SSL negotiation protosol in CIFS
John E. Malmberg
malmberg at Encompasserve.org
Wed Aug 22 19:41:16 GMT 2001
On Wed, 22 Aug 2001, Michal Trojnara wrote:
> Is SSL negotiation a documented protocol extension or just a proprietary
> feature? I'd like to add CIFS support to my stunnel program, but I
> don't want to create a derivative from Samba.
SSL or Secure Sockets Layer is a tunneling protocol. Any other
protocol can ride inside it.
Unlike a VPN tunnel though, it is not usually transparent to the client
> In other words: Is SSL negotiation a part of open standard or it's
> restricted to GPL?
Search the WWW for "OpenSSL". Various government regulations may
restrict who can offer it for download or distribution.
Typically SSL is available for a platform as a shared library and the
program needs to make slightly different "socket" calls to implement.
SAMBA support for SSL depends on it being built against such a library.
> I'll try to make it clear:
> 1. I wasn't able to find an open specification for SSL negotiation in CIFS.
AFAIK: Only SAMBA supports the SMB protocol over SSL.
> 2. I'd like to add CIFS negotiation to my software
> 3. I'm not able to study samba code without accepting GPL license.
> (nothing else grants me permission to do that)
That's right. The GPL allows you to study code.
> 4. Accepting GPL license will make my implementation derived from samba.
> (based on samba)
Only if you copy it. If you study the algorithms and program flow, but
then create an entirely different implementation, then you do not have
a derivative work. A different implementation though, is not simply
renaming symbols or moving things around.
> 5. Code derived from GPL has to be GPL (2b section of the licese).
Only derived code. A new algorithm developed from studying an old
algorithm is not a derivation.
Personal Opinion Only
More information about the samba-technical