mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
WHATSNEW: Document new GnuTLS 3.4.7 requirement
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 27 06:01:50 UTC 2019 on sn-devel-184
This commit is contained in:
parent
2ee1764ca8
commit
b406b92824
22
WHATSNEW.txt
22
WHATSNEW.txt
@ -17,6 +17,28 @@ NEW FEATURES/CHANGES
|
|||||||
====================
|
====================
|
||||||
|
|
||||||
|
|
||||||
|
GnuTLS 3.4.7 required
|
||||||
|
---------------------
|
||||||
|
|
||||||
|
Samba is making efforts to remove in-tree cryptographic functionality,
|
||||||
|
and to instead rely on externally maintained libraries. To this end,
|
||||||
|
Samba has chosen GnuTLS as our standard cryptographic provider.
|
||||||
|
|
||||||
|
Samba now requires GnuTLS 3.4.7 to be installed (including development
|
||||||
|
headers at build time) for all configurations, not just the Samba AD
|
||||||
|
DC.
|
||||||
|
|
||||||
|
NOTE WELL: The use of GnuTLS means that Samba will honour the
|
||||||
|
system-wide 'FIPS mode' (a reference to the US FIPS-140 cryptographic
|
||||||
|
standard) and so will not operate in many still common situations if
|
||||||
|
this system-wide parameter is in effect, as many of our protocols rely
|
||||||
|
on outdated cryptography.
|
||||||
|
|
||||||
|
A future Samba version will mitigate this to some extent where good
|
||||||
|
cryptography effectively wraps bad cryptography, but for now that above
|
||||||
|
applies.
|
||||||
|
|
||||||
|
|
||||||
REMOVED FEATURES
|
REMOVED FEATURES
|
||||||
================
|
================
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user