Currently, Samba uses the httpConnect function to connect to a CUPS server. This function simply calls httpConnectEncrypt with an encryption type of HTTP_ENCRYPT_IF_REQUESTED. As a result, Samba only works with CUPS servers with no encryption or that us TLS encryption.
I have included a patch against 3.0.32 that creates a new configuration parameter called 'cups encrypt'. This new parameter mirrors the existing 'cups server' option.
If it the new parameter is not set or set to 'Default', Samba will use CUPS's default method for encryption the way a null 'cups server' will use CUPS's default server. Otherwise, a user may define an encryption type to override the default behaviour.
I have attempted to provide some documentation for the new feature by adding a new XML file. However, I am not sure if any additional documentation is necessary.
Created attachment 3672 [details]
Patch to provide new 'cups encrypt' option.
This looks good, but we need a configure test for it so we make sure it's available in whatever version of the cups API installed on a machine.
independent and slightly different cups encryption support was added with commits
As this is a new feature it will by policy only be upstream after the 3.4 release series. But you can patch up your build with cups encryption support if you like...