https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #12 from Kevin Cernekee ---
I installed the FC19 beta tonight and made some additional progress:
stoken only really needs a tiny piece of libtomcrypt, so I copied the necessary
libtomcrypt files right into the stoken tree. autoconf
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #13 from Simone Caronni ---
(In reply to Kevin Cernekee from comment #12)
> stoken only really needs a tiny piece of libtomcrypt, so I copied the
> necessary libtomcrypt files right into the stoken tree. autoconf will still
> look fo
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #14 from David Woodhouse ---
If run on a machine with the Intel AES-NI instructions, does this make use of
them? I'd like to make sure it does. Give me a SSH public key and a preferred
username if you need an account on a suitable mac
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #15 from David Woodhouse ---
Hm, you don't *really* need to update libtomcrypt; you could just configure
with TOMCRYPT_CFLAGS=-I%{_includedir}/tomcrypt.
Well, that *was* true with the 0.2 tarball. Now it seems to define
LOCAL_TOMCRYP
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #16 from Simone Caronni ---
(In reply to David Woodhouse from comment #15)
> Hm, you don't *really* need to update libtomcrypt; you could just configure
> with TOMCRYPT_CFLAGS=-I%{_includedir}/tomcrypt.
>
> Well, that *was* true with
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Bug 970009 depends on bug 970002, which changed state.
Bug 970002 Summary: Package seems abandoned
https://bugzilla.redhat.com/show_bug.cgi?id=970002
What|Removed |Added
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #17 from David Woodhouse ---
The GnuTLS patch needs to be fixed to call gnutls_cipher_deinit(), and you need
to call gnutls_global_init() somewhere.
And you need to *not* care about the tiny possibility of a race condition with
multi
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #18 from David Woodhouse ---
[!]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
Note: rm -rf %{buildroot} present but not required
[!]: update-desktop-database is invoked when r
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #19 from Simone Caronni ---
(In reply to David Woodhouse from comment #18)
> [!]: Package do,es not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
> beginning of %install.
> Note: rm -rf %{buildroot} present but not req
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #20 from Simone Caronni ---
Here is the updated package. Version is 0.2, I updated the changelog
accordingly.
No rpath sed hacks, proper CFLAGS. Requires proper libtomcrypt version.
Spec URL: http://slaanesh.fedorapeople.org/stoken.
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #21 from Kevin Cernekee ---
(In reply to Simone Caronni from comment #13)
> Unfortunately, the packaging guidelines forbid the inclusion of bundled
> libraries in the code; so at least in the Fedora case we have to use the
> libtomcry
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #22 from Kevin Cernekee ---
BTW - related question about x86 crypto features: what is the preferred way to
utilize the Ivy Bridge RDRAND instruction from an application?
Should the GnuTLS/libtomcrypt/OpenSSL/... library authors assum
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #23 from David Woodhouse ---
Hm.
For an application the question is a bit simpler. If the app needs to generate
random numbers often and fast, then using rdrand directly is the way to go.
Otherwise, just use the library and don't wor
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #24 from Simone Caronni ---
(In reply to Kevin Cernekee from comment #21)
> (In reply to Simone Caronni from comment #13)
> If you do manage to revive the libtomcrypt package, it might be a good idea
> to see if dropbear (which curren
https://bugzilla.redhat.com/show_bug.cgi?id=970009
David Woodhouse changed:
What|Removed |Added
Assignee|nob...@fedoraproject.org|dw...@infradead.org
Flags
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #26 from Simone Caronni ---
(In reply to David Woodhouse from comment #25)
> Package Review
> ==
>
> Legend:
> [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
> [ ] = Manual review needed
>
>
>
>
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #27 from David Woodhouse ---
(In reply to Simone Caronni from comment #26)
> > In fact, I'd much rather see pkgconfig(gtk+-3.0) and it doesn't look
> > particularly hard, but neither of those observations make it a review
> > failure.
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #28 from Simone Caronni ---
Spec URL: http://slaanesh.fedorapeople.org/stoken.spec
SRPM URL: http://slaanesh.fedorapeople.org/stoken-0.2-4.fc19.src.rpm
- Change gtk and libtomcrypt build requirements (pkgconfig).
- Remove useless "--
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Simone Caronni changed:
What|Removed |Added
Flags||fedora-cvs?
--- Comment #29 from Simone
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #30 from Jon Ciesla ---
Git done (by process-git-requests).
