web server in Samba4
Andrew Tridgell
tridge at osdl.org
Sun May 29 12:16:34 GMT 2005
Tony,
> Ugh, no, please, use Openssl libraries. My own chosen platform, Red Hat
> RHAS, has no gnutls support and introducing it is just not worth the
> hassle. There has been a thread on the Openldap list, where the Debian
> Sarge maintainers have hacked OL 2.1.30 to support gnutls, people have
> got into real difficulties and the OL maintainers have refused to help
> them. Apart from Sarge, just about all distros using OpenLDAP are using
> Openssl.
I would be happy to support openssl as an alternative if someone
submits a patch, but I don't want to use it as the primary API for the
following reasons:
1) openssl has potential licensing problems with GPLd programs. See
the openssl FAQ for details (and please don't start debating that
here, it has been debated to death on dozens of forums).
2) it wasn't at all obvious to me how to use the openssl api in an
event driven non-blocking framework like smbd. Maybe it can be
done, but it wasn't obvious to me.
The 2nd reason is why I didn't use the openssl compatibility API in
gnutls for smbd. If someone can show me how to make that do what we
need to do then it can change, but if not then you will need gnutls
for smbd if you want TLS support.
Cheers, Tridge
More information about the samba-technical
mailing list