Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Open Group Releases DCE 1.2.2 as Free Software

michael posted more than 9 years ago | from the run-with-the-big-boys dept.

GNU is Not Unix 162

lkcl writes "The Open Group announced 12th January 2005 that they are releasing DCE/RPC 1.2.2 as a Free Software Project - under the LGPL. This is a major coup for Free Software: the Distributed Computing Environment is known to be involved in some major projects. There is a mirror at opendce.hands.com which runs rsync, ftp, and there is also a dce122.tar.bz2.torrent bittorrent running as well."

Sorry! There are no comments related to the filter you selected.

frist psot (-1, Offtopic)

krappie (172561) | more than 9 years ago | (#11365966)

wtf

freedce (3, Informative)

lkcl (517947) | more than 9 years ago | (#11365967)

Article at Advogato [advogato.org] with some more details.

This is one _monster_ big deal for Free Software.

This is the code that allows big companies such as IBM, Fujitsu, Entegrity etc. to bid for £500m contracts. [theregister.co.uk]

We have FreeDCE [sf.net] already, which is the DCE 1.1 Reference implementation autoconf'd and updated...

Re:freedce (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11366019)

wow, you submitted the story AND trolled for more page views! Way to go, overselling yesterday's technology!

Re:freedce (1)

lkcl (517947) | more than 9 years ago | (#11366034)

_and_ keeping an eye on the bloody bittorrent client and the server i borrowed to host a mirror of the code - it's a wonder i get to do any work at all, really.

Re:freedce (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11366407)

Dude, your CV [cb1.com] just screams "I am an elitist asshole." I wouldn't even consider interviewing you.

Re:freedce (-1, Offtopic)

lkcl (517947) | more than 9 years ago | (#11366629)

yessss :) i aaaaaam the greatest!

my mama was an alien,
my daddy was an engineer,
and i was spawned
from the borg one morn
with keyboards in my ears,
in my eeeeearrs.

they call me the microsoft hacker,
once upon a pair of wires,
and i'm gooonne
*crack my numbers*
i wonder how your PC's feeln'
*ba ba ba baaaa*
scoot down the wires,
*crack my numbers*
i wonder how your PC's feeln'
*ba ba ba baa baa*

Copyright (C) Luke Kenneth Casson Leighton 2004
All rights reserved

Re:freedce (1, Informative)

Anonymous Coward | more than 9 years ago | (#11366095)

wow, you submitted the story AND trolled for more page views! Way to go, overselling yesterday's technology!

He bought the $lashdot Bonus Pack©. That's a story plus a guaranteed 2nd post behind a non karma whoring first post (1st would be to obvious and a karma whore first post might drown it out. Sorry, Lindsy. ) The bonus pack only cost $50 more than the regular $lashvertisement.

just DCE/RPC (0)

Anonymous Coward | more than 9 years ago | (#11366288)

They're not freeing all of DCE, just the RPC component.

Re:just DCE/RPC (1)

lkcl (517947) | more than 9 years ago | (#11366391)

yes they are!! DCE 1.1 - the RPC runtime and development environment reference implementation, only 250,000 lines of code, has been available for nearly a decade under the OSF BSD-like license.

this is _really_ different: 3.5 _MILLION_ lines of code, including CDS and DFS, under the LGPL.

Pah! (0)

Anonymous Coward | more than 9 years ago | (#11366411)

This is one _monster_ big deal for Free Software.

It might have been 10 years ago, you know before people started using CORBA.

Re:Pah! (1)

lkcl (517947) | more than 9 years ago | (#11366659)

yes, dammit. it still is, but in different ways: companies like IBM and Fujitsu and Entegrity still make hundreds of millions of dollars out of it.

DCE/RPC is to DCOM as
Corba's RPC mechanism is to CORBA.

i mention a bit about it in my advogato article: it's _very_ stupid that TOG didn't release DCE/RPC (and DCOM) a _lot_ earlier than this.

never mind....

Re:Pah! (0)

Anonymous Coward | more than 9 years ago | (#11367174)

...companies like IBM and Fujitsu and Entegrity still make hundreds of millions of dollars out of it.

IBM et al. make those millions because of who they are, not what technology they use. I'm sure they will continue to generate revenue supporting DCE based systems well into the next decade - whether DCE is open source or not.

One thing is for sure, DCE is dead and gone as far as green field projects are concerned, so this news is largely irrelevant to the OSS community.

Re:Pah! (1)

lkcl (517947) | more than 9 years ago | (#11367235)

i fear that you are right.

if IBM hadn't stalled the release for four years, but, they're interested in making money: if there were major contracts they were still pulling in, there was no reason for them to hand it all over on a plate.

remember, they would have _just_ finished adding LDAP to their DCE 3.0 internal proprietary version.

now, of course, this code is end-of-lifecycle as far as they are concerned, and a large number of companies and universities are in deep doodoo unless the open source community can pull together.

also, remember, code doesn't decay or rust, it just _looks_ old... :)

Re:freedce (1)

Richard Dick Head (803293) | more than 9 years ago | (#11366903)

From TFA:
UK's "National Insurance" Database is a DCE/RPC application which must now hold aroung a TERABYTE of information...

WOW, a whole TERABYTE! :D Err, is that anything special anymore?

A fellow student of mine is storing over a terabyte of information. If a broke-ass college student can whip that together, then I don't think so.

Re:freedce (2, Informative)

eviltypeguy (521224) | more than 9 years ago | (#11367793)

I would like to point a somewhat glaring inaccuracy in the article linked in the parent post.

The article author claims:

"...Global File System (which is proprietary anyway, available from Redhat)..."

Except, GFS is NOT proprietary. Behold, the source code:

http://sources.redhat.com/cluster/gfs/

And by the way, as my first impression I think Advogato sucks if only because there is no obvious way to contact the author or reply to the article to point out this inaccuracy or anyone at the site to contact about the article. Bleh.

How will this affect... (-1, Offtopic)

stratjakt (596332) | more than 9 years ago | (#11365969)

.. my ability to download the latest hollywood movies and albums and video games for free, that is, "my rights online"?

Re:How will this affect... (0)

Anonymous Coward | more than 9 years ago | (#11366088)

It will show the non-infringing uses of Bittorrent.

open group still matters? (1, Interesting)

Anonymous Coward | more than 9 years ago | (#11365991)

This isn't nearly as important as claimed here; other technologies supercede it.

Re:open group still matters? (1)

donbrock (705779) | more than 9 years ago | (#11367669)

DCE was overshadowed by Corba years ago which in turn is now being overshadowed by web technologies.

Re:open group still matters? (1)

lkcl (517947) | more than 9 years ago | (#11367756)

what goes around comes around: if DCE/RPC's profile is raised, it will hopefully stop people from reinventing technological problems that DCE solved _years_ ago, and will still need for certain kinds of software. ... not to mention that there are contracts and systems still in existence that mean DCE just ain't gonna diiieeeee :)

plus, Corba is object-orientated, and its "counterpart" is DCOM (which uses DCE/RPC underneath). a lot of people make this mistake - seen it about five times on slashdot in the past hour already!!!

Ummm (0, Flamebait)

Anonymous Coward | more than 9 years ago | (#11366000)

How can anyone call themselves the "Open Group" and do anything but release OSS??

Re:Ummm (3, Funny)

stratjakt (596332) | more than 9 years ago | (#11366027)

In precisely the same way you can call your product Kool Aid, when it helps nobody, and is in no way affiliated with Kool and the Gang.

Or in the same way that you drive on a parkway, and park in a driveway.

Re:Ummm (5, Informative)

crow (16139) | more than 9 years ago | (#11366057)

The Open Group was formed by the merger of X/Open and the Open Software Foundation. The use of "open" in all those names predates the phrase "open source." The term it relates to is "open systems," which refers to standardized Unix systems, as opposed to mainframes.

M$ from /www.dsps.net/History.html (1)

xtermin8 (719661) | more than 9 years ago | (#11366291)

Since the introduction of DCE, Microsoft have felt the need to use an RPC mechanism, though they didn't want to write their own from scratch so it was suggested they use the best in the industry (already chosen by the OSF) - legend has it that they approached the OSF for DCE RPC but didn't want to pay the licence fees. What Microsoft _did_ do was to take the Application Environment Specification and a network sniffer and reverse engineer the DCE RPC. MS RPC is based upon, and, with a little application (Like OEC Enterra) will work with DCE RPC.

Re:M$ from /www.dsps.net/History.html (1)

lkcl (517947) | more than 9 years ago | (#11366421)

yes - i gather it's something like that :)

Re:Ummm (1)

leandrod (17766) | more than 9 years ago | (#11367318)

The term it relates to is "open systems," which refers to standardized Unix systems, as opposed to mainframes.

This is completely wrong.

This days you can consider a mainframe open, because not only it can ran GNU/Linux but also it has a facility to run open systems programs, protocols etc. Other non-Unix systems do so, like Digital VMS.

Open systems are systems that implement open standards, that is, standards agreed upon by representative bodies like ISO specifying interfaces, protocols, file formats etc.

Re:Ummm (0)

Anonymous Coward | more than 9 years ago | (#11366069)

Ummm, because the word "open" had a meaning in computing before Eric Raymond decided to redefine it? "Open" here means standards-based.

WTF? (2, Funny)

Otter (3800) | more than 9 years ago | (#11366038)

My first thought was to say "DCE/RPC under the LGPL! Wow! Would you mind telling us what the hell the thing is?"

But, I figured I'd be socially productive, RTFA and post an explanation myself.

The OSF Distributed Computing Environment (DCE) is an industry-standard, vendor-neutral set of distributed computing technologies. DCE is deployed in critical business environments by a large number of enterprises worldwide. It is a mature product with three major releases, and is the only middleware system with a comprehensive security model.
OK, now can I say "WTF?"

