rpms/rpmlint
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import rpmlint-1.10-14.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-07-28 06:35:52 -04:00 committed by Stepan Oksanichenko
parent 474bdffbb8
commit d43e7bd314
3 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
SOURCES/rpmlint-1.10-update-crypto-example.patch Normal file
View File

@ -0,0 +1,20 @@
diff -up rpmlint-rpmlint-1.10/config.orig rpmlint-rpmlint-1.10/config
--- rpmlint-rpmlint-1.10/config.orig 2017-09-05 08:40:05.000000000 +0200
+++ rpmlint-rpmlint-1.10/config 2020-06-04 15:43:14.135492613 +0200
@@ -230,7 +230,7 @@ from Config import *
#'''This application package calls a function to explicitly set crypto ciphers
#for SSL/TLS. That may cause the application not to use the system-wide set
#cryptographic policy and should be modified in accordance to:
-#https://fedoraproject.org/wiki/Packaging:CryptoPolicies'''
+#https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/'''
#
#call_blacklist = {'crypto-policy-non-compliance-openssl' :
# {'f_name' : 'SSL_CTX_set_cipher_list',
@@ -242,6 +242,7 @@ from Config import *
# 'description' : bad_crypto_warning},
# 'crypto-policy-non-compliance-gnutls-2' :
# {'f_name' : 'gnutls_priority_init',
+# 'good_param' : '^@SYSTEM$',
# 'description' : bad_crypto_warning}
# }
#setOption("WarnOnFunction", call_blacklist)

7
SOURCES/rpmlint.config
View File

@ -450,18 +450,19 @@ bad_crypto_warning = \
'''This application package calls a function to explicitly set crypto ciphers
for SSL/TLS. That may cause the application not to use the system-wide set
cryptographic policy and should be modified in accordance to:
https://fedoraproject.org/wiki/Packaging:CryptoPolicies'''
https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/'''
call_blacklist = {'crypto-policy-non-compliance-openssl' :
{'f_name' : 'SSL_CTX_set_cipher_list',
'good_param' : 'PROFILE=SYSTEM',
'good_param' : '^PROFILE=SYSTEM$',
'description' : bad_crypto_warning},
'crypto-policy-non-compliance-gnutls-1' :
{'f_name' : 'gnutls_priority_set_direct',
'good_param' : '^@SYSTEM$',
'description' : bad_crypto_warning},
'crypto-policy-non-compliance-gnutls-2' :
{'f_name' : 'gnutls_priority_init',
'good_param' : 'SYSLOG',
'good_param' : '^@SYSTEM$',
'description' : bad_crypto_warning}
}
setOption("WarnOnFunction", call_blacklist)

8
SPECS/rpmlint.spec
View File

@ -18,7 +18,7 @@
Name: rpmlint
Version: 1.10
Release: 13.2%{?dist}
Release: 14%{?dist}
Summary: Tool for checking common errors in RPM packages
Group: Development/Tools
License: GPLv2
@ -39,6 +39,7 @@ Patch1: rpmlint-1.10-flake-cleanups.patch
Patch2: rpmlint-1.10-no_python2.patch
Patch3: rpmlint-1.10-fix_test.patch
Patch4: rpmlint-1.10-rpm_surrogate_escaped_utf8.patch
Patch5: rpmlint-1.10-update-crypto-example.patch
BuildArch: noarch
%if %{with python3}
%if 0%{?rhel} > 7
@ -96,6 +97,7 @@ and source packages as well as spec files can be checked.
%patch2 -p1 -b .no_python2
%patch3 -p1 -b .fix_test
%patch4 -p1 -b .rpm_surrogate_escaped_utf8
%patch5 -p1 -b .update_crypto_example
sed -i -e /MenuCheck/d Config.py
cp -p config config.example
install -pm 644 %{SOURCE3} config
@ -137,6 +139,10 @@ make check PYTHON=%{python} PYTEST=%{pytest} FLAKE8=%{flake8}
%{_mandir}/man1/rpmlint.1*
%changelog
* Thu Jun 04 2020 Michal Domonkos <mdomonko@redhat.com> - 1.10-14
- Update crypto warnings in config file to reflect current Fedora policy
(RHBZ#1797545)
* Fri Jun 14 2019 Thomas Woerner <twoerner@redhat.com> - 1.10.13.2
- Handle rpm change to return surrogate-escaped utf-8 python strings
(RHBZ#1693712)