[MS-BKRP] backupkey server and GnuTLS

Stefan Metzmacher metze at samba.org
Wed Dec 2 21:24:50 UTC 2015

Hi Andreas,

>> That was mostly what I was expecting. Well the configure identifies that
>> my system is missing the package, although a better error message could
>> be nice. Some of the others like ldap, suggest some packages to install.
>> I would suggest rearranging the code so that the conf.fatal is triggered
>> and make sure to include the minimum version in that user message.
> Well, the question is if we want to require GnuTLS 3.2 or not.
> Can you test if only the changes to the torture test work on your machine?
>> However, libcups2-dev appears to rely on libgnutls-dev and installing
>> libgnutls28-dev removes it (and reinstalling libcups2-dev will remove
>> libgnutls28-dev).
>> I also originally thought gnutls_x509_privkey_import_rsa_raw2 was
>> usable, but there was an odd linkage error. That might be on my end but
>> it's not really important if the requirement is higher.
>> I presume the question will be supporting Centos 6, and regarding
>> impact, this would probably have to be fielded to others.
> The option I see is that we are looking for GnuTLS 3.4.7, if present we build 
> dcesrv_backupkey_gnutls.c
> if not and we do a heimdal build, we build the old code which we rename to:
> dcesrv_backupkey_heimdal.c

I'd prefer this option.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20151202/d2c33e85/signature.sig>

More information about the samba-technical mailing list