Re:WTF? (4, Funny)

stratjakt (596332) | more than 9 years ago | (#11366059)

It's basically a library of Open Source buzzwords, with which you can raise venture capital.

Re:WTF? (0, Redundant)

lkcl (517947) | more than 9 years ago | (#11366074)

have a quick read of the advogato article as well it gives a few more details. this stuff some people have been working on or with for _twenty years_ :) we're so so incredibly privileged to have been granted this opportunity.

From wikipedia (4, Informative)

Oriumpor (446718) | more than 9 years ago | (#11366098)

The Distributed Computing Environment (DCE) is a software system developed in the early 1990s by a consortium that included Apollo Computer (later part of Hewlett-Packard), IBM, Digital Equipment Corporation, and others. The DCE supplies a framework and toolkit for developing client/server applications. The framework includes a remote procedure call (RPC) mechanism, a naming (directory) service, an authentication service, and a distributed file system (DFS). DCE RPC was derived from an earlier RPC system called the Network Computing System (NCS) created at Apollo Computer. The naming service was derived from work done at DEC. DCE DFS was based on the Andrew file system (AFS), originally developed at Carnegie-Mellon University, and later extended by Transarc Corporation (which was later merged into IBM)

Link here [wikipedia.org]

Re:From wikipedia (1)

ajs (35943) | more than 9 years ago | (#11367709)

I worked with the orginal NCS back on Apollos. Wow, what an elegant solution for the time. It makes me mad that Sun beat out Apollo for the workstation market, even though Apollos were generations more capable.

Until very recently with Macs, Apollo's distributed directory was unrivaled for ease integration of new nodes in the network. Plug it in, you're not only on the net, but you have the same account, device, filesystem, etc configuration as every other node on the network. Don't have a disk? Eh, we'll find one for you to swap to! It was just slick, and 4MB of RAM was a heavy-duty version... we even had one with 16MB!

Emacs on an Apollo was pretty impressive as well. It integrated with their very cool windowing system and... well, I could go on for days.

Suffice to say that if DCE is the last vestige of Apollo technology (I don't think HP uses the Prism-based RISC architecture any more), then I'm really glad to see it stay around.

Re:WTF? (1)

arose (644256) | more than 9 years ago | (#11366116)

First imagine a beowulf cluster...

Re:WTF? (2, Insightful)

stratjakt (596332) | more than 9 years ago | (#11366137)

Basically, Free DCE is DCOM for linux/BSD/OSS.

I know I already replied. I'm doing it again.

Re:WTF? (0)

Anonymous Coward | more than 9 years ago | (#11366256)

Basically, Free DCE is DCOM for linux/BSD/OSS.

Thanks for clearing that up. Wait a minute...DCOM? What's that?

Re:WTF? (1)

lkcl (517947) | more than 9 years ago | (#11366312)

Distributed COM. [opengroup.org]

Re:WTF? (2, Interesting)

finkployd (12902) | more than 9 years ago | (#11366328)

Quick description. It is a couple of things.

Importantly, it is an extension of KerberosV to store group information in the ePac (like MS Kerb only not digitally signed by a private key that only they can use to lock everyone else out).

It is a secure, authenticated RPC with authorization support.

Built on top of this is a distributed filesystem that is basically 10 years or so ahead of OpenAFS (DFS was the sucessor to AFS way back when, AFS has not nearly caught up in features yet)

It also is a directory system (CDS) which is largly irrelevent now since we have LDAP (both are decended from x.500 and LDAP is heading back towards that more every day)

Finkployd

Re:WTF? (2, Informative)

lkcl (517947) | more than 9 years ago | (#11366755)

the lock-out you describe was done by _microsoft_ as part of their use of kerberos in "active directory": they used the "application specific" field in order to save on round-trips (and then extended their bloody SMB protocol in order to _add_ a couple. bastards).

DCE did a "proper" job by using the available fields of kerberos for the correct - documented - purpose.

the use of CDS being largely irrelevant was recognised by TOG in 1999: you need to pay IBM stacks of $$$ to get the code _but_ it was recognised: OpenGroup link here [opengroup.org] . fortunately, someone has created a set of free software plugins - nss and pam etc. already [csupomona.edu]

AFS, OpenAFS, DFS - it's a long long story for another day, methinks :)

Re:WTF? (2, Interesting)

finkployd (12902) | more than 9 years ago | (#11366868)

the lock-out you describe was done by _microsoft_ as part of their use of kerberos in "active directory": they used the "application specific" field in order to save on round-trips (and then extended their bloody SMB protocol in order to _add_ a couple. bastards).

And now that it is open sourced, perhaps someone (or me, whatever :) can get around to fixing the screwy case issue with dce cell naming that prevents us from making a one way trust setup between active directory and dce (having the ms kdc being a slave to the dce kdc)

AFS, OpenAFS, DFS - it's a long long story for another day, methinks :)

We (PSU) being to my knowledge the largest and most active DCE shop still around (130,000+ active principals, custom designed DCE-RCP apps everywhere and I KNOW I am the only person to port a custom full featured DCE-RPC server to OS/390, lots of stuff built on top of DFS, etc), are unfortunately really aware of this. NFSv4, while supporting K5 is a joke for what we need, OpenAFS I believe still uses some kludgy K5->K4 conversion internally and is missing byte level locking, some of the replication, and file level ACL features we use and love, and SANS are kind of a joke too.

