Bug 480851 - Review Request: ccrypt - Secure encryption and decryption of files and streams
Review Request: ccrypt - Secure encryption and decryption of files and streams
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Dan Horák
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 480855
  Show dependency treegraph
 
Reported: 2009-01-20 17:02 EST by Fabian Affolter
Modified: 2014-10-07 08:00 EDT (History)
3 users (show)

See Also:
Fixed In Version: 1.8-1.fc10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-08-15 04:17:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
dan: fedora‑review+
limburgher: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Fabian Affolter 2009-01-20 17:02:21 EST
Spec URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt.spec
SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt-1.7-1.fc9.src.rpm

Project URL: http://ccrypt.sourceforge.net/

Description:
ccrypt is a utility for encrypting and decrypting files and streams.
It was designed as a replacement for the standard unix crypt utility,
which is notorious for using a very weak encryption algorithm. ccrypt
is based on the Rijndael cipher, which is the U.S. government's chosen
candidate for the Advanced Encryption Standard. This cipher is believed
to provide very strong security.

Koji scratch build:
http://koji.fedoraproject.org/koji/taskinfo?taskID=1069879

rpmlint output:
[fab@laptop024 i386]$ rpmlint ccrypt*
2 packages and 0 specfiles checked; 0 errors, 0 warnings.

[fab@laptop024 SRPMS]$ rpmlint ccrypt-1.7-1.fc9.src.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

Package build failed on ppc 64 
http://koji.fedoraproject.org/koji/getfile?taskID=1069883&name=build.log
-------<%---------
*** stack smashing detected ***: ./maketables terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail-0x8cc08)[0x400001fc118]
/lib64/libc.so.6(__stack_chk_fail-0x8cc4c)[0x400001fc0c4]
./maketables[0x10001170]
/lib64/libc.so.6[0x400000fc1b8]
/lib64/libc.so.6(__libc_start_main-0x1848f0)[0x400000fc3d0]
-------%>---------
Comment 1 Gratien D'haese 2009-01-22 04:03:48 EST
My review. I cannot sponsor you as I'm not (yet) an approved packager.
Once this package gets approved contact a sponsor from the official list.
To that end, have you done any unoffical reviews of other's packages?
If so, please post links.  If not, do a few, and post links.

Package: 94e1a15eec27d8db271df733230aae5e  ccrypt-1.7-1.fc9.src.rpm

$ rpm -i ~/Download/ccrypt-1.7-1.fc9.src.rpm
Clean.

$ md5sum ../SOURCES/ccrypt-1.7.tar.gz 
19526e31a7d234e29d54dbcc876605d5  ../SOURCES/ccrypt-1.7.tar.gz
$ md5sum ~/Download/ccrypt-1.7.tar.gz 
19526e31a7d234e29d54dbcc876605d5  /home/gdha/Download/ccrypt-1.7.tar.gz

Source tarball is the same in SRPM package as on the official web-site.
Good.

$ rpmbuild -bs ccrypt.spec
Wrote: /home/gdha/RPM/SRPMS/ccrypt-1.7-1.fc9.src.rpm

$ rpmbuild -ba SPECS/ccrypt.spec
Clean build on x86.

Requires: libcrypt.so.1 (noticed this requirement during build)
To be checked...

$ rpm -qpl /home/gdha/RPM/RPMS/i386/ccrypt-1.7-1.fc9.i386.rpm
/usr/bin/ccat
/usr/bin/ccdecrypt
/usr/bin/ccencrypt
/usr/bin/ccrypt
/usr/share/doc/ccrypt-1.7
/usr/share/doc/ccrypt-1.7/AUTHORS
/usr/share/doc/ccrypt-1.7/COPYING
/usr/share/doc/ccrypt-1.7/ChangeLog
/usr/share/doc/ccrypt-1.7/NEWS
/usr/share/doc/ccrypt-1.7/README
/usr/share/doc/ccrypt-1.7/cypfaq01.txt
/usr/share/man/man1/ccat.1.gz
/usr/share/man/man1/ccdecrypt.1.gz
/usr/share/man/man1/ccencrypt.1.gz
/usr/share/man/man1/ccrypt.1.gz


- MUST: rpmlint must be run on every package. The output should be posted in
the review.

Clean.

- MUST: The package must be named according to the Package Naming Guidelines .

