[Samba] GnuTLS, modern Samba and RHEL Re: Samba rpms now available from CentOS Storage SIG
Andrew Bartlett
abartlet at samba.org
Thu Aug 20 08:04:26 UTC 2020
On Mon, 2020-08-17 at 12:05 +0530, Anoop C S via samba wrote:
> Hi all,
>
> This is to announce the availability of Samba(and CTDB) rpms from
> Storage SIG[1] on CentOS 7 and 8. Visit Samba's CentOS wiki page[2]
> for
> more details on installation steps.
>
> [1] https://wiki.centos.org/SpecialInterestGroup/Storage
> [2] https://wiki.centos.org/SpecialInterestGroup/Storage/Samba
G'Day Anoop,
I'm wondering how you plan to handle the need for a modern GnuTLS for
these builds?
I take it that you plan to just avoid Samba 4.12 and later on RHEL 8 /
CentOS 8?
Initially this sounds like a reasonable option but there is a further
wrinkle: Samba 4.12 exposes a GnuTLS bug:
https://bugzilla.samba.org/show_bug.cgi?id=14399
https://bugzilla.redhat.com/show_bug.cgi?id=1845083
https://gitlab.com/gnutls/gnutls/-/merge_requests/1278
Is there some way this is dodged or are you in a position to ensure
CentOS gets this fixed in that package (I can't see a patch in the
CentOS repo).
If you plan to write a compat-gnutls package do let me know as I would
like to exchange notes...
On the Samba side of things, how should we handle this? Can we even
detect this somehow and refuse to use the leaky routines?
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list