diff -cr stunnel-3.11/FAQ stunnel-3.11kai/FAQ
*** stunnel-3.11/FAQ	Tue Dec 19 14:55:51 2000
--- stunnel-3.11kai/FAQ	Mon Dec 25 18:37:10 2000
***************
*** 92,97 ****
--- 92,102 ----
  A: Netscape uses specific protocol for SMTP - it's not just tunneling.
     You need to use '-n smtp' option.
  
+ Q: Samba over SSL, i.e. setting up a "network drive connection" over SSL
+    doesn't work. What should I do?
+ A: It's required to speak a protocol before the SSL connection starts.
+    you need to use '-n smb' option.
+ 
  Q: With my Windows 2000 Build 2195 I have the following errors:
       SSL_accept:error:140760F8:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
       SSL_accept:error:1409B0AB:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:missing tmp rsa key
diff -cr stunnel-3.11/protocol.c stunnel-3.11kai/protocol.c
*** stunnel-3.11/protocol.c	Thu Dec 21 18:57:17 2000
--- stunnel-3.11kai/protocol.c	Mon Dec 25 18:37:10 2000
***************
*** 74,89 ****
      return -1;
  }
  
  static int smb_client(int local, int remote)
  {
!     log(LOG_ERR, "Protocol not supported");
!     return -1;
  }
  
  static int smb_server(int local, int remote)
  {
!     log(LOG_ERR, "Protocol not supported");
!     return -1;
  }
  
  static int smtp_client(int local, int remote)
--- 74,179 ----
      return -1;
  }
  
+ 
+ static void    readWithLen(int fd, char *buf, int len)
+ {
+ int            rval, remaining = len;
+ 
+        while(remaining > 0){
+ #ifdef USE_WIN32
+                rval = recv(fd, buf, remaining, 0);
+ #else
+                rval = read(fd, buf, remaining);
+ #endif
+ 
+                if(rval < 0){
+         log(LOG_ERR, "read");
+         return;
+                }
+ 
+                if(rval == 0){
+         log(LOG_ERR, "broken pipe in read");
+         return;
+                }
+ 
+                buf += rval;
+                remaining -= rval;
+     }
+ }
+ 
+ static int     netbReceive(int fd, char *buf, int buflen)
+ {
+ int            len;
+ 
+        readWithLen(fd, buf, 4);
+        len = (unsigned char)buf[3];
+        len |= (int)((unsigned char)buf[2]) << 8;
+        if(len + 4 > buflen){
+         log(LOG_ERR, "received block too long");
+         return -1;
+        }
+        readWithLen(fd, buf + 4, len);
+        return len + 4;
+ }
+ 
+ 
+ static void    netbTransmit(int fd, char *buf)
+ {
+ int            len, written;
+ 
+        len = (unsigned char)buf[3];
+        len |= (int)((unsigned char)buf[2]) << 8;
+        len += 4;       /* length of header */
+        while(len > 0){
+ #ifdef USE_WIN32
+                written = send(fd, buf, len, 0);
+ #else
+                written = write(fd, buf, len);
+ #endif
+                if(written < 0){
+                        log(LOG_ERR, "write");
+                        return;
+                }
+                if(written == 0){
+                        log(LOG_ERR, "broken pipe in write");
+                        return;
+                }
+                buf += written;
+                len -= written;
+        }
+ }
+ 
+ 
  static int smb_client(int local, int remote)
  {
!        unsigned char buf[4096];
!        unsigned char   txPacket[4] = {0x81, 0, 0, 0};
!        netbTransmit(remote, (char *)txPacket);                 /* send dummy session request */
!        if(netbReceive(remote, (char *)buf, sizeof(buf)) != 5 || buf[0] != 0x83 || buf[4] != 0x8e){
!                        log(LOG_ERR, "Server does not require encryption! Connect without proxy!");
!                        return -1;
!        }
!        return 0;
  }
  
  static int smb_server(int local, int remote)
  {
!        unsigned char buf[4096];
!        unsigned char   response[5] = {0x83, 0, 0, 1, 0x81};
!         
!        netbReceive(remote, (char *)buf, sizeof(buf));
! 
!        if(buf[0] != 0x81){ /* first packet must be a session request */
!                log(LOG_ERR, "Client did not use session setup; access denied");
!                netbTransmit(remote, (char *)response);
!                return -1;
!        }
!  
!        response[4] = 0x8e;  /* negative session response: use SSL */
!         
!        netbTransmit(remote, (char *)response);
! 
!        return 0;
  }
  
  static int smtp_client(int local, int remote)
diff -cr stunnel-3.11/stunnel.c stunnel-3.11kai/stunnel.c
*** stunnel-3.11/stunnel.c	Thu Dec 21 19:45:34 2000
--- stunnel-3.11kai/stunnel.c	Mon Dec 25 18:37:10 2000
***************
*** 1099,1105 ****
          "\n  -t timeout\tsession cache timeout"
          "\n  -u user\tUse IDENT (RFC 1413) username checking"
          "\n  -n proto\tNegotiate SSL with specified protocol"
!         "\n\t\tcurrenty supported: smtp"
  	"\n  -N name\tService name to use for tcp wrapper checking"
  #ifndef USE_WIN32
          "\n  -s username\tsetuid() to username in daemon mode"
--- 1117,1123 ----
          "\n  -t timeout\tsession cache timeout"
          "\n  -u user\tUse IDENT (RFC 1413) username checking"
          "\n  -n proto\tNegotiate SSL with specified protocol"
!         "\n\t\tcurrently supported: smtp smb"
  	"\n  -N name\tService name to use for tcp wrapper checking"
  #ifndef USE_WIN32
          "\n  -s username\tsetuid() to username in daemon mode"
diff -cr stunnel-3.11/stunnel.sdf stunnel-3.11kai/stunnel.sdf
*** stunnel-3.11/stunnel.sdf	Tue Dec 19 14:55:51 2000
--- stunnel-3.11kai/stunnel.sdf	Mon Dec 25 18:41:01 2000
***************
*** 192,198 ****
  
  Negotiate SSL with specified protocol
  
! currenty supported: smtp
  
  =item B<-E> socket
  
--- 193,199 ----
  
  Negotiate SSL with specified protocol
  
! currenty supported: smtp smb
  
  =item B<-E> socket