web server in Samba4

Andrew Tridgell tridge at osdl.org
Sun May 29 12:16:34 GMT 2005


 > Ugh, no, please, use Openssl libraries. My own chosen platform, Red Hat
 > RHAS, has no gnutls support and introducing it is just not worth the
 > hassle. There has been a thread on the Openldap list, where the Debian
 > Sarge maintainers have hacked OL 2.1.30 to support gnutls, people have
 > got into real difficulties and the OL maintainers have refused to help
 > them. Apart from Sarge, just about all distros using OpenLDAP are using
 > Openssl.

I would be happy to support openssl as an alternative if someone
submits a patch, but I don't want to use it as the primary API for the
following reasons:

1) openssl has potential licensing problems with GPLd programs. See
   the openssl FAQ for details (and please don't start debating that
   here, it has been debated to death on dozens of forums).

2) it wasn't at all obvious to me how to use the openssl api in an
   event driven non-blocking framework like smbd. Maybe it can be
   done, but it wasn't obvious to me.

The 2nd reason is why I didn't use the openssl compatibility API in
gnutls for smbd. If someone can show me how to make that do what we
need to do then it can change, but if not then you will need gnutls
for smbd if you want TLS support.

Cheers, Tridge

More information about the samba-technical mailing list