Bug 804215 - Cleanup the NSS PKCS #11 PEM module for submission to nss upstream
Cleanup the NSS PKCS #11 PEM module for submission to nss upstream
Product: Fedora
Classification: Fedora
Component: nss-pem (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Kamil Dudka
Fedora Extras Quality Assurance
: Tracking
Depends On:
  Show dependency treegraph
Reported: 2012-03-16 16:39 EDT by Elio Maldonado Batiz
Modified: 2016-09-29 03:27 EDT (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-09-29 03:27:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 402712 None None None Never

  None (edit)
Description Elio Maldonado Batiz 2012-03-16 16:39:36 EDT
Description of problem: The PEM module was originally submitted upstream four years ago but has not yet been accepted after several re-submissions. The review requests are numerous. The nss package maintainer, this reporter, needs to find enough focused time and get this done.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 Kai Engert (:kaie) 2012-03-19 09:39:27 EDT
If it is very difficult to get the code into shape for integration into upstream NSS, 
and if it's unlikely to get this done in the short term,
then you could consider to make libPEM a separate upstream project and a separate RPM package.
Comment 2 Kai Engert (:kaie) 2012-03-19 09:42:00 EDT
Having the module as a separate upstream project would have another benefit:
- you could avoid having to worry about any non-Linux issues
- you could make it easier for anyone to contribute

Drawbacks of a separate upstream project:
- needs separate upstream testing

However, as of today, there is no upstream testing either.

Even if you decided to make it separate project now, you could still merge it with NSS at a later time.
Comment 3 Fedora End Of Life 2013-04-03 10:49:03 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
Comment 4 Elio Maldonado Batiz 2014-01-29 12:02:13 EST
Making this a tracking bug to be blocked by individual bugs with patches addressing narrowly scoped improvements, most of which have been requested or recommended in reviews of past submission to nss upstream. Some of the requests are not to hard while others are involved.  The nss upstream review will be of the entire pem module from top to bottom.  Splitting the work in stages reduces the chances of regressions or at least if there is one later on it would be easier to point out which change caused it. 

We have an interim upstream just for the pem module 

It is my opinion that will be easier to review the to be proposed incremental patches here in fedora where we have the module within the nss environment. Once approved, this patches will be submitted to the interim upstream. The point being of getting PEM incrementally cleaned up in preparation for the big submission. Does this look to like a sensible strategy?
Comment 5 Fedora Admin XMLRPC Client 2016-08-15 11:52:37 EDT
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 6 Kamil Dudka 2016-09-29 03:27:52 EDT
nss-pem is not going to be included in nss upstream.  It is a separate upstream project that builds against public nss API.

Note You need to log in before you can comment on or make changes to this bug.