Good.

- MUST: The spec file name must match the base package %{name}, in the format
%{name}.spec unless your package has an exemption on Package Naming Guidelines

Good.

- MUST: The package must meet the Packaging Guidelines .

Good.

- MUST: The package must be licensed with a Fedora approved license and meet
the Licensing Guidelines .

Good.

- MUST: The License field in the package spec file must match the actual
license.

Good.

- MUST: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s) for the
package must be included in %doc.

Good.

- MUST: The spec file must be written in American English.

Good.

- MUST: The spec file for the package MUST be legible. If the reviewer is
unable to read the spec file, it will be impossible to perform a review. Fedora
is not the place for entries into the Obfuscated Code Contest
(http://www.ioccc.org/).

Good.  Wondering if the following line is relevant for the description:
"which is the U.S. government's chosen candidate for the Advanced 
Encryption Standard." Your call.

- MUST: The sources used to build the package must match the upstream source,
as provided in the spec URL. Reviewers should use md5sum for this task. If no
upstream URL can be specified for this package, please see the Source URL
Guidelines for how to deal with this.

Good.

- MUST: The package must successfully compile and build into binary rpms on at
least one supported architecture.

Good.

- MUST: If the package does not successfully compile, build or work on an
architecture, then those architectures should be listed in the spec in
ExcludeArch. Each architecture listed in ExcludeArch needs to have a bug filed
in bugzilla, describing the reason that the package does not compile/build/work
on that architecture. The bug number should then be placed in a comment, next
to the corresponding ExcludeArch line. New packages will not have bugzilla
entries during the review process, so they should put this description in the
comment until the package is approved, then file the bugzilla entry, and
replace the long explanation with the bug number. The bug should be marked as
blocking one (or more) of the following bugs to simplify tracking such issues:
FE-ExcludeArch-x86 , FE-ExcludeArch-x64 , FE-ExcludeArch-ppc ,
FE-ExcludeArch-ppc64

Will you be able to fix the build problem on PPC? Otherwise, add a tag to
exclude it.
Via koji I was able to build on ppc.

- MUST: All build dependencies must be listed in BuildRequires, except for any
that are listed in the exceptions section of the Packaging Guidelines ;
inclusion of those as BuildRequires is optional. Apply common sense.

You need the glibc-devel package for -lcrypt

- MUST: The spec file MUST handle locales properly. This is done by using the
%find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.

Good.

- MUST: Every binary RPM package which stores shared library files (not just
symlinks) in any of the dynamic linker's default paths, must call ldconfig in
%post and %postun. If the package has multiple subpackages with libraries, each
subpackage should also have a %post/%postun section that calls /sbin/ldconfig.
An example of the correct syntax for this is:

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig

NA.

- MUST: If the package is designed to be relocatable, the packager must state
this fact in the request for review, along with the rationalization for
relocation of that specific package. Without this, use of Prefix: /usr is
considered a blocker.

NA.

- MUST: A package must own all directories that it creates. If it does not
create a directory that it uses, then it should require a package which does
create that directory. Refer to the Guidelines for examples.

Good.

- MUST: A package must not contain any duplicate files in the %files listing.

Good.

- MUST: Permissions on files must be set properly. Executables should be set
with executable permissions, for example. Every %files section must include a
%defattr(...) line.

Good.

- MUST: Each package must have a %clean section, which contains rm -rf
%{buildroot} ( or $RPM_BUILD_ROOT ).

Good.

- MUST: Each package must consistently use macros, as described in the macros
section of Packaging Guidelines .

Good.

- MUST: The package must contain code, or permissable content. This is
described in detail in the code vs. content section of Packaging Guidelines .

Good.

- MUST: Large documentation files should go in a -doc subpackage. (The
definition of large is left up to the packager's best judgement, but is not
restricted to size. Large can refer to either size or quantity)

NA.

- MUST: If a package includes something as %doc, it must not affect the runtime
of the application. To summarize: If it is in %doc, the program must run
properly if it is not present.

Good.

- MUST: Header files must be in a -devel package.

NA.

- MUST: Static libraries must be in a -static package.

NA.

- MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig'
(for directory ownership and usability).

NA.

- MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1),
then library files that end in .so (without suffix) must go in a -devel
package.

NA.

