[Samba] GnuTLS, modern Samba and RHEL Re: Samba rpms now available from CentOS Storage SIG
Anoop C S
anoopcs at samba.org
Mon Aug 24 11:44:07 UTC 2020
On Thu, 2020-08-20 at 20:04 +1200, Andrew Bartlett via samba wrote:
> On Mon, 2020-08-17 at 12:05 +0530, Anoop C S via samba wrote:
> > Hi all,
> >
> > This is to announce the availability of Samba(and CTDB) rpms from
> > Storage SIG[1] on CentOS 7 and 8. Visit Samba's CentOS wiki page[2]
> > for
> > more details on installation steps.
> >
> > [1] https://wiki.centos.org/SpecialInterestGroup/Storage
> > [2] https://wiki.centos.org/SpecialInterestGroup/Storage/Samba
>
> G'Day Anoop,
>
> I'm wondering how you plan to handle the need for a modern GnuTLS for
> these builds?
>
> I take it that you plan to just avoid Samba 4.12 and later on RHEL 8
> /
> CentOS 8?
Yes and I hope you meant RHEL 7/CentOS 7 as they do not have minimum
required GnuTLS version for building Samba 4.12 or later.
> Initially this sounds like a reasonable option but there is a further
> wrinkle: Samba 4.12 exposes a GnuTLS bug:
> https://bugzilla.samba.org/show_bug.cgi?id=14399
> https://bugzilla.redhat.com/show_bug.cgi?id=1845083
> https://gitlab.com/gnutls/gnutls/-/merge_requests/1278
>
> Is there some way this is dodged or are you in a position to ensure
> CentOS gets this fixed in that package (I can't see a patch in the
> CentOS repo).
Build process for those Samba packages are currently dependant on the
GnuTLS version with default RHEL 8/CentOS 8 repositories. I am hopeful
that with the following bug, we will have the fix available eventually
with CentOS 8 too.
https://bugzilla.redhat.com/show_bug.cgi?id=1844112
> If you plan to write a compat-gnutls package do let me know as I
> would
> like to exchange notes...
Not yet.
> On the Samba side of things, how should we handle this? Can we even
> detect this somehow and refuse to use the leaky routines?
I haven't thought about it. I will communicate when I have something to
share.
More information about the samba
mailing list