import rpmlint-1.10-14.el8

This commit is contained in:
CentOS Sources 2020-11-03 07:10:50 -05:00 committed by Andrew Lukoshko
parent ccb3ff0fbf
commit add09e759a
3 changed files with 31 additions and 4 deletions

View File

@ -0,0 +1,20 @@
diff -up rpmlint-rpmlint-1.10/config.orig rpmlint-rpmlint-1.10/config
--- rpmlint-rpmlint-1.10/config.orig 2017-09-05 08:40:05.000000000 +0200
+++ rpmlint-rpmlint-1.10/config 2020-06-04 15:43:14.135492613 +0200
@@ -230,7 +230,7 @@ from Config import *
#'''This application package calls a function to explicitly set crypto ciphers
#for SSL/TLS. That may cause the application not to use the system-wide set
#cryptographic policy and should be modified in accordance to:
-#https://fedoraproject.org/wiki/Packaging:CryptoPolicies'''
+#https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/'''
#
#call_blacklist = {'crypto-policy-non-compliance-openssl' :
# {'f_name' : 'SSL_CTX_set_cipher_list',
@@ -242,6 +242,7 @@ from Config import *
# 'description' : bad_crypto_warning},
# 'crypto-policy-non-compliance-gnutls-2' :
# {'f_name' : 'gnutls_priority_init',
+# 'good_param' : '^@SYSTEM$',
# 'description' : bad_crypto_warning}
# }
#setOption("WarnOnFunction", call_blacklist)

View File

@ -450,18 +450,19 @@ bad_crypto_warning = \
'''This application package calls a function to explicitly set crypto ciphers '''This application package calls a function to explicitly set crypto ciphers
for SSL/TLS. That may cause the application not to use the system-wide set for SSL/TLS. That may cause the application not to use the system-wide set
cryptographic policy and should be modified in accordance to: cryptographic policy and should be modified in accordance to:
https://fedoraproject.org/wiki/Packaging:CryptoPolicies''' https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/'''
call_blacklist = {'crypto-policy-non-compliance-openssl' : call_blacklist = {'crypto-policy-non-compliance-openssl' :
{'f_name' : 'SSL_CTX_set_cipher_list', {'f_name' : 'SSL_CTX_set_cipher_list',
'good_param' : 'PROFILE=SYSTEM', 'good_param' : '^PROFILE=SYSTEM$',
'description' : bad_crypto_warning}, 'description' : bad_crypto_warning},
'crypto-policy-non-compliance-gnutls-1' : 'crypto-policy-non-compliance-gnutls-1' :
{'f_name' : 'gnutls_priority_set_direct', {'f_name' : 'gnutls_priority_set_direct',
'good_param' : '^@SYSTEM$',
'description' : bad_crypto_warning}, 'description' : bad_crypto_warning},
'crypto-policy-non-compliance-gnutls-2' : 'crypto-policy-non-compliance-gnutls-2' :
{'f_name' : 'gnutls_priority_init', {'f_name' : 'gnutls_priority_init',
'good_param' : 'SYSLOG', 'good_param' : '^@SYSTEM$',
'description' : bad_crypto_warning} 'description' : bad_crypto_warning}
} }
setOption("WarnOnFunction", call_blacklist) setOption("WarnOnFunction", call_blacklist)

View File

@ -18,7 +18,7 @@
Name: rpmlint Name: rpmlint
Version: 1.10 Version: 1.10
Release: 13.2%{?dist} Release: 14%{?dist}
Summary: Tool for checking common errors in RPM packages Summary: Tool for checking common errors in RPM packages
Group: Development/Tools Group: Development/Tools
License: GPLv2 License: GPLv2
@ -39,6 +39,7 @@ Patch1: rpmlint-1.10-flake-cleanups.patch
Patch2: rpmlint-1.10-no_python2.patch Patch2: rpmlint-1.10-no_python2.patch
Patch3: rpmlint-1.10-fix_test.patch Patch3: rpmlint-1.10-fix_test.patch
Patch4: rpmlint-1.10-rpm_surrogate_escaped_utf8.patch Patch4: rpmlint-1.10-rpm_surrogate_escaped_utf8.patch
Patch5: rpmlint-1.10-update-crypto-example.patch
BuildArch: noarch BuildArch: noarch
%if %{with python3} %if %{with python3}
%if 0%{?rhel} > 7 %if 0%{?rhel} > 7
@ -96,6 +97,7 @@ and source packages as well as spec files can be checked.
%patch2 -p1 -b .no_python2 %patch2 -p1 -b .no_python2
%patch3 -p1 -b .fix_test %patch3 -p1 -b .fix_test
%patch4 -p1 -b .rpm_surrogate_escaped_utf8 %patch4 -p1 -b .rpm_surrogate_escaped_utf8
%patch5 -p1 -b .update_crypto_example
sed -i -e /MenuCheck/d Config.py sed -i -e /MenuCheck/d Config.py
cp -p config config.example cp -p config config.example
install -pm 644 %{SOURCE3} config install -pm 644 %{SOURCE3} config
@ -137,6 +139,10 @@ make check PYTHON=%{python} PYTEST=%{pytest} FLAKE8=%{flake8}
%{_mandir}/man1/rpmlint.1* %{_mandir}/man1/rpmlint.1*
%changelog %changelog
* Thu Jun 04 2020 Michal Domonkos <mdomonko@redhat.com> - 1.10-14
- Update crypto warnings in config file to reflect current Fedora policy
(RHBZ#1797545)
* Fri Jun 14 2019 Thomas Woerner <twoerner@redhat.com> - 1.10.13.2 * Fri Jun 14 2019 Thomas Woerner <twoerner@redhat.com> - 1.10.13.2
- Handle rpm change to return surrogate-escaped utf-8 python strings - Handle rpm change to return surrogate-escaped utf-8 python strings
(RHBZ#1693712) (RHBZ#1693712)