From 4d033b3d89b737c52e67e9cf05807017bac8a604 Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Tue, 18 Dec 2007 20:13:49 +0000 Subject: [PATCH 01/74] Setup of module trousers --- .cvsignore | 0 Makefile | 21 +++++++++++++++++++++ sources | 0 3 files changed, 21 insertions(+) create mode 100644 .cvsignore create mode 100644 Makefile create mode 100644 sources diff --git a/.cvsignore b/.cvsignore new file mode 100644 index 0000000..e69de29 diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..c16324c --- /dev/null +++ b/Makefile @@ -0,0 +1,21 @@ +# Makefile for source rpm: trousers +# $Id$ +NAME := trousers +SPECFILE = $(firstword $(wildcard *.spec)) + +define find-makefile-common +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +endef + +MAKEFILE_COMMON := $(shell $(find-makefile-common)) + +ifeq ($(MAKEFILE_COMMON),) +# attept a checkout +define checkout-makefile-common +test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 +endef + +MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) +endif + +include $(MAKEFILE_COMMON) diff --git a/sources b/sources new file mode 100644 index 0000000..e69de29 From c7c88a763990ce240c0b657567931b1443851b79 Mon Sep 17 00:00:00 2001 From: Kent Yoder Date: Wed, 19 Dec 2007 16:37:25 +0000 Subject: [PATCH 02/74] Initial add of trousers-0.3.1-5.src.rpm --- .cvsignore | 1 + sources | 1 + ...sers-0.3.1-remove-group-install-code.patch | 148 ++++++++++++++++++ trousers.spec | 144 +++++++++++++++++ 4 files changed, 294 insertions(+) create mode 100644 trousers-0.3.1-remove-group-install-code.patch create mode 100644 trousers.spec diff --git a/.cvsignore b/.cvsignore index e69de29..c643b73 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +trousers-0.3.1.tar.gz diff --git a/sources b/sources index e69de29..e186953 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +9d3a07380a0c5d2f0074a9ef79ea218a trousers-0.3.1.tar.gz diff --git a/trousers-0.3.1-remove-group-install-code.patch b/trousers-0.3.1-remove-group-install-code.patch new file mode 100644 index 0000000..78d6ace --- /dev/null +++ b/trousers-0.3.1-remove-group-install-code.patch @@ -0,0 +1,148 @@ +diff -pburN trousers-0.3.1.vanilla/dist/Makefile.in trousers-0.3.1-newtest.build/dist/Makefile.in +--- trousers-0.3.1.vanilla/dist/Makefile.in 2007-11-02 16:59:43.000000000 -0500 ++++ trousers-0.3.1-newtest.build/dist/Makefile.in 2007-12-12 13:34:38.000000000 -0600 +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.9.5 from Makefile.am. ++# Makefile.in generated by automake 1.9.6 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +@@ -13,6 +13,7 @@ + # PARTICULAR PURPOSE. + + @SET_MAKE@ ++ + srcdir = @srcdir@ + top_srcdir = @top_srcdir@ + VPATH = @srcdir@ +@@ -47,6 +48,15 @@ mkinstalldirs = $(install_sh) -d + CONFIG_CLEAN_FILES = tcsd.conf trousers.spec + SOURCES = + DIST_SOURCES = ++am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; ++am__vpath_adj = case $$p in \ ++ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ ++ *) f=$$p;; \ ++ esac; ++am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; ++am__installdirs = "$(DESTDIR)$(sysconfdir)" ++sysconfDATA_INSTALL = $(INSTALL_DATA) ++DATA = $(sysconf_DATA) + DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + ACLOCAL = @ACLOCAL@ + AMDEP_FALSE = @AMDEP_FALSE@ +@@ -106,6 +116,7 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ + PKG_CONFIG = @PKG_CONFIG@ + RANLIB = @RANLIB@ + RPC = @RPC@ ++SED = @SED@ + SET_MAKE = @SET_MAKE@ + SHELL = @SHELL@ + STRIP = @STRIP@ +@@ -213,6 +224,7 @@ ac_ct_CXX = @ac_ct_CXX@ + ac_ct_F77 = @ac_ct_F77@ + ac_ct_RANLIB = @ac_ct_RANLIB@ + ac_ct_STRIP = @ac_ct_STRIP@ ++ac_pt_PKG_CONFIG = @ac_pt_PKG_CONFIG@ + am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ + am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ + am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ +@@ -254,6 +266,7 @@ target_alias = @target_alias@ + target_cpu = @target_cpu@ + target_os = @target_os@ + target_vendor = @target_vendor@ ++sysconf_DATA = tcsd.conf + all: all-am + + .SUFFIXES: +@@ -300,6 +313,23 @@ clean-libtool: + distclean-libtool: + -rm -f libtool + uninstall-info-am: ++install-sysconfDATA: $(sysconf_DATA) ++ @$(NORMAL_INSTALL) ++ test -z "$(sysconfdir)" || $(mkdir_p) "$(DESTDIR)$(sysconfdir)" ++ @list='$(sysconf_DATA)'; for p in $$list; do \ ++ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ ++ f=$(am__strip_dir) \ ++ echo " $(sysconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(sysconfdir)/$$f'"; \ ++ $(sysconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(sysconfdir)/$$f"; \ ++ done ++ ++uninstall-sysconfDATA: ++ @$(NORMAL_UNINSTALL) ++ @list='$(sysconf_DATA)'; for p in $$list; do \ ++ f=$(am__strip_dir) \ ++ echo " rm -f '$(DESTDIR)$(sysconfdir)/$$f'"; \ ++ rm -f "$(DESTDIR)$(sysconfdir)/$$f"; \ ++ done + tags: TAGS + TAGS: + +@@ -336,8 +366,12 @@ distdir: $(DISTFILES) + done + check-am: all-am + check: check-am +-all-am: Makefile ++all-am: Makefile $(DATA) + installdirs: ++ for dir in "$(DESTDIR)$(sysconfdir)"; do \ ++ test -z "$$dir" || $(mkdir_p) "$$dir"; \ ++ done ++install: install-am + install-exec: install-exec-am + install-data: install-data-am + uninstall: uninstall-am +@@ -381,9 +415,7 @@ info-am: + + install-data-am: + +-install-exec-am: +- @$(NORMAL_INSTALL) +- $(MAKE) $(AM_MAKEFLAGS) install-exec-hook ++install-exec-am: install-sysconfDATA + + install-info: install-info-am + +@@ -407,37 +439,18 @@ ps: ps-am + + ps-am: + +-uninstall-am: uninstall-info-am +- @$(NORMAL_INSTALL) +- $(MAKE) $(AM_MAKEFLAGS) uninstall-hook ++uninstall-am: uninstall-info-am uninstall-sysconfDATA + + .PHONY: all all-am check check-am clean clean-generic clean-libtool \ + distclean distclean-generic distclean-libtool distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-exec install-exec-am \ +- install-exec-hook install-info install-info-am install-man \ +- install-strip installcheck installcheck-am installdirs \ ++ install-info install-info-am install-man install-strip \ ++ install-sysconfDATA installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ +- uninstall uninstall-am uninstall-hook uninstall-info-am +- ++ uninstall uninstall-am uninstall-info-am uninstall-sysconfDATA + +-install: install-exec-hook +- if test ! -e ${DESTDIR}/@sysconfdir@/tcsd.conf; then mkdir -p ${DESTDIR}/@sysconfdir@ && cp tcsd.conf ${DESTDIR}/@sysconfdir@; fi +- /bin/chown tss:tss ${DESTDIR}/@sysconfdir@/tcsd.conf +- /bin/chmod 0600 ${DESTDIR}/@sysconfdir@/tcsd.conf +- +-install-exec-hook: +- /usr/sbin/groupadd tss || true +- /usr/sbin/useradd -r tss -g tss || true +- /bin/chown tss:tss ${DESTDIR}/@sbindir@/tcsd +- /bin/sh -c 'if [ ! -e ${DESTDIR}/@localstatedir@/lib/tpm ];then mkdir -p ${DESTDIR}/@localstatedir@/lib/tpm; fi' +- /bin/chown tss:tss ${DESTDIR}/@localstatedir@/lib/tpm +- /bin/chmod 0700 ${DESTDIR}/@localstatedir@/lib/tpm +- +-uninstall-hook: +- /usr/sbin/userdel tss +- /usr/sbin/groupdel tss + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. + .NOEXPORT: diff --git a/trousers.spec b/trousers.spec new file mode 100644 index 0000000..85e1f2c --- /dev/null +++ b/trousers.spec @@ -0,0 +1,144 @@ + +# RPM specfile for the trousers project on Fedora + +%define name trousers +%define version 0.3.1 +%define release 5 + +Name: %{name} +Summary: Implementation of the TCG's Software Stack v1.2 Specification +Version: %{version} +Release: %{release}%{?dist} +License: CPL +Group: System Environment/Libraries +Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz +Url: http://trousers.sourceforge.net +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: libtool, gtk2-devel, openssl-devel +Requires(pre): shadow-utils +Requires(post): /sbin/ldconfig +Requires(post): /sbin/chkconfig +Requires(postun): /sbin/ldconfig +Requires(postun): /sbin/service +Requires(preun): /sbin/chkconfig +Requires(preun): /sbin/service +Patch0: trousers-0.3.1-remove-group-install-code.patch + +%description +TrouSerS is an implementation of the Trusted Computing Group's Software Stack +(TSS) specification. You can use TrouSerS to write applications that make use +of your TPM hardware. TPM hardware can create, store and use RSA keys +securely (without ever being exposed in memory), verify a platform's software +state using cryptographic hashes and more. + +%package static +Summary: TrouSerS TCG Device Driver Library +Group: Development/Libraries + +%description static +The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the +interface to the TPM's device driver. For more information about writing +applications to the TDDL interface, see the latest TSS spec at +https://www.trustedcomputinggroup.org/specs/TSS. + +%package devel +Summary: TrouSerS header files and documentation +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description devel +Header files and man pages for use in creating Trusted Computing enabled +applications. + +%prep +%setup -q +%patch0 -p1 + +%build +%configure +make %{?_smp_mflags} + +%install +mkdir -p ${RPM_BUILD_ROOT} +mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm +mkdir -p ${RPM_BUILD_ROOT}/%{_initrddir} +cp -p dist/fedora/fedora.initrd.tcsd ${RPM_BUILD_ROOT}/%{_initrddir}/tcsd +make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p" +rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la + +%clean +rm -rf ${RPM_BUILD_ROOT} + +%pre +getent group tss >/dev/null || groupadd -r tss +getent passwd tss >/dev/null || \ +useradd -r -g tss -d /dev/null -s /sbin/nologin \ + -c "Account used by the trousers package to sandbox the tcsd daemon" tss +exit 0 + +%post +/sbin/ldconfig +/sbin/chkconfig --add tcsd + +%preun +if [ $1 = 0 ]; then + /sbin/service tcsd stop &> /dev/null + /sbin/chkconfig --del tcsd +fi + +%postun +/sbin/ldconfig +if [ $1 -gt 1 ]; then + /sbin/service tcsd condrestart &>/dev/null +fi + +%files +%doc README AUTHORS LICENSE ChangeLog +%defattr(-, root, root, -) +%attr(755, tss, tss) %{_sbindir}/tcsd +%{_libdir}/libtspi.so.? +%{_libdir}/libtspi.so.?.?.? +%config(noreplace) %attr(600, tss, tss) %{_sysconfdir}/tcsd.conf +%attr(644, root, root) %{_mandir}/man5/* +%attr(644, root, root) %{_mandir}/man8/* +%{_initrddir}/tcsd +%{_localstatedir}/lib/tpm/ + +%files devel +# The files to be used by developers, 'trousers-devel' +%defattr(-, root, root, -) +%attr(755, root, root) %{_libdir}/libtspi.so +%{_includedir}/tss/ +%{_includedir}/trousers/ +%{_mandir}/man3/Tspi_* + +%files static +# The only static library shipped by trousers, the TDDL +%{_libdir}/libtddl.a + +%changelog +* Mon Dec 17 2007 Kent Yoder - 0.3.1-5 +- Updated static rpm's comment line (too long) + +* Thu Dec 13 2007 Kent Yoder - 0.3.1-4 +- Updated specfile for RHBZ#323441 comment #28 + +* Wed Dec 12 2007 Kent Yoder - 0.3.1-3 +- Updated specfile for RHBZ#323441 comment #22 + +* Wed Nov 28 2007 Kent Yoder - 0.3.1-2 +- Updated to include the include dirs in the devel package; +added the no-install-hooks patch + +* Wed Nov 28 2007 Kent Yoder - 0.3.1-1 +- Updated specfile for RHBZ#323441 comment #13 + +* Mon Nov 12 2007 Kent Yoder - 0.3.1 +- Updated specfile for comments in RHBZ#323441 + +* Wed Jun 07 2006 Kent Yoder - 0.2.6-1 +- Updated build section to use smp_mflags +- Removed .la file from installed dest and files section + +* Tue Jun 06 2006 Kent Yoder - 0.2.6-1 +- Initial add of changelog tag for trousers CVS From c2d3e56f8a633d81c3db10692f22838af9c05991 Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Tue, 19 Feb 2008 10:17:01 +0000 Subject: [PATCH 03/74] - Autorebuild for GCC 