Spec URL: http://labs.linuxnetz.de/bugzilla/ssldump.spec SRPM URL: http://labs.linuxnetz.de/bugzilla/ssldump-0.9-0.1.b3.src.rpm Description: This program is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When ssldump identifies SSLv3/TLS traffic, ssldump decodes the records and displays them in a textual form to stdout. And if provided with the appropriate keying material, ssldump will also decrypt the connections and display the application data traffic. This program is based on tcpdump, a network monitoring and data acquisition tool.
OK - MUST: rpmlint /var/lib/mock/fedora-rawhide-x86_64/result/ssldump-* 3 packages and 0 specfiles checked; 0 errors, 0 warnings. FIX - MUST: not named according to the Package Naming Guidelines. OK - MUST: spec file name matches the base package %{name} OK - MUST: package meets the Packaging Guidelines OK - MUST: Fedora approved license and meets the Licensing Guidelines OK - MUST: License field in spec file matches the actual license OK - MUST: license file included in %doc OK - MUST: spec is in American English OK - MUST: spec is legible OK - MUST: sources match the upstream source by MD5 ac8c28fe87508d6bfb06344ec496b1dd OK - MUST: successfully compiles and builds into binary rpms on x86_64 OK - MUST: No ExcludeArch OK - MUST: all build dependencies are listed in BuildRequires. N/A - MUST: handles locales properly with %find_lang N/A - MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. N/A - MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review. OK - MUST: owns all directories that it creates OK - MUST: no duplicate files in the %files listing OK - MUST: Permissions on files are set properly, includes %defattr(...) OK - MUST: package has a %clean section, which contains rm -rf $RPM_BUILD_ROOT OK - MUST: consistently uses macros OK - MUST: package contains code, or permissable content N/A - MUST: Large documentation files should go in a -doc subpackage OK - MUST: Files included as %doc do not affect the runtime of the application N/A - MUST: Header files must be in a -devel package N/A - MUST: Static libraries must be in a -static package N/A - MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig'. N/A - MUST: If a package contains library files with a suffix, then library files that end in .so must go in a -devel package. N/A - MUST: devel packages must require the base package using a fully versioned dependency OK - MUST: The package does not contain any .la libtool archives. N/A - MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. OK - MUST: package does not own files or directories already owned by other packages. OK - MUST: at the beginning of %install, the package runs rm -rf $RPM_BUILD_ROOT OK - MUST: all filenames valid UTF-8 SHOULD Items: OK - SHOULD: Source package includes license text(s) as a separate file. N/A - SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available. OK - SHOULD: builds in mock. OK - SHOULD: compiles and builds into binary rpms on all supported architectures. OK - SHOULD: functions as described. N/A - SHOULD: Scriptlets are used, those scriptlets must be sane. N/A - SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency. N/A - SHOULD: pkgconfig(.pc) files should be placed in a -devel pkg OK - SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself: The package BuildRequires %{_includedir}/pcap.h, but this file is provided by different packages in different versions of Fedora/RHEL, so this is ok. Other items: OK - latest stable version ;) OK - SourceURL valid OK - Compiler flags ok OK - Debuginfo complete OK - Timestamps match upstream and are preserved when possible Issues: - The release tag is wrong: 0.1 indicated a pre-release package, but b3 is a post release. So is should be 1.b3%{?dist} - The license is BSD with advertising but ssldump links against OpenSSL. Not sure if this is allowed, blocking FE-Legal. - Build fails locally if there is more than one version of automake installed. I suggest to use the workaround I already proposed in bug 496492 comment 6. I wouldn't call this a blocker though, since the package builds fine in koji. @Spot: Please have a look at the licensing.
There is no compatibility concern between the OpenSSL license and the BSD with advertising license (just a lot of advertising clauses (3) between the two). Lifting FE-Legal.
Thanks Spot! Robert: The package version seems to be ok since b3 seems a beta3. The only remaining issue is the build failing locally with different versions of autotools installed. I still suggest to work around it, but I wouldn't call this a blocker since it builds fine in the buildsys. Therefor the package is APPROVED
Christoph, thank you for the review. New Package CVS Request ======================= Package Name: ssldump Short Description: An SSLv3/TLS network protocol analyzer Owners: robert Branches: EL-4 EL-5 F-11 F-12 InitialCC:
CVS done (by process-cvs-requests.py).
ssldump-0.9-0.1.b3.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.fc12
ssldump-0.9-0.1.b3.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.fc11
ssldump-0.9-0.1.b3.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.el5
ssldump-0.9-0.1.b3.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/ssldump-0.9-0.1.b3.el4
ssldump-0.9-0.1.b3.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
ssldump-0.9-0.1.b3.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
ssldump-0.9-0.1.b3.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
ssldump-0.9-0.1.b3.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report.