Bug 1543336 - please provide missing Fedora 27 Perl modules
Summary: please provide missing Fedora 27 Perl modules
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: perl-Net-SSH-Perl
Version: epel7
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Paul Howarth
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 2008832
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-02-08 09:43 UTC by cornel panceac
Modified: 2022-03-14 22:21 UTC (History)
7 users (show)

Fixed In Version: perl-Net-SSH-Perl-2.14-15.el7
Clone Of:
Environment:
Last Closed: 2022-03-14 22:21:20 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1479864 0 unspecified CLOSED Upgrade perl-Net-SSH-Perl to 2.12 2021-02-22 00:41:40 UTC
Red Hat Bugzilla 1545816 0 medium CLOSED Review Request: perl-CryptX - Cryptographic toolkit 2021-02-22 00:41:40 UTC
Red Hat Bugzilla 1546648 0 medium CLOSED Review Request: perl-IO-Socket-Socks - Provides a way to create socks (4 or 5) client or server 2021-02-22 00:41:40 UTC

Internal Links: 1479864 1545816 1546648

Description cornel panceac 2018-02-08 09:43:26 UTC
Description of problem:
We have some internal scripts that use various perl modules. We also want to move from Fedora (where the scripts work fine) to Centos 7 or maybe RHEL (for LTS reasons). However, in C7 some Perl modules are missing and trying to rebuild them (mock --rebuild <f27 .src.rpm>) showed other Perl modules were also missing. The tip of our iceberg is comprised of these modules:

perl-Term-ReadPassword
perl-Net-SSH-Perl
perl-File-Basename

I will try again to build them and add here what other perl modules i found to be required.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info: I'm thinking that maybe is easier to add all the missing perl modules instead of hunt them one by one, but i'm not knowledgeableenough to test this big hammer locally.

Comment 1 cornel panceac 2018-02-08 09:53:53 UTC
On the other hand, maybe i/we should try to rebuild F19 modules because these share the perl version (5.16) with C7.

Comment 2 cornel panceac 2018-02-08 10:16:52 UTC
hmmm, it seems that File::Basename is actually builtin. Still checking :(

Comment 3 cornel panceac 2018-02-08 10:29:08 UTC
Additional modules missing for me :

perl-Crypt-Blowfish
perl-Crypt-RSA
perl-Math-Pari
perl-Test-YAML-Meta
perl-Text-SpellChecker

Comment 4 Paul Howarth 2018-02-08 10:45:04 UTC
Some of these dependencies are coming from perl-Net-SSH-Perl. Currently we have an old version of this in Fedora because the current version replaces a lot of old, unmaintained (upstream) crypto modules with perl-CryptX, which is actively maintained by its upstream developer. However, nobody has yet packaged that for Fedora. It has been looked at in the past but nothing happened with it because it included a bundled libtomcrypt, which may not be as big an issue these days, or it might even be possible to unbundle it.

If someone could package that, we could update perl-Net-SSH-Perl and some of these other dependencies would go away.

Comment 5 cornel panceac 2018-02-08 10:56:25 UTC
Blowfish rebuild worked (from f19).

New required packages for me:

perl-Class-Loader
perl-Convert-ASCII-Armour
perl-Crypt-Primes
perl-Crypt-Random
perl-Tie-EncryptedHash

Comment 6 cornel panceac 2018-02-08 10:58:10 UTC
(In reply to Paul Howarth from comment #4)
> Some of these dependencies are coming from perl-Net-SSH-Perl. Currently we
> have an old version of this in Fedora because the current version replaces a
> lot of old, unmaintained (upstream) crypto modules with perl-CryptX, which
> is actively maintained by its upstream developer. However, nobody has yet
> packaged that for Fedora. It has been looked at in the past but nothing
> happened with it because it included a bundled libtomcrypt, which may not be
> as big an issue these days, or it might even be possible to unbundle it.
> 
> If someone could package that, we could update perl-Net-SSH-Perl and some of
> these other dependencies would go away.

Thank you, but is not clear for me what i would need to do here in order to package the newer version. If there is some tutorial somewhere or at least somebody can provide the details i can as well try it.

Comment 7 cornel panceac 2018-02-08 11:06:48 UTC
perl-Term-ReadPassword rebuild worked also. so indeed we're left with perl-Net-SSH-Perl and its dependencies.

Comment 8 Paul Howarth 2018-02-08 11:37:51 UTC
Looking at CryptX's Makefile.PL (https://metacpan.org/source/MIK/CryptX-0.057/Makefile.PL), it appears that it's now possible to use an unbundled libtomcrypt, by specifying $CRYPTX_CFLAGS and/or $CRYPTX_LDFLAGS in the environment.

Jitka, Petr, any comments? Could we get together and produce a perl-CryptX package now?

Comment 9 cornel panceac 2018-02-08 14:08:39 UTC
I was able to hunt the dependencies and rebuild those two modules but it still would be nice to have this already available in upstream.

Thank you.

Comment 10 Petr Pisar 2018-02-12 11:38:51 UTC
CryptX-0.057 not only bundles libtomcrypt, it also patches it to add implementations for IDEA, SERPENT, SALSA20, SOSEMANUK, and RABBIT stream ciphers. And then it require their implementation in CryptX.xs unconditionally.

Comment 11 Denis Fateyev 2018-02-12 11:57:56 UTC
Libtomcrypt recently had a new release: 
https://github.com/libtom/libtomcrypt/releases
Though I don't know whether it includes all the requirements now, but worth to check, anyway (and update it in Fedora if needed).

Comment 12 Petr Pisar 2018-02-12 12:11:37 UTC
Even If I disable/comment all these additional bindings and typemaps, I still get mismatch in <tomcrypt_pk.h> on struct ltc_ecc_set_type. The bundled structure has additional members (A, cofactor, oid) and the binding code expects them.

Comment 13 Petr Pisar 2018-02-12 12:12:26 UTC
(In reply to Denis Fateyev from comment #11)
> Libtomcrypt recently had a new release: 
> https://github.com/libtom/libtomcrypt/releases
> Though I don't know whether it includes all the requirements now, but worth
> to check, anyway (and update it in Fedora if needed).

Fedora already delivers 1.18.1.

Comment 14 Petr Pisar 2018-02-12 12:38:31 UTC
The cofactor is being added in <https://github.com/libtom/libtomcrypt/commit/79f553c9b76cea00b635044ff3d5c5a1112b12ce>. Not yet in the master branch.

Comment 15 Jitka Plesnikova 2018-02-15 08:04:06 UTC
I requested new branch and built these packages for EPEL 7. I am maintainer of them.

perl-Convert-ASCII-Armour-1.4-32.el7
perl-Net-SSH-0.09-26.el7
perl-Term-ReadPassword-0.11-27.el7

The other packages are owned by different users and I don't want to maintain EPEL 7 branches for them. 

FAS: ixs
 perl-Crypt-Blowfish

FAS: berrange
 perl-Test-YAML-Meta

FAS: pghmcfc
 perl-Net-SSH-Perl
 perl-Crypt-RSA
 perl-Math-Pari
 perl-Text-SpellChecker
 perl-Class-Loader
 perl-Crypt-Primes
 perl-Crypt-Random
 perl-Tie-EncryptedHash

Comment 16 Paul Howarth 2018-02-15 12:01:37 UTC
(In reply to Jitka Plesnikova from comment #15)
> The other packages are owned by different users and I don't want to maintain
> EPEL 7 branches for them. 
> 
> FAS: ixs
>  perl-Crypt-Blowfish
> 
> FAS: berrange
>  perl-Test-YAML-Meta
> 
> FAS: pghmcfc
>  perl-Net-SSH-Perl
>  perl-Crypt-RSA
>  perl-Math-Pari
>  perl-Text-SpellChecker
>  perl-Class-Loader
>  perl-Crypt-Primes
>  perl-Crypt-Random
>  perl-Tie-EncryptedHash

None of these (apart from perl-Net-SSH-Perl) are needed if we get perl-CryptX and the new version of Net-SSH-Perl that uses it.

Given that CryptX is bundling a patched version of libtomcrypt, I think it's viable to create a perl-CryptX package that includes the bundled libtomcrypt (with Provides: bundled(libtomcrypt) = 1.18) until such time as the differences are merged upstream. Anyone disagree?

Comment 17 Petr Pisar 2018-02-15 13:35:28 UTC
I don't think this ever happen. CryptX author always develops on his libtomcrypt fork. I'd rather try packaging an older CryptX version that could work with upstream libtomcrypt. I don't think it's wise to bundle, especially a cryptographic library.

Comment 18 Petr Pisar 2018-02-15 14:17:15 UTC
It looks like 0.053 can be packaged if I disable ECC support. I will try that and put the package on review.

Comment 19 Petr Pisar 2018-02-15 15:49:24 UTC
Bug #1545816 is perl-CryptX review.

Comment 20 Paul Howarth 2018-02-19 08:48:10 UTC
The current version of Net-SSH-Perl requires IO::Socket::Socks.

Bug #1546648 is perl-IO-Socket-Socks review.

Comment 21 Denis Fateyev 2019-09-01 17:15:40 UTC
What is the current status of this bug?

Comment 22 Paul Howarth 2019-09-02 09:08:32 UTC
All current Fedora releases have a CryptX-based version of Net-SSH-Perl now, though most of the ECC-related functionality is missing as it was stripped out of perl-CryptX.

Would that be OK for you if it was in EPEL-7?

I don't know if Petr is prepared to build this hobbled perl-CryptX for EPEL.

Comment 23 cornel panceac 2019-10-27 20:20:10 UTC
In F30:

No match for argument: perl-File-Basename

I know i've said it's builtin but i don't remember why :)

Everything else i've mentioned above can be installed.

Comment 24 Paul Howarth 2019-10-27 20:32:58 UTC
$ rpm -q --whatprovides 'perl(File::Basename)'
perl-interpreter-5.28.2-440.fc30.x86_64

Comment 25 Denis Fateyev 2021-09-27 22:05:35 UTC
Should be this bug finally closed?

Comment 26 Petr Pisar 2021-09-29 09:32:22 UTC
Available:
perl-Convert-ASCII-Armour
perl-File-Basename as perl
perl-Term-ReadPassword

Not available:
perl-Class-Loader
perl-Crypt-Blowfish
perl-Crypt-Primes
perl-Crypt-Random
perl-Crypt-RSA
perl-CryptX
perl-Math-Pari
perl-Net-SSH-Perl
perl-Test-YAML-Meta
perl-Text-SpellChecker
perl-Tie-EncryptedHash

Paul wrote that none of them was needed if perl-CryptX had been available. I will look if it is possible to port Fedora's perl-CryptX to EPEL 7.

Comment 27 Petr Pisar 2021-09-29 09:49:15 UTC
It isn't. perl-CryptX requires a support for Adler32 (and many other algorithms) in libtomcrypt. EPEL's libtomcrypt-1.17-25.el7 does not support it. I asked its maintainer for an upgrade (bug #2008832).

Comment 28 cornel panceac 2021-11-09 08:07:55 UTC
I clear the needinfo status because it's sending me one email each day.

Comment 29 Denis Fateyev 2022-02-10 18:12:26 UTC
Maybe it makes sense to bump the version to "epel9" and provide package(s) there.
In this case, it will require much less efforts with backporting and upgrading, just providing all required packages in epel9 from rawhide.
The same applies to RHBZ#2008832 dependency.

Comment 30 Paul Howarth 2022-02-11 11:01:38 UTC
perl-Net-SSH-Perl will be ready in EPEL-9 soon. All of the remaining dependencies are maintained by me so it should be available in testing in the next few days.

Comment 31 Paul Howarth 2022-02-11 17:24:05 UTC
perl-Net-SSH-Perl for EPEL-9:
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-bcd6155d50

Comment 32 Xavier Bachelot 2022-03-04 08:52:39 UTC
fwiw, I've pushed perl-CryptX 0.076 with bundled libtommath/libtomcrypt to EPEL 7/8/9 as well as Fedora 36/37.

Comment 33 Paul Howarth 2022-03-04 11:26:25 UTC
Un-hobbled versions of perl-Net-SSH-Perl will need a new (to Fedora) package perl-Crypt-Curve25519 (Bug #2060852).

Comment 34 Paul Howarth 2022-03-05 14:29:35 UTC
perl-Net-SSH-Perl-2.14-15.fc37 is now un-hobbled. Updates for F-36 and EPEL will follow in due course.

Comment 35 Paul Howarth 2022-03-07 10:49:32 UTC
Assigned to perl-Net-SSH-Perl rather than perl-Net-SSH since that is what this ticket has always been about.

EPEL-7 and EPEL-8 builds of perl-Net-SSH-Perl will be done in the next day or two.

Comment 36 Fedora Update System 2022-03-07 15:55:06 UTC
FEDORA-EPEL-2022-5cb84f5ed2 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-5cb84f5ed2

Comment 37 Fedora Update System 2022-03-07 16:15:05 UTC
FEDORA-EPEL-2022-5cb84f5ed2 has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-5cb84f5ed2

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 38 Paul Howarth 2022-03-09 12:24:42 UTC
Now that we have (or will have shortly) fully CryptX-based versions of perl-Net-SSH-Perl in F-36, F-37 and all EPELs, it looks to me that there are no remaining dependents of perl-Crypt-RSA in Fedora (other than the Suggests: for it in perl-Net-SSH-Perl, but I can get rid of that in due course).

I'm seriously considering retiring the following group of packages, which are only currently used by perl-Crypt-RSA as far as I can tell:

perl-Crypt-RSA
perl-Crypt-Primes
perl-Crypt-Random
perl-Math-Pari
libpari23

The last release of Crypt-RSA was in 2009. Dana Jacobsen created an alternative implementation (https://metacpan.org/dist/Alt-Crypt-RSA-BigInt) that avoided the need for Math::Pari, which would be a big win itself, but that doesn't look to have gained any traction.

Does anyone see any issues with retiring these packages in Fedora? I can ask on the Perl devel list too but I think most of the interested parties are here anyway.

Comment 39 Fedora Update System 2022-03-14 22:21:20 UTC
FEDORA-EPEL-2022-5cb84f5ed2 has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.