4.3 --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 85e1f2c..077dfdb 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 5 +%define release 6 Name: %{name} Summary: Implementation of the TCG's Software Stack v1.2 Specification @@ -117,6 +117,9 @@ fi %{_libdir}/libtddl.a %changelog +* Tue Feb 19 2008 Fedora Release Engineering - 0.3.1-6 +- Autorebuild for GCC 4.3 + * Mon Dec 17 2007 Kent Yoder - 0.3.1-5 - Updated static rpm's comment line (too long) From 0a74e5188330816b2d80622adcf6a9946a34cd0a Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Tue, 3 Jun 2008 20:40:27 +0000 Subject: [PATCH 04/74] adding limit patch to fix compile problem --- trousers-0.3.1-limits.patch | 33 +++++++++++++++++++++++++++++++++ trousers.spec | 1 + 2 files changed, 34 insertions(+) create mode 100644 trousers-0.3.1-limits.patch diff --git a/trousers-0.3.1-limits.patch b/trousers-0.3.1-limits.patch new file mode 100644 index 0000000..8896511 --- /dev/null +++ b/trousers-0.3.1-limits.patch @@ -0,0 +1,33 @@ +diff -pur ./trousers-0.3.1/src/trspi/crypto/openssl/symmetric.c ./trousers-0.3.1.new/src/trspi/crypto/openssl/symmetric.c +--- ./trousers-0.3.1/src/trspi/crypto/openssl/symmetric.c 2008-03-01 14:40:51.000000000 -0800 ++++ ./trousers-0.3.1.new/src/trspi/crypto/openssl/symmetric.c 2008-03-01 14:51:32.000000000 -0800 +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + + #include "trousers/tss.h" + #include "trousers/trousers.h" +diff -pur ./trousers-0.3.1/src/tspi/tspi_aik.c ./trousers-0.3.1.new/src/tspi/tspi_aik.c +--- ./trousers-0.3.1/src/tspi/tspi_aik.c 2007-09-25 11:57:58.000000000 -0700 ++++ ./trousers-0.3.1.new/src/tspi/tspi_aik.c 2008-03-01 15:06:06.000000000 -0800 +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include + + #include "trousers/tss.h" + #include "trousers/trousers.h" +diff -pur ./trousers-0.3.1/src/tspi/tsp_ps.c ./trousers-0.3.1.new/src/tspi/tsp_ps.c +--- ./trousers-0.3.1/src/tspi/tsp_ps.c 2007-07-19 11:00:05.000000000 -0700 ++++ ./trousers-0.3.1.new/src/tspi/tsp_ps.c 2008-03-01 15:05:10.000000000 -0800 +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + + #include "trousers/tss.h" + #include "trousers/trousers.h" diff --git a/trousers.spec b/trousers.spec index 077dfdb..e5706b8 100644 --- a/trousers.spec +++ b/trousers.spec @@ -23,6 +23,7 @@ Requires(postun): /sbin/service Requires(preun): /sbin/chkconfig Requires(preun): /sbin/service Patch0: trousers-0.3.1-remove-group-install-code.patch +Patch1: trousers-0.3.1-limits.patch %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack From ec4db690082b20e7f269e2d69570922c5900cbd5 Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Tue, 3 Jun 2008 21:04:37 +0000 Subject: [PATCH 05/74] Fix for RH BZ 434267 and 440733 --- trousers.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index e5706b8..dd95269 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 6 +%define release 7 Name: %{name} Summary: Implementation of the TCG's Software Stack v1.2 Specification @@ -54,6 +54,7 @@ applications. %prep %setup -q %patch0 -p1 +%patch1 -p2 %build %configure @@ -118,6 +119,9 @@ fi %{_libdir}/libtddl.a %changelog +* Tue Jun 3 2008 Emily Ratliff - 0.3.1-7 +- Fix for BZ #434267 and #440733 + * Tue Feb 19 2008 Fedora Release Engineering - 0.3.1-6 - Autorebuild for GCC 4.3 From 3307b70190b121d318c6d13bb6d03468564c96cf Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Tue, 3 Jun 2008 21:31:21 +0000 Subject: [PATCH 06/74] added attribution for the patch --- trousers.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/trousers.spec b/trousers.spec index dd95269..1797bd3 100644 --- a/trousers.spec +++ b/trousers.spec @@ -119,8 +119,8 @@ fi %{_libdir}/libtddl.a %changelog -* Tue Jun 3 2008 Emily Ratliff - 0.3.1-7 -- Fix for BZ #434267 and #440733 +* Tue Jun 03 2008 Emily Ratliff - 0.3.1-7 +- Fix for BZ #434267 and #440733. Patch authored by Debora Velarde * Tue Feb 19 2008 Fedora Release Engineering - 0.3.1-6 - Autorebuild for GCC 4.3 From 48d0393e219b0e9acf9a74aaa3b09f0210ca5eaf Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Wed, 4 Jun 2008 04:11:48 +0000 Subject: [PATCH 07/74] fix build error on ppc64 & x86_64 --- trousers-0.3.1-cast.patch | 12 ++++++++++++ trousers.spec | 3 +++ 2 files changed, 15 insertions(+) create mode 100644 trousers-0.3.1-cast.patch diff --git a/trousers-0.3.1-cast.patch b/trousers-0.3.1-cast.patch new file mode 100644 index 0000000..43416d2 --- /dev/null +++ b/trousers-0.3.1-cast.patch @@ -0,0 +1,12 @@ +diff -Naur trousers-0.3.1-orig/src/tspi/tspi_nv.c trousers-0.3.1/src/tspi/tspi_nv.c +--- trousers-0.3.1-orig/src/tspi/tspi_nv.c 2007-09-25 13:57:58.000000000 -0500 ++++ trousers-0.3.1/src/tspi/tspi_nv.c 2008-06-03 22:20:30.000000000 -0500 +@@ -217,7 +217,7 @@ + + nv_data_public.tag = TPM_TAG_NV_DATA_PUBLIC; + +- if ((result = obj_nvstore_create_pcrshortinfo(hNvstore, (TSS_HPCRS)NULL, &pPCR_len, &pPCR))) ++ if ((result = obj_nvstore_create_pcrshortinfo(hNvstore, (TSS_HPCRS)0, &pPCR_len, &pPCR))) + return result; + + NVPublic_DataSize = 0; diff --git a/trousers.spec b/trousers.spec index 1797bd3..07579fb 100644 --- a/trousers.spec +++ b/trousers.spec @@ -24,6 +24,7 @@ Requires(preun): /sbin/chkconfig Requires(preun): /sbin/service Patch0: trousers-0.3.1-remove-group-install-code.patch Patch1: trousers-0.3.1-limits.patch +Patch2: trousers-0.3.1-cast.patch %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -55,6 +56,7 @@ applications. %setup -q %patch0 -p1 %patch1 -p2 +%patch2 -p1 %build %configure @@ -121,6 +123,7 @@ fi %changelog * Tue Jun 03 2008 Emily Ratliff - 0.3.1-7 - Fix for BZ #434267 and #440733. Patch authored by Debora Velarde +- Fix cast issue preventing successful build on ppc64 and x86_64 * Tue Feb 19 2008 Fedora Release Engineering - 0.3.1-6 - Autorebuild for GCC 4.3 From 8e35b1c45f0cdc52485f87ade528b94a6e335da2 Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Wed, 4 Jun 2008 04:28:13 +0000 Subject: [PATCH 08/74] updated revision number because I suspect that is what caused latest build failure --- trousers.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/trousers.spec b/trousers.spec index 07579fb..90dfea3 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 7 +%define release 8 Name: %{name} Summary: Implementation of the TCG's Software Stack v1.2 Specification @@ -121,9 +121,11 @@ fi %{_libdir}/libtddl.a %changelog +* Wed Jun 04 2008 Emily Ratliff - 0.3.1-8 +- Fix cast issue preventing successful build on ppc64 and x86_64 + * Tue Jun 03 2008 Emily Ratliff - 0.3.1-7 - Fix for BZ #434267 and #440733. Patch authored by Debora Velarde -- Fix cast issue preventing successful build on ppc64 and x86_64 * Tue Feb 19 2008 Fedora Release Engineering - 0.3.1-6 - Autorebuild for GCC 4.3 From e854b2cda5de1de7e800a4fac5d7aae3cbc8c651 Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Fri, 1 Aug 2008 20:16:11 +0000 Subject: [PATCH 09/74] Added specfile changes and patch from Steve Grubb to normalize package --- trousers-0.3.1-module-ordering.patch | 91 ++++++++++++++++++++++++++++ trousers.spec | 15 +++-- 2 files changed, 102 insertions(+), 4 deletions(-) create mode 100644 trousers-0.3.1-module-ordering.patch diff --git a/trousers-0.3.1-module-ordering.patch b/trousers-0.3.1-module-ordering.patch new file mode 100644 index 0000000..ff1a811 --- /dev/null +++ b/trousers-0.3.1-module-ordering.patch @@ -0,0 +1,91 @@ +--- trousers-0.3.1.orig/dist/fedora/fedora.initrd.tcsd 2008-03-28 15:07:20.000000000 -0700 ++++ trousers-0.3.1/dist/fedora/fedora.initrd.tcsd 2008-03-28 15:18:56.000000000 -0700 +@@ -21,33 +21,79 @@ prog="tcsd" + # Some variables to make the below more readable + TCSD=/usr/sbin/tcsd + PID_FILE=/var/