Dne 27.8.2014 22:42, James Antill napsal(a): > #topic #452 Crypto policies packaging guideline > .fpc 452 > https://fedorahosted.org/fpc/ticket/452 Looking into this topic and the proposed guidelines [1], I am not sure how to apply them for Ruby. On the first look, looking for SSL_CTX_set_cipher_list, it is called at [2]. It looks like some helper method, which in Ruby translates into #ciphers= method, which does not appear to be used anywhere. Nevertheless, if you look better, you can discover, that it is actually called at [4] and fed by some defaults [5]. This is not directly obvious. This raises several questions: 1) Will I (as a hobbyist packager) be able to reach the proper conclusion, e.g. find the real place where these defaults are set, such as [4, 5]? 2) What about dynamic languages, such as Ruby, Python etc. They are not covered by the guidelines at all. 3) Should I really rewrite the upstream defaults and how? What will be the impact on other libraries written in Ruby? Not mentioning that there was quite lengthy controversial discussion upstream [6] and you ask me again to override its results. Don't take me wrong, I support this effort. It just looks to have lot of blind spots. Vít [1] https://fedoraproject.org/wiki/User:Nmav/CryptoPolicies [2] https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L904 [3] https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L2113 [4] https://github.com/ruby/ruby/blob/trunk/ext/openssl/lib/openssl/ssl.rb#L86 [5] https://github.com/ruby/ruby/blob/trunk/ext/openssl/lib/openssl/ssl.rb#L26 [6] https://github.com/ruby/ruby/commit/699b209cf8cf11809620e12985ad33ae33b119ee -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
