Bug 557995 - Review Request: ssldump - An SSLv3/TLS network protocol analyzer
Summary: Review Request: ssldump - An SSLv3/TLS network protocol analyzer
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Christoph Wickert
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-01-23 00:30 UTC by Robert Scheck
Modified: 2010-02-22 22:40 UTC (History)
5 users (show)

Fixed In Version: 0.9-0.1.b3.el4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-01-28 21:09:40 UTC
Type: ---
cwickert: fedora-review+
tibbs: fedora-cvs+


Attachments (Terms of Use)

Description Robert Scheck 2010-01-23 00:30:09 UTC
Spec URL: http://labs.linuxnetz.de/bugzilla/ssldump.spec
SRPM URL: http://labs.linuxnetz.de/bugzilla/ssldump-0.9-0.1.b3.src.rpm
Description:
This program is an SSLv3/TLS network protocol analyzer. It identifies TCP
connections on the chosen network interface and attempts to interpret them
as SSLv3/TLS traffic. When ssldump identifies SSLv3/TLS traffic, ssldump
decodes the records and displays them in a textual form to stdout. And if
provided with the appropriate keying material, ssldump will also decrypt
the connections and display the application data traffic. This program is
based on tcpdump, a network monitoring and data acquisition tool.

Comment 1 Christoph Wickert 2010-01-23 23:16:19 UTC
OK - MUST: rpmlint /var/lib/mock/fedora-rawhide-x86_64/result/ssldump-*
3 packages and 0 specfiles checked; 0 errors, 0 warnings.
FIX - MUST: not named according to the Package Naming Guidelines. 
OK - MUST: spec file name matches the base package %{name}
OK - MUST: package meets the Packaging Guidelines
OK - MUST: Fedora approved license and meets the Licensing Guidelines
OK - MUST: License field in spec file matches the actual license
OK - MUST: license file included in %doc
OK - MUST: spec is in American English
OK - MUST: spec is legible
OK - MUST: sources match the upstream source by MD5 ac8c28fe87508d6bfb06344ec496b1dd
OK - MUST: successfully compiles and builds into binary rpms on x86_64
OK - MUST: No ExcludeArch
OK - MUST: all build dependencies are listed in BuildRequires.
N/A - MUST: handles locales properly with %find_lang
N/A - MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun.
N/A - MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review.
OK - MUST: owns all directories that it creates
OK - MUST: no duplicate files in the %files listing
OK - MUST: Permissions on files are set properly, includes %defattr(...)
OK - MUST: package has a %clean section, which contains rm -rf $RPM_BUILD_ROOT
OK - MUST: consistently uses macros
OK - MUST: package contains code, or permissable content
N/A - MUST: Large documentation files should go in a -doc subpackage
OK - MUST: Files included as %doc do not affect the runtime of the application
N/A - MUST: Header files must be in a -devel package
N/A - MUST: Static libraries must be in a -static package
N/A - MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig'.
N/A - MUST: If a package contains library files with a suffix, then library files that end in .so must go in a -devel package.
N/A - MUST: devel packages must require the base package using a fully versioned dependency
OK - MUST: The package does not contain any .la libtool archives.
N/A - MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section.
OK - MUST: package does not own files or directories already owned by other packages.
OK - MUST: at the beginning of %install, the package runs rm -rf $RPM_BUILD_ROOT
OK - MUST: all filenames valid UTF-8


SHOULD Items:
OK - SHOULD: Source package includes license text(s) as a separate file.
N/A - SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available.
OK - SHOULD: builds in mock.
OK - SHOULD: compiles and builds into binary rpms on all supported architectures.
OK - SHOULD: functions as described.
N/A - SHOULD: Scriptlets are used, those scriptlets must be sane.
N/A - SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency.
N/A - SHOULD: pkgconfig(.pc) files should be placed in a -devel pkg
OK - SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself: The package BuildRequires %{_includedir}/pcap.h, but this file is provided by different packages in different versions of Fedora/RHEL, so this is ok.


Other items:
OK - latest stable version ;)
OK - SourceURL valid
OK - Compiler flags ok
OK - Debuginfo complete
OK - Timestamps match upstream and are preserved when possible


Issues:
- The release tag is wrong: 0.1 indicated a pre-release package, but b3 is a post release. So is should be 1.b3%{?dist}
- The license is BSD with advertising but ssldump links against OpenSSL. Not sure if this is allowed, blocking FE-Legal.
- Build fails locally if there is more than one version of automake installed. I suggest to use the workaround I already proposed in bug 496492 comment 6. I wouldn't call this a blocker though, since the package builds fine in koji.


@Spot: Please have a look at the licensing.

Comment 2 Tom "spot" Callaway 2010-01-25 15:48:17 UTC
There is no compatibility concern between the OpenSSL license and the BSD with advertising license (just a lot of advertising clauses (3) between the two).

Lifting FE-Legal.

Comment 3 Christoph Wickert 2010-01-25 16:11:18 UTC
Thanks Spot!

Robert:
The package version seems to be ok since b3 seems a beta3. The only remaining issue is the build failing locally with different versions of autotools installed. I still suggest to work around it, but I wouldn't call this a blocker since it builds fine in the buildsys. Therefor the package is APPROVED

Comment 4 Robert Scheck 2010-01-25 18:25:39 UTC
Christoph, thank you for the review.


New Package CVS Request
=======================
Package Name: ssldump
Short Description: An SSLv3/TLS network protocol analyzer
Owners: robert
Branches: EL-4 EL-5 F-11 F-12
InitialCC:

Comment 5 Jason Tibbitts 2010-01-27 05:25:25 UTC
CVS done (by process-cvs-requests.py).

Comment 6 Fedora Update System 2010-01-28 21:10:16 UTC
ssldump-0.9-0.1.b3.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.fc12

Comment 7 Fedora Update System 2010-01-28 21:10:34 UTC
ssldump-0.9-0.1.b3.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.fc11

Comment 8 Fedora Update System 2010-01-28 21:11:04 UTC
ssldump-0.9-0.1.b3.el5 has been submitted as an update for Fedora EPEL 5.
http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.el5

Comment 9 Fedora Update System 2010-01-28 21:11:22 UTC
ssldump-0.9-0.1.b3.el4 has been submitted as an update for Fedora EPEL 4.
http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.el4

Comment 10 Fedora Update System 2010-02-01 01:16:02 UTC
ssldump-0.9-0.1.b3.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2010-02-01 01:16:59 UTC
ssldump-0.9-0.1.b3.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2010-02-22 22:36:50 UTC
ssldump-0.9-0.1.b3.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 13 Fedora Update System 2010-02-22 22:40:23 UTC
ssldump-0.9-0.1.b3.el4 has been pushed to the Fedora EPEL 4 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.