Bug 438262 - Review Request: beecrypt - An open source cryptography library
Review Request: beecrypt - An open source cryptography library
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
low Severity medium
: ---
: ---
Assigned To: Hans de Goede
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-03-19 17:48 EDT by Robert Scheck
Modified: 2010-05-20 15:34 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-20 14:15:33 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
hdegoede: fedora‑review+
kevin: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Robert Scheck 2008-03-19 17:48:39 EDT
Spec URL: http://labs.linuxnetz.de/bugzilla/beecrypt.spec
SRPM URL: http://labs.linuxnetz.de/bugzilla/beecrypt-4.1.2-16.src.rpm
Description: BeeCrypt is an ongoing project to provide a strong and fast 
cryptography toolkit. Includes entropy sources, random generators, block 
ciphers, hash functions, message authentication codes, multiprecision
integer routines and public key primitives.
Comment 1 Peter Lemenkov 2008-03-20 04:31:35 EDT
Something strange - is this a Review Request or Merge Request? Seems that
beecrypt already in Fedora:

[petro@host-12-116 ~]$ LANG=C rpm -qi beecrypt
Name        : beecrypt                     Relocations: (not relocatable)
Version     : 4.1.2                             Vendor: Red Hat, Inc.
Release     : 12                            Build Date: Thu Dec  7 18:45:51 2006
Install Date: Mon Jun  4 12:42:11 2007      Build Host: ls20-bc1-14.build.redhat.com
Group       : System Environment/Libraries   Source RPM: beecrypt-4.1.2-12.src.rpm
Size        : 260703                           License: LGPL
Signature   : DSA/SHA1, Fri May 18 21:05:40 2007, Key ID b44269d04f2a6fd2
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://sourceforge.net/projects/beecrypt
Summary     : An open source cryptography library.
Description :
Beecrypt is a general-purpose cryptography library.
[petro@host-12-116 SPECS]$ 
Comment 2 Robert Scheck 2008-03-20 04:44:33 EDT
Re-review request, because beecrypt on Rawhide got orphaned in November or 
December last year (see fedora-devel-list and CVS).
Comment 3 Alexander Kahl 2008-03-23 08:32:31 EDT
According to
http://fedoraproject.org/wiki/PackageMaintainers/RetiredPackages :
"beecrypt 2007-12-05 - dropped for devel/F-9+, obsolete and unused"

Furthermore, beecrypt seems to be unmaintained - last stable release at
2004-12-21 (4.1.2). Please be aware that without upstream, you would become
de-facto upstream for beecrypt upon package approval, responsible for fixing all
issues yourself.

I don't see why you would want this back into Fedora anyway as there really are
no packages in rawhide requiring beecrypt anymore - try 'repoquery
--repoid=development --whatrequires beecrypt'.
Comment 4 Robert Scheck 2008-03-23 14:04:35 EDT
I know upstream via another project and there are also commits in the upstream 
VCS. Are you kidding me? No packages requiring beecrypt in Fedora doesn't mean,
that there's no software in the world requiring or depending on beecrypt. But
I saw you hereby willing to rewrite all of my/our third party software and the
applications which are mostly closed source.

Independent of that, I'm maintaining even more old software in Fedora and EPEL
which saw no release for > 3.5 years. I'm using software, because it works and
I'm not going to fork everything nor do I re-invent the wheel for Fedora. So the
upstream is and will be upstream, I will be downstream and fixes are going to
upstream as for every other package as well. Please stop talking bullshit, as
long as upstream is not dead, but just quiet...thanks :)

So is somebody doing the review now, please? Thank you very much.
Comment 5 Hans de Goede 2008-05-08 16:53:05 EDT
Reviewing...

Full review done, results:

Must Fix:
=========

* Drop the java_arches %define and %ifarch's, gcj is available on all Fedora
  supported platforms now a days

* The library gets compiled with -fomit-frame-pointer in the CFLAGS, making 
  debugging it impossible

* The following rpmlint errors:
beecrypt-java.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/libbeecrypt_java.so
beecrypt-java.x86_64: E: library-without-ldconfig-postin
/usr/lib64/libbeecrypt_java.so.0.0.0
beecrypt-java.x86_64: E: library-without-ldconfig-postun
/usr/lib64/libbeecrypt_java.so.0.0.0

What is the idea behind this .so, is this a binding for java, and shouldn't it
get installed somewhere under /usr/lib/java then?


