Samba AD DC is broken

Richard Sharpe realrichardsharpe at gmail.com
Thu Mar 5 07:58:33 MST 2015


On Thu, Mar 5, 2015 at 2:03 AM, Andreas Schneider <asn at samba.org> wrote:
> Hello,
>
> Samba is broken on openSUSE and Fedora since commit:
>
> commit 43d3e90418b5e0ac5986e08f9483146f4f5d2357
> Author:     Garming Sam <garming at catalyst.net.nz>
> AuthorDate: Fri Feb 13 09:54:50 2015 +1300
> Commit:     Andrew Bartlett <abartlet at samba.org>
> CommitDate: Wed Feb 25 01:08:12 2015 +0100
>
>     backupkey: replace heimdal rsa key generation with GnuTLS
>
>     We use GnuTLS because it can reliably generate 2048 bit keys every time.
>
>     Windows clients strictly require 2048, no more since it won't fit and no
>     less either. Heimdal would almost always generate a smaller key.
>
>     Signed-off-by: Garming Sam <garming at catalyst.net.nz>
>     Reviewed-by: Andrew Bartlett <abartlet at samba.org>
>     BUG: https://bugzilla.samba.org/show_bug.cgi?id=10980
>
>
>
> FAILED (1698 failures, 151 errors and 2 unexpected successes in 792
> testsuites)
>
>
> I bisected it down to this commit on an openSUSE 13.2 system.
>
> gnutls-3.2.18-4.1.x86_64
>
>
> A colleague is having this issue with Fedora 21, gnutls-3.3.12-1.fc21.x86_64
>
>
> Please investigate and fix it.

Please file a bug!

-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)


More information about the samba-technical mailing list