Bug 1070171 (tlssled)
Summary: | Review Request: tlssled - An evaluation tool for SSL/TLS (HTTPS) web server implementations | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Fabian Affolter <mail> |
Component: | Package Review | Assignee: | Christopher Meng <i> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | i, package-review |
Target Milestone: | --- | Flags: | i:
fedora-review+
gwync: fedora-cvs+ |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | tlssled-1.3-3.fc20, tlssled-1.3-3.fc19 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-03-26 14:10:24 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 563471 |
Description
Fabian Affolter
2014-02-26 11:00:45 UTC
1. #!/usr/bin/env bash I'm not sure if we need to hack it to /bin/bash or /bin/sh. 2. install with -p. 3. Mix using tab and space: Requires: sslscan Requires: openssl Please unify. ------------------------------ Show me the fixed version and I will set +. PACKAGE APPROVED. Thanks for the review, Christopher. (In reply to Christopher Meng from comment #1) > 1. #!/usr/bin/env bash > > I'm not sure if we need to hack it to /bin/bash or /bin/sh. As far as I remember was this topic discussed 4-5 years ago. rpmbuild is picking env up so it will work. > 2. install with -p. fixed > 3. Mix using tab and space: fixed Updated files: Spec URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled.spec SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled-1.3-2.fc20.src.rpm There are mixed feelings about /usr/bin/env. /usr/bin/env as the dependency is less correct than a strict dependency on /usr/bin/bash (being the bash provided by Fedora). And if someone puts "bash" in a customised $PATH before /usr/bin, this may break the program and/or even make it insecure in case it's a vulnerable old bash. This also affects other script interpreters, see e.g. http://fedoraproject.org/wiki/Features/SystemPythonExecutablesUseSystemPython An old attempt at prohibiting /usr/bin/env in shebang: https://fedoraproject.org/wiki/Script_Interpreters_%28draft%29 So please use sed to replace the shebang line; Also, these contain tabs still: Name: tlssled Version: 1.3 Release: 2%{?dist} Summary: An evaluation tool for SSL/TLS (HTTPS) web server implementations License: GPLv3+ URL: http://www.taddong.com/en/lab.html Source: http://www.taddong.com/tools/TLSSLed_v%{version}.sh BuildArch: noarch Requires: sslscan Requires: openssl (In reply to Christopher Meng from comment #4) > Also, these contain tabs still: Not sure why rpmlint doesn't pick it up. Anyway, should be fixed now. * Tue Mar 04 2014 Fabian Affolter <mail> - 1.3-3 - Update shebang - Again spaces Updated files: Spec URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled.spec SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled-1.3-3.fc20.src.rpm PACKAGE APPROVED. Thanks again New Package SCM Request ======================= Package Name: tlssled Short Description: An evaluation tool for SSL/TLS (HTTPS) web server implementations Owners: fab Branches: f19 f20 InitialCC: Git done (by process-git-requests). Package Change Request ====================== Package Name: tlssled New Branches: el6 epel7 Owners: fab InitialCC: Git done (by process-git-requests). |