Bug 1543336 - please provide missing Fedora 27 Perl modules
Summary: please provide missing Fedora 27 Perl modules
Keywords:
Status: NEW
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: perl-Net-SSH
Version: epel7
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jitka Plesnikova
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-02-08 09:43 UTC by cornel panceac
Modified: 2019-10-27 20:32 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1479864 None CLOSED Upgrade perl-Net-SSH-Perl to 2.12 2019-10-27 15:20:04 UTC
Red Hat Bugzilla 1545816 None CLOSED Review Request: perl-CryptX - Cryptographic toolkit 2019-10-27 15:20:04 UTC
Red Hat Bugzilla 1546648 None CLOSED Review Request: perl-IO-Socket-Socks - Provides a way to create socks (4 or 5) client or server 2019-10-27 15:20:04 UTC

Internal Links: 1479864 1545816 1546648

Description cornel panceac 2018-02-08 09:43:26 UTC
Description of problem:
We have some internal scripts that use various perl modules. We also want to move from Fedora (where the scripts work fine) to Centos 7 or maybe RHEL (for LTS reasons). However, in C7 some Perl modules are missing and trying to rebuild them (mock --rebuild <f27 .src.rpm>) showed other Perl modules were also missing. The tip of our iceberg is comprised of these modules:

perl-Term-ReadPassword
perl-Net-SSH-Perl
perl-File-Basename

I will try again to build them and add here what other perl modules i found to be required.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info: I'm thinking that maybe is easier to add all the missing perl modules instead of hunt them one by one, but i'm not knowledgeableenough to test this big hammer locally.

Comment 1 cornel panceac 2018-02-08 09:53:53 UTC
On the other hand, maybe i/we should try to rebuild F19 modules because these share the perl version (5.16) with C7.

Comment 2 cornel panceac 2018-02-08 10:16:52 UTC
hmmm, it seems that File::Basename is actually builtin. Still checking :(

Comment 3 cornel panceac 2018-02-08 10:29:08 UTC
Additional modules missing for me :

perl-Crypt-Blowfish
perl-Crypt-RSA
perl-Math-Pari
perl-Test-YAML-Meta
perl-Text-SpellChecker

Comment 4 Paul Howarth 2018-02-08 10:45:04 UTC
Some of these dependencies are coming from perl-Net-SSH-Perl. Currently we have an old version of this in Fedora because the current version replaces a lot of old, unmaintained (upstream) crypto modules with perl-CryptX, which is actively maintained by its upstream developer. However, nobody has yet packaged that for Fedora. It has been looked at in the past but nothing happened with it because it included a bundled libtomcrypt, which may not be as big an issue these days, or it might even be possible to unbundle it.

If someone could package that, we could update perl-Net-SSH-Perl and some of these other dependencies would go away.

Comment 5 cornel panceac 2018-02-08 10:56:25 UTC
Blowfish rebuild worked (from f19).

New required packages for me:

perl-Class-Loader
perl-Convert-ASCII-Armour
perl-Crypt-Primes
perl-Crypt-Random
perl-Tie-EncryptedHash

Comment 6 cornel panceac 2018-02-08 10:58:10 UTC
(In reply to Paul Howarth from comment #4)
> Some of these dependencies are coming from perl-Net-SSH-Perl. Currently we
> have an old version of this in Fedora because the current version replaces a
> lot of old, unmaintained (upstream) crypto modules with perl-CryptX, which
> is actively maintained by its upstream developer. However, nobody has yet
> packaged that for Fedora. It has been looked at in the past but nothing
> happened with it because it included a bundled libtomcrypt, which may not be
> as big an issue these days, or it might even be possible to unbundle it.
> 
> If someone could package that, we could update perl-Net-SSH-Perl and some of
> these other dependencies would go away.

Thank you, but is not clear for me what i would need to do here in order to package the newer version. If there is some tutorial somewhere or at least somebody can provide the details i can as well try it.

Comment 7 cornel panceac 2018-02-08 11:06:48 UTC
perl-Term-ReadPassword rebuild worked also. so indeed we're left with perl-Net-SSH-Perl and its dependencies.

Comment 8 Paul Howarth 2018-02-08 11:37:51 UTC
Looking at CryptX's Makefile.PL (https://metacpan.org/source/MIK/CryptX-0.057/Makefile.PL), it appears that it's now possible to use an unbundled libtomcrypt, by specifying $CRYPTX_CFLAGS and/or $CRYPTX_LDFLAGS in the environment.

Jitka, Petr, any comments? Could we get together and produce a perl-CryptX package now?

Comment 9 cornel panceac 2018-02-08 14:08:39 UTC
I was able to hunt the dependencies and rebuild those two modules but it still would be nice to have this already available in upstream.

Thank you.

Comment 10 Petr Pisar 2018-02-12 11:38:51 UTC
CryptX-0.057 not only bundles libtomcrypt, it also patches it to add implementations for IDEA, SERPENT, SALSA20, SOSEMANUK, and RABBIT stream ciphers. And then it require their implementation in CryptX.xs unconditionally.

