2325519 – Review Request: bearssl - A C implementation of the SSL/TLS protocol (RFC 5246)

Bug 2325519 - Review Request: bearssl - A C implementation of the SSL/TLS protocol (RFC 5246)

Summary: Review Request: bearssl - A C implementation of the SSL/TLS protocol (RFC 5246)

Keywords:
Status:	NEW
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Package Review
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Assignee:	Nobody's working on this, feel free to take it
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://www.bearssl.org
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2024-11-12 15:28 UTC by Benson Muite
Modified:	2024-11-13 09:16 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Benson Muite 2024-11-12 15:28:02 UTC

spec: https://download.copr.fedorainfracloud.org/results/fed500/bearssl/fedora-rawhide-x86_64/08247059-bearssl/bearssl.spec
srpm: https://download.copr.fedorainfracloud.org/results/fed500/bearssl/fedora-rawhide-x86_64/08247059-bearssl/bearssl-0.6-1.fc42.src.rpm

description:
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246) written in C.
It aims at offering the following features:

- Be correct and secure. In particular, insecure protocol versions and choices
of algorithms are not supported, by design; cryptographic algorithm
implementations are constant-time by default.

- Be small, both in RAM and code footprint. For instance, a minimal server
implementation may fit in about 20 kilobytes of compiled code and 25 kilobytes
of RAM.

- Be highly portable. BearSSL targets not only â€œbigâ€ operating systems like
Linux and Windows, but also small embedded systems and even special contexts
like bootstrap code.

- Be feature-rich and extensible. SSL/TLS has many defined cipher suites and
extensions; BearSSL should implement most of them, and allow extra algorithm
implementations to be added afterwards, possibly from third parties.

fas: fed500


Reproducible: Always

Comment 1 Fedora Review Service 2024-11-12 15:36:59 UTC

Copr build:
https://copr.fedorainfracloud.org/coprs/build/8247081
(succeeded)

Review template:
https://download.copr.fedorainfracloud.org/results/@fedora-review/fedora-review-2325519-bearssl/fedora-rawhide-x86_64/08247081-bearssl/fedora-review/review.txt

Please take a look if any issues were found.


---
This comment was created by the fedora-review-service
https://github.com/FrostyX/fedora-review-service

If you want to trigger a new Copr build, add a comment containing new
Spec and SRPM URLs or [fedora-review-service-build] string.

Comment 2 Fabio Valentini 2024-11-12 21:13:15 UTC

Please refer to the relevant policy:
https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/#_new_crypto_libraries

In particular, don't make the same mistakes as those that happened in
https://bugzilla.redhat.com/show_bug.cgi?id=2302646 / https://pagure.io/fesco/issue/3267

Comment 3 Benson Muite 2024-11-13 09:16:58 UTC

Thanks, raised
https://pagure.io/packaging-committee/issue/1407

Note You need to log in before you can comment on or make changes to this bug.