Bug 516802 - Review Request: cryptcat - Standard netcat enhanced with twofish encryption capabilities
Review Request: cryptcat - Standard netcat enhanced with twofish encryption c...
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nobody's working on this, feel free to take it
Fedora Extras Quality Assurance
:
Depends On:
Blocks: FE-DEADREVIEW
  Show dependency treegraph
 
Reported: 2009-08-11 11:03 EDT by Kashyap Chamarthy
Modified: 2010-01-27 00:50 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-01-27 00:50:34 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Kashyap Chamarthy 2009-08-11 11:03:45 EDT
Spec URL: http://kashyapc.fedorapeople.org/cryptcat.spec
SRPM URL: http://kashyapc.fedorapeople.org/cryptcat-1.2.1-1.fc10.src.rpm
Description: TCP/IP swiss army knife extended with twofish encryption
 Cryptcat is a simple Unix utility which reads and writes data across 
 network connections, using TCP or UDP protocol while encrypting the 
 data being transmitted.
 It is designed to be a reliable "back-end" tool that can be used directly 
 or easily driven by other programs and scripts.  At the same time, it is a 
 feature-rich network debugging and exploration tool, since it can create 
 almost any kind of connection you would need and has several interesting
 built-in capabilities.
Comment 1 Tom "spot" Callaway 2009-08-11 11:44:09 EDT
Wow. Okay, a few things:

* The current nc in Fedora is nc-1.84-21
* The nc code in this is 1.10. It is ancient. I would strongly recommend that you try to get this extension supported in the netcat upstream, otherwise, you will constantly be playing a catchup game with keeping this code working against the latest netcat code.

* Netcat is licensed under the GPL, all versions (GPL+)
* farm9crypt.cpp has no licensing information
* twofish2.cc is under the "Cryptix General License", which is BSD, even though the license text is not present in this package (which should be fixed).

In order to have this live in Fedora, you need to update the netcat code to the current revision, have upstream clarify the licensing on farm9crypt*, and include a copy of the Cryptix General License (just to be sure it is in fact, BSD).

Blocking FE-Legal.
Comment 2 Kashyap Chamarthy 2009-08-11 14:52:44 EDT
(In reply to comment #1)
> Wow. Okay, a few things:
> 
> * The current nc in Fedora is nc-1.84-21
> * The nc code in this is 1.10. It is ancient. I would strongly recommend that
> you try to get this extension supported in the netcat upstream,

ok, will try this. 

> otherwise, you
> will constantly be playing a catchup game with keeping this code working
> against the latest netcat code.
> 
> * Netcat is licensed under the GPL, all versions (GPL+)
> * farm9crypt.cpp has no licensing information
> * twofish2.cc is under the "Cryptix General License", which is BSD, even though
> the license text is not present in this package (which should be fixed).
> 
> In order to have this live in Fedora, you need to update the netcat code to the
> current revision, have upstream clarify the licensing on farm9crypt*, and
> include a copy of the Cryptix General License (just to be sure it is in fact,
> BSD).

I've already sent an email to upstream asking for license clarification. 
And Sure, will include the Cryptix General License copy. (FWIW, I've read and compared both Cryptix General License and BSD two clause license, it looks the same)

> 
> Blocking FE-Legal.  

Thanks for the comments Tom.
Comment 3 Till Maas 2009-09-16 18:59:57 EDT
please remove NotReady from the Whiteboard once this review requests needs attention by a reviewer.
Comment 4 Jason Tibbitts 2010-01-25 22:42:03 EST
Is anything happening here?  It's been blocked on legal issues for nearly half a year now and unless something happens soon it's probably time to close this out.
Comment 5 Kashyap Chamarthy 2010-01-26 23:46:05 EST
Hi Jason,  I haven't received any response from upstream, despite sending a couple of mails on license clarification.

This request can be closed for now, I guess.
Comment 6 Jason Tibbitts 2010-01-27 00:50:34 EST
Sure, I'll close it out for you.

Note You need to log in before you can comment on or make changes to this bug.