[Bug 599644] New: [SMBTA] Encryption not supported for smbtad <-> clients

http://bugzilla.novell.com/show_bug.cgi?id=599644 http://bugzilla.novell.com/show_bug.cgi?id=599644#c0 Summary: [SMBTA] Encryption not supported for smbtad <-> clients Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Enhancement Priority: P5 - None Component: Samba AssignedTo: hhetter@novell.com ReportedBy: hhetter@novell.com QAContact: samba-maintainers@SuSE.de CC: mhaefner@novell.com, bbrunner@novell.com Found By: --- Blocker: --- Support for AES encryption is currently missing on both sides, it's partially implemented in smbtad, and totally missing smbtadquery. AI : Holger, push AES encryption for the clients into the framework. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c1 Holger Hetterich <hhetter@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |656695 --- Comment #1 from Holger Hetterich <hhetter@novell.com> 2010-12-12 11:44:10 UTC --- this is a going to be for 1.2.2 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c2 --- Comment #2 from Holger Hetterich <hhetter@novell.com> 2011-01-03 01:00:49 UTC --- Ok, having initial thoughts on how to implement this, I think there should be an enduser tool to create a key file in smbtatools, as we are going to use 2 keys on smbtad, one for communication with the module (which is samba-server related) and one for clients to query. Samba 3.6.0 will feature such a tool, and we will need to have one in the smbtatools package to create a key for the clients and smbtad. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c3 --- Comment #3 from Holger Hetterich <hhetter@novell.com> 2011-01-05 22:02:15 UTC --- Ok I think I have the smbtad side of this bug completed. It's all in the devel branch right now. Testing can be done when the smbtatools side is done. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c4 --- Comment #4 from Holger Hetterich <hhetter@novell.com> 2011-01-05 22:04:17 UTC --- For the smbtatools code, we need to care that enough code has been moved into the common sourcebase so that we can enable encryption for every program smbtatools consists of, and make encryption completely self contained and transparent. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c5 --- Comment #5 from Holger Hetterich <hhetter@novell.com> 2011-01-06 19:07:58 UTC --- The smbtatools side is now read for encryption, in theory. Next step is testing and fixing what doesn't work. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c6 --- Comment #6 from Holger Hetterich <hhetter@novell.com> 2011-01-06 20:03:31 UTC --- An option -K has been added to smbtaquery, which creates a key file for use with smbtatools and smbtad. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c7 --- Comment #7 from Holger Hetterich <hhetter@novell.com> 2011-01-06 20:04:34 UTC --- best way to test the whole suite is to create an clone appliance of SMBTA Stresstest which works encrypted. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c8 --- Comment #8 from Holger Hetterich <hhetter@novell.com> 2011-01-07 15:11:06 UTC --- The most complex one, smbtaquery works encrypted now. Need to check the other clients. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c9 --- Comment #9 from Holger Hetterich <hhetter@novell.com> 2011-01-07 21:02:50 UTC --- All clients work encrypted, which makes me happy, as this was a long standing bug. The Bug will stay open until the documentation is updated. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=599644 https://bugzilla.novell.com/show_bug.cgi?id=599644#c10 Holger Hetterich <hhetter@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #10 from Holger Hetterich <hhetter@novell.com> 2011-01-11 13:31:16 UTC --- Documentation has been updated. The existing documentation has been completely ripped out, and a whole new chapter has been added, describing how to enable encryption on every component. resolving to fixed -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=599644 http://bugzilla.novell.com/show_bug.cgi?id=599644#c11 --- Comment #11 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (599644) was mentioned in https://build.opensuse.org/request/show/58955 Factory / smbtad https://build.opensuse.org/request/show/59053 Tumbleweed / smbtad -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com