*sigh* I'm glad this happened, but we REALLY could have used it a year or two ago. There is a lot of work ahead for the community to make this useful.

Finkployd

The Open Group now known as the AbandonWare Group (1, Funny)

GGardner (97375) | more than 9 years ago | (#11366065)

Gosh, first Motif, now DCE? What other package that I haven't used in 10 years will be next?

Re:The Open Group now known as the AbandonWare Gro (1)

Brandybuck (704397) | more than 9 years ago | (#11366351)

I used Motif yesterday in fact. While certainly ugly and headache prone, it does have some significant advantages. It's ubiquitous and available everywhere. It's fully documented. It has stable API (unheard of with other high level X11 toolkits). And it's much much much easier than using bare Xlib.

I wouldn't recommend it to most people, as it's still low level enough to bog you down in the UI instead of the backend. But it's hardly "abandonware".

Re:The Open Group now known as the AbandonWare Gro (0)

Anonymous Coward | more than 9 years ago | (#11366741)

so because you havent used them that is relevant how?

News flash: Michael releases Stolen Website 1.2.2! (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11366103)

Michael Sims, noted lying dickhead and self-serving website thief, today announced the release of Stolen Website 1.2.2, a long-awaited update to his long history of being a total dickhead who censors any opinion he disagrees with. Everyone was excited about the Nazi fuckhead's new stealing.

FUCK YOU, MICHAEL!

X-500 Server too (0)

Anonymous Coward | more than 9 years ago | (#11366108)

From http://advogato.org/article/817.html

P.S. did anyone know that there has existed a full and Free Software implementation of an X-500 Server? Only now are people endeavouring to make up for LDAP's shortcomings, ironically by adding exactly the things that were originally in X-500, from whence LDAP (the L means light-weight!) came!

http://opendce.hands.com/download/isode-8.0

Re:X-500 Server too (1)

lkcl (517947) | more than 9 years ago | (#11366150)

the code's _crawling_ out the woodwork today. thirteen _years_. bittorrent too [hands.com] although it's a lot smaller than 90mbytes...

Open the code, but charge for documentation? (1, Interesting)

drmike0099 (625308) | more than 9 years ago | (#11366118)

This is a disturbing trend I've seen cropping up a few times lately, but it seems like all of their useful introductory documentation (at least what they refer to on their website) is available in book format that you have to pay money for. Is the code really open and free if you have to pay money to learn how to use it?

Re:Open the code, but charge for documentation? (1)

lkcl (517947) | more than 9 years ago | (#11366214)

afaik, the documentation is available online too, you just have to hunt for it.

okay - last time i looked (1998) it was available online.

the reason why it's available for a charge is because it's a MASSIVE download.

the source code alone is 90mbytes, and TOG _belieevved_ in documentation.

Re:Open the code, but charge for documentation? (1)

finkployd (12902) | more than 9 years ago | (#11366730)

Entegrity has got it

http://support.entegrity.com/private/doclib/inde xD CE.shtml#osf122

Re:Open the code, but charge for documentation? (3, Informative)

PDXNerd (654900) | more than 9 years ago | (#11366231)

Short answer : yes. Long answer : The code is Free means the code is Free. The code is released under the LGPL. If you can't look at the code and figure it out, what does it really matter anyway? On top of this, if you are involved in a large project with many developers chances are your organization will pay for it. The API is well documented in more places than just their pay-per-book service.

Re:Open the code, but charge for documentation? (3, Insightful)

goldspider (445116) | more than 9 years ago | (#11366303)

"Is the code really open and free if you have to pay money to learn how to use it?"

Of course the code is open... unless you consider man pages acceptable documentation.

And last I knew, those O'Reilly books aren't free either.

Re:Open the code, but charge for documentation? (1)

xstonedogx (814876) | more than 9 years ago | (#11366319)

Where is the assertion that you "have to" pay money for their documentation to learn to use the software coming from? Even if no other documentation exists, with the source available you don't have to pay money to learn to use it. You could read the code. You could experiment. You could find an expert on the subject and ask him nicely to write up some documentation.

You might want to pay money for the convenience of the documentation, but it's not a requirement, and since the source is free, competing (possibly free) products will become available as the market demands.

My, how times have changed (4, Interesting)

loose canons (823774) | more than 9 years ago | (#11366123)

In '93, I was making the big bucks at a defense contractor because I could tell them how/where to use DCE.
It is interesting to see the difference between the openess of the OSF and the openess of the open source movement [all that gnu software!] begin to blur.
I hope that exposure of the security code buried in DCE, especially where it uses kerberos, will help polinate other open source projects with improved security features.