- MUST: In the vast majority of cases, devel packages must require the base
package using a fully versioned dependency: Requires: %{name} =
%{version}-%{release}

NA.

- MUST: Packages must NOT contain any .la libtool archives, these should be
removed in the spec.

Good.

- MUST: Packages containing GUI applications must include a %{name}.desktop
file, and that file must be properly installed with desktop-file-install in the
%install section. This is described in detail in the desktop files section of
the Packaging Guidelines . If you feel that your packaged GUI application does
not need a .desktop file, you must put a comment in the spec file with your
explanation.

NA.

- MUST: Packages must not own files or directories already owned by other
packages. The rule of thumb here is that the first package to be installed
should own the files or directories that other packages may rely upon. This
means, for example, that no package in Fedora should ever share ownership with
any of the files or directories owned by the filesystem or man package. If you
feel that you have a good reason to own a file or directory that another
package owns, then please present that at package review time.

NA.

- MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot}
( or $RPM_BUILD_ROOT ). See Prepping BuildRoot For %install for details.

Good.

- MUST: All filenames in rpm packages must be valid UTF-8.

Good.



- SHOULD: If the source package does not include license text(s) as a
separate file from upstream, the packager SHOULD query upstream to include it.

Good.

- SHOULD: The description and summary sections in the package spec file
should contain translations for supported Non-English languages, if available.

Good.

- SHOULD: The the package builds in mock.
# mock -r default rebuild SRPMS/ccrypt-1.7-1.fc9.src.rpm
Good on i386.

- SHOULD: The package should compile and build into binary rpms on all
supported architectures.

$ koji build --arch=x86_64 --scratch dist-f10 SRPMS/ccrypt-1.7-1.fc9.src.rpm 
Good.
$ koji build --arch=ppc --scratch dist-f10 SRPMS/ccrypt-1.7-1.fc9.src.rpm
Good. (See http://koji.fedoraproject.org/koji/taskinfo?taskID=1071232 )

- SHOULD: The package functions as described.

Good.

- SHOULD: If scriptlets are used, those scriptlets must be sane.

NA.

- SHOULD: Usually, subpackages other than devel should require the base
package using a fully versioned dependency.

NA.

- SHOULD: The placement of pkgconfig(.pc) files depends on their usecase,
and this is usually for development purposes, so should be placed in a -devel
pkg.

NA.

- SHOULD: If the package has file dependencies outside of /etc, /bin,
/sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the
file instead of the file itself.

Good.
Comment 2 Fabian Affolter 2009-02-02 18:59:48 EST
(In reply to comment #1)
> My review. I cannot sponsor you as I'm not (yet) an approved packager.
> Once this package gets approved contact a sponsor from the official list.

Thanks, I don't need a sponsor.

> Requires: libcrypt.so.1 (noticed this requirement during build)
> To be checked...

see below

> Good.  Wondering if the following line is relevant for the description:
> "which is the U.S. government's chosen candidate for the Advanced 
> Encryption Standard." Your call.

I removed some sentences. 

> Will you be able to fix the build problem on PPC? Otherwise, add a tag to
> exclude it.
> Via koji I was able to build on ppc.

I will exclude ppc64 for the moment.  This is my second package with issues about openssl on ppcX.

> - MUST: All build dependencies must be listed in BuildRequires, except for any
> that are listed in the exceptions section of the Packaging Guidelines ;
> inclusion of those as BuildRequires is optional. Apply common sense.
> 
> You need the glibc-devel package for -lcrypt

I don't think that I need glibc-devel.  The koji log shows that the check for -lcrypt is ok without BR glibc-devel.  But maybe I'm mistaken...

http://koji.fedoraproject.org/koji/getfile?taskID=1100286&name=build.log

Updated files:

Spec URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt.spec
SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt-1.7-2.fc9.src.rpm
Comment 3 Gratien D'haese 2009-02-04 09:21:04 EST
(In reply to comment #2)
> 
> > Good.  Wondering if the following line is relevant for the description:
> > "which is the U.S. government's chosen candidate for the Advanced 
> > Encryption Standard." Your call.
> 
> I removed some sentences. 

Thanks - it is much better.

> 
> > Will you be able to fix the build problem on PPC? Otherwise, add a tag to
> > exclude it.
> > Via koji I was able to build on ppc.
> 
> I will exclude ppc64 for the moment.  This is my second package with issues
> about openssl on ppcX.

