[MS-BKRP] backupkey server and GnuTLS
Andreas Schneider
asn at samba.org
Thu Nov 12 11:04:26 UTC 2015
Hello,
I've started to migrate the backupkey server implementation to GnuTLS.
https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/master-backupkey
The 5 patches before the TODO patch are working and pass the tests. They can
be pushed upstream.
To move on we have an issue. GnuTLS doesn't provide a function to set the
issuer unique id on a certificate. There is also no workaround because the
flag is cleared before singing. The function will be added to the next GnuTLS
release.
The bug for that is:
https://bugzilla.redhat.com/show_bug.cgi?id=1281343
As soon as the function is available I will add functions to use GnuTLS, if
not we will use the existing heimdal code. This means with a MIT KDC build you
will need a recent GnuTLS release.
Cheers,
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list