Re:My, how times have changed (2, Informative)

loose canons (823774) | more than 9 years ago | (#11366204)

...and for those of you who are still wondering what TFA is about, note that just about every big system and OS vendor [uni-muenster.de] has its own version of DCE. It has been the foundation for a lot of securely networed applications.

Re:My, how times have changed (1)

lkcl (517947) | more than 9 years ago | (#11366486)

It is very unfortunate that DCE had the US BXPA export restrictions to contend with: it meant that the US govt REALLY got heavy with a lot of people.

now, of course, all that free software projects must do is to notify the US govt of what encryption is involved, where they can get it, and you're done. which is very sensible and realistic.

so now we can start adding kerberos back in - Luke Howard (www.padl.com) has already added GSSAPI as a FreeDCE plugin and that's actually better than going directly via kerberos.

Re:My, how times have changed (1)

DeepHurtn! (773713) | more than 9 years ago | (#11367808)

I really hate to be an annoying terminology pendant -- but "all that gnu software" should really be called free software, not lumped together with the "open source movement". The free software movement was around first, after all, and IMHO have certainly earned the right to be called by their preferred name. There is a difference, and I think that both camps can see the benefit of using the appropriate terminology. The FSF obviously appreciates the distinctiveness, and people who prefer the open source terminology, in my experience, often want to distance themselves from the ideology of the free software movement.

Didn't M$ steal this? (1)

xtermin8 (719661) | more than 9 years ago | (#11366174)

It's been a while since I've looked at it, but wasn't DCE hijacked by Evil Empire? It was put together by OSF, now called the Open Group, and it seems bittersweet to have it released as free software now. If only they had the foresight to open it from the start.

Re:Didn't M$ steal this? (1)

afstanton (822402) | more than 9 years ago | (#11366221)

No, they bought a license fair and square.

Not exactly fair and square (1)

xtermin8 (719661) | more than 9 years ago | (#11366321)

"Microsoft have felt the need to use an RPC mechanism, though they didn't want to write their own from scratch so it was suggested they use the best in the industry (already chosen by the OSF) - legend has it that they approached the OSF for DCE RPC but didn't want to pay the licence fees. What Microsoft _did_ do was to take the Application Environment Specification and a network sniffer and reverse engineer the DCE RPC. MS RPC is based upon, and, with a little application (Like OEC Enterra) will work with DCE RPC."

Re:Not exactly fair and square (1)

afstanton (822402) | more than 9 years ago | (#11366422)

Ok, so maybe I'm totally wrong. It's happened before. But that's reverse engineering, not theft.

You can't admit you're wrong on /. !!! (0)

Anonymous Coward | more than 9 years ago | (#11366564)

Its a long tradition, you have to troll or flame- admitting a mistake, even if you backpedal with an insightful point, is not allowed. Maybe you could try dazzling people with knowledge of obscure acronyms and technical references- and then lay on the bullsh*t

Re:Didn't M$ steal this? (2, Informative)

lkcl (517947) | more than 9 years ago | (#11366257)

they didn't steal it but from what i can gather they took the DCE 1.1 reference implementation (available under a BSD-like license before most people had even _heard_ of free software licenses!) which is basically "stubs"... ... and then they integrated it with NetBIOS and SMB (inventing ncacn_np which is DCE/RPC over NT's NamedPipes - heard of those? look up CreateNamedPipe on the MSDN :) ... and then they added WINS as a resolver... ... and then they added NTLMSSP authentication... ... and then they created NT Domains with it... ... and then they put _every_ single administrative interface behind a DCE/RPC client-server architecture (really easy: the Win32 Registry API is one!)... ... and then they started on exchange... ... and then they created ncacn_http which is RPC over HTTP because some idiots started blocking exchange packets and they needed to punch a hole through firewalls [what do you mean, the web _is_ the internet, you stupid microsoft support idiot!] ... oh, and don't forget DCOM on which an entire generation of MSDN-created software is based!

hijacked? naaah. microsoft _really_ recognised a good thing, and unlike a lot of people who go "duuuh, i wish...", just snowballed with it.

Re:Didn't M$ steal this? (1)

xtermin8 (719661) | more than 9 years ago | (#11366456)

They didn't write it from scratch however, they reversed engineered the DCE RPC. MS RPC is based upon, and with a little hacking, will work with DCE RPC. They did this to avoid paying the full licence from OSF. "Stealing," may be a bit of hyperbole, but it wasn't exactly innovative, either.

Re:Didn't M$ steal this? (3, Informative)

finkployd (12902) | more than 9 years ago | (#11366585)

lkcl covered the other stuff, I'll touch on DCOM.

DCOM is literally a reverse engineered DCE-RCP, to the point where it is wire compatible with it. DCE-RPC is an authenticated RPC which uses KerberosV for the authentication token, and since DCE puts group information into the ePac (like MS did with their Kerb) it also allows for group based authorization at the RPC level.

