Spec URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled.spec SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled-1.3-1.fc20.src.rpm Project URL: http://www.taddong.com/en/lab.html Description: TLSSLed is a Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. It is based on sslscan, a thorough SSL/TLS scanner that is based on the openssl library, and on the "openssl s_client" command line tool. The current tests include checking if the target supports the SSLv2 protocol, the NULL cipher, weak ciphers based on their key length (40 or 56 bits), the availability of strong ciphers (like AES), if the digital certificate is MD5 signed, and the current SSL/TLS renegotiation capabilities. Koji scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=6572387 rpmlint output: [fab@laptop011 SRPMS]$ rpmlint tlssled-1.3-1.fc20.src.rpm tlssled.src: W: spelling-error %description -l en_US sslscan -> scantness tlssled.src: W: spelling-error %description -l en_US openssl -> slope 1 packages and 0 specfiles checked; 0 errors, 2 warnings. $ rpmlint tlssled-1.3-1.fc20.noarch.rpm tlssled.noarch: W: no-documentation tlssled.noarch: W: no-manual-page-for-binary tlssled 1 packages and 0 specfiles checked; 0 errors, 2 warnings. Fedora Account System Username: fab
1. #!/usr/bin/env bash I'm not sure if we need to hack it to /bin/bash or /bin/sh. 2. install with -p. 3. Mix using tab and space: Requires: sslscan Requires: openssl Please unify. ------------------------------ Show me the fixed version and I will set +. PACKAGE APPROVED.
Thanks for the review, Christopher. (In reply to Christopher Meng from comment #1) > 1. #!/usr/bin/env bash > > I'm not sure if we need to hack it to /bin/bash or /bin/sh. As far as I remember was this topic discussed 4-5 years ago. rpmbuild is picking env up so it will work. > 2. install with -p. fixed > 3. Mix using tab and space: fixed Updated files: Spec URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled.spec SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled-1.3-2.fc20.src.rpm
There are mixed feelings about /usr/bin/env. /usr/bin/env as the dependency is less correct than a strict dependency on /usr/bin/bash (being the bash provided by Fedora). And if someone puts "bash" in a customised $PATH before /usr/bin, this may break the program and/or even make it insecure in case it's a vulnerable old bash. This also affects other script interpreters, see e.g. http://fedoraproject.org/wiki/Features/SystemPythonExecutablesUseSystemPython An old attempt at prohibiting /usr/bin/env in shebang: https://fedoraproject.org/wiki/Script_Interpreters_%28draft%29
So please use sed to replace the shebang line; Also, these contain tabs still: Name: tlssled Version: 1.3 Release: 2%{?dist} Summary: An evaluation tool for SSL/TLS (HTTPS) web server implementations License: GPLv3+ URL: http://www.taddong.com/en/lab.html Source: http://www.taddong.com/tools/TLSSLed_v%{version}.sh BuildArch: noarch Requires: sslscan Requires: openssl
(In reply to Christopher Meng from comment #4) > Also, these contain tabs still: Not sure why rpmlint doesn't pick it up. Anyway, should be fixed now. * Tue Mar 04 2014 Fabian Affolter <mail> - 1.3-3 - Update shebang - Again spaces Updated files: Spec URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled.spec SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/tlssled-1.3-3.fc20.src.rpm
PACKAGE APPROVED.
Thanks again
New Package SCM Request ======================= Package Name: tlssled Short Description: An evaluation tool for SSL/TLS (HTTPS) web server implementations Owners: fab Branches: f19 f20 InitialCC:
Git done (by process-git-requests).
Package Change Request ====================== Package Name: tlssled New Branches: el6 epel7 Owners: fab InitialCC: