Bug 966324
| Summary: | Review Request: codecrypt - The post-quantum cryptography tool | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Christopher Meng <i> |
| Component: | Package Review | Assignee: | Nobody's working on this, feel free to take it <nobody> |
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | besser82, echevemaster, exa.exa, nobody, zbyszek |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | NotReady | ||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-08-10 00:46:59 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 969387 | ||
| Bug Blocks: | 201449 | ||
|
Description
Christopher Meng
2013-05-23 04:29:35 UTC
Hi @cicku, codecrypt is LGPLv3+ please fix the license field and add the COPYING.LESSER boilerplate. Update the package to the 1.2 release, http://e-x-a.org/codecrypt/files/codecrypt-1.2.tar.gz and I'll do the review There are some files with bsd license, can you review them? to check that we are not incurring in https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries BSD (2 clause) -------------- /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/src/sha2.c /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/src/sha2.h BSD (3 clause) -------------- /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/src/tiger.c /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/src/tiger.h Would you update the Spec/SRPM URL-Tags, please? Thoose tags are traced by `fedora-review`, so it will automagicly fetch the updated stuff. New Spec: http://cicku.me/codecrypt.spec New SRPM: http://cicku.me/codecrypt-1.2-1.fc20.src.rpm > There are some files with bsd license, can you review them? to check that we
> are not incurring in
> https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries
>
> BSD (2 clause)
> --------------
> /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/
> src/sha2.c
> /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/
> src/sha2.h
***** BUNDLED LIB CONFIRMED *****
This is perfectly the same as provided by sha2(-devel) !!!
Make upstream aware of this and ask to add a check for a usable sha2.h / sha2-lib during configure, which only includes/links the sources-shipped sha2-files if no working sha2-lib is found.
tiger.{c,h} is NOT A DUPLICATE (checked against libtiger, cryptopp, botan)
(In reply to Björn Esser from comment #5) > ***** BUNDLED LIB CONFIRMED ***** > This is perfectly the same as provided by sha2(-devel) !!! > > Make upstream aware of this and ask to add a check for a usable sha2.h / > sha2-lib during configure, which only includes/links the sources-shipped > sha2-files if no working sha2-lib is found. > > tiger.{c,h} is NOT A DUPLICATE (checked against libtiger, cryptopp, botan) Thanks, this should be done by myself... Deeply appreciate your hard work! I'll report this to upstream. Hi everyone, I was not aware that fedora has its own package for sha2, gonna add configure check asap. Q: Is there some problem with copying RIPEMD-128 implementation as seen in src/ripemd128.[ch] ? Thanks, -mk (In reply to Mirek Kratochvil from comment #7) > Hi everyone, > > I was not aware that fedora has its own package for sha2, gonna add > configure check asap. > > Q: Is there some problem with copying RIPEMD-128 implementation as seen in > src/ripemd128.[ch] ? > > Thanks, > -mk Hi Mirek, yes, apparently is part of beecrypt-devel, see the file marked with * repoquery --list beecrypt-devel /usr/include/beecrypt /usr/include/beecrypt/aes.h /usr/include/beecrypt/aesopt.h /usr/include/beecrypt/api.h /usr/include/beecrypt/base64.h /usr/include/beecrypt/beecrypt.h /usr/include/beecrypt/blockmode.h /usr/include/beecrypt/blockpad.h /usr/include/beecrypt/blowfish.h /usr/include/beecrypt/blowfishopt.h /usr/include/beecrypt/dhies.h /usr/include/beecrypt/dldp.h /usr/include/beecrypt/dlkp.h /usr/include/beecrypt/dlpk.h /usr/include/beecrypt/dlsvdp-dh.h /usr/include/beecrypt/dsa.h /usr/include/beecrypt/elgamal.h /usr/include/beecrypt/endianness.h /usr/include/beecrypt/entropy.h /usr/include/beecrypt/fips186.h /usr/include/beecrypt/gnu.h /usr/include/beecrypt/hmac.h /usr/include/beecrypt/hmacmd5.h /usr/include/beecrypt/hmacsha1.h /usr/include/beecrypt/hmacsha224.h /usr/include/beecrypt/hmacsha256.h /usr/include/beecrypt/hmacsha384.h /usr/include/beecrypt/hmacsha512.h /usr/include/beecrypt/md4.h /usr/include/beecrypt/md5.h /usr/include/beecrypt/memchunk.h /usr/include/beecrypt/mp.h /usr/include/beecrypt/mpbarrett.h /usr/include/beecrypt/mpnumber.h /usr/include/beecrypt/mpopt.h /usr/include/beecrypt/mpprime.h /usr/include/beecrypt/mtprng.h /usr/include/beecrypt/pkcs1.h /usr/include/beecrypt/pkcs12.h /usr/include/beecrypt/ripemd128.h /usr/include/beecrypt/ripemd160.h /usr/include/beecrypt/ripemd256.h /usr/include/beecrypt/ripemd320.h /usr/include/beecrypt/rsa.h /usr/include/beecrypt/rsakp.h /usr/include/beecrypt/rsapk.h /usr/include/beecrypt/sha1.h /usr/include/beecrypt/sha1opt.h /usr/include/beecrypt/sha224.h /usr/include/beecrypt/sha256.h /usr/include/beecrypt/sha2k32.h /usr/include/beecrypt/sha2k64.h /usr/include/beecrypt/sha384.h /usr/include/beecrypt/sha512.h /usr/include/beecrypt/timestamp.h /usr/include/beecrypt/win.h /usr/lib/libbeecrypt.so /usr/share/doc/beecrypt-devel-4.2.1 /usr/share/doc/beecrypt-devel-4.2.1/BUGS /usr/include/beecrypt /usr/include/beecrypt/aes.h /usr/include/beecrypt/aesopt.h /usr/include/beecrypt/api.h /usr/include/beecrypt/base64.h /usr/include/beecrypt/beecrypt.h /usr/include/beecrypt/blockmode.h /usr/include/beecrypt/blockpad.h /usr/include/beecrypt/blowfish.h /usr/include/beecrypt/blowfishopt.h /usr/include/beecrypt/dhies.h /usr/include/beecrypt/dldp.h /usr/include/beecrypt/dlkp.h /usr/include/beecrypt/dlpk.h /usr/include/beecrypt/dlsvdp-dh.h /usr/include/beecrypt/dsa.h /usr/include/beecrypt/elgamal.h /usr/include/beecrypt/endianness.h /usr/include/beecrypt/entropy.h /usr/include/beecrypt/fips186.h /usr/include/beecrypt/gnu.h /usr/include/beecrypt/hmac.h /usr/include/beecrypt/hmacmd5.h /usr/include/beecrypt/hmacsha1.h /usr/include/beecrypt/hmacsha224.h /usr/include/beecrypt/hmacsha256.h /usr/include/beecrypt/hmacsha384.h /usr/include/beecrypt/hmacsha512.h /usr/include/beecrypt/md4.h /usr/include/beecrypt/md5.h /usr/include/beecrypt/memchunk.h /usr/include/beecrypt/mp.h /usr/include/beecrypt/mpbarrett.h /usr/include/beecrypt/mpnumber.h /usr/include/beecrypt/mpopt.h /usr/include/beecrypt/mpprime.h /usr/include/beecrypt/mtprng.h /usr/include/beecrypt/pkcs1.h /usr/include/beecrypt/pkcs12.h * /usr/include/beecrypt/ripemd128.h /usr/include/beecrypt/ripemd160.h /usr/include/beecrypt/ripemd256.h /usr/include/beecrypt/ripemd320.h /usr/include/beecrypt/rsa.h /usr/include/beecrypt/rsakp.h /usr/include/beecrypt/rsapk.h /usr/include/beecrypt/sha1.h /usr/include/beecrypt/sha1opt.h /usr/include/beecrypt/sha224.h /usr/include/beecrypt/sha256.h /usr/include/beecrypt/sha2k32.h /usr/include/beecrypt/sha2k64.h /usr/include/beecrypt/sha384.h /usr/include/beecrypt/sha512.h /usr/include/beecrypt/timestamp.h /usr/include/beecrypt/win.h /usr/lib64/libbeecrypt.so /usr/share/doc/beecrypt-devel-4.2.1 /usr/share/doc/beecrypt-devel-4.2.1/BUGS > BSD (3 clause)
> --------------
> /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/
> src/tiger.c
> /var/lib/mock/fedora-rawhide-x86_64/root/builddir/build/BUILD/codecrypt-1.1/
> src/tiger.h
***** BUNDLED LIB CONFIRMED *****
These are now available through freetiger, I just filed a review-bug for.
freetiger has been send out as an update for el5, el6, fc18, fc19. Builds for fc20 and rawhide are made, too. I just created the needed buildroot-overrides for all branches. :) Bump. codecrypt-1.3.1 removes bundled libraries and instead adds dependency on crypto++ library which is already available as cryptopp fedora package. Christopher, can you please create .srpm's for that version? -mk This is an automatic check from review-stats script. This review request ticket hasn't been updated for some time. We're sorry it is taking so long. If you're still interested in packaging this software into Fedora repositories, please respond to this comment clearing the NEEDINFO flag. You may want to update the specfile and the src.rpm to the latest version available and to propose a review swap on Fedora devel mailing list to increase chances to have your package reviewed. If this is your first package and you need a sponsor, you may want to post some informal reviews. Read more at https://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group. Without any reply, this request will shortly be considered abandoned and will be closed. Thank you for your patience. This is an automatic action taken by review-stats script. The ticket submitter failed to clear the NEEDINFO flag in a month. As per https://fedoraproject.org/wiki/Policy_for_stalled_package_reviews we consider this ticket as DEADREVIEW and proceed to close it. |