Microsoft ripped out all the security (who is suprised?) and called it DCOM. Of course the idl compilers are different so they are not compatible at that level, but once compiled, a DCE rcp client/server can talk to a DCOM client/server, assuming you are not trying to use any of the security built into the DCE-RPC

Finkployd

Re:Didn't M$ steal this? (1)

tzanger (1575) | more than 9 years ago | (#11366856)

DCOM is literally a reverse engineered DCE-RCP, to the point where it is wire compatible with it.

...

but once compiled, a DCE rcp client/server can talk to a DCOM client/server, assuming you are not trying to use any of the security built into the DCE-RPC

Do you have more information? I am very interested in learning how to interop these two technologies! (my email addy is a valid one)

Re:Didn't M$ steal this? (1)

finkployd (12902) | more than 9 years ago | (#11366997)

This [opengroup.org] touches on it. I used to have some proof of concept code that did this but I cannot find it :(

Basically do a regular old DCE-RPC call to a DCOM server and just do not use any of the DCE provided security or directory calls and it will work. (at least it did in the NT 4.0 days, I'm not 100% sure about today)

Finkployd

Re:Didn't M$ steal this? (2, Interesting)

lkcl (517947) | more than 9 years ago | (#11367009)

... mr fink, i'm sorry but i do have to correct you on a couple of points.

namely, that microsoft got hold of the BSD-like-licensed DCE 1.1 "reference" implementation so the "stripping of all security" was done by TOG not by microsoft.

MS, who had and still have someone from Apollo working for them, knew and knows how DCE/RPC works _in_side out, and so was able to sort stuff out for them.

MS _did_ have to add some stuff like "implicit handles" and MSRPC _does_ have the ability to do Unicode Strings (and between Wez Furlong, Luke Howard and myself, that's all now been added to FreeDCE).

i'm still working on adding NTLMSSP and NT Named Pipes to FreeDCE - something that luke howard has already done for his proprietary XAD server (www.ldap.com).

the differences are not _that_ significant, is the bottom line.

Re:Didn't M$ steal this? (1)

finkployd (12902) | more than 9 years ago | (#11367098)

Oh ok, I jumped into the DCE game in 2000 or so, so I am missing some of the finer points of the history.

So there was no security in the 1.1 implementation of DCE? when did that come in?

Finkployd

Re:Didn't M$ steal this? (2, Interesting)

lkcl (517947) | more than 9 years ago | (#11367287)

none - the reference implementation was available almost right from the start - i _think_ - otherwise microsoft wouldn't have been able to get hold of it and use it for Windows NT 3.1.

FreeDCE, however, has _two_ security plugins: GSS-API (thanks to luke howard), and NTLMSSP (code from samba tng which i wrote, based on my and paul ashton's "welcome to the samba domain" work in august 1997)

DCE was used on a NASA project I was on. (1)

borgheron (172546) | more than 9 years ago | (#11366202)

The EOSDIS/ECS project. http://eospso.gsfc.nasa.gov/ [nasa.gov] is a good place to start looking at the project I was on. It's currently the largest satellite data processing and science data repository on the face of the planet. :) (toot toot... there goes my own horn ;))

Anyway... DCE was used to tie several servers together which are the core of the system. I found it very reliable and solid (and that was several years ago).

GJC

Microsoft COM (0)

Anonymous Coward | more than 9 years ago | (#11366228)

Isnt this the basis for Microsofts COM?

Re:Microsoft COM (1)

lkcl (517947) | more than 9 years ago | (#11366278)

yep!

TITAN IS GO! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11366246)

The first image shown and slashdot still doesn't have it up? For shame!

this is worthless (-1)

Anonymous Coward | more than 9 years ago | (#11366247)

dce is ancient technology and plenty of new tools exist that can easily outperform open group's pile. when was the last time this thing was updated anyway? i think the open group should really become the closed group and just close their doors - they are only hindering the open movement....

Microsoft DCOM (0, Redundant)

Charvak (97898) | more than 9 years ago | (#11366315)

Microsoft DCOM is based on DCE/RPC. Now we can easily port the DCOM technology to UNIX

Re:Microsoft DCOM (1)

loose canons (823774) | more than 9 years ago | (#11366520)

are you kidding? I'm sitting here watching my firewall snuff out barbarians who know how to use the DCOM "DCE BIND" against my Win2K box...why on earth would you want to pollute unix with a f**ked up microsoft version of an old and long since open protocol for distributing applications?

Re:Microsoft DCOM (1)

lkcl (517947) | more than 9 years ago | (#11366538)

It's already been done! [sf.net] Also see this [opengroup.org] for details of TOG meetings etc.

DCE, Microsoft and DCOM (2, Interesting)

Earlybird (56426) | more than 9 years ago | (#11366481)

Microsoft's RPC framework [microsoft.com] , which is built into Windows, is actually an implementation of DCE. While it's a long time since Microsoft used it directly, it's a nice platform for remote communication; it's a mature API that supports a wide variety of protocols (eg., TCP, UDP, local pipes), authentication mechanisms, marshaling mechanisms etc.

Microsoft's COM (also known as DCOM) sits on top of this RPC layer to implement a distributed component object model -- one of Microsoft's finest and most underrated inventions. It's also one of their most copied technologies -- KDE, GNOME, OpenOffice (UNO) and Mozilla (XPCOM) all implement very similar object models.

Of course, DCE RPC is also famous for the UUID [wikipedia.org] (aka GUID [wikipedia.org] ) algorithm -- 128-bit identifiers whose uniqueness is mathematically guaranteed as long as the generator can access a network card with a unique MAC address.

Microsoft RPC != 'proper' RPC (0)

Anonymous Coward | more than 9 years ago | (#11366982)

About 8 (?) years ago I was working on an architecture for a client server system - we had a mix of Unix and Microsoft servers and we wanted something that would tie them together so we could use the best that each had to offer.

From what I had read, RPC was definitely the way to go. I experimented with the Unix stuff and it worked like a charm.

Enter Microsoft RPC - after cajoling updated sets of working DLL's it worked just fine between MS platforms (Win 9x NT) and ran happily over TCP/IP. HOWEVER IT WOULD NOT INTEROPERATE WITH UNIX.

The Microsoft RPC implementation is an 'embrace and extend' derivative and is not compatible with anything other than the Microsoft toolchain. MS may have borrowed architectural tools from DCE, but it's an example of Microsoft at it's best - pick a good standard, bastardise it so that it only works within the Windows community, and then tout it as being a good thing.

It really burnt us

Re:Microsoft RPC != 'proper' RPC (1)

lkcl (517947) | more than 9 years ago | (#11367036)

that's since been sorted out. FreeDCE now basically is wire-compatible and IDL-compatible with MSRPC.

it's been a long time (like almost a decade) but it's there.

i'm sorry you didn't have my email address when you needed it, i could have done with the extra work.

Re:DCE, Microsoft and DCOM (1)

bdcrazy (817679) | more than 9 years ago | (#11366986)

So, its uniqueness is based on a supposedly unique number? That doesn't quite make sense to me.

Re:DCE, Microsoft and DCOM (1)

tmasssey (546878) | more than 9 years ago | (#11367405)

Funny: OS/2 had SOM Since 1992 [prodigy.net] ...

This was before the split between Microsoft and IBM. SOM and COM are very similar...

Yet another "innovation" from Microsoft that was based upon suspiciously similar innovations from other companies...

Re:DCE, Microsoft and DCOM (0)

Anonymous Coward | more than 9 years ago | (#11367542)

Of course, DCE RPC is also famous for the UUID (aka GUID) algorithm -- 128-bit identifiers whose uniqueness is mathematically guaranteed as long as the generator can access a network card with a unique MAC address.

That sounds impressive until you realise that you can simply use the MAC address instead.

Re:DCE, Microsoft and DCOM (1)

lkcl (517947) | more than 9 years ago | (#11367600)

not entirely: MAC addresses can be faked. the uuid algorithm is quite complex, only relying on PRNG for the full 128 bits if it's absolutely necessary.

Re:DCE, Microsoft and DCOM (2, Interesting)

mihalis (28146) | more than 9 years ago | (#11367641)

Microsoft's COM (also known as DCOM)

No, DCOM is distributed COM, not identical to COM, but a superset. COM itself is a component-object model that is a nice piece of work in my opinion.

COM is a binary, language independent standard for using services provided by objects without depending on the implementation.

Instead of direct linkage to functions, for example, clients must request access to interfaces, and only use the services if the request succeeds.

Interfaces amount to a C-Cstyle struct with function pointers, with the first three methods being QueryInterface(), AddRef() and Release(). The latter two functions are merely ref-counting for tidiness, so the primary way to use services depends on driving QueryInterface to discover other Interfaces and then call them.

There is a nifty mapping of this struct definition into C++ pure virtual base classes so that COM programming in C++ can be quite nice (especially with smart pointers).

It's really other stuff layered on top of COM in the standard Windows way that makes the whole programming experience less pleasant (e.g. MFC message maps, ATL thunking - thinks that just puzzle me when I bump into the code).

By the way, this all works pretty nicely on Unix (especially modern ones like Solaris or Linux). You just need a certain maturity in the C++ compiler so that static_cast works nicely to have all of this goodness available, and you need to link your "DLL"s (aka shared objects) properly (reduce the scope of the functions you aren't making available to clients of the library e.g. with linker mapfiles).

Unfortunately Eric S. Raymond's "The Art of Unix Programming" is hopelessly weak when it dismisses these aspects of Windows programming which for me somewhat undermined the entire book. Then again, I don't think ESR is very fond of C++, which was one of the big problems that COM solved (e.g. the unstable C++ ABI for many, many years).

For any Penn State Students/Staff (2, Informative)

finkployd (12902) | more than 9 years ago | (#11366512)

DCE is the core middleware at PSU and has been for years. Your access account you use for everything is a DCE principle (Which ends up being KerberosV + some stuff).

