Remove more crypto (sha256, sha512, hmac-sha256) (was: Re: [PATCH] Remove lib/crypto/crc32.[ch])

Andrew Bartlett abartlet at
Tue Oct 16 04:07:52 UTC 2018

On Tue, 2018-10-16 at 05:13 +1300, Andrew Bartlett via samba-technical
> On Mon, 2018-10-15 at 11:36 +0200, Andreas Schneider wrote:
> > On Wednesday, 10 October 2018 11:17:59 CEST Andrew Bartlett wrote:
> > > The hard part about depending on external libs is that we need to be
> > > able to use such old versions.  For example, it looks like we will need
> > > to support gnutls 3.3 for RHEL7.  But we should go exactly as far as we
> > > can before we have to stop, and then go further as conditions improve.
> > 
> > I've started to migrate to GnuTLS and require version 3.3. But when looking at 
> > the gitlab images for CI. There is only gnutls 2.x available.
> > 
> > Checking for gnutls >= 3.4.7                      : not found 
> > Checking for gnutls >= 3.0.0s                     : not found 
> > Checking for gnutls >= 1.4.0 and broken versions  : yes 
> > 
> > I think this is Ubuntu trusty (14.04) which has libgnutls28-dev (GnuTLS 
> > 3.2.11). Either we require 3.2 and install it on autobuild or we update to a 
> > newer version.
> > 
> I'll sort out the package lists and update the docker image later
> today.
> Thanks for mentioning it!

OK, so this is the situation:

    openstack: The following information may help to resolve the
    openstack: The following packages have unmet dependencies:
    openstack: libcups2-dev : Depends: libgnutls-dev but it is not
going to be installed
    openstack: E: Unable to correct problems, you have held broken

(from packer, where I was trying the same package list as the docker
container would use). 

On sn-devel, we have:

abartlet at sn-devel-144:~$ dpkg --list| grep gnutls
ii  gnutls-bin                       3.0.11+really2.12.23-12ubuntu2.8           amd64        GNU TLS library - commandline utilities
ii  gnutls26-doc                     2.12.23-12ubuntu2.8                        all          GNU TLS library 2.x - documentation and examples
ii  libcurl3-gnutls:amd64            7.35.0-1ubuntu2.17                         amd64        easy-to-use client-side URL transfer library (GnuTLS flavour)
ii  libgnutls-dev                    2.12.23-12ubuntu2.8                        amd64        GNU TLS library - development files
ii  libgnutls-openssl27:amd64        2.12.23-12ubuntu2.8                        amd64        GNU TLS library - OpenSSL wrapper
ii  libgnutls26:amd64                2.12.23-12ubuntu2.8                        amd64        GNU TLS library - runtime library
ii  libgnutlsxx27:amd64              2.12.23-12ubuntu2.8                        amd64        GNU TLS library - C++ runtime library

So I think we are bit snookered for now, until we get sn-devel upgraded.


Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team
Samba Development and Support, Catalyst IT

More information about the samba-technical mailing list