https://bugzilla.redhat.com/show_bug.cgi?id=2302646 Bug ID: 2302646 Summary: Review Request: wolfssl - Lightweight SSL/TLS library written in ANSI C Product: Fedora Version: rawhide Hardware: All OS: Linux Status: NEW Component: Package Review Severity: medium Priority: medium Assignee: nobody@xxxxxxxxxxxxxxxxx Reporter: zonexpertconsulting@xxxxxxxxxxx QA Contact: extras-qa@xxxxxxxxxxxxxxxxx CC: package-review@xxxxxxxxxxxxxxxxxxxxxxx Target Milestone: --- Classification: Fedora Spec URL: https://download.copr.fedorainfracloud.org/results/kni/wolfssl/fedora-rawhide-x86_64/07829939-wolfssl/wolfssl.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/kni/wolfssl/fedora-rawhide-x86_64/07829939-wolfssl/wolfssl-5.7.0-1.fc41.src.rpm Description: The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments - primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support. wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20, Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User bench-marking and feedback reports dramatically better performance when using wolfSSL over OpenSSL. wolfSSL is powered by the wolfCrypt cryptography library. Two versions of wolfCrypt have been FIPS 140-2 validated (Certificate #2425 and certificate #3389). FIPS 140-3 validation is in progress. For additional information, visit the wolfCrypt FIPS FAQ or contact fips@xxxxxxxxxxx. Fedora Account System Username: kni BACKGROUND: The Netatalk project recently started building against wolfssl. Today it is optional, but the long term goals of the project are to make wolfssl a requirement. As the Netatalk package maintainer, I want to stay ahead of this and get wolfssl added to Fedora repos to avoid any blockages. RPMLINT: $ rpmlint /var/lib/mock/fedora-40-x86_64/result/*.rpm ============================ rpmlint session starts ============================ rpmlint: 2.5.0 configuration: /usr/lib/python3.12/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 32, packages: 6 wolfssl.src: E: spelling-error ('wolfCrypt', '%description -l en_US wolfCrypt -> wolf Crypt, wolf-crypt, Cryptozoic') wolfssl.x86_64: E: spelling-error ('wolfCrypt', '%description -l en_US wolfCrypt -> wolf Crypt, wolf-crypt, Cryptozoic') wolfssl-devel.x86_64: W: no-manual-page-for-binary wolfssl-config wolfssl.x86_64: W: crypto-policy-non-compliance-openssl /usr/lib64/libwolfssl.so.42.1.0 SSL_CTX_set_cipher_list 6 packages and 0 specfiles checked; 2 errors, 2 warnings, 40 filtered, 2 badness; has taken 4.1 s RPMLINT RESPONSES: >wolfssl.src: E: spelling-error ('wolfCrypt', '%description -l en_US wolfCrypt -> wolf Crypt, wolf-crypt, Cryptozoic') This is the proper name of the project, thus this error can be ignored >wolfssl-devel.x86_64: W: no-manual-page-for-binary wolfssl-config wolfssl-config is dynamically created during configure. The authors have not provided a man page for this executable. This is by design: https://github.com/wolfSSL/wolfssl/blob/master/debian/include.am#L60 >wolfssl.x86_64: W: crypto-policy-non-compliance-openssl /usr/lib64/libwolfssl.so.42.1.0 SSL_CTX_set_cipher_list Fedora Packaging Reference: https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/ Grepping the source code, one can see that wolfssl calls wolfSSL_CTX_set_cipher_list() rather than SSL_CTX_set_cipher_list(). Thus, this is a false positive and can be ignored. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2302646 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202302646%23c0 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
