https://bugzilla.redhat.com/show_bug.cgi?id=2182151 --- Comment #40 from Petr Pisar <ppisar@xxxxxxxxxx> --- FIX: The ktls-utils-0.8.tar.gz archive (SHA512 9da04aa8cdbb34193cd26a7bb882bd7f02d4fc2c5065ff1088112057b6e14f3ab6a926356366ab7c0827693b90465d5bb398eb7c5ab722a19c1c7ac2279fd3d3) from ktls-utils-0.8%5e20230516.gc60fab91ef83-1.fc39.src.rpm does not match the upstream tar ball (SHA512: 027824a8ffb42bf8b39ce8d8a83f8f3d0c3d2e6cd0c2867f622e04ce914f578767ce7803617fe922c44a5fb5e69636efc6c0fc1726be1a3852b41cb6ad7579eb). THIRD_PARTY_LICENSES is correctly unpackaged. No LGPL code exists in the sources. License tag is Ok. Regarding the global crypto policy conformance, I have doubts about: pstring = strdup("SECURE256:+SECURE128:-COMP-ALL"); in tlshd_gnutls_priority_init(). Subsequent for-cycle with: pstring = tlshd_cipher_string_emit(pstring, ciphers[i]); adds ciphersuits common to default GnuTLS set and Linux set. I worry that in effect it means all 256-bit, all 128-bit suits and all the common suits. What if the global policy excluded 128-bit suits? $ rpmlint ktls-utils.spec ../SRPMS/ktls-utils-0.8^20230516.gc60fab91ef83-1.fc39.src.rpm ../RPMS/x86_64/ktls-utils-* ======================================== rpmlint session starts ======================================= rpmlint: 2.4.0 configuration: /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 31, packages: 5 ktls-utils.spec:40: W: setup-not-quiet ktls-utils.spec:40: W: setup-not-quiet ktls-utils.x86_64: W: crypto-policy-non-compliance-gnutls-2 /usr/sbin/tlshd gnutls_priority_init ========= 4 packages and 1 specfiles checked; 0 errors, 3 warnings, 0 badness; has taken 0.3 s ======== rpmlint is Ok. "setup-not-quiet" means that %autosetup lists unpacked files, which indeed does not, but that's against RPM documentation <https://rpm-software-management.github.io/rpm/manual/autosetup.html#autosetup-options>. I guess it's a bug in current rpmbuild. FIX: The package fails to build Fedora 39 on i686 (https://koji.fedoraproject.org/koji/taskinfo?taskID=101246895): config.c:155:52: error: comparison of integer expressions of different signedness: '__off_t' {aka 'long int'} and 'unsigned int' [-Werror=sign-compare] 155 | if (statbuf.st_size < 0 || statbuf.st_size > UINT_MAX) { | ^ Please correct the FIX items and provide an updated spec file. Then I will approve this package. I think the crypto policy details can be improved later. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2182151 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue