http://bugzilla.novell.com/show_bug.cgi?id=599644
http://bugzilla.novell.com/show_bug.cgi?id=599644#c0
Summary: [SMBTA] Encryption not supported for smbtad <-> clients Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Enhancement Priority: P5 - None Component: Samba AssignedTo: hhetter@novell.com ReportedBy: hhetter@novell.com QAContact: samba-maintainers@SuSE.de CC: mhaefner@novell.com, bbrunner@novell.com Found By: --- Blocker: ---
Support for AES encryption is currently missing on both sides, it's partially implemented in smbtad, and totally missing smbtadquery. AI : Holger, push AES encryption for the clients into the framework.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c1
Holger Hetterich hhetter@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |656695
--- Comment #1 from Holger Hetterich hhetter@novell.com 2010-12-12 11:44:10 UTC --- this is a going to be for 1.2.2
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c2
--- Comment #2 from Holger Hetterich hhetter@novell.com 2011-01-03 01:00:49 UTC --- Ok, having initial thoughts on how to implement this, I think there should be an enduser tool to create a key file in smbtatools, as we are going to use 2 keys on smbtad, one for communication with the module (which is samba-server related) and one for clients to query.
Samba 3.6.0 will feature such a tool, and we will need to have one in the smbtatools package to create a key for the clients and smbtad.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c3
--- Comment #3 from Holger Hetterich hhetter@novell.com 2011-01-05 22:02:15 UTC --- Ok I think I have the smbtad side of this bug completed. It's all in the devel branch right now. Testing can be done when the smbtatools side is done.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c4
--- Comment #4 from Holger Hetterich hhetter@novell.com 2011-01-05 22:04:17 UTC --- For the smbtatools code, we need to care that enough code has been moved into the common sourcebase so that we can enable encryption for every program smbtatools consists of, and make encryption completely self contained and transparent.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c5
--- Comment #5 from Holger Hetterich hhetter@novell.com 2011-01-06 19:07:58 UTC --- The smbtatools side is now read for encryption, in theory. Next step is testing and fixing what doesn't work.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c6
--- Comment #6 from Holger Hetterich hhetter@novell.com 2011-01-06 20:03:31 UTC --- An option -K has been added to smbtaquery, which creates a key file for use with smbtatools and smbtad.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c7
--- Comment #7 from Holger Hetterich hhetter@novell.com 2011-01-06 20:04:34 UTC --- best way to test the whole suite is to create an clone appliance of SMBTA Stresstest which works encrypted.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c8
--- Comment #8 from Holger Hetterich hhetter@novell.com 2011-01-07 15:11:06 UTC --- The most complex one, smbtaquery works encrypted now. Need to check the other clients.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c9
--- Comment #9 from Holger Hetterich hhetter@novell.com 2011-01-07 21:02:50 UTC --- All clients work encrypted, which makes me happy, as this was a long standing bug. The Bug will stay open until the documentation is updated.
https://bugzilla.novell.com/show_bug.cgi?id=599644
https://bugzilla.novell.com/show_bug.cgi?id=599644#c10
Holger Hetterich hhetter@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED
--- Comment #10 from Holger Hetterich hhetter@novell.com 2011-01-11 13:31:16 UTC --- Documentation has been updated. The existing documentation has been completely ripped out, and a whole new chapter has been added, describing how to enable encryption on every component.
resolving to fixed
http://bugzilla.novell.com/show_bug.cgi?id=599644 http://bugzilla.novell.com/show_bug.cgi?id=599644#c11
--- Comment #11 from Bernhard Wiedemann bwiedemann@suse.com --- This is an autogenerated message for OBS integration: This bug (599644) was mentioned in https://build.opensuse.org/request/show/58955 Factory / smbtad https://build.opensuse.org/request/show/59053 Tumbleweed / smbtad
-
bugzilla_noreply@novell.com