Bug 429609

Summary: Review Request: perl-CGI-SpeedyCGI - Speed up perl scripts by running them persistently
Product: [Fedora] Fedora Reporter: Robert Scheck <redhat-bugzilla>
Component: Package ReviewAssignee: Jason Tibbitts <j>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: fedora-package-review, jorton, notting
Target Milestone: ---Flags: j: fedora-review+
kevin: fedora-cvs+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-05-04 19:56:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Robert Scheck 2008-01-21 22:29:56 UTC
Spec URL: http://labs.linuxnetz.de/bugzilla/perl-CGI-SpeedyCGI.spec
SRPM URL: http://labs.linuxnetz.de/bugzilla/perl-CGI-SpeedyCGI-2.22-1.src.rpm
Description: Speed up perl scripts by running them persistently
SpeedyCGI is a way to run perl scripts persistently, which can make them run 
much more quickly. After the script is initially run, instead of exiting, the 
perl interpreter is kept running. During subsequent runs, this interpreter is 
used to handle new executions instead of starting a new perl interpreter each 
time. It is a very fast frontend program, written in C, is executed for each 
request.

Maybe Joe can have a look to my Apache specific patch, you're much more close 
to Apache hacking and I don't use the Apache part of perl-CGI-SpeedyCGI...

Comment 1 Jason Tibbitts 2008-01-25 02:18:17 UTC
I can review the packaging here, but I'm not qualified to evaluate the patch for
apache 2.2.  However, I do note that it has a few hunks fewer than the one in
the upstream bug tracker: http://rt.cpan.org/Public/Bug/Display.html?id=23920

Perhaps you could evaluate the additional apr_filepath_name_get changes there.

Comment 2 Robert Scheck 2008-01-25 07:16:09 UTC
That's why I'm trying to move the Apache patch review to Joe. Yesterday I 
noticed, that PLD Linux has (more or less) the same patch as I wrote - they
are using while, I'm using foreach. But that patch thing shouldn't hold up
the review itself, shouldn't it?

Comment 3 Joe Orton 2008-01-25 15:40:58 UTC
The patch will compile and work.  mod_speedycgi2.c is a rather stale fork of
upstream mod_cgi.c and lacks the improvements and bug fixes from over a couple
of years.

w.r.t to code changed in the patch itself, the second loop is OK, but the
discard_script_output loop is sub-optimal, it should look something like this:
(untested)

    while ((e = APR_BRIGADE_FIRST(bb)) != APR_BRIGADE_SENTINEL(bb)) {
        if (APR_BUCKET_IS_EOS(e)) {
            break;
        }

        rv = apr_bucket_read(e, &buf, &len, APR_BLOCK_READ);
        if (rv != APR_SUCCESS) {
            break;
        }

        apr_bucket_delete(e);
    }



Comment 4 Robert Scheck 2008-01-25 17:06:16 UTC
Well, should I better take this one? http://cvs.pld-linux.org/cgi-bin/
cvsweb.cgi/~checkout~/SOURCES/perl-CGI-SpeedyCGI-apr.patch?rev=1.1;content-
type=text%2Fplain -- it looks more like yours.

Comment 5 Jason Tibbitts 2008-01-26 18:29:00 UTC
I'll completely sidestep the issue of that patch.  However, a check of the
licensing reveals something that troubles me.  The following file starts with
the usual GPL license block and then says "/* Based on apache's mod_cgi.c */"
and goes on to quote what I think is the 1.0 Apache license:
http://search.cpan.org/src/HORROCKS/CGI-SpeedyCGI-2.22/src/mod_speedycgi.c

My understanding is that it is not remotely kosher to relicense ASL code (any
version) as GPLv2.  Maybe v3, but I'm no expert.  Blocking FE-Legal so someone
who understands this can take a look.  However, I've already done most of this
review so I'll go ahead and finish it up and if the legal folks say it's OK then
at least the work won't be wasted.

rpmlint says:
  mod_speedycgi.x86_64: W: no-documentation
which is OK.  However, becase this requires the end user to make modification to
the installed .conf file, could you add a README.Fedora file indicating what the
user needs to do to make things work?

