Red Hat Bugzilla – Full Text Bug Listing
|Summary:||Review Request: sslscan - Security assessment tool for ssl|
|Product:||[Fedora] Fedora||Reporter:||Michal Ambroz <rebus>|
|Component:||Package Review||Assignee:||Tomas Mraz <tmraz>|
|Status:||CLOSED ERRATA||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||12||CC:||fedora-package-review, mail, notting, rebus, timlank, tmraz|
|Fixed In Version:||sslscan-1.8.2-3.el4||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2010-04-12 09:49:23 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Bug Depends On:|
Description Michal Ambroz 2010-01-16 16:20:52 EST
Spec URL: http://rebus.webz.cz/d/sslscan.spec SRPM URL: http://rebus.webz.cz/d/sslscan-1.8.2-1.fc12.src.rpm Description: SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes preferred ciphers of the SSL service, the certificate and is in Text and XML formats. Hello, please would be someone willing to review sslscan package and approve it for fedora? This tool is really usefull when doing network security assessments. I do not have any package in Fedora sofar so I would humbly ask for sponsoring as well. Thank you.
Comment 1 Michal Ambroz 2010-01-16 23:47:12 EST
Output from rpmlint sslscan-1.8.2-1.fc12.src.rpm sslscan-1.8.2-1.fc12.i686.rpm sslscan-debuginfo-1.8.2-1.fc12.i686.rpm: 3 packages and 0 specfiles checked; 0 errors, 0 warnings. Koji build tasks: i386 http://koji.fedoraproject.org/koji/taskinfo?taskID=1927371
Comment 2 timlank 2010-01-25 07:54:31 EST
Hi Michal, just trying to be of help again.... I performed the following: rpm -Uvh sslscan-1.8.2-1.fc12.src.rpm rpmbuild -ba sslscan.spec and received the following output: # rpmbuild -ba sslscan.spec Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.LGjuMI + umask 022 + cd /root/rpmbuild/BUILD + LANG=C + export LANG + unset DISPLAY + cd /root/rpmbuild/BUILD + rm -rf sslscan-1.8.2 + /usr/bin/gzip -dc /root/rpmbuild/SOURCES/sslscan-1.8.2.tgz + /bin/tar -xf - + STATUS=0 + '[' 0 -ne 0 ']' + cd sslscan-1.8.2 + /bin/chmod -Rf a+rX,u+w,g-w,o-w . + echo 'Patch #0 (sslscan-makefile.patch):' Patch #0 (sslscan-makefile.patch): + /bin/cat /root/rpmbuild/SOURCES/sslscan-makefile.patch + /usr/bin/patch -s -p1 -b --suffix .makefile --fuzz=0 + echo 'Patch #1 (sslscan-patents.patch):' Patch #1 (sslscan-patents.patch): + /bin/cat /root/rpmbuild/SOURCES/sslscan-patents.patch + /usr/bin/patch -s -p1 -b --suffix .patents --fuzz=0 1 out of 2 hunks FAILED -- saving rejects to file sslscan.c.rej error: Bad exit status from /var/tmp/rpm-tmp.LGjuMI (%prep) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.LGjuMI (%prep) Looking at the patch reject file...... # cat sslscan.c.rej *************** *** 985,991 **** fprintf(options->xmlOutput, " </pk>\n"); } break; case EVP_PKEY_EC: printf(" EC Public Key:\n"); if (options->xmlOutput != 0) fprintf(options->xmlOutput, " <pk error=\"false\" type=\"EC\">\n"); --- 985,993 ---- fprintf(options->xmlOutput, " </pk>\n"); } break; + /* Comment out patented technology not enabled in Fedora */ + /* case EVP_PKEY_EC: printf(" EC Public Key:\n"); if (options->xmlOutput != 0) fprintf(options->xmlOutput, " <pk error=\"false\" type=\"EC\">\n"); Thanks, Tim
Comment 3 Michal Ambroz 2010-01-25 11:27:15 EST
Hello Tim, I have tried to build now on pristine machine, but I am not able to reproduce the issue you are talking about. Patch seems to be working just fine and it did pass even the koji build for fc13. http://koji.fedoraproject.org/koji/taskinfo?taskID=1927391 Please could you tell me what are your versions of the patch and diff you are using? Thank you Michal Ambroz
Comment 4 timlank 2010-01-25 12:31:51 EST
Thats interesting and I don't know how to explain. I basically took the .spec file and the .src.rpm as listed in the review request, downloaded them to my minimal system, installed the source RPM and then performed the rpmbuild -ba on the source -- which tries to rebuild the source RPM and build the binary rpm. So the patch that was used was the one that was in the .src.rpm that is listed in the first entry in this review request. my particular system is using these versions of the patch and diff utilites... # rpm -qf /usr/bin/patch /usr/bin/diff patch-2.5.4-40.fc12.x86_64 diffutils-2.8.1-25.fc12.x86_64 Thanks, Tim
Comment 5 timlank 2010-01-25 21:20:52 EST
My apologies. I was able to do yum update on another system all builds there as provided without issue. Also mock and koji builds this without any problem. Sorry for any confusion. Tim
Comment 6 Michal Ambroz 2010-01-28 05:42:46 EST
Nono - no appologies. There must be something wrong. Build failed once it will fail again. Question is why.
