Samba AD DC is broken

Andreas Schneider asn at samba.org
Thu Mar 5 08:35:12 MST 2015


On Thursday 05 March 2015 06:58:33 Richard Sharpe wrote:
> On Thu, Mar 5, 2015 at 2:03 AM, Andreas Schneider <asn at samba.org> wrote:
> > Hello,
> > 
> > Samba is broken on openSUSE and Fedora since commit:
> > 
> > commit 43d3e90418b5e0ac5986e08f9483146f4f5d2357
> > Author:     Garming Sam <garming at catalyst.net.nz>
> > AuthorDate: Fri Feb 13 09:54:50 2015 +1300
> > Commit:     Andrew Bartlett <abartlet at samba.org>
> > CommitDate: Wed Feb 25 01:08:12 2015 +0100
> > 
> >     backupkey: replace heimdal rsa key generation with GnuTLS
> >     
> >     We use GnuTLS because it can reliably generate 2048 bit keys every
> >     time.
> >     
> >     Windows clients strictly require 2048, no more since it won't fit and
> >     no
> >     less either. Heimdal would almost always generate a smaller key.
> >     
> >     Signed-off-by: Garming Sam <garming at catalyst.net.nz>
> >     Reviewed-by: Andrew Bartlett <abartlet at samba.org>
> >     BUG: https://bugzilla.samba.org/show_bug.cgi?id=10980
> > 
> > FAILED (1698 failures, 151 errors and 2 unexpected successes in 792
> > testsuites)
> > 
> > 
> > I bisected it down to this commit on an openSUSE 13.2 system.
> > 
> > gnutls-3.2.18-4.1.x86_64
> > 
> > 
> > A colleague is having this issue with Fedora 21,
> > gnutls-3.3.12-1.fc21.x86_64
> > 
> > 
> > Please investigate and fix it.
> 
> Please file a bug!

Here is the bug for you:

https://bugzilla.samba.org/show_bug.cgi?id=11135


The code is only in master so ...


-- 
Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org
www.samba.org



More information about the samba-technical mailing list