* source files match upstream:
   9021a5c6d8ed205422f091209addf7d1be27222adbcbd17bc52fbc527bcc6f98  
   CGI-SpeedyCGI-2.22.tar.gz
* package meets naming and versioning guidelines.
* specfile is properly named, is cleanly written and uses macros consistently.
* summary is OK.
* description is OK.
* dist tag is present.
* build root is OK.
? license field matches the actual license.
? license is open source-compatible.
* license text included in package.
* latest version is being packaged.
* BuildRequires are proper.
* compiler flags are appropriate.
* %clean is present.
* package builds in mock (rawhide, x86_64).
* package installs properly
* debuginfo package looks complete.
* rpmlint has acceptable complaints.
* final provides and requires are sane:
  mod_speedycgi-2.22-1.fc9.x86_64.rpm
   config(mod_speedycgi) = 2.22-1.fc9
   mod_speedycgi.so()(64bit)
   mod_speedycgi = 2.22-1.fc9
  =
   config(mod_speedycgi) = 2.22-1.fc9
   httpd >= 2.0.40
   httpd-mmn = 20051115
   perl-CGI-SpeedyCGI = 2.22-1.fc9

  perl-CGI-SpeedyCGI-2.22-1.fc9.x86_64.rpm
   perl(CGI::SpeedyCGI) = 2.22
   perl-CGI-SpeedyCGI = 2.22-1.fc9
  =
   libperl.so()(64bit)
   libutil.so.1()(64bit)
   perl(:MODULE_COMPAT_5.8.8)
   perl(strict)
   perl(vars)

* %check is not present; no test suite upstream.  I have not attempted to test 
   this.
* no shared libraries are added to the regular linker search paths.
* owns the directories it creates.
* doesn't own any directories it shouldn't.
* no duplicates in %files.
* file permissions are appropriate.
* no scriptlets present.
* code, not content.
* documentation is small, so no -doc subpackage is necessary.
* %docs are not necessary for the proper functioning of the package.
* no headers.
* no pkgconfig files.
* no static libraries.
* no libtool .la files.

Comment 6 Tom "spot" Callaway 2008-02-18 21:10:08 UTC
The only way this code is kosher is if we leverage the + in the license to make
it GPLv3, since GPLv2 is incompatible with ASL 1.0.

Please contact upstream and let them know about this issue, and urge them to
either use GPLv3+ or relicense to avoid the issue.

For the here and now, mark the license tag as "GPLv3+". Lifting FE-Legal.

Comment 7 Robert Scheck 2008-02-19 15:11:18 UTC
Of course I'll inform upstream. And what are we missing now to pass the review?

Comment 8 Jason Tibbitts 2008-02-21 21:09:43 UTC
I really thought I had sent a reply to this ticket.

Anyway, if you agree to the change of the license tag, just say so and I'll be
happy to approve this package.  Or if you'd prefer to hear back from upstream
first, just say so and we'll wait.

Comment 9 Robert Scheck 2008-02-21 23:51:06 UTC
I'll change the license tag, of course.

Comment 10 Jason Tibbitts 2008-02-22 00:38:08 UTC
OK, cool.

APPROVED

Comment 11 Robert Scheck 2008-05-04 12:57:27 UTC
New Package CVS Request
=======================
Package Name: perl-CGI-SpeedyCGI
Short Description: Speed up perl scripts by running them persistently
Owners: robert
Branches: F-7 F-8 F-9 EL-4 EL-5
InitialCC: 
Cvsextras Commits: no

Comment 12 Kevin Fenzi 2008-05-04 17:16:37 UTC
cvs done.

Comment 13 Robert Scheck 2008-05-04 19:56:15 UTC
38921 (perl-CGI-SpeedyCGI): Build on target fedora-4-epel succeeded.
38920 (perl-CGI-SpeedyCGI): Build on target fedora-5-epel succeeded.

Package: perl-CGI-SpeedyCGI-2.22-2.fc7 Tag: dist-fc7-updates-candidate Status:
complete
Package: perl-CGI-SpeedyCGI-2.22-2.fc8 Tag: dist-f8-updates-candidate Status:
complete
Package: perl-CGI-SpeedyCGI-2.22-2.fc9 Tag: dist-f9-updates-candidate Status:
complete
Package: perl-CGI-SpeedyCGI-2.22-2.fc10 Tag: dist-f10 Status: complete