The PASS filespace is DFS which is the distributed filesystem componant of DCE. Webmail and the Portal (wehmail.psu.edu portal.psu.edu) are built on top of the filesystem.

eLion is a client server application that uses Smalltalk on the web front end and Natural/Adabas for the backend (running on an IBM zSeries mainframe). A custom in house developed DCE RCP middleware mechanism is used to get them to talk to each other. This lets us do dynamic load balancing without special hardware, adding and removeing backend servers and automatically have them put into the locally managed "server pool" on each web server front end, and validating the calls on the backend via the kerberos credentials of both the web server and the user making the call. (can you guess what I did for the last 3 years?)

Now, IBM has end of lifed DCE, which screws us (and several National Labs, Merck, Cal Poly Tech, Buffalo U, Pain Webber, a handful of other universities, etc). PSU is migrating off of it to MIT KerberosV, LDAP, a "yet to be determined filesystem" (probably OpenAFS, which is a 10 year step backward), and I have absolutely NO idea how we will replace the RPC.

Anyway, PSU people have been using DCE heavily for about a decade and many didn't even know it :) It really was/is a cool and powerful system. Its one major failing it the complexity and effort needed to set it up.

Finkployd

Nice software, but...... (1)

jd (1658) | more than 9 years ago | (#11366571)

....It uses DES for encryption! Yuck!!!!! Big time! At the very least, they could have hacked it so you could use AES instead, if you wanted.

Re:Nice software, but...... (1)

finkployd (12902) | more than 9 years ago | (#11366610)

And now we can :) And some of us have been ITCHING to do this.

A KerberosV based, authenticated RPC that can optionally encrypt the RPC call with AES. Yummy :)

Finkployd

Re:Nice software, but...... (2, Interesting)

lkcl (517947) | more than 9 years ago | (#11366810)

ah - that's the beauty: GSS-API has been added to FreeDCE already, by Luke Howard of www.ldap.com.

and if it's added to FreeDCE, then DCE 1.2.2 gets it too - once DCE 1.2.2 has been autoconf'd and brought up-to-date like FreeDCE already is.

Re:Nice software, but...... (1)

jd (1658) | more than 9 years ago | (#11367146)

Now THAT is seriously cool...

Is this an End of Life announcement? (1)

fuzzy12345 (745891) | more than 9 years ago | (#11366802)

Pardon my cynicism, but does anyone else get the impression that the new End of Life announcement is framed in terms of "we are pleased to announce the open source release of..."

i.e. Let's outsource support for this sucker! I mean, how excited am I supposed to get, in 2005, about a techmology that allows me to marshall/unmarshall data and call remote procedures over the 'net? Isn't that already being done (a lot) by the various CORBA and RPC stuff already running on my Linux box?

Re:Is this an End of Life announcement? (1)

jd (1658) | more than 9 years ago | (#11367532)

IIRC, CORBA is derived from DCE. DCE's only advantage over CORBA is that it's not quite so heavy, so should run faster.


The relationship between DCE and Sun's RPC, I'm not sure. I -think- Sun's RPC is the RPC component of DCE broken out and modified to be stand-alone, making it the lightest-weight of the lot.

Re:Is this an End of Life announcement? (1)

lkcl (517947) | more than 9 years ago | (#11367649)

DCOM is to DCE/RPC as
CORBA is to CORBA's underlying RPC mechanism.

DCE/RPC bears no relation to CORBA's RPC mechanism.

Sun's ONC/RPC bears no relation to DCE/RPC.

ONC/RPC uses something called XDR for its data representation;

DCE/RPC uses NDR (network data representation) which was designed by Apollo (who were acquired by HP)

Re:Is this an End of Life announcement? (2, Funny)

lkcl (517947) | more than 9 years ago | (#11367685)

fucking alphabet soup. no wonder my head has turned to jelly from too much slashdotting.

Major examples/failures (1)

dhfoo (238759) | more than 9 years ago | (#11366943)

Using Accentures [accenture.com] implementation [entegrity.com] as an example doesn't say much about DCE/RPCs robustness. It has been plagued by problems as Computer Weekly reports [computerweekly.com] .

This means DFS as well. (1)

Ober (12002) | more than 9 years ago | (#11366977)

Given what a good filesystem DFS is this will be nice to have access to all the features of DCE/DFS and give OpenAFS a run for its money.

But seriously DFS has a lot of core features that can even cause problems for DFS vendor Entegrity.

I smell a new project called OpenDFS

Where's the LGPL? (1)

ukh (715582) | more than 9 years ago | (#11367748)

Apart from the press release, where does it actually
say that it's licensed under LGPL? The press release does not even make it clear that it really is the GNU LGPL, nor exactly what version of DCE the "Open" Group is supposed to release. But, if they really do release the stuff (although it's probably 10 years late), better now than never.

Re:Where's the LGPL? (2, Informative)

lkcl (517947) | more than 9 years ago | (#11367797)

from the press release:

Previously, the DCE source was only available under a traditional license. Making it available under a recognized open source license (LGPL) both increases the accessibility of DCE as an interoperability technology, and permits a broader community to work on the source to expand its features and keep it current.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?