[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-09 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Fedora Update System  changed:

   What|Removed |Added

 Status|ON_QA   |CLOSED
 Resolution|--- |ERRATA
Last Closed||2017-05-09 17:25:20



--- Comment #16 from Fedora Update System  ---
compat-openssl10-pkcs11-helper-1.22-1.fc26, qca-2.1.3-6.fc26 has been pushed to
the Fedora 26 stable repository. If problems still persist, please make note of
it in this bug report.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-06 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Fedora Update System  changed:

   What|Removed |Added

 Status|MODIFIED|ON_QA



--- Comment #15 from Fedora Update System  ---
compat-openssl10-pkcs11-helper-1.22-1.fc26, qca-2.1.3-6.fc26 has been pushed to
the Fedora 26 testing repository. If problems still persist, please make note
of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here:
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab577a520a

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-05 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Fedora Update System  changed:

   What|Removed |Added

 Status|NEW |MODIFIED



-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-05 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #14 from Fedora Update System  ---
compat-openssl10-pkcs11-helper-1.22-1.fc26 qca-2.1.3-6.fc26 has been submitted
as an update to Fedora 26.
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab577a520a

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-02 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #13 from Rex Dieter  ---
I'm skeptical, but I guess I'll take your word for it.  If that is true, it is
even more unfortunate the compat-openssl10-devel maintainer chose to not make
it parallel-installable (with openssl-devel)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #12 from Nikos Mavrogiannopoulos  ---
(In reply to Rex Dieter from comment #11)
> I think any situation where both are linked is asking for trouble and should
> be avoided at all costs (I'm fairly certain versioned symbols won't help
> there either... *namespaced* symbols maybe).

I am not sure what we are discussing above, but as I mentioned it is a fairly
common scenario. Yes, you can have an application linked with both the old
openssl library and the new one, and it will work fine. Version symbols ensure
that (and yes, versioned symbols are namespaced symbols).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #11 from Rex Dieter  ---
I think any situation where both are linked is asking for trouble and should be
avoided at all costs (I'm fairly certain versioned symbols won't help there
either... *namespaced* symbols maybe).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #10 from Nikos Mavrogiannopoulos  ---
(In reply to Rex Dieter from comment #9)
> (Or am I missing something?)

I believe you are. A binary can link to both of them due to variable library
dependencies. The problem may be limited in your case because very few programs
link to pkcs11-helper but normally in libraries we change the versioned symbols
in such cases.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #9 from Rex Dieter  ---
(Or am I missing something?)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #8 from Rex Dieter  ---
Only if a binary links both of them, and that should never happen.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #7 from Nikos Mavrogiannopoulos  ---
(In reply to Rex Dieter from comment #5)
> Re: comment 3
> 
> lower... like 0?  I'd assumed that had been used before, and didn't want to
> risk it.  As far symbol versioning, that's only really required if the
> soname stays the same, which is not the case here.

That's not the case. Even if the soname is different the symbols can clash.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #6 from Gwyn Ciesla  ---
Package request has been approved:
https://admin.fedoraproject.org/pkgdb/package/rpms/compat-openssl10-pkcs11-helper

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Rex Dieter  changed:

   What|Removed |Added

   Assignee|nob...@fedoraproject.org|nmavr...@redhat.com



-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-05-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #5 from Rex Dieter  ---
Re: comment 3

lower... like 0?  I'd assumed that had been used before, and didn't want to
risk it.  As far symbol versioning, that's only really required if the soname
stays the same, which is not the case here.

Re: comment 4

Requires more patching, I think the full library name is stored internally, I
didn't think I could rename it without more work (and would be more fragile).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-28 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #4 from Nikos Mavrogiannopoulos  ---
or instead of using the soname you can rename the library to
libpkcs11-helper-compat.so.xx (same xx as before), and link libpkcs11-helper.so
to that library.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-28 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Nikos Mavrogiannopoulos  changed:

   What|Removed |Added

   Assignee|nmavr...@redhat.com |nob...@fedoraproject.org



-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-28 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #3 from Nikos Mavrogiannopoulos  ---
I'd also recommend to go lower rather than higher in the ABI soname, and you
would have to use versioned symbols to prevent conflicts with programs linking
to both versions of pkcs11-helper (unlikely but possible).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-28 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Nikos Mavrogiannopoulos  changed:

   What|Removed |Added

 Status|ASSIGNED|NEW
  Flags|fedora-review?  |fedora-review+



--- Comment #2 from Nikos Mavrogiannopoulos  ---
The download URL is wrong, however I guess that's a mistake in the mother
package. Please fix prior to uploading. I also ignored any obsolete macros
warning (see below, as it is a compat package). Giving ack.

Package Review
==

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



= MUST items =

C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: Header files in -devel subpackage, if present.
[x]: ldconfig called in %post and %postun if required.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.
[x]: Development (unversioned) .so files in -devel subpackage, if present.

Generic:
[x]: Package is licensed with an open-source compatible license and meets
 other legal requirements as defined in the legal section of Packaging
 Guidelines.
[x]: License field in the package spec file matches the actual license.
[x]: License file installed when any subpackage combination is installed.
[x]: If the package is under multiple licenses, the licensing breakdown
 must be documented in the spec.
[x]: Package does not own files or directories owned by other packages.
 Note: Dirs in package are owned also by:
 /usr/include/pkcs11-helper-1.0(pkcs11-helper-devel)
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[x]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
 names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[x]: If the package is a rename of another package, proper Obsoletes and
 Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[x]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Large documentation must go in a -doc subpackage. Large could be size
 (~1MB) or number of files.
 Note: Documentation size is 20480 bytes in 4 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
 one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
 Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
 license(s) in its own file, then that file, containing the text of the
 license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: All build dependencies are listed in BuildRequires, except for any
 that are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
 beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
 work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
 provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
 %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local

= SHOULD items =

Generic:
[!]: Sources can be downloaded from URI in Source: tag
 Note: Could not download Source0:
 http://downloads.sourceforge.net/opensc/pkcs11-helper-1.22.tar.bz2
 See: http://fedoraproject.org/wiki/Packaging:Guidelines#Tags
[x]: If the source package does not include license text(s) as a separate
 file from upstream, the packager SHOULD

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-28 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Nikos Mavrogiannopoulos  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 CC||nmavr...@redhat.com
   Assignee|nob...@fedoraproject.org|nmavr...@redhat.com
  Flags||fedora-review?



-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-25 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349



--- Comment #1 from Rex Dieter  ---
Scratch build:
https://koji.fedoraproject.org/koji/taskinfo?taskID=19199789

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-25 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Rex Dieter  changed:

   What|Removed |Added

 Blocks||1444994




Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1444994
[Bug 1444994] pkcs11-helper; (RFE) build using compat-openssl10 (instead of
openssl-1.1.x)
-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1445349] Review Request: compat-openssl10-pkcs11-helper - A library for using PKCS#11 providers

2017-04-25 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1445349

Rex Dieter  changed:

   What|Removed |Added

 Blocks||1391544, 1423077, 1432152,
   ||1440468




Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1391544
[Bug 1391544] openvpn - support for OpenSSL v1.1
https://bugzilla.redhat.com/show_bug.cgi?id=1423077
[Bug 1423077] qca: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1432152
[Bug 1432152] openvpn pkcs11 does not work with hardware tokens anymore.
https://bugzilla.redhat.com/show_bug.cgi?id=1440468
[Bug 1440468] OpenVPN 2.4 in F26 lacks --pkcs12 support when built against
mbed TLS
-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org