Bug 471805 - Review Request: aespipe - AES-based encryption tool for tar/cpio and loop-aes images
Summary: Review Request: aespipe - AES-based encryption tool for tar/cpio and loop-aes...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: 13
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Mamoru TASAKA
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-11-16 17:30 UTC by Dean Mander
Modified: 2011-07-12 22:02 UTC (History)
7 users (show)

Fixed In Version: aespipe-2.4c-0.fc15
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-09-02 20:38:54 UTC
Type: ---
mtasaka: fedora-review+
tibbs: fedora-cvs+


Attachments (Terms of Use)

Description Dean Mander 2008-11-16 17:30:27 UTC
Spec URL: http://users.skynet.be/fa990755/aespipe.spec
SRPM URL: http://users.skynet.be/fa990755/aespipe-2.3e-1.fc9.src.rpm

Description:
aespipe is an encryption tool that reads from standard input and
writes to standard output. It uses the AES (Rijndael) cipher.

It can be used as an encryption filter, to create and restore
encrypted tar/cpio backup archives and to read/write and convert
loop-AES compatible encrypted images.

aespipe can be used for non-destructive in-place encryption of
existing disk partitions for use with the loop-AES encrypted loopback
kernel module.

Comment 1 Jason Tibbitts 2008-11-17 17:54:54 UTC
I don't see you in the account system; what's your ID there?  Do you require sponsorship?

Comment 2 Dean Mander 2008-11-17 18:37:42 UTC
Hi Jason,

don't know about ID but my account name is 'knol'.

I'm already sponsored, thanks, but a review of this tiny little new package would be welcomed :-).

Comment 3 Jason Tibbitts 2008-11-17 19:18:05 UTC
I guess I don't know how anyone is supposed to be able to connect "Dean Mander" with "Rob Loos".  Maybe something's screwy with the account system.

The package fails to build for me in rawhide:

Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.jcJ0ax
+ umask 022
+ cd /builddir/build/BUILD
+ cd aespipe-v2.3e
+ LANG=C
+ export LANG
+ unset DISPLAY
+ aclocal
/var/tmp/rpm-tmp.jcJ0ax: line 29: aclocal: command not found

I'm not sure how this could build in mock or koji since you call autoconf and aclocal without having any dependency on them; do you have a link to a koji scratch build I could look at?

Also, why do you even need to call aclocal and autoconf?  Is there something wrong with the confugure script that's in the package?  You're not patching anything as far as I can tell.

The licensing of this code is confusing at best.  You have License: GPL+, but:
  md5.c is GPLv2+
  aes.c is, I think, "Copyright Only"
  aespipe.c is GPL+
  rmd160.c is GPLv2+
  sha512.c is GPL+

And then there are assembler files:
  aes-amd64.S is BSD
  aes-x86.S is BSD
  md5-amd64.S is GPL+
  md5-x86.S is GPL+

And then there's aes-GPL.diff, which patches aes-amd64.S and aes-x86.S to allow GPL+ licenses, but I'm not really sure of either why this would be needed (3-clause BSD is already GPL compatible) or whether its reasonable to make licensing changes this way.

My take is that the whole thing, once compiled, GPLv2+, but I think it would help if Legal verified that.

Comment 4 Dean Mander 2008-11-17 21:53:06 UTC
from Comment #3:
> Also, why do you even need to call aclocal and autoconf?  Is there something
> wrong with the confugure script that's in the package?  You're not patching
> anything as far as I can tell.

Removed aclocal and autoconf, now it builds correctly in mock.

> My take is that the whole thing, once compiled, GPLv2+, but I think it would
> help if Legal verified that.

I hadn't checked all files individually, thanks for notifying. The license FAQ covers a comparable case and claims GPLv2+, so you must be right on this.

changelog:
- remove of aclocal,autoconf
- change license to GPLv2+

Spec URL: http://users.skynet.be/fa990755/aespipe.spec
SRPM URL: http://users.skynet.be/fa990755/aespipe-2.3e-2.fc9.src.rpm

Comment 5 Tom "spot" Callaway 2008-12-01 16:27:41 UTC
Yep. This should be GPLv2+. Lifting FE-Legal.

Comment 6 Till Maas 2008-12-10 16:35:25 UTC
- The tools execves to gpg, therefore a Requires: gpg should be added
- The package contains a testsuite, please add this to the spec to run it:
%check
make tests
- Then you probably also need "BuildRequires: gpg"
- The package does not build on ppc(64):
http://koji.fedoraproject.org/koji/taskinfo?taskID=991182
The problem is, that you have to run make without a target on ppc(64). You can do this by defining a helper macro, e.g.

%define make_target %{nil}

%ifarch x86_64
%define make_target amd64
%endif

%ifarch %{ix86}
%define make_target x86
%endif

make %{?_smp_mflags} %{make_target}

- Also note the added "%{?_smp_mflags}", which seem to work fine here.
- Have you thought about patching Makefile.in at upstream to use your install commands instead of cp? Then you can use "make install DESTDIR=%{buildroot}" beginning with next upstreams release. I can probably help you with this, if you need help.

- Maybe you should use Source0: instead of Source:, but it seems not to cause any trouble. I believe I have read some changes about Patch:/Patch0: with the new rpm, but I have to check this.
- The guidelines recommend a  %defattr(-, root, root, -) instead of %defattr(-, root, root, 0755), but I guess the latter is a better %defattr, but I have to check this, too

I will try to make a complete review later.

Comment 7 Dean Mander 2009-08-12 11:22:12 UTC
Hi Till,

thanks for the remarks. I've created a new version of the specfile:

  - add make_target (to build on ppc)
  - add BuildRequires:gpg
  - add make tests
  - add %{?_smp_mflags} to make commands

Patching Makefile.in behind my capacity but any help is appreciated.

http://fedorapeople.org/~knol/srpms/aespipe/aespipe.spec
http://fedorapeople.org/~knol/srpms/aespipe/aespipe-2.3e-3.fc11.src.rpm

Comment 8 Dean Mander 2009-10-31 12:11:20 UTC
no one interested for final review?

Comment 9 Till Maas 2010-01-20 19:58:11 UTC
(In reply to comment #8)
> no one interested for final review?    

Sorry, ma fault.

According to my comment:6, this needs to be added but is not added in the spec from comment:7:
Requires: gpg

Comment 10 Dean Mander 2010-01-22 14:58:08 UTC
(In reply to comment #9)
> According to my comment:6, this needs to be added but is not added in the spec
> from comment:7:
> Requires: gpg    

forgot that one, but now corrected:

http://fedorapeople.org/~knol/srpms/aespipe/aespipe.spec
http://fedorapeople.org/~knol/srpms/aespipe/aespipe-2.3e-4.fc12.src.rpm

Comment 11 Till Maas 2010-01-27 16:27:49 UTC
rpmlint output is not ok:

aespipe.spec: W: mixed-use-of-spaces-and-tabs (spaces: line 1, tab: line 11)
This is the new Requires:gpg line, just use spaces there like everywhere else in the spec.

aespipe.x86_64: W: executable-stack /usr/bin/aespipe

This seems to have been already reported upstream with a patch, but it seems that upstream did not make a release with the patch included. This is a bad sign.
http://marc.info/?l=linux-crypto&m=122573121723097&w=2

So please at least use the patch, but better get in contact with upstream and ask why there is no new release with the patch included.

I'll unassign myself for now, so in case this is resolved when I do not have time for it again, someone else might pick it up.

Comment 12 Dean Mander 2010-01-28 10:56:52 UTC
Same for me: the request dates from 2008, and it has always been working fine for myself, while it's quite difficult to get everything "fedora spiritual pure" that I'm no longer interested.

I'm closing the request.

Comment 13 Kai Engert (:kaie) (inactive account) 2010-07-31 20:19:08 UTC
Reopening.