Comment 11 Denis Fateyev 2018-02-12 11:57:56 UTC
Libtomcrypt recently had a new release: 
https://github.com/libtom/libtomcrypt/releases
Though I don't know whether it includes all the requirements now, but worth to check, anyway (and update it in Fedora if needed).

Comment 12 Petr Pisar 2018-02-12 12:11:37 UTC
Even If I disable/comment all these additional bindings and typemaps, I still get mismatch in <tomcrypt_pk.h> on struct ltc_ecc_set_type. The bundled structure has additional members (A, cofactor, oid) and the binding code expects them.

Comment 13 Petr Pisar 2018-02-12 12:12:26 UTC
(In reply to Denis Fateyev from comment #11)
> Libtomcrypt recently had a new release: 
> https://github.com/libtom/libtomcrypt/releases
> Though I don't know whether it includes all the requirements now, but worth
> to check, anyway (and update it in Fedora if needed).

Fedora already delivers 1.18.1.

Comment 14 Petr Pisar 2018-02-12 12:38:31 UTC
The cofactor is being added in <https://github.com/libtom/libtomcrypt/commit/79f553c9b76cea00b635044ff3d5c5a1112b12ce>. Not yet in the master branch.

Comment 15 Jitka Plesnikova 2018-02-15 08:04:06 UTC
I requested new branch and built these packages for EPEL 7. I am maintainer of them.

perl-Convert-ASCII-Armour-1.4-32.el7
perl-Net-SSH-0.09-26.el7
perl-Term-ReadPassword-0.11-27.el7

The other packages are owned by different users and I don't want to maintain EPEL 7 branches for them. 

FAS: ixs
 perl-Crypt-Blowfish

FAS: berrange
 perl-Test-YAML-Meta

FAS: pghmcfc
 perl-Net-SSH-Perl
 perl-Crypt-RSA
 perl-Math-Pari
 perl-Text-SpellChecker
 perl-Class-Loader
 perl-Crypt-Primes
 perl-Crypt-Random
 perl-Tie-EncryptedHash

Comment 16 Paul Howarth 2018-02-15 12:01:37 UTC
(In reply to Jitka Plesnikova from comment #15)
> The other packages are owned by different users and I don't want to maintain
> EPEL 7 branches for them. 
> 
> FAS: ixs
>  perl-Crypt-Blowfish
> 
> FAS: berrange
>  perl-Test-YAML-Meta
> 
> FAS: pghmcfc
>  perl-Net-SSH-Perl
>  perl-Crypt-RSA
>  perl-Math-Pari
>  perl-Text-SpellChecker
>  perl-Class-Loader
>  perl-Crypt-Primes
>  perl-Crypt-Random
>  perl-Tie-EncryptedHash

None of these (apart from perl-Net-SSH-Perl) are needed if we get perl-CryptX and the new version of Net-SSH-Perl that uses it.

Given that CryptX is bundling a patched version of libtomcrypt, I think it's viable to create a perl-CryptX package that includes the bundled libtomcrypt (with Provides: bundled(libtomcrypt) = 1.18) until such time as the differences are merged upstream. Anyone disagree?

Comment 17 Petr Pisar 2018-02-15 13:35:28 UTC
I don't think this ever happen. CryptX author always develops on his libtomcrypt fork. I'd rather try packaging an older CryptX version that could work with upstream libtomcrypt. I don't think it's wise to bundle, especially a cryptographic library.

Comment 18 Petr Pisar 2018-02-15 14:17:15 UTC
It looks like 0.053 can be packaged if I disable ECC support. I will try that and put the package on review.

Comment 19 Petr Pisar 2018-02-15 15:49:24 UTC
Bug #1545816 is perl-CryptX review.

Comment 20 Paul Howarth 2018-02-19 08:48:10 UTC
The current version of Net-SSH-Perl requires IO::Socket::Socks.

Bug #1546648 is perl-IO-Socket-Socks review.

Comment 21 Denis Fateyev 2019-09-01 17:15:40 UTC
What is the current status of this bug?

Comment 22 Paul Howarth 2019-09-02 09:08:32 UTC
All current Fedora releases have a CryptX-based version of Net-SSH-Perl now, though most of the ECC-related functionality is missing as it was stripped out of perl-CryptX.

Would that be OK for you if it was in EPEL-7?

I don't know if Petr is prepared to build this hobbled perl-CryptX for EPEL.

Comment 23 cornel panceac 2019-10-27 20:20:10 UTC
In F30:

No match for argument: perl-File-Basename

I know i've said it's builtin but i don't remember why :)

Everything else i've mentioned above can be installed.

Comment 24 Paul Howarth 2019-10-27 20:32:58 UTC
$ rpm -q --whatprovides 'perl(File::Basename)'
perl-interpreter-5.28.2-440.fc30.x86_64


Note You need to log in before you can comment on or make changes to this bug.