Require GnuTLS 3.4.7 for Samba 4.12 in March 2020?
nkadel at gmail.com
Thu Aug 8 12:06:10 UTC 2019
On Thu, Aug 8, 2019 at 1:07 AM Andrew Bartlett <abartlet at samba.org> wrote:
> On Thu, 2019-08-01 at 08:58 +0200, Andreas Schneider wrote:
> > On Wednesday, July 31, 2019 7:37:10 AM CEST Nico Kadel-Garcia via samba-
> > technical wrote:
> > > I only repackage that, I didn't write it, Credit where it's due, and
> > >
> > > quoting from the README.md there:
> > > > > This is based on sergiomb2's work at
> > > > >
> > > > > https://github.com/sergiomb2/SambaAD
> > >
> > > So Sergio gets credit. But I'm already using it for RHEL 7/CenbtOS 7.
> > > I've done some very limited testing with RHEL 8, but am waiting for
> > > CentOS 8 to finally be released to really test that.
> > >
> > > > >  Sadly we couldn't totally remove the Samba AES code, as SMB 2.24
> > > > > requires AES-CMAC-128, but the impact would be far more constrained.
> > >
> > > Fair enough. I'd say accept the requirement of a compatibility library
> > > for older operating systems, and I'm glad Sergio did most of the work.
> > Is there a copr repo with the compat-gnutls34 available somewhere?
> Do you mean this:
> Can you take charge of getting this into to the CentOS7 image used for
> CI so we can proceed with this?
> Andrew Bartlett
That's the one I use. I refactored those for my samba4repo.
You'll also need the compat-nettle32 package, which is a dependency
I'm not sure what you're using for CI. I really have gotten
comfortable with the "samba4repo" setup I use, where all the libraries
are in their own git repos and I use git submodules, and I use "mock"
to provide a full end-to-end build of all the packages in a local
repo. That is the setup I've mentioned before, at:
I'm afraid that whether mock on a particular operating system handles
a local file:/// repository has been a bit of a crapshoot, to make
this work on some build hosts I've had to activate a web service to
enable http:// access to the local repo. My setup includes building
some nginx.conf.d/ files for providing just that, as well.
More information about the samba-technical