Bug 436228
Summary: | gnutls 2.0 fails Samba4 'make test' | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Andrew Bartlett <abartlet> |
Component: | gnutls | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 9 | CC: | dcantrell, jorton, wtogami |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-10-01 11:09:25 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Andrew Bartlett
2008-03-06 00:15:32 UTC
The problem with version 2.2 is that it breaks ABI requiring rebuild of all dependencies - given the feature freeze I am afraid that it is too late to upgrade. It would be much better to find out why it hangs and fix it in 2.0. If you create a standalone test-case I can try to investigate the problem. Sorry, I have no standalone test case at this time. Talking with warren on IRC this morning, he thought there might just be time to push it though. It would seem a pity to have to write a gnutls blacklist into Samba4... I don't think there is enough time for that given the experiences with latest version upgrade of openssl which took a few weeks to settle rawhide to drop all the deps on the old library. There is about 70 packages which have to be rebuilt but the rebuild in koji has to be done in specific order (and there might be dependency loops even). > Talking with warren on IRC this morning, he thought there might just be time to
> push it though. It would seem a pity to have to write a gnutls blacklist into
> Samba4...
This is not true. I only said you should talk to the package owner.
Can you give the specific set of commands to check out and run the Samba test suite, which demonstrates the hang? (with gnutls headers in place) rsync -a ftp.samba.org::ftp/pub/unpacked/samba_4_0_test . cd samba_4_0_test/source ./configure.developer make test I have tried to approach this from various angles but without a definitve conclusion. Stracing revealed that the client (ldbsearch) and server (smbd) are deadlocked each waiting on the other side. Then I tried to bisect the change in the 2.1.x releases of gnutls to find which patch caused it to start working. I have found a patch which applied to 2.1.4 makes it work but this patch is already included in 2.0.4 and even doesn't seem to be related. My current opinion is that the implementation of event handling on nonblocking sockets in samba-4.0 might be incorrect in regards to gnutls and that it works with 1.6.3 and 2.2.x only by chance. One possible reason could be the client or server in samba prematurely clearing the write event handling although some SSL data are still to be sent from gnutls. Hmm, we did that (we added a fake read event, in testing for this bug) for read handling, but I'll try it for write handling. Thanks for all the effort you have obviously put into testing this! Changing version to '9' as part of upcoming Fedora 9 GA. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping Unfortunately there is no apparent way how to fix it currently, it might be API problem of GNUTLS with non-blocking io or some problem in Samba. |