotiate would be using GSSAPI, 
> but I now agree with Dan Kegel on that one, it's a bit too bloated for what 
> we want to do with it. The api is a bit too different from SSPI to enable 
> making SPPI a thin wrapper for GSSAPI and implementing our providers as 
> GSSAPI plugins... It was a nice plan, though ;)

I strongly recommend against trying to do what Samba3 did, and thinking
that GSSAPI is 'too much'.  That has created problems for us, and does
not produce the same network results as using 'real' GSSAPI.

Andrew Bartlett
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.winehq.org/pipermail/wine-devel/attachments/20061120/a37f87cb/attachment.pgp

More information about the wine-devel mailing list