web server in Samba4

Tony Earnshaw tonye at billy.demon.nl
Sun May 29 13:27:54 GMT 2005


søn, 29.05.2005 kl. 14.16 skrev Andrew Tridgell:

>  > Ugh, no, please, use Openssl libraries. My own chosen platform, Red Hat
>  > RHAS, has no gnutls support and introducing it is just not worth the
>  > hassle. There has been a thread on the Openldap list, where the Debian
>  > Sarge maintainers have hacked OL 2.1.30 to support gnutls, people have
>  > got into real difficulties and the OL maintainers have refused to help
>  > them. Apart from Sarge, just about all distros using OpenLDAP are using
>  > Openssl.
> 
> I would be happy to support openssl as an alternative if someone
> submits a patch, but I don't want to use it as the primary API for the
> following reasons:
> 
> 1) openssl has potential licensing problems with GPLd programs. See
>    the openssl FAQ for details (and please don't start debating that
>    here, it has been debated to death on dozens of forums).
> 
> 2) it wasn't at all obvious to me how to use the openssl api in an
>    event driven non-blocking framework like smbd. Maybe it can be
>    done, but it wasn't obvious to me.
> 
> The 2nd reason is why I didn't use the openssl compatibility API in
> gnutls for smbd. If someone can show me how to make that do what we
> need to do then it can change, but if not then you will need gnutls
> for smbd if you want TLS support.

Fair enough. Then I'd hope for some sort of HOWTO on implementing gnutls
without voiding the vendor's warranty alongside Openssl on RedHat and
all the other Linux distros that don't have it as standard. I haven't
exactly gone out looking for advice on this yet, since I've never used
gnutls nor had the slightest wish nor need to do so. Maybe Googling
might help :)

--Tonni

-- 
mail: tonye at billy.demon.nl
http://www.billy.demon.nl

Eg er bergenser og, eg, men, Trondheims-ordfører Marvin Wiseth:
«Bergenserne er flinke til å gjøre mye ut av lite» (uttalte seg over 17.
mai feiringen iår, men gjelder sannsynligvis og dette mel mitt).



More information about the samba-technical mailing list