samba - May 2002 - Impending Removal of --with-ssl

This message is a warning: 

--with-ssl will die.

Ok, thats enough with the dramatics, but the general consensus amoungst the 
samba team is that --with-ssl really isn't a particulary smart idea, and 
it is better implmented by external tools.

So what is --with-ssl exactly?  And why kill it?

--with-ssl allows Samba to tunnel SMB inside an SSL connection.  Unfortunetly
there are only 2 clients:  smbclient and sharity.  Windows clients simply
don't know how to use SSL.

So why kill it?  It might be useful to sombody?

While some small minority of users might find it handy, it confuses many more,
including a supprising number of our distributors.  Users actually using this
functionality will find that they can achive almost the same effect by creative
use of 'stunnel' both as an inetd wrapper as as a 'LIBSMB_PROG'
program.

Finally, it is intrusive and ugly, with large #ifdef sections in what should
be simple code.

If sombody can come up with both reasons to keep this code, and time to 
maintain it, then I would like to hear it.

Andrew Bartlett

On Fri, 3 May 2002 abartlet@samba.org wrote:
> If sombody can come up with both reasons to keep this code, and time to
> maintain it, then I would like to hear it.
To second Andrew's (Bartlett's) comments, any proposal that 
does not include a a maintainer will fall on deaf ears.
The removal is slated for the 3.0 release.









cheers, jerry
 ---------------------------------------------------------------------
 Hewlett-Packard                                     http://www.hp.com
 SAMBA Team                                       http://www.samba.org
 --                                            http://www.plainjoe.org
 "Sam's Teach Yourself Samba in 24 Hours" 2ed.      ISBN
0-672-32269-2
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--

Hello:

I understand the reasons for getting rid of --with-ssl

Unfortunately, we are currently using it.

Are there any instructions on how to set up and stunnel
for samba?

Thanks,
	Neil.

--
Neil Aggarwal
JAMM Consulting, Inc.    (972) 612-6056, http://www.JAMMConsulting.com
Custom Internet Development    Websites, Ecommerce, Java, databases

> -----Original Message-----
> From: samba-admin@lists.samba.org [mailto:samba-admin@lists.samba.org]On
> Behalf Of abartlet@samba.org
> Sent: Friday, May 03, 2002 9:57 AM
> To: samba@samba.org
> Cc: samba-technical@samba.org
> Subject: [Samba] Impending Removal of --with-ssl
> 
> 
> This message is a warning: 
> 
> --with-ssl will die.
> 
> Ok, thats enough with the dramatics, but the general consensus 
> amoungst the 
> samba team is that --with-ssl really isn't a particulary smart idea,
and
> it is better implmented by external tools.
> 
> So what is --with-ssl exactly?  And why kill it?
> 
> --with-ssl allows Samba to tunnel SMB inside an SSL connection.  
> Unfortunetly
> there are only 2 clients:  smbclient and sharity.  Windows clients simply
> don't know how to use SSL.
> 
> So why kill it?  It might be useful to sombody?
> 
> While some small minority of users might find it handy, it 
> confuses many more,
> including a supprising number of our distributors.  Users 
> actually using this
> functionality will find that they can achive almost the same 
> effect by creative
> use of 'stunnel' both as an inetd wrapper as as a
'LIBSMB_PROG' program.
> 
> Finally, it is intrusive and ugly, with large #ifdef sections in 
> what should
> be simple code.
> 
> If sombody can come up with both reasons to keep this code, and time to 
> maintain it, then I would like to hear it.
> 
> Andrew Bartlett
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba