The Samba distribution GPG public key can be used to verify that current releases have not been tampered with. Using GnuPG, simply download the Samba source distribution, the tarball signature, and the Samba distribution public key. Then run
$ gpg --import samba-pubkey.asc $ gunzip samba-version.tar.gz $ gpg --verify samba-release.tar.asc gpg: Signature made Tue 20 Nov 2007 07:12:04 PM CST using \ DSA key ID 6568B7EA gpg: Good signature from "Samba Distribution Verification Key \ ‹firstname.lastname@example.org›
All major Linux and Free Unix distributions have Samba as a native package. See your distributor's package or port system for a native install of samba on your system.
https://samba.plus/ offers Samba packages for SLES, RHEL, and Debian and AIX.
http://en.openSUSE.org/Samba offers Samba packages for all SuSE Linux products (including SLES).
Git SourcesYou can also fetch the sources using the GIT source code control system. The advantage of fetching via GIT is can update your sources at any time using a single command. See the Git instructions.