diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-05-17 12:42:39 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-05-17 12:42:39 +0000 |
| commit | eed5094264945ca8ccf47030375cc56808ae8ea3 (patch) | |
| tree | 4a39aca15191b1a857e60f5a4b761fce29867688 /source3/lib | |
| parent | a64932dfc06af46d4a4eebd6fb537e229466b00b (diff) | |
| download | samba-eed5094264945ca8ccf47030375cc56808ae8ea3.tar.gz samba-eed5094264945ca8ccf47030375cc56808ae8ea3.tar.bz2 samba-eed5094264945ca8ccf47030375cc56808ae8ea3.zip | |
This removes --with-ssl from Samba.
This option was badly maintained, useless and confused our users and
distirbutors. (its SSL, therfore it must be good...)
No windows client uses this protocol without help from an SSL tunnel.
I can't see any reason why setting up a unix-side SSL wrapper would
be any more difficult than the > 10 config options this mess added
to samba in any case.
On the Samba client end, I think the LIBSMB_PROG hack should be
sufficient to start stunnel on the unix side. We might extend this
to take %i and %p (IP and port) if there is demand.
Andrew Bartlett
(This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
Diffstat (limited to 'source3/lib')
| -rw-r--r-- | source3/lib/util.c | 7 | ||||
| -rw-r--r-- | source3/lib/util_sock.c | 71 |
2 files changed, 0 insertions, 78 deletions
diff --git a/source3/lib/util.c b/source3/lib/util.c index 5f80fa6757..bb9b96b361 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -52,13 +52,6 @@ #endif /* WITH_NISPLUS_HOME */ #endif /* HAVE_NETGROUP && WITH_AUTOMOUNT */ -#ifdef WITH_SSL -#include <openssl/ssl.h> -#undef Realloc /* SSLeay defines this and samba has a function of this name */ -extern SSL *ssl; -extern int sslFd; -#endif /* WITH_SSL */ - int Protocol = PROTOCOL_COREPLUS; /* a default finfo structure to ensure all fields are sensible */ diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 5bdfb24be4..da75228870 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -21,13 +21,6 @@ #include "includes.h" -#ifdef WITH_SSL -#include <openssl/ssl.h> -#undef Realloc /* SSLeay defines this and samba has a function of this name */ -extern SSL *ssl; -extern int sslFd; -#endif /* WITH_SSL */ - /* the last IP received from */ struct in_addr lastip; @@ -243,15 +236,7 @@ static ssize_t read_socket_with_timeout(int fd,char *buf,size_t mincnt,size_t ma if (mincnt == 0) mincnt = maxcnt; while (nread < mincnt) { -#ifdef WITH_SSL - if (fd == sslFd) { - readret = SSL_read(ssl, buf + nread, maxcnt - nread); - } else { - readret = sys_read(fd, buf + nread, maxcnt - nread); - } -#else /* WITH_SSL */ readret = sys_read(fd, buf + nread, maxcnt - nread); -#endif /* WITH_SSL */ if (readret == 0) { DEBUG(5,("read_socket_with_timeout: blocking read. EOF from client.\n")); @@ -300,15 +285,7 @@ static ssize_t read_socket_with_timeout(int fd,char *buf,size_t mincnt,size_t ma return -1; } -#ifdef WITH_SSL - if (fd == sslFd) { - readret = SSL_read(ssl, buf + nread, maxcnt - nread); - }else{ - readret = sys_read(fd, buf + nread, maxcnt - nread); - } -#else /* WITH_SSL */ readret = sys_read(fd, buf+nread, maxcnt-nread); -#endif /* WITH_SSL */ if (readret == 0) { /* we got EOF on the file descriptor */ @@ -353,15 +330,7 @@ ssize_t read_with_timeout(int fd, char *buf, size_t mincnt, size_t maxcnt, if (mincnt == 0) mincnt = maxcnt; while (nread < mincnt) { -#ifdef WITH_SSL - if(fd == sslFd){ - readret = SSL_read(ssl, buf + nread, maxcnt - nread); - }else{ - readret = sys_read(fd, buf + nread, maxcnt - nread); - } -#else /* WITH_SSL */ readret = sys_read(fd, buf + nread, maxcnt - nread); -#endif /* WITH_SSL */ if (readret <= 0) return readret; @@ -383,15 +352,7 @@ ssize_t read_with_timeout(int fd, char *buf, size_t mincnt, size_t maxcnt, if(selrtn <= 0) return selrtn; -#ifdef WITH_SSL - if(fd == sslFd){ - readret = SSL_read(ssl, buf + nread, maxcnt - nread); - }else{ - readret = sys_read(fd, buf + nread, maxcnt - nread); - } -#else /* WITH_SSL */ readret = sys_read(fd, buf+nread, maxcnt-nread); -#endif /* WITH_SSL */ if (readret <= 0) return readret; @@ -429,15 +390,7 @@ ssize_t read_data(int fd,char *buffer,size_t N) smb_read_error = 0; while (total < N) { -#ifdef WITH_SSL - if(fd == sslFd){ - ret = SSL_read(ssl, buffer + total, N - total); - }else{ - ret = sys_read(fd,buffer + total,N - total); - } -#else /* WITH_SSL */ ret = sys_read(fd,buffer + total,N - total); -#endif /* WITH_SSL */ if (ret == 0) { DEBUG(10,("read_data: read of %d returned 0. Error = %s\n", (int)(N - total), strerror(errno) )); @@ -467,15 +420,7 @@ static ssize_t read_socket_data(int fd,char *buffer,size_t N) smb_read_error = 0; while (total < N) { -#ifdef WITH_SSL - if(fd == sslFd){ - ret = SSL_read(ssl, buffer + total, N - total); - }else{ - ret = sys_read(fd,buffer + total,N - total); - } -#else /* WITH_SSL */ ret = sys_read(fd,buffer + total,N - total); -#endif /* WITH_SSL */ if (ret == 0) { DEBUG(10,("read_socket_data: recv of %d returned 0. Error = %s\n", (int)(N - total), strerror(errno) )); @@ -503,15 +448,7 @@ ssize_t write_data(int fd,char *buffer,size_t N) ssize_t ret; while (total < N) { -#ifdef WITH_SSL - if(fd == sslFd){ - ret = SSL_write(ssl,buffer + total,N - total); - }else{ - ret = sys_write(fd,buffer + total,N - total); - } -#else /* WITH_SSL */ ret = sys_write(fd,buffer + total,N - total); -#endif /* WITH_SSL */ if (ret == -1) { DEBUG(0,("write_data: write failure. Error = %s\n", strerror(errno) )); @@ -535,15 +472,7 @@ ssize_t write_socket_data(int fd,char *buffer,size_t N) ssize_t ret; while (total < N) { -#ifdef WITH_SSL - if(fd == sslFd){ - ret = SSL_write(ssl,buffer + total,N - total); - }else{ - ret = sys_send(fd,buffer + total,N - total, 0); - } -#else /* WITH_SSL */ ret = sys_send(fd,buffer + total,N - total,0); -#endif /* WITH_SSL */ if (ret == -1) { DEBUG(0,("write_socket_data: write failure. Error = %s\n", strerror(errno) )); |