[Samba] Impending Removal of --with-ssl

abartlet at samba.org abartlet at samba.org
Fri May 3 07:59:51 GMT 2002


This message is a warning: 

--with-ssl will die.

Ok, thats enough with the dramatics, but the general consensus amoungst the 
samba team is that --with-ssl really isn't a particulary smart idea, and 
it is better implmented by external tools.

So what is --with-ssl exactly?  And why kill it?

--with-ssl allows Samba to tunnel SMB inside an SSL connection.  Unfortunetly
there are only 2 clients:  smbclient and sharity.  Windows clients simply
don't know how to use SSL.

So why kill it?  It might be useful to sombody?

While some small minority of users might find it handy, it confuses many more,
including a supprising number of our distributors.  Users actually using this
functionality will find that they can achive almost the same effect by creative
use of 'stunnel' both as an inetd wrapper as as a 'LIBSMB_PROG' program.

Finally, it is intrusive and ugly, with large #ifdef sections in what should
be simple code.

If sombody can come up with both reasons to keep this code, and time to 
maintain it, then I would like to hear it.

Andrew Bartlett




More information about the samba mailing list