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/token.cgi?t=gQESyfu6Dw&a=cc_unsubscribe
_
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Jon Ciesla changed:
What|Removed |Added
Flags|fedora-cvs? |
Flags|
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #31 from Fedora Update System ---
stoken-0.2-4.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/stoken-0.2-4.fc18
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Fedora Update System changed:
What|Removed |Added
Status|NEW |MODIFIED
--
You are receiving th
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #32 from Fedora Update System ---
stoken-0.2-4.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/stoken-0.2-4.fc19
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Simone Caronni changed:
What|Removed |Added
Flags|fedora-cvs+ |
Flags|
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #34 from Simone Caronni ---
Package Change Request
==
Package Name: stoken
New Branches: f17
Owners: slaanesh
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Jon Ciesla changed:
What|Removed |Added
Flags|fedora-cvs? |
Flags|
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #35 from Jon Ciesla ---
Git done (by process-git-requests).
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/token.cgi?t=Zt7FuvmkfJ&a=cc_unsubscribe
_
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #36 from Fedora Update System ---
stoken-0.2-4.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/stoken-0.2-4.fc17
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Fedora Update System changed:
What|Removed |Added
Status|MODIFIED|ON_QA
--- Comment #37 from Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #38 from Kevin Cernekee ---
(In reply to David Woodhouse from comment #23)
> For an application the question is a bit simpler. If the app needs to
> generate random numbers often and fast, then using rdrand directly is the
> way to go
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #39 from Fedora Update System ---
stoken-0.2-4.fc19 has been pushed to the Fedora 19 stable repository.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.c
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Fedora Update System changed:
What|Removed |Added
Status|ON_QA |CLOSED
Fixed In Version|
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Fedora Update System changed:
What|Removed |Added
Fixed In Version|stoken-0.2-4.fc17 |stoken-0.2-4.fc18
--- Comment #41
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Christopher Meng changed:
What|Removed |Added
CC||cicku...@gmail.com
--- Comment #42
https://bugzilla.redhat.com/show_bug.cgi?id=970009
Simone Caronni changed:
What|Removed |Added
Depends On||970002
--
You are receiving this mail
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #1 from Simone Caronni ---
Note:
This package is required for enabling RSA software token support in
openconnect, the Cisco AnyConnect VPN client.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscr
https://bugzilla.redhat.com/show_bug.cgi?id=970009
David Woodhouse changed:
What|Removed |Added
CC||cerne...@gmail.com,
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #3 from Simone Caronni ---
(In reply to David Woodhouse from comment #2)
> I could commit the libtomcrypt changes for you in the short term, as a
> provenpackager. But I think we'd be better off ditching libtomcrypt and
> using someth
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #4 from Simone Caronni ---
Woah, installed the token with stoken, rebuilt openconnect with stoken-devel,
launch from the command line with "--token-mode=rsa" and now I'm asked the pin
instead of the passcode (one number for another...
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #5 from David Woodhouse ---
Well, it might be one number for another, but at least it's now a *constant*
number so it can be scripted. And with NetworkManager-openconnect, it can be
stored in the keyring. Yes, some changes will be req
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #6 from David Woodhouse ---
Ah, no. The NM-openconnect parts should all be there already. Now you have a
version of libopenconnect which admits to having stoken support, you should see
the corresponding options in the configuration GU
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #7 from David Woodhouse ---
Why set CFLAGS=$RPM_OPT_FLAGS in %build? That's done by default anyway. Is that
a leftover from an experiment with *changing* CFLAGS?
Perhaps you did that when you noticed the errant -O0 that you get by ad
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #8 from Simone Caronni ---
(In reply to David Woodhouse from comment #6)
> Ah, no. The NM-openconnect parts should all be there already. Now you have a
> version of libopenconnect which admits to having stoken support, you should
> se
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #9 from David Woodhouse ---
NM-openconnect needs to be built against openconnect 5.00 or newer in order to
get stoken support. I've updated it in rawhide and will update f19 once
https://admin.fedoraproject.org/updates/openconnect-5.0
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #10 from Simone Caronni ---
Spec URL: http://slaanesh.fedorapeople.org/stoken.spec
SRPM URL: http://slaanesh.fedorapeople.org/stoken-0.2-2.fc19.src.rpm
Intermediate package until upstream replies to your mail about GnuTLS and
removal
https://bugzilla.redhat.com/show_bug.cgi?id=970009
--- Comment #11 from Kevin Cernekee ---
> Woah, installed the token with stoken, rebuilt openconnect with
> stoken-devel, launch from the command line with "--token-mode=rsa"
> and now I'm asked the pin instead of the passcode (one number for
> a
47 matches
Mail list logo
