[MS-BKRP] backupkey server and GnuTLS

Garming Sam garming at catalyst.net.nz
Wed Dec 9 05:37:49 UTC 2015


I haven't had much time to compare the new changes (although I don't 
expect anything surprising from them). But I do notice that the patch 
originally proposed to disable the CA status in Heimdal appears to be 
missing (as well as a missing signoff in the patch series). Assuming 
these are fixed/addressed and there aren't any other objections, feel 
free to put my review on the patches (unless I reply back with something 
glaring in the next few days).



On 04/12/15 06:56, Andreas Schneider wrote:
> On Wednesday 02 December 2015 22:24:50 Stefan Metzmacher wrote:
>>> The option I see is that we are looking for GnuTLS 3.4.7, if present we
>>> build
>>> dcesrv_backupkey_gnutls.c
>>> if not and we do a heimdal build, we build the old code which we rename
>>> to:
>>> dcesrv_backupkey_heimdal.c
>> I'd prefer this option.
>> metze
> Here we go:
> https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/master-dcesrv-bkrp
> Tested with Fedora 23 (GnuTLS 3.4.7, Heimdal and MIT Kerberos case) and Ubuntu
> 14.04 ...
> If it detects GnuTLS 3.4.7 it uses the gnutls based code, even if we build
> against Heimdal. For the MIT Kerberos build GnuTLS 3.4.7 is mandatory!
> 	-- andreas

More information about the samba-technical mailing list