I see a new release 
http://loop-aes.sourceforge.net/aespipe/aespipe-v2.4b.tar.bz2

I fixed the whitespace warning and uploaded
http://kuix.de/fedora/aespipe/aespipe-2.4b-1.fc13.src.rpm

I built it, and no longer get any executable stack warnings.
$ rpmlint aespipe-2.4b-1.fc13.i686.rpm 
aespipe.i686: W: spelling-error Summary(en_US) cpio -> CPI, Scipio, campion
aespipe.i686: W: spelling-error Summary(en_US) aes -> eyes, sea, ae
aespipe.i686: W: spelling-error %description -l en_US cpio -> CPI, Scipio, campion
aespipe.i686: W: spelling-error %description -l en_US loopback -> loop back, loop-back, loophole
aespipe.i686: W: incoherent-version-in-changelog 2.3e-4 ['2.4b-1.fc13', '2.4b-1']
aespipe.i686: W: no-manual-page-for-binary bz2aespipe
1 packages and 0 specfiles checked; 0 errors, 6 warnings.

http://kuix.de/fedora/aespipe/aespipe-2.4b-1.fc13.i686.rpm

Comment 14 Jiri Hladky 2010-08-23 16:34:46 UTC
Hi Kai,

what's the current status? 

I don't see any flag set. Are you looking for package reviewer? 

The process is described at
http://fedoraproject.org/wiki/Join_the_package_collection_maintainers

I can do the package review. Please let me know.

Thanks
Jirka

Comment 15 Jiri Hladky 2010-08-25 19:00:18 UTC
Spec URL: http://jhladky.fedorapeople.org/aespipe-2.4b-1.spec
MD5: 01eb79a867916d823061f7c68327153b

SRPM URL: http://jhladky.fedorapeople.org/aespipe-2.4b-1.fc12.src.rpm
MD5: 6ab6d7b2eae92a26be3057f92bb19c61

I have reviewed the package and everything is fine.

Thanks
Jirka

Comment 16 Jiri Hladky 2010-08-25 19:01:48 UTC
New Package CVS Request
=======================
Package Name: aespipe
Short Description: AES-based encryption tool for tar/cpio and loop-aes images
Owners: jhladky
Branches: F-12 F-13 EL-5 EL-6
InitialCC: jhladky

Comment 17 Tom "spot" Callaway 2010-08-25 19:14:41 UTC
Jiri, you can't review your own package. Cancelling CVS request.

Comment 18 Jiri Hladky 2010-08-25 19:54:38 UTC
Tom, sorry I din't know that.

Comment 19 Jiri Hladky 2010-08-25 20:01:44 UTC
Spec URL: http://jhladky.fedorapeople.org/aespipe-2.4b-2.spec
MD5: d39444e2a72537852b0910f83e243017

SRPM URL: http://jhladky.fedorapeople.org/aespipe-2.4b-2.fc12.src.rpm
MD5: 820348afe0fde4724df8ca3e77397a96

I have cleaned up SPEC file a little bit and moved example script bz2aespipe into
/usr/share/doc/aespipe-<version>/examples/bz2aespipe

I'm looking for somebody to review the package. I have already packaged hwloc, please check 
https://bugzilla.redhat.com/show_bug.cgi?id=606498

Thanks a lot!
Jirka

Comment 20 Till Maas 2010-08-25 20:30:07 UTC
The fedora-review flag needs to be set to " " to show that nobody is currently assigned to review it. The "?" means, that someone is currently reviewing it.

Comment 21 Mamoru TASAKA 2010-08-26 19:10:16 UTC
So the current submitter is Jiri, is it okay?

Comment 22 Jiri Hladky 2010-08-26 20:29:31 UTC
Hi Mamoru,

yes, that's right. I'm the submitter.

Thanks
Jiri

Comment 23 Mamoru TASAKA 2010-08-27 19:09:05 UTC
Well,

- Now we prefer to use %global instead of %define
  https://fedoraproject.org/wiki/Packaging/Guidelines#.25global_preferred_over_.25define

Other things are okay.
------------------------------------------------------
    This package (aespipe) is APPROVED by mtasaka
------------------------------------------------------

Comment 24 Jiri Hladky 2010-08-28 21:41:21 UTC
Hi Mamoru-san,

thanks a lot for reviewing the package. I have replaced %define with %global and made sure that everything works fine.

Spec URL: http://jhladky.fedorapeople.org/aespipe-2.4b-3.spec
MD5: 6b1af633ea681808fb30c1a1f27fc487

SRPM URL: http://jhladky.fedorapeople.org/aespipe-2.4b-3.fc12.src.rpm
MD5: 820348afe0fde4724df8ca3e77397a96

Thanks
Jirka

Comment 25 Jiri Hladky 2010-08-28 21:42:18 UTC
New Package CVS Request
=======================
Package Name: aespipe
Short Description: AES-based encryption tool for tar/cpio and loop-aes images
Owners: jhladky
Branches: F-12 F-13 EL-5 EL-6
InitialCC: jhladky

Comment 26 Kevin Fenzi 2010-08-29 18:44:49 UTC
Git done (by process-git-requests).

