Overview

Request 1087087 revoked

No description set
Dominique Leuenberger's avatar
Dominique Leuenberger (dimstar) -
reviewer

Pleanty of things broken in Staging:N - this SR is the only one staged there, so all failures are consequences of this submission

https://build.opensuse.org/project/monitor/openSUSE:Factory:Staging:N?blocked=0&building=0&dispatching=0&finished=0&scheduled=0&signing=0&succeeded=0

Pedro Monreal Gonzalez's avatar
Pedro Monreal Gonzalez (pmonrealgonzalez) -
source maintainer

Ouch! Most of the failures should be related to OpenSSL SHA1 stuff deprecation. Can we keep this staging project for some time to analyze it properly? TIA

Dominique Leuenberger's avatar
Dominique Leuenberger (dimstar) -
reviewer 
[  141s] + openssl dgst -sha256 -binary -hmac HMAC_KEY:OpenSSH-FIPS@SLE
[  141s] FATAL: Startup failure (dev note: apps_startup()) for openssl
[  141s] 40872AF4157F0000:error:030000A9:digital envelope routines:alg_module_init:unknown option:crypto/evp/evp_cnf.c:61:name=rh-allow-sha1-signatures, value=yes
[  141s] 40872AF4157F0000:error:0700006D:configuration file routines:module_run:module initialization error:crypto/conf/conf_mod.c:270:module=alg_section, value=evp_properties retcode=-1
Pedro Monreal Gonzalez's avatar
Pedro Monreal Gonzalez (pmonrealgonzalez) -
source maintainer

So, this 'unknown option' was introduced by RH in crypto-policies in this commit: * https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/merge_requests/110/diffs

And openssl now expects it, IMHO it should have been introduced as a patch from RH to keep upstream compatible with any openssl. We are considering enabling this option in OpenSSL 3.1 that brings SHA-1 enablement/disablement for seclevels...

Pedro Monreal Gonzalez's avatar
Pedro Monreal Gonzalez (pmonrealgonzalez) -
source maintainer

New version submitted here: https://build.opensuse.org/request/show/1089055

Request History
Martin Pluskal's avatar

pluskalm created request

Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources

Factory Auto's avatar

factory-auto accepted review

Check script succeeded

Saul Goodman's avatar

licensedigger accepted review

ok

Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:B as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:B"

Dominique Leuenberger's avatar

dimstar_suse accepted review

Picked "openSUSE:Factory:Staging:B"

Dominique Leuenberger's avatar

dimstar_suse added factory-staging as a reviewer

Being evaluated by group "factory-staging"

Dominique Leuenberger's avatar

dimstar_suse accepted review

Unstaged from project "openSUSE:Factory:Staging:B"

Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:N as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:N"

Dominique Leuenberger's avatar

dimstar_suse accepted review

Picked "openSUSE:Factory:Staging:N"

Staging Bot's avatar

staging-bot added factory-staging as a reviewer

Being evaluated by group "factory-staging"

Staging Bot's avatar

staging-bot accepted review

Unstaged from project "openSUSE:Factory:Staging:N"

Staging Bot's avatar

staging-bot declined review

sr#1089055 has newer source and is from the same project

Staging Bot's avatar

staging-bot declined request

sr#1089055 has newer source and is from the same project

Martin Pluskal's avatar

pluskalm revoked request

openSUSE Build Service is sponsored by
Places