Bug 197963 - Review Request: bouncycastle
Review Request: bouncycastle
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: David Cantrell
Fedora Extras Quality Assurance
:
Depends On:
Blocks: FC-ACCEPT
  Show dependency treegraph
 
Reported: 2006-07-07 14:33 EDT by Thomas Fitzsimmons
Modified: 2013-09-25 10:34 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-07-18 13:07:55 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Thomas Fitzsimmons 2006-07-07 14:33:37 EDT
Spec URL: http://people.redhat.com/fitzsim/bouncycastle.spec
SRPM URL: http://people.redhat.com/fitzsim/bouncycastle-1.33-1.src.rpm
Description: The Bouncy Castle JCE provider.
Comment 1 Thomas Fitzsimmons 2006-07-07 14:36:34 EDT
I'm introducing this package because currently we include the BouncyCastle JCE
in java-1.4.2-gcj-compat, whereas it really deserves to be its own package.  I
don't think BouncyCastle should go in Extras because it is a crypto library and
therefore needs approval by Red Hat legal.

The upstream BouncyCastle tarball includes the patented IDEA algorithm.  The
tarball in this SRPM has those sources and references removed.
Comment 2 Jesse Keating 2006-07-10 16:50:40 EDT
NEEDSWORK:
- Buildroot should be %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
- Remove Epoch: 0
- Specifying 0 epoch on Requires and BuildRequires is not necessary.  Remove them.
- RPM_BUILD_ROOT=bctmp aot-compile-rpm <-- what is this doing?  Why reset the
buildroot?
- Post and postun scripts should probably have logic for final removal vs
upgrade.  As it stands you'll run rebuild-security-providers and rebuild-gcj-db
twice every time you upgrade the package.  Once for the new package, and once
for removing the old package.

rpmlint output:

E: bouncycastle zero-length
/etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider
W: bouncycastle-debuginfo objdump-failed objdump:
/tmp/bouncycastle-debuginfo-1.33-1.x86_64.rpm.17761/usr/lib/debug/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so.debug:
File format not recognized
W: bouncycastle mixed-use-of-spaces-and-tabs
W: bouncycastle non-conffile-in-etc
/etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider
W: bouncycastle objdump-failed objdump:
/tmp/bouncycastle-1.33-1.x86_64.rpm.17761/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so:
File format not recognized

The Zero length file, I see it just being touched.  Does it just need to exist?
 If so, we can ignore the error.  However it should be marked as a config file.

Not sure about the objdump warnings.
Comment 3 Thomas Fitzsimmons 2006-07-10 17:31:51 EDT
(In reply to comment #2)
> NEEDSWORK:
> - Buildroot should be
%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

Done.

> - Remove Epoch: 0

Done.

> - Specifying 0 epoch on Requires and BuildRequires is not necessary.  Remove them.

Done.

> - RPM_BUILD_ROOT=bctmp aot-compile-rpm <-- what is this doing?  Why reset the
> buildroot?

Yeah, I realized I don't need this, it's already done by aot-compile-rpm in the
%install section.

> - Post and postun scripts should probably have logic for final removal vs
> upgrade.  As it stands you'll run rebuild-security-providers and rebuild-gcj-db
> twice every time you upgrade the package.  Once for the new package, and once
> for removing the old package.

OK.

> 
> rpmlint output:
> 
> E: bouncycastle zero-length
>
/etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider
> W: bouncycastle-debuginfo objdump-failed objdump:
>
/tmp/bouncycastle-debuginfo-1.33-1.x86_64.rpm.17761/usr/lib/debug/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so.debug:
> File format not recognized
> W: bouncycastle mixed-use-of-spaces-and-tabs
> W: bouncycastle non-conffile-in-etc
>
/etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider
> W: bouncycastle objdump-failed objdump:
>
/tmp/bouncycastle-1.33-1.x86_64.rpm.17761/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so:
> File format not recognized
> 
> The Zero length file, I see it just being touched.  Does it just need to exist?
>  If so, we can ignore the error.  However it should be marked as a config file.

The filename 2000-org.bouncycastle.jce.provider.BouncyCastleProvider is
interpreted by rebuild-security-providers as <provider priority>-<provider
package name>, and is used to rebuild /usr/lib/security/classpath.security.  Its
contents are meaningless.  I don't want to mark it as %config because then if
someone edits it and then updates, a backup file with the extension .rpmsave
will be created and will cause a bogus entry to appear in
/usr/lib/security/classpath.security.

> 
> Not sure about the objdump warnings.

I ran rpmlint (0.77-1.fc5) on my x86 workstation and didn't see those warnings.

I'll post the updated package shortly.
Comment 4 Thomas Fitzsimmons 2006-07-10 17:36:42 EDT
Updated Spec URL: http://people.redhat.com/fitzsim/bouncycastle.spec
Updated SRPM URL: http://people.redhat.com/fitzsim/bouncycastle-1.33-2.src.rpm
Comment 5 Jesse Keating 2006-07-17 15:08:02 EDT
No more rpmlint errors.  Package approved.

I assume that this will be marked as a dep of some other package, and it doesn't
need to go into Comps right?
Comment 6 Ville Skyttä 2006-07-17 15:33:02 EDT
Is the intention of %{_javadir}/gcj-endorsed that only gcj (not other JVMs)
should be using stuff from there?  Other JVMs, eg. the Sun one, would have
problems with the jar because it's not signed.
Comment 7 Thomas Fitzsimmons 2006-07-17 15:47:00 EDT
(In reply to comment #6)
> Is the intention of %{_javadir}/gcj-endorsed that only gcj (not other JVMs)
> should be using stuff from there?  Other JVMs, eg. the Sun one, would have
> problems with the jar because it's not signed.

Yes, I'm not supporting non-GNU Classpath based JVMs with this RPM.
Comment 8 Thomas Fitzsimmons 2006-07-17 16:00:05 EDT
(In reply to comment #5)
> No more rpmlint errors.  Package approved.
> 
> I assume that this will be marked as a dep of some other package, and it doesn't
> need to go into Comps right?

For now let's leave it out.
Comment 9 Jesse Keating 2006-07-18 13:07:55 EDT
Was built into rawhide.
Comment 10 Steve Traylen 2010-03-08 17:16:00 EST
Package Change Request
======================
Package Name: bouncycastle
New Branches: EL-5
Owners: stevetraylen

Quoting the fedora owner from bug #571580:

Hi' I have been dealing with bouncycastle updates for the last year. I have no
interest in EPEL, so go ahead. Ask for cvs.
Comment 11 Kevin Fenzi 2010-03-09 00:59:31 EST
cvs done.
Comment 13 Mat Booth 2013-09-25 09:58:29 EDT
Package Change Request
======================
Package Name: bouncycastle
New Branches: f20
Owners: mbooth

The F20 branch was erroneously retired in pkgdb.
Comment 14 Gwyn Ciesla 2013-09-25 10:34:04 EDT
Unretired, take ownership.

Note You need to log in before you can comment on or make changes to this bug.