Bug 845942
| Summary: | genkey should work without mod_ssl and mod_nss | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Kurt Seifried <kseifried> |
| Component: | crypto-utils | Assignee: | Elio Maldonado Batiz <emaldona> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 19 | CC: | alpha, emaldona, jorton |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | crypto-utils-2.4.1-52.fc20 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 845940 | Environment: | |
| Last Closed: | 2014-02-25 07:53:20 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 845940 | ||
| Bug Blocks: | |||
|
Description
Kurt Seifried
2012-08-06 08:07:58 UTC
This message is a reminder that Fedora 16 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 16. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '16'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 16's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 16 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping Switching Version to Rawhide to prevent this bug from getting closed with F16 EOF. gen This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle. Changing version to '19'. (As we did not run this process for some time, it could affect also pre-Fedora 19 development cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.) More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19 The bug is still here in F19. It is not possible to use genkey tool from crypto-utils without installing Apache web-server. Which is rather common use case, since there are a lot of nginx installations which don't need httpd. The "port" of crypto-utils to use NSS exclusively for its cryptography as part of the old crypto consolidation effort. Please see https://fedoraproject.org/wiki/CryptoConsolidationScorecard where you can see in the the entry for crypto-utils "openssl or nss selectable via command line option". The goal of using nss exclusively for the crypto services was accomplished but since it's meant to support both mod_nss and the mod_ssl, it consequently needs openssl. Perhaps the tools should have been split into two, one for mod_ssl (openssl) and one for mod_nss (nss) instead of the rather complex perl script it has that tries to do it both ways. In addition to having two tools, creating two separate packages, each with it own requirements, would have made things a lot cleaner. As implemented, one package/tool to support both use cases, crypto-utils.spec needs a Requires: openssl. I think 'Requires: mod_ssl' is better than 'Requires: openssl'. There is actually no reason that the package should "Requires: mod_ssl", nor mod_nss. The package should work correctly without either package installed. Checking for presence of mod_nss in genkey *iff --nss is specified* is fine but there is no need to check for mod_ssl AFAICT. I will leave this bug open to the underlying issue, that genkey should work without mod_ssl installed. Duh. Commit: http://pkgs.fedoraproject.org/gitweb/?p=crypto-utils.git;a=commitdiff;h=d4556f50021d098daa3a059565cf57e1b30da747 Package: crypto-utils-2.4.1-52.fc21 Build: https://koji.fedoraproject.org/koji/buildinfo?buildID=498213 Fixed in updates. Closed in error. crypto-utils-2.4.1-52.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/crypto-utils-2.4.1-52.fc20 Package crypto-utils-2.4.1-52.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing crypto-utils-2.4.1-52.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-2571/crypto-utils-2.4.1-52.fc20 then log in and leave karma (feedback). crypto-utils-2.4.1-52.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. |