| |
@@ -6,7 +6,7 @@
|
| |
# ctdb is enabled by default, you can disable it with: --without clustering
|
| |
%bcond_without clustering
|
| |
|
| |
- %define main_release 0
|
| |
+ %define main_release 1
|
| |
|
| |
%define samba_version 4.7.3
|
| |
%define talloc_version 2.1.10
|
| |
@@ -47,6 +47,12 @@
|
| |
%endif
|
| |
%endif
|
| |
|
| |
+ %ifarch x86_64 i386
|
| |
+ %global with_intel_aes_accel 1
|
| |
+ %else
|
| |
+ %global with_intel_aes_accel 0
|
| |
+ %endif
|
| |
+
|
| |
%global libwbc_alternatives_version 0.14
|
| |
%global libwbc_alternatives_suffix %nil
|
| |
%if 0%{?__isa_bits} == 64
|
| |
@@ -839,6 +845,9 @@
|
| |
%if %{with testsuite}
|
| |
--enable-selftest \
|
| |
%endif
|
| |
+ %if %with_intel_aes_accel
|
| |
+ --accel-aes=intelaesni \
|
| |
+ %endif
|
| |
--with-systemd \
|
| |
--extra-python=%{__python3}
|
| |
|
| |
@@ -1567,6 +1576,9 @@
|
| |
%defattr(-,root,root)
|
| |
# common libraries
|
| |
%{_libdir}/samba/libpopt-samba3-samba4.so
|
| |
+ %if %{with_intel_aes_accel}
|
| |
+ %{_libdir}/samba/libaesni-intel-samba4.so
|
| |
+ %endif
|
| |
|
| |
%dir %{_libdir}/samba/ldb
|
| |
|
| |
@@ -3374,6 +3386,9 @@
|
| |
%endif # with_clustering_support
|
| |
|
| |
%changelog
|
| |
+ * Thu Nov 23 2017 Bastien Nocera <bnocera@redhat.com> - 4.7.3-1
|
| |
+ - Enable AES acceleration on Intel compatible CPUs by default
|
| |
+
|
| |
* Tue Nov 21 2017 Guenther Deschner <gdeschner@redhat.com> - 4.7.3-0
|
| |
- Update to Samba 4.7.3
|
| |
- resolves: #1515692 - Security fix for CVE-2017-14746 and CVE-2017-15275
|
| |
This increases encrypted throughput by about 100% on clients which use it. The throughput difference with an unencrypted communication seems to be due to server-side slowness on devices where acceleration is not available, or not built in.
See https://bugzilla.gnome.org/show_bug.cgi?id=790711