Should Fix
==========

* Re-enable c++ bindings, the reason to disable them (not make rpm depend upon
  libstdc++) is no longer valid, and I think that for other beecrypt users 
  beecrypt requering libstdc++ is nothing but a small nuisance.
 
  Note if you do this you must add libicu-devel to the BuildRequires as that
  is required for the c++ stuff
Comment 6 Robert Scheck 2008-05-18 18:44:11 EDT
(In reply to comment #5)
> * Drop the java_arches %define and %ifarch's, gcj is available on all Fedora
>   supported platforms now a days

Looks like the java package doesn't make sense at all when seeing bug #151294,
I would disable the package for the next rebuild again until situation changes. 
Would this be suitable for you as well?

> * The library gets compiled with -fomit-frame-pointer in the CFLAGS, making 
>   debugging it impossible

You're right, I'll change that.

> * Re-enable c++ bindings, the reason to disable them (not make rpm depend upon
>   libstdc++) is no longer valid, and I think that for other beecrypt users 
>   beecrypt requering libstdc++ is nothing but a small nuisance.

I still would like to keep the c++ bindings disabled - even if only rpm was the
reason to do that.

Please let me short know, whether it fits for you as well. After that I'll go
and create a new package solving all of the issues. Thanks.
Comment 7 Hans de Goede 2008-05-19 00:44:27 EDT
(In reply to comment #6)
> (In reply to comment #5)
> > * Drop the java_arches %define and %ifarch's, gcj is available on all Fedora
> >   supported platforms now a days
> 
> Looks like the java package doesn't make sense at all when seeing bug #151294,
> I would disable the package for the next rebuild again until situation changes. 
> Would this be suitable for you as well?
> 

Given the new info disabling / removing the java sub-package is fine with me.

> > * Re-enable c++ bindings, the reason to disable them (not make rpm depend upon
> >   libstdc++) is no longer valid, and I think that for other beecrypt users 
> >   beecrypt requering libstdc++ is nothing but a small nuisance.
> 
> I still would like to keep the c++ bindings disabled - even if only rpm was the
> reason to do that.
>

Well, its normal for Fedora packages to enable as much features / bindings as
possible. But its not mandatory, so although I would prefer c++ support being
enabled (*), I'll also approve the package with it disabled. Note that Debian
does have c++ support enabled be default.

* unless there are good reasons not too, and requiring libstdc++ is not a good
reason IMHO
Comment 8 Robert Scheck 2008-05-19 18:47:49 EDT
Okay, updated package here:

Spec URL: http://labs.linuxnetz.de/bugzilla/beecrypt.spec
SRPM URL: http://labs.linuxnetz.de/bugzilla/beecrypt-4.1.2-17.src.rpm
Comment 9 Hans de Goede 2008-05-20 03:24:02 EDT
Al good now, approved!
Comment 10 Robert Scheck 2008-05-20 09:52:27 EDT
Hans, thank you very much.


Package Change Request
======================
Package Name: beecrypt
Updated Fedora Owners: robert
Updated Description: An open source cryptography library
Updated Cvsextras Commits: No

The pkgdb told me, that Panu Matilainen (pmatilai) would have been the old 
owner of the package (before orphaning). If somehow possible please do the 
changes mentioned above only for branches F-8, F-9 and devel.
Comment 11 Kevin Fenzi 2008-05-20 12:02:41 EDT
cvs done.
Comment 12 Robert Scheck 2008-05-20 14:15:33 EDT
Package: beecrypt-4.1.2-17.fc8 Tag: dist-f8-updates-candidate Status: complete
Package: beecrypt-4.1.2-17.fc9 Tag: dist-f9-updates-candidate Status: complete
Package: beecrypt-4.1.2-17.fc10 Tag: dist-f10 Status: complete
Comment 13 Robert Scheck 2010-05-18 18:24:47 EDT
The beecrypt package doesn't have any EPEL history so far, because it was
part of RHEL <= 5, but isn't of RHEL 6.


Package Change Request
======================
Package Name: beecrypt
New Branches: EL-6
Owners: robert
Comment 14 Kevin Fenzi 2010-05-20 15:34:01 EDT
cvs done.

Note You need to log in before you can comment on or make changes to this bug.