Comment 7 Michal Ambroz 2010-01-28 20:19:59 EST
I have got indeed different version of patch $ rpm -qf /usr/bin/patch /usr/bin/diff patch-2.6.1-1.fc12.i686 diffutils-2.8.1-25.fc12.i686 With patch 2.5.4 I was able to reproduce the issue. With the new version patch --fuzz=0 works fine, but with old version it complains about some fuzziness in the patch. Here is modified src.rpm with patch which works for both version of patch without complains. Spec URL: http://rebus.webz.cz/d/sslscan.spec SRPM URL: http://rebus.webz.cz/d/sslscan-1.8.2-2.fc12.src.rpm Thank you for noticing this Tim. Michal Ambroz
Comment 8 Tomas Mraz 2010-04-07 08:41:07 EDT
The biggest problem is that the src.rpm does not build on current rawhide. There is missing -lcrypto during linking. There are also some warnings with the new openssl but they are not critical. I have noticed also these small problems in the spec: 1. Typo 'assesment' in summary 2. Missing changelog entry for the -2 release 3. The License is GPLv3+ with exceptions not GPLv3. Please also add a comment that the exception is there for allowing linking to OpenSSL.
Comment 9 Michal Ambroz 2010-04-07 11:29:35 EDT
Hello Tomas, thank you for review and comments. Here should be fixed version. Spec URL: http://rebus.webz.cz/d/sslscan.spec SRPM URL: http://rebus.webz.cz/d/sslscan-1.8.2-3.fc12.src.rpm Unfortunately right now I am behind proxy so I cannot use the koji build system to test in the devel target. I have tested only on fc12. Best regards Michal Ambroz
Comment 10 Michal Ambroz 2010-04-08 19:17:16 EDT
Hello - here are the koji builds: http://koji.fedoraproject.org/koji/taskinfo?taskID=2103701 http://koji.fedoraproject.org/koji/taskinfo?taskID=2103692 Best regards Michal Ambroz
Comment 11 Tomas Mraz 2010-04-09 03:50:12 EDT
Rpmlint is silent: rpmlint -v sslscan-* sslscan-debuginfo.x86_64: I: checking sslscan.src: I: checking sslscan.x86_64: I: checking 3 packages and 0 specfiles checked; 0 errors, 0 warnings. I did not find anything would conflict with Fedora packaging guidelines and so the package is APPROVED. I will also sponsor you.
Comment 12 Michal Ambroz 2010-04-09 17:40:34 EDT
New Package CVS Request ======================= Package Name: sslscan Short Description: Security assessment tool for SSL Owners: rebus Branches: F-11 F-12 F-13 EL-4 EL-5 devel InitialCC: Thank you Michal Ambroz
Comment 13 Kevin Fenzi 2010-04-11 15:15:24 EDT
CVS done (by process-cvs-requests.py).
Comment 14 Fedora Update System 2010-04-11 19:05:00 EDT
sslscan-1.8.2-3.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.fc11
Comment 15 Fedora Update System 2010-04-11 19:05:05 EDT
sslscan-1.8.2-3.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.el4
Comment 16 Fedora Update System 2010-04-11 19:05:09 EDT
sslscan-1.8.2-3.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.fc12
Comment 17 Fedora Update System 2010-04-11 19:05:14 EDT
sslscan-1.8.2-3.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.fc13
Comment 18 Fedora Update System 2010-04-11 19:05:18 EDT
sslscan-1.8.2-3.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.el5
Comment 19 Michal Ambroz 2010-04-12 09:49:23 EDT
Package sslscan was successfully build and addedd to updates for F-11 F-12 and dist-F13 Closing the bug. Thank all reviewers for hints and all the help and especially to Tomas Mraz. Best regards Michal Ambroz
Comment 20 Fedora Update System 2010-04-12 21:39:47 EDT
sslscan-1.8.2-3.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
Comment 21 Fedora Update System 2010-04-12 21:46:41 EDT
sslscan-1.8.2-3.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
Comment 22 Fedora Update System 2010-04-12 21:59:46 EDT
sslscan-1.8.2-3.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
Comment 23 Fedora Update System 2010-05-03 16:26:53 EDT
sslscan-1.8.2-3.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
Comment 24 Fedora Update System 2010-05-03 16:27:33 EDT
sslscan-1.8.2-3.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report.
Comment 25 Michal Ambroz 2014-09-23 14:16:39 EDT
Package Change Request ====================== Package Name: sslscan New Branches: epel7 Owners: rebus fab Hello SCM team, plase can you add epel7 branch for the sslscan package? Thank you Michal Ambroz
Comment 26 Gwyn Ciesla 2014-09-23 15:14:43 EDT
Git done (by process-git-requests).