[Samba] Impending Removal of --with-ssl

abartlet at samba.org abartlet at samba.org
Fri May 3 09:27:02 GMT 2002

On Fri, May 03, 2002 at 11:17:39AM -0500, Neil Aggarwal wrote:
> Hello:
> I understand the reasons for getting rid of --with-ssl
> Unfortunately, we are currently using it.
> Are there any instructions on how to set up and stunnel
> for samba?

I sent some suggestions to one of the lists a day or so ago.

Basicly:  The server side is easy, just use stunnel as descibed in its own
manpage to 'sslify' a non-ssl deamon.  You will loose the magic 'detect if
client is using ssl or not' test, but other than that it should be fine.

For the client, it looks like you can use the magic LIBSMB_PROG environment
variable (which opens up a socket, places a program at the far end and 
pretends that this was the result of a normal connect.  This should be
sufficient to use stunnel in its 'proxy' mode.  We might look into
allowing a %I expansion in the LIBSMB_PROG environment variable for
the IP we would connect to.

Andrew Bartlett

More information about the samba mailing list