Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Open Group Releases DCE 1.2.2 as Free Software

Posted by michael on Fri Jan 14, 2005 02:50 PM
from the run-with-the-big-boys dept.
GNU is Not Unix Businesses Software IT
lkcl writes "The Open Group announced 12th January 2005 that they are releasing DCE/RPC 1.2.2 as a Free Software Project - under the LGPL. This is a major coup for Free Software: the Distributed Computing Environment is known to be involved in some major projects. There is a mirror at opendce.hands.com which runs rsync, ftp, and there is also a dce122.tar.bz2.torrent bittorrent running as well."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Open Group Releases DCE 1.2.2 as Free Software 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • freedce (Score:3, Informative)

    by lkcl (517947) on Friday January 14 2005, @02:51PM (#11365967) Homepage
    Article at Advogato [advogato.org] with some more details.

    This is one _monster_ big deal for Free Software.

    This is the code that allows big companies such as IBM, Fujitsu, Entegrity etc. to bid for £500m contracts. [theregister.co.uk]

    We have FreeDCE [sf.net] already, which is the DCE 1.1 Reference implementation autoconf'd and updated...

    • I would like to point a somewhat glaring inaccuracy in the article linked in the parent post.

      The article author claims:

      "...Global File System (which is proprietary anyway, available from Redhat)..."

      Except, GFS is NOT proprietary. Behold, the source code:

      http://sources.redhat.com/cluster/gfs/

      And by the way, as my first impression I think Advogato sucks if only because there is no obvious way to contact the author or reply to the article to point out this inaccuracy or anyone at the site to contact ab
      • _and_ keeping an eye on the bloody bittorrent client and the server i borrowed to host a mirror of the code - it's a wonder i get to do any work at all, really.
      • yes they are!! DCE 1.1 - the RPC runtime and development environment reference implementation, only 250,000 lines of code, has been available for nearly a decade under the OSF BSD-like license.

        this is _really_ different: 3.5 _MILLION_ lines of code, including CDS and DFS, under the LGPL.
      • yes, dammit. it still is, but in different ways: companies like IBM and Fujitsu and Entegrity still make hundreds of millions of dollars out of it.

        DCE/RPC is to DCOM as
        Corba's RPC mechanism is to CORBA.

        i mention a bit about it in my advogato article: it's _very_ stupid that TOG didn't release DCE/RPC (and DCOM) a _lot_ earlier than this.

        never mind....

  • WTF? (Score:2, Funny)

    by Otter (3800)
    My first thought was to say "DCE/RPC under the LGPL! Wow! Would you mind telling us what the hell the thing is?"

    But, I figured I'd be socially productive, RTFA and post an explanation myself.

    The OSF Distributed Computing Environment (DCE) is an industry-standard, vendor-neutral set of distributed computing technologies. DCE is deployed in critical business environments by a large number of enterprises worldwide. It is a mature product with three major releases, and is the only middleware system with a comp

    • Re:WTF? (Score:4, Funny)

      by stratjakt (596332) on Friday January 14 2005, @02:58PM (#11366059) Journal
      It's basically a library of Open Source buzzwords, with which you can raise venture capital.

    • From wikipedia (Score:5, Informative)

      by Oriumpor (446718) on Friday January 14 2005, @03:01PM (#11366098) Homepage Journal
      The Distributed Computing Environment (DCE) is a software system developed in the early 1990s by a consortium that included Apollo Computer (later part of Hewlett-Packard), IBM, Digital Equipment Corporation, and others. The DCE supplies a framework and toolkit for developing client/server applications. The framework includes a remote procedure call (RPC) mechanism, a naming (directory) service, an authentication service, and a distributed file system (DFS). DCE RPC was derived from an earlier RPC system called the Network Computing System (NCS) created at Apollo Computer. The naming service was derived from work done at DEC. DCE DFS was based on the Andrew file system (AFS), originally developed at Carnegie-Mellon University, and later extended by Transarc Corporation (which was later merged into IBM)

      Link here [wikipedia.org]
    • First imagine a beowulf cluster...
    • Basically, Free DCE is DCOM for linux/BSD/OSS.

      I know I already replied. I'm doing it again.

    • Re:WTF? (Score:3, Interesting)

      by finkployd (12902)
      Quick description. It is a couple of things.

      Importantly, it is an extension of KerberosV to store group information in the ePac (like MS Kerb only not digitally signed by a private key that only they can use to lock everyone else out).

      It is a secure, authenticated RPC with authorization support.

      Built on top of this is a distributed filesystem that is basically 10 years or so ahead of OpenAFS (DFS was the sucessor to AFS way back when, AFS has not nearly caught up in features yet)

      It also is a directory s

      • Re:WTF? (Score:3, Informative)

        by lkcl (517947)
        the lock-out you describe was done by _microsoft_ as part of their use of kerberos in "active directory": they used the "application specific" field in order to save on round-trips (and then extended their bloody SMB protocol in order to _add_ a couple. bastards).

        DCE did a "proper" job by using the available fields of kerberos for the correct - documented - purpose.

        the use of CDS being largely irrelevant was recognised by TOG in 1999: you need to pay IBM stacks of $$$ to get the code _but_ it was reco

        • Re:WTF? (Score:3, Interesting)

          by finkployd (12902)
          the lock-out you describe was done by _microsoft_ as part of their use of kerberos in "active directory": they used the "application specific" field in order to save on round-trips (and then extended their bloody SMB protocol in order to _add_ a couple. bastards).

          And now that it is open sourced, perhaps someone (or me, whatever :) can get around to fixing the screwy case issue with dce cell naming that prevents us from making a one way trust setup between active directory and dce (having the ms kdc being
  • This is a disturbing trend I've seen cropping up a few times lately, but it seems like all of their useful introductory documentation (at least what they refer to on their website) is available in book format that you have to pay money for. Is the code really open and free if you have to pay money to learn how to use it?

  • My, how times have changed (Score:3, Interesting)

    by loose canons (823774) on Friday January 14 2005, @03:04PM (#11366123)
    In '93, I was making the big bucks at a defense contractor because I could tell them how/where to use DCE.
    It is interesting to see the difference between the openess of the OSF and the openess of the open source movement [all that gnu software!] begin to blur.
    I hope that exposure of the security code buried in DCE, especially where it uses kerberos, will help polinate other open source projects with improved security features.
    • It is very unfortunate that DCE had the US BXPA export restrictions to contend with: it meant that the US govt REALLY got heavy with a lot of people.

      now, of course, all that free software projects must do is to notify the US govt of what encryption is involved, where they can get it, and you're done. which is very sensible and realistic.

      so now we can start adding kerberos back in - Luke Howard (www.padl.com) has already added GSSAPI as a FreeDCE plugin and that's actually better than going directly via k
  • It's been a while since I've looked at it, but wasn't DCE hijacked by Evil Empire? It was put together by OSF, now called the Open Group, and it seems bittersweet to have it released as free software now. If only they had the foresight to open it from the start.
    • they didn't steal it but from what i can gather they took the DCE 1.1 reference implementation (available under a BSD-like license before most people had even _heard_ of free software licenses!) which is basically "stubs"... ... and then they integrated it with NetBIOS and SMB (inventing ncacn_np which is DCE/RPC over NT's NamedPipes - heard of those? look up CreateNamedPipe on the MSDN :) ... and then they added WINS as a resolver... ... and then they added NTLMSSP authentication... ... and then they crea
      • They didn't write it from scratch however, they reversed engineered the DCE RPC. MS RPC is based upon, and with a little hacking, will work with DCE RPC. They did this to avoid paying the full licence from OSF. "Stealing," may be a bit of hyperbole, but it wasn't exactly innovative, either.

    • Re:Didn't M$ steal this? (Score:4, Informative)

      by finkployd (12902) on Friday January 14 2005, @03:39PM (#11366585) Homepage
      lkcl covered the other stuff, I'll touch on DCOM.

      DCOM is literally a reverse engineered DCE-RCP, to the point where it is wire compatible with it. DCE-RPC is an authenticated RPC which uses KerberosV for the authentication token, and since DCE puts group information into the ePac (like MS did with their Kerb) it also allows for group based authorization at the RPC level.

      Microsoft ripped out all the security (who is suprised?) and called it DCOM. Of course the idl compilers are different so they are not compatible at that level, but once compiled, a DCE rcp client/server can talk to a DCOM client/server, assuming you are not trying to use any of the security built into the DCE-RPC

      Finkployd
      • ... mr fink, i'm sorry but i do have to correct you on a couple of points.

        namely, that microsoft got hold of the BSD-like-licensed DCE 1.1 "reference" implementation so the "stripping of all security" was done by TOG not by microsoft.

        MS, who had and still have someone from Apollo working for them, knew and knows how DCE/RPC works _in_side out, and so was able to sort stuff out for them.

        MS _did_ have to add some stuff like "implicit handles" and MSRPC _does_ have the ability to do Unicode Strings (and bet
          • none - the reference implementation was available almost right from the start - i _think_ - otherwise microsoft wouldn't have been able to get hold of it and use it for Windows NT 3.1.

            FreeDCE, however, has _two_ security plugins: GSS-API (thanks to luke howard), and NTLMSSP (code from samba tng which i wrote, based on my and paul ashton's "welcome to the samba domain" work in august 1997)
        • This [opengroup.org] touches on it. I used to have some proof of concept code that did this but I cannot find it :(

          Basically do a regular old DCE-RPC call to a DCOM server and just do not use any of the DCE provided security or directory calls and it will work. (at least it did in the NT 4.0 days, I'm not 100% sure about today)

          Finkployd
      • "Microsoft have felt the need to use an RPC mechanism, though they didn't want to write their own from scratch so it was suggested they use the best in the industry (already chosen by the OSF) - legend has it that they approached the OSF for DCE RPC but didn't want to pay the licence fees. What Microsoft _did_ do was to take the Application Environment Specification and a network sniffer and reverse engineer the DCE RPC. MS RPC is based upon, and, with a little application (Like OEC Enterra) will work with
  • The EOSDIS/ECS project. http://eospso.gsfc.nasa.gov/ [nasa.gov] is a good place to start looking at the project I was on. It's currently the largest satellite data processing and science data repository on the face of the planet. :) (toot toot... there goes my own horn ;))

    Anyway... DCE was used to tie several servers together which are the core of the system. I found it very reliable and solid (and that was several years ago).

    GJC

  • DCE, Microsoft and DCOM (Score:3, Interesting)

    by Earlybird (56426) <slashdot @ p u refiction.net> on Friday January 14 2005, @03:32PM (#11366481) Homepage
    Microsoft's RPC framework [microsoft.com], which is built into Windows, is actually an implementation of DCE. While it's a long time since Microsoft used it directly, it's a nice platform for remote communication; it's a mature API that supports a wide variety of protocols (eg., TCP, UDP, local pipes), authentication mechanisms, marshaling mechanisms etc.

    Microsoft's COM (also known as DCOM) sits on top of this RPC layer to implement a distributed component object model -- one of Microsoft's finest and most underrated inventions. It's also one of their most copied technologies -- KDE, GNOME, OpenOffice (UNO) and Mozilla (XPCOM) all implement very similar object models.

    Of course, DCE RPC is also famous for the UUID [wikipedia.org] (aka GUID [wikipedia.org]) algorithm -- 128-bit identifiers whose uniqueness is mathematically guaranteed as long as the generator can access a network card with a unique MAC address.

    • Microsoft's COM (also known as DCOM)

      No, DCOM is distributed COM, not identical to COM, but a superset. COM itself is a component-object model that is a nice piece of work in my opinion.

      COM is a binary, language independent standard for using services provided by objects without depending on the implementation.

      Instead of direct linkage to functions, for example, clients must request access to interfaces, and only use the services if the request succeeds.

      Interfaces amount to a C-Cstyle struct with func

      • that's since been sorted out. FreeDCE now basically is wire-compatible and IDL-compatible with MSRPC.

        it's been a long time (like almost a decade) but it's there.

        i'm sorry you didn't have my email address when you needed it, i could have done with the extra work.

