Dne 03. 12. 21 v 19:07 Tom Hughes via devel napsal(a):
On 03/12/2021 17:48, Simo Sorce wrote:On Fri, 2021-12-03 at 17:25 +0000, Tom Hughes via devel wrote:On 03/12/2021 17:16, Vitaly Zaitsev via devel wrote:On 03/12/2021 17:41, Miro Hrončok wrote:The bundled openssl in opae worries me still, but that's not causing issues in dependency resolution any more.I think FESCo should create a strict policy on bundling cryptographic libraries.Well bundling a binary from upstream is already against policy so I don't see how that helps. The problem isn't a lack of policy, it's that the packager didn't notice those files or didn't realise they weren't allowed.So the opae-2.0.0 tarball has libcrypto embedded-in what is the process now ? This stuff is used for a Python tool that is used to sign some binary, almost certainly there is absolutely no reason to bundle libcrypto, the tool should probably be unbundled and turned into a regular python module opae depends on.It has an openssl.py that dlopen's the so: def _find_openssl_so(self, version, *paths): candidates = list(paths) crypto = util.find_library('crypto') if crypto: candidates.insert(0, crypto) for c in candidates: dll = CDLL(c) So that might already find the system one if you have it but probably only if you have openssl-devel installed to get the .so link with no version. But dropping the binaries and doing a relatively minor patch to that is likely all that is needed.
Or just symlink ... Vít
Do we know who is the current maintainer? The changelog seem to imply Intel dropped it into Fedora and never maintained it after Sep 17 2020 ...Well src.fpo says trix aka Tom Rix is the maintainer. Tom
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure