diff options
author | Andrew Bartlett <abartlet@samba.org> | 2021-08-16 14:25:54 +1200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2021-08-26 06:16:35 +0000 |
commit | 554bdfa8a04fd95c710b486890277dd92f685f2f (patch) | |
tree | c136c7a698bdea5f36c1b388f85137f328ea0747 /wscript_configure_system_mitkrb5 | |
parent | ff267c3c790c0ae9f276225f67fb543d6371cb53 (diff) | |
download | samba-554bdfa8a04fd95c710b486890277dd92f685f2f.tar.gz |
build: Move minimum MIT krb5 version to 1.19 to align with what is tested
This avoid shipping untested code and aligns with the version
used in GitLab CI for all the MIT builds.
The "bronze bit" (CVE-2020-17049) security fixes will need
a new MIT KDB version in any case, this prepares the ground
by removing the older version support.
(knownfail_mit_kdc updates taken from a patch by
Andreas Schneider <asn@samba.org> that did this optionally)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'wscript_configure_system_mitkrb5')
-rw-r--r-- | wscript_configure_system_mitkrb5 | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/wscript_configure_system_mitkrb5 b/wscript_configure_system_mitkrb5 index f971194c2cd..6f7bbd4ed13 100644 --- a/wscript_configure_system_mitkrb5 +++ b/wscript_configure_system_mitkrb5 @@ -9,7 +9,7 @@ krb5_min_required_version = "1.9" # Requried versions krb5_required_version = krb5_min_required_version if conf.CONFIG_SET('AD_DC_BUILD_IS_ENABLED'): - krb5_required_version = "1.15.1" + krb5_required_version = "1.19" def parse_version(v): return tuple(map(int, (v.split(".")))) @@ -77,8 +77,6 @@ if conf.env.KRB5_CONFIG: else: Logs.info('MIT Kerberos %s detected, MIT krb5 build can proceed' % (krb5_version)) - if parse_version(krb5_version) < parse_version('1.18'): - conf.DEFINE('HAVE_MIT_KRB5_PRE_1_18', 1) conf.define('USING_SYSTEM_MITKRB5', '"%s"' % krb5_version) conf.CHECK_CFG(args="--cflags --libs", package="com_err", uselib_store="com_err") |