Bug 2325519

Summary: Review Request: bearssl - A C implementation of the SSL/TLS protocol (RFC 5246)
Product: [Fedora] Fedora Reporter: Benson Muite <benson_muite>
Component: Package ReviewAssignee: Nobody's working on this, feel free to take it <nobody>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: decathorpe, package-review
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
URL: https://www.bearssl.org
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Benson Muite 2024-11-12 15:28:02 UTC 
spec: https://download.copr.fedorainfracloud.org/results/fed500/bearssl/fedora-rawhide-x86_64/08247059-bearssl/bearssl.spec
srpm: https://download.copr.fedorainfracloud.org/results/fed500/bearssl/fedora-rawhide-x86_64/08247059-bearssl/bearssl-0.6-1.fc42.src.rpm

description:
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246) written in C.
It aims at offering the following features:

- Be correct and secure. In particular, insecure protocol versions and choices
of algorithms are not supported, by design; cryptographic algorithm
implementations are constant-time by default.

- Be small, both in RAM and code footprint. For instance, a minimal server
implementation may fit in about 20 kilobytes of compiled code and 25 kilobytes
of RAM.

- Be highly portable. BearSSL targets not only “big†operating systems like
Linux and Windows, but also small embedded systems and even special contexts
like bootstrap code.

- Be feature-rich and extensible. SSL/TLS has many defined cipher suites and
extensions; BearSSL should implement most of them, and allow extra algorithm
implementations to be added afterwards, possibly from third parties.

fas: fed500


Reproducible: Always
Comment 1 Fedora Review Service 2024-11-12 15:36:59 UTC 
Copr build:
https://copr.fedorainfracloud.org/coprs/build/8247081
(succeeded)

Review template:
https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2325519-bearssl/fedora-rawhide-x86_64/08247081-bearssl/fedora-review/review.txt

Please take a look if any issues were found.


---
This comment was created by the fedora-review-service
https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new
Spec and SRPM URLs or [fedora-review-service-build] string.
Comment 2 Fabio Valentini 2024-11-12 21:13:15 UTC 
Please refer to the relevant policy:
https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/#_new_crypto_libraries

In particular, don't make the same mistakes as those that happened in
https://bugzilla.redhat.com/show_bug.cgi?id=2302646 / https://pagure.io/fesco/issue/3267
Comment 3 Benson Muite 2024-11-13 09:16:58 UTC 
Thanks, raised
https://pagure.io/packaging-committee/issue/1407