  • For any Penn State Students/Staff (Score:3, Informative)

    by finkployd (12902) on Friday January 14 2005, @03:34PM (#11366512) Homepage
    DCE is the core middleware at PSU and has been for years. Your access account you use for everything is a DCE principle (Which ends up being KerberosV + some stuff).

    The PASS filespace is DFS which is the distributed filesystem componant of DCE. Webmail and the Portal (wehmail.psu.edu portal.psu.edu) are built on top of the filesystem.

    eLion is a client server application that uses Smalltalk on the web front end and Natural/Adabas for the backend (running on an IBM zSeries mainframe). A custom in house developed DCE RCP middleware mechanism is used to get them to talk to each other. This lets us do dynamic load balancing without special hardware, adding and removeing backend servers and automatically have them put into the locally managed "server pool" on each web server front end, and validating the calls on the backend via the kerberos credentials of both the web server and the user making the call. (can you guess what I did for the last 3 years?)

    Now, IBM has end of lifed DCE, which screws us (and several National Labs, Merck, Cal Poly Tech, Buffalo U, Pain Webber, a handful of other universities, etc). PSU is migrating off of it to MIT KerberosV, LDAP, a "yet to be determined filesystem" (probably OpenAFS, which is a 10 year step backward), and I have absolutely NO idea how we will replace the RPC.

    Anyway, PSU people have been using DCE heavily for about a decade and many didn't even know it :) It really was/is a cool and powerful system. Its one major failing it the complexity and effort needed to set it up.

    Finkployd
  • ....It uses DES for encryption! Yuck!!!!! Big time! At the very least, they could have hacked it so you could use AES instead, if you wanted.
  • Pardon my cynicism, but does anyone else get the impression that the new End of Life announcement is framed in terms of "we are pleased to announce the open source release of..."

    i.e. Let's outsource support for this sucker! I mean, how excited am I supposed to get, in 2005, about a techmology that allows me to marshall/unmarshall data and call remote procedures over the 'net? Isn't that already being done (a lot) by the various CORBA and RPC stuff already running on my Linux box?

  • BREAKING NEWS! (Score:3, Funny)

    by krbvroc1 (725200) on Friday January 14 2005, @06:17PM (#11368775)
    Tandy Corporation is rumored to have just made TRS-80 firmware open source. With the competitive race to open source things, several dead vendors are trying to ride on the OSS coat tails.

    Rumor has it that SwiM Motif may up the ante. Not to be outdone, the Transmeta Linux distribution is being resurrected. OS/2 Warp may follow. Stay tuned...
    • In precisely the same way you can call your product Kool Aid, when it helps nobody, and is in no way affiliated with Kool and the Gang.

      Or in the same way that you drive on a parkway, and park in a driveway.

    • Re:Ummm (Score:5, Informative)

      by crow (16139) on Friday January 14 2005, @02:58PM (#11366057) Homepage Journal
      The Open Group was formed by the merger of X/Open and the Open Software Foundation. The use of "open" in all those names predates the phrase "open source." The term it relates to is "open systems," which refers to standardized Unix systems, as opposed to mainframes.
      • Since the introduction of DCE, Microsoft have felt the need to use an RPC mechanism, though they didn't want to write their own from scratch so it was suggested they use the best in the industry (already chosen by the OSF) - legend has it that they approached the OSF for DCE RPC but didn't want to pay the licence fees. What Microsoft _did_ do was to take the Application Environment Specification and a network sniffer and reverse engineer the DCE RPC. MS RPC is based upon, and, with a little application (Lik
    • I used Motif yesterday in fact. While certainly ugly and headache prone, it does have some significant advantages. It's ubiquitous and available everywhere. It's fully documented. It has stable API (unheard of with other high level X11 toolkits). And it's much much much easier than using bare Xlib.

      I wouldn't recommend it to most people, as it's still low level enough to bog you down in the UI instead of the backend. But it's hardly "abandonware".
    • from the press release:

      Previously, the DCE source was only available under a traditional license. Making it available under a recognized open source license (LGPL) both increases the accessibility of DCE as an interoperability technology, and permits a broader community to work on the source to expand its features and keep it current.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.