Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
Summary: Review Request: bouncycastle Product: Fedora Core Version: devel Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: Package Review AssignedTo: notting@redhat.com ReportedBy: fitzsim@redhat.com QAContact: extras-qa@fedoraproject.org CC: fedora-package-review@redhat.com
Spec URL: http://people.redhat.com/fitzsim/bouncycastle.spec SRPM URL: http://people.redhat.com/fitzsim/bouncycastle-1.33-1.src.rpm Description: The Bouncy Castle JCE provider.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
fitzsim@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |green@redhat.com
------- Additional Comments From fitzsim@redhat.com 2006-07-07 14:36 EST ------- I'm introducing this package because currently we include the BouncyCastle JCE in java-1.4.2-gcj-compat, whereas it really deserves to be its own package. I don't think BouncyCastle should go in Extras because it is a crypto library and therefore needs approval by Red Hat legal.
The upstream BouncyCastle tarball includes the patented IDEA algorithm. The tarball in this SRPM has those sources and references removed.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
jkeating@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO_REPORTER AssignedTo|notting@redhat.com |jkeating@redhat.com OtherBugsDependingO|188265 |188267 nThis| |
------- Additional Comments From jkeating@redhat.com 2006-07-10 16:50 EST ------- NEEDSWORK: - Buildroot should be %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) - Remove Epoch: 0 - Specifying 0 epoch on Requires and BuildRequires is not necessary. Remove them. - RPM_BUILD_ROOT=bctmp aot-compile-rpm <-- what is this doing? Why reset the buildroot? - Post and postun scripts should probably have logic for final removal vs upgrade. As it stands you'll run rebuild-security-providers and rebuild-gcj-db twice every time you upgrade the package. Once for the new package, and once for removing the old package.
rpmlint output:
E: bouncycastle zero-length /etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider W: bouncycastle-debuginfo objdump-failed objdump: /tmp/bouncycastle-debuginfo-1.33-1.x86_64.rpm.17761/usr/lib/debug/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so.debug: File format not recognized W: bouncycastle mixed-use-of-spaces-and-tabs W: bouncycastle non-conffile-in-etc /etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider W: bouncycastle objdump-failed objdump: /tmp/bouncycastle-1.33-1.x86_64.rpm.17761/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so: File format not recognized
The Zero length file, I see it just being touched. Does it just need to exist? If so, we can ignore the error. However it should be marked as a config file.
Not sure about the objdump warnings.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
fitzsim@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO_REPORTER |ASSIGNED
------- Additional Comments From fitzsim@redhat.com 2006-07-10 17:31 EST ------- (In reply to comment #2)
NEEDSWORK:
- Buildroot should be
%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Done.
- Remove Epoch: 0
Done.
- Specifying 0 epoch on Requires and BuildRequires is not necessary. Remove them.
Done.
- RPM_BUILD_ROOT=bctmp aot-compile-rpm <-- what is this doing? Why reset the
buildroot?
Yeah, I realized I don't need this, it's already done by aot-compile-rpm in the %install section.
- Post and postun scripts should probably have logic for final removal vs
upgrade. As it stands you'll run rebuild-security-providers and rebuild-gcj-db twice every time you upgrade the package. Once for the new package, and once for removing the old package.
OK.
rpmlint output:
E: bouncycastle zero-length
/etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider
W: bouncycastle-debuginfo objdump-failed objdump:
/tmp/bouncycastle-debuginfo-1.33-1.x86_64.rpm.17761/usr/lib/debug/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so.debug:
File format not recognized W: bouncycastle mixed-use-of-spaces-and-tabs W: bouncycastle non-conffile-in-etc
/etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider
W: bouncycastle objdump-failed objdump:
/tmp/bouncycastle-1.33-1.x86_64.rpm.17761/usr/lib64/gcj/bouncycastle/bcprov-1.33.jar.so:
File format not recognized
The Zero length file, I see it just being touched. Does it just need to exist? If so, we can ignore the error. However it should be marked as a config file.
The filename 2000-org.bouncycastle.jce.provider.BouncyCastleProvider is interpreted by rebuild-security-providers as <provider priority>-<provider package name>, and is used to rebuild /usr/lib/security/classpath.security. Its contents are meaningless. I don't want to mark it as %config because then if someone edits it and then updates, a backup file with the extension .rpmsave will be created and will cause a bogus entry to appear in /usr/lib/security/classpath.security.
Not sure about the objdump warnings.
I ran rpmlint (0.77-1.fc5) on my x86 workstation and didn't see those warnings.
I'll post the updated package shortly.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
------- Additional Comments From fitzsim@redhat.com 2006-07-10 17:36 EST ------- Updated Spec URL: http://people.redhat.com/fitzsim/bouncycastle.spec Updated SRPM URL: http://people.redhat.com/fitzsim/bouncycastle-1.33-2.src.rpm
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
jkeating@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO_REPORTER OtherBugsDependingO|188267 |188268 nThis| |
------- Additional Comments From jkeating@redhat.com 2006-07-17 15:08 EST ------- No more rpmlint errors. Package approved.
I assume that this will be marked as a dep of some other package, and it doesn't need to go into Comps right?
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
------- Additional Comments From ville.skytta@iki.fi 2006-07-17 15:33 EST ------- Is the intention of %{_javadir}/gcj-endorsed that only gcj (not other JVMs) should be using stuff from there? Other JVMs, eg. the Sun one, would have problems with the jar because it's not signed.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
fitzsim@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO_REPORTER |ASSIGNED
------- Additional Comments From fitzsim@redhat.com 2006-07-17 15:47 EST ------- (In reply to comment #6)
Is the intention of %{_javadir}/gcj-endorsed that only gcj (not other JVMs) should be using stuff from there? Other JVMs, eg. the Sun one, would have problems with the jar because it's not signed.
Yes, I'm not supporting non-GNU Classpath based JVMs with this RPM.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
------- Additional Comments From fitzsim@redhat.com 2006-07-17 16:00 EST ------- (In reply to comment #5)
No more rpmlint errors. Package approved.
I assume that this will be marked as a dep of some other package, and it doesn't need to go into Comps right?
For now let's leave it out.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
jkeating@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution| |RAWHIDE
------- Additional Comments From jkeating@redhat.com 2006-07-18 13:07 EST ------- Was built into rawhide.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: bouncycastle
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197963
bugzilla@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |medium Priority|normal |medium Product|Fedora Core |Fedora
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=197963
Steve Traylen steve.traylen@cern.ch changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |steve.traylen@cern.ch Flag| |fedora-cvs?
--- Comment #10 from Steve Traylen steve.traylen@cern.ch 2010-03-08 17:16:00 EST --- Package Change Request ====================== Package Name: bouncycastle New Branches: EL-5 Owners: stevetraylen
Quoting the fedora owner from bug #571580:
Hi' I have been dealing with bouncycastle updates for the last year. I have no interest in EPEL, so go ahead. Ask for cvs.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=197963
Kevin Fenzi kevin@tummy.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flag|fedora-cvs? |fedora-cvs+
--- Comment #11 from Kevin Fenzi kevin@tummy.com 2010-03-09 00:59:31 EST --- cvs done.
package-review@lists.fedoraproject.org