Thanks - acceptable for me.

> 
> > - MUST: All build dependencies must be listed in BuildRequires, except for any
> > that are listed in the exceptions section of the Packaging Guidelines ;
> > inclusion of those as BuildRequires is optional. Apply common sense.
> > 
> > You need the glibc-devel package for -lcrypt
> 
> I don't think that I need glibc-devel.  The koji log shows that the check for
> -lcrypt is ok without BR glibc-devel.  But maybe I'm mistaken...

Hum, is indeed strange, but your comment is correct. It works nice without it. So, unless somebody complains do not use in the spec file.

> 
> http://koji.fedoraproject.org/koji/getfile?taskID=1100286&name=build.log
> 
> Updated files:
> 
> Spec URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt.spec
> SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt-1.7-2.fc9.src.rpm
The SRPM URL was wrong! The correct URL is:
http://fab.fedorapeople.org/packages/SRPMS/ccrypt-1.7-2.fc10.src.rpm

Next actions are:
1/ final approval of the spec and RPM/SRPM packages of an "official" approver is still needed
2/ finding a sponsor, but you did not need one according to your comment #2

Thanks, go ahead - for me it's fine.
Comment 4 Dan Horák 2009-03-08 14:44:35 EDT
I will do the formal review, it looks good as already found during the pre-review, but I have found 2 issues there:
- a test-suite is included in the sources in the "check" directory, you should add a %check section containing "make check" into the spec file
- the failure on ppc64 is a result of buggy code in maketables or a bug in GCC in combination with our security related compiler flags and you can ask for access to ppc654 system on fedora-devel for further investigation
Comment 5 Dan Horák 2009-03-08 15:11:31 EDT
(In reply to comment #4)
> - the failure on ppc64 is a result of buggy code in maketables or a bug in GCC
> in combination with our security related compiler flags and you can ask for
> access to ppc654 system on fedora-devel for further investigation  

so it's buggy code ->
the "r" array on line 133 (maketables.c) consists of too small members (word8) for storing word32 values as returned by function multrot2113
Comment 6 Fabian Affolter 2009-03-08 17:56:10 EDT
Thanks for your help.

(In reply to comment #4)
> - a test-suite is included in the sources in the "check" directory, you should
> add a %check section containing "make check" into the spec file

At the moment there is an issue with the 'check'

-------<%---------

BC=8, KC=8, Inverse difference a0[i][j]=232, a1[j*4+i]=-30
BC=8, KC=8, Inverse difference a0[i][j]=8, a1[j*4+i]=109
Inverse: 32 differences
Total: 647 differences
The optimized Rijndael implementation does not agree with the reference implementation.
FAIL: rijndael-check
ccrypt: key does not match
./length-check.sh: test failed for file length 0.
FAIL: length-check.sh
./ccrypt-check.sh:57: Action returned 4 instead of 0.
./ccrypt-check.sh: test failed.
FAIL: ccrypt-check.sh
Random seed: 1236549206
Passed.
PASS: crypt3-check
===================
3 of 4 tests failed
===================
make[2]: *** [check-TESTS] Fehler 1
make[2]: Leaving directory `/home/fab/rpmbuild/BUILD/ccrypt-1.7/check'
make[1]: *** [check-am] Fehler 2
make[1]: Leaving directory `/home/fab/rpmbuild/BUILD/ccrypt-1.7/check'

-------%>---------  

(In reply to comment #5)
> (In reply to comment #4)
> > - the failure on ppc64 is a result of buggy code in maketables or a bug in GCC
> > in combination with our security related compiler flags and you can ask for
> > access to ppc654 system on fedora-devel for further investigation  
> 
> so it's buggy code ->
> the "r" array on line 133 (maketables.c) consists of too small members (word8)
> for storing word32 values as returned by function multrot2113  

Added a patch for this.  Now it works on ppc64.
Comment 7 Dan Horák 2009-03-09 08:53:54 EDT
(In reply to comment #6)
> Thanks for your help.
> 
> (In reply to comment #4)
> > - a test-suite is included in the sources in the "check" directory, you should
> > add a %check section containing "make check" into the spec file
> 
> At the moment there is an issue with the 'check'
> 
> -------<%---------
> 
> BC=8, KC=8, Inverse difference a0[i][j]=232, a1[j*4+i]=-30
> BC=8, KC=8, Inverse difference a0[i][j]=8, a1[j*4+i]=109
> Inverse: 32 differences
> Total: 647 differences
> The optimized Rijndael implementation does not agree with the reference
> implementation.
> FAIL: rijndael-check
> ccrypt: key does not match
> ./length-check.sh: test failed for file length 0.
> FAIL: length-check.sh
> ./ccrypt-check.sh:57: Action returned 4 instead of 0.
> ./ccrypt-check.sh: test failed.
> FAIL: ccrypt-check.sh
> Random seed: 1236549206
> Passed.
> PASS: crypt3-check
> ===================
> 3 of 4 tests failed
> ===================
> make[2]: *** [check-TESTS] Fehler 1
> make[2]: Leaving directory `/home/fab/rpmbuild/BUILD/ccrypt-1.7/check'
> make[1]: *** [check-am] Fehler 2
> make[1]: Leaving directory `/home/fab/rpmbuild/BUILD/ccrypt-1.7/check'
> 
> -------%>---------  
> 

What platform is it? The tests did run successful on my Rawhide/x86_64.
Comment 8 Fabian Affolter 2009-03-14 04:33:40 EDT
F10/i386
Comment 9 Dan Horák 2009-03-21 06:41:04 EDT
Hm, in my opinion we should insist on a positive result from the built-in tests.
Comment 10 Fabian Affolter 2009-04-08 05:10:38 EDT
Yes, the built-in test should be passed successfully.  I will try to get in touch with upstream about this issue.
Comment 11 Fabian Affolter 2009-04-26 08:03:19 EDT
Still are only 3 of 4 test successful passed for i386.  There are a lot of compiler errors...

Anyway updated files:

Spec URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt.spec
SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/ccrypt-1.7-4.fc10.src.rpm

Koji scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1321176
Comment 12 Mamoru TASAKA 2009-06-16 12:53:45 EDT
Now upstream seems to have 1.8 formal release.
Would you check that?
Comment 13 Fabian Affolter 2009-06-21 02:04:10 EDT
I will.  Thanks Mamoru
Comment 14 Fabian Affolter 2009-06-27 06:41:50 EDT
The spec file should be online.  At the moment I have a poor connection and I'm not able to upload the SRPM.
Comment 16 Dan Horák 2009-06-29 15:31:45 EDT
Everything looks OK now, tests are passed, the ExcludeArch blocker bug can be removed. It could hardly be better :-)

This package is APPROVED.
Comment 17 Fabian Affolter 2009-07-31 10:48:21 EDT
Thanks Dan for the review and your help with this package.
Comment 18 Fabian Affolter 2009-07-31 10:49:25 EDT
New Package CVS Request
=======================
Package Name: ccrypt
Short Description: Secure encryption and decryption of files and streams
Owners: fab
Branches: F-10 F-11
InitialCC:
Comment 19 Jason Tibbitts 2009-07-31 17:18:18 EDT
CVS done.
Comment 20 Fedora Update System 2009-07-31 17:57:04 EDT
ccrypt-1.8-1.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/ccrypt-1.8-1.fc10
Comment 21 Fedora Update System 2009-07-31 17:57:10 EDT
ccrypt-1.8-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/ccrypt-1.8-1.fc11
Comment 22 Fedora Update System 2009-08-01 19:58:11 EDT
ccrypt-1.8-1.fc10 has been pushed to the Fedora 10 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update ccrypt'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-8200
Comment 23 Fedora Update System 2009-08-01 19:59:55 EDT
ccrypt-1.8-1.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update ccrypt'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-8209
Comment 24 Fedora Update System 2009-08-15 04:17:21 EDT
ccrypt-1.8-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 25 Fedora Update System 2009-08-15 04:18:27 EDT
ccrypt-1.8-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 26 Fabian Affolter 2014-10-06 17:59:50 EDT
Package Change Request
======================
Package Name: ccrypt
New Branches: epel7 el6
Owners: fab
InitialCC:
Comment 27 Gwyn Ciesla 2014-10-07 08:00:55 EDT
Git done (by process-git-requests).

Note You need to log in before you can comment on or make changes to this bug.