Comment 27 Jiri Hladky 2010-08-31 11:44:35 UTC
Hello,

I have tried to check-out the module aespipe as described at:

http://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Check_out_the_module

However, it's not working. It seems that wiki does not reflect that Fedora is now using GIT instead of CVS:

==============================================================================
$fedpkg clone -B aespipe
would have cloned aespipe with dirs as user jhladky

$fedpkg clone aespipe
Traceback (most recent call last):
  File "/usr/bin/fedpkg", line 812, in <module>
    args.command(args)
  File "/usr/bin/fedpkg", line 408, in clone
    pyfedpkg.clone(args.module[0], args.user, args.path, args.branch)
  File "/usr/lib/python2.6/site-packages/pyfedpkg/__init__.py", line 170, in clone
    raise FedpkgError('Could not clone %s: %s' % (giturl, e))
pyfedpkg.FedpkgError: Could not clone ssh://jhladky@pkgs.stg.fedoraproject.org/aespipe: "['git', 'clone', 'ssh://jhladky@pkgs.stg.fedoraproject.org/aespipe'] returned exit status 128"
==============================================================================

Could somebody please point me to the updated documentation?

Thanks a lot!
Jirka

Comment 28 Jiri Hladky 2010-08-31 12:17:45 UTC
Hello,

yum update fedora-packager

has solved my problem. I was able to upload SPEF file and tarball with the source code on to the git repository:-) I did this for master branch only. Should I do the same for other branches as well? 

http://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Import_Your_Package

is not updated yet.

Thanks
Jirka

Comment 29 Mamoru TASAKA 2010-08-31 14:25:28 UTC
(In reply to comment #28)
> Should I do the same for other branches as well? 

Yes, please

Comment 30 Fedora Update System 2010-09-01 14:04:40 UTC
aespipe-2.4b-3.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/aespipe-2.4b-3.el5

Comment 31 Fedora Update System 2010-09-01 14:07:55 UTC
aespipe-2.4b-3.fc12 has been submitted as an update for Fedora 12.
https://admin.fedoraproject.org/updates/aespipe-2.4b-3.fc12

Comment 32 Fedora Update System 2010-09-01 14:11:56 UTC
aespipe-2.4b-3.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/aespipe-2.4b-3.fc13

Comment 33 Mamoru TASAKA 2010-09-01 17:38:33 UTC
Please also rebuild and submit for F-14.

Comment 34 Fedora Update System 2010-09-02 02:28:05 UTC
aespipe-2.4b-3.el5 has been pushed to the Fedora EPEL 5 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update aespipe'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/aespipe-2.4b-3.el5

Comment 35 Fedora Update System 2010-09-02 20:38:48 UTC
aespipe-2.4b-3.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 36 Fedora Update System 2010-09-02 20:45:50 UTC
aespipe-2.4b-3.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 37 Fedora Update System 2010-09-02 21:49:21 UTC
aespipe-2.4b-3.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 38 Jiri Hladky 2010-11-05 16:57:49 UTC
Package Change Request
======================
Package Name: aespipe
New Branches: F-14
Owners: jhladky
InitialCC: jhladky

See:
https://fedorahosted.org/rel-eng/ticket/4247#comment:1

Thanks
Jirka

Comment 39 Jason Tibbitts 2010-11-05 17:04:17 UTC
Git done (by process-git-requests).

Comment 40 Jiri Hladky 2010-11-05 17:12:05 UTC
Thanks!!

Jirka

Comment 41 Fedora Update System 2010-11-05 18:02:28 UTC
aespipe-2.4b-3.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/aespipe-2.4b-3.fc14

Comment 42 Fedora Update System 2010-11-06 23:44:48 UTC
aespipe-2.4b-3.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 43 Fedora Update System 2011-07-03 00:33:53 UTC
aespipe-2.4c-0.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/aespipe-2.4c-0.fc15

Comment 44 Fedora Update System 2011-07-12 22:02:29 UTC
aespipe-2.4c-0.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.