[Samba] GnuTLS, modern Samba and RHEL Re: Samba rpms now available from CentOS Storage SIG

Andrew Bartlett abartlet at samba.org
Thu Aug 20 08:04:26 UTC 2020

On Mon, 2020-08-17 at 12:05 +0530, Anoop C S via samba wrote:
> Hi all,
> This is to announce the availability of Samba(and CTDB) rpms from
> Storage SIG[1] on CentOS 7 and 8. Visit Samba's CentOS wiki page[2]
> for
> more details on installation steps.
> [1] https://wiki.centos.org/SpecialInterestGroup/Storage
> [2] https://wiki.centos.org/SpecialInterestGroup/Storage/Samba

G'Day Anoop,

I'm wondering how you plan to handle the need for a modern GnuTLS for
these builds?

I take it that you plan to just avoid Samba 4.12 and later on RHEL 8 /
CentOS 8?  

Initially this sounds like a reasonable option but there is a further
wrinkle:  Samba 4.12 exposes a GnuTLS bug:

Is there some way this is dodged or are you in a position to ensure
CentOS gets this fixed in that package (I can't see a patch in the
CentOS repo).

If you plan to write a compat-gnutls package do let me know as I would
like to exchange notes...

On the Samba side of things, how should we handle this?  Can we even
detect this somehow and refuse to use the leaky routines?

Andrew Bartlett 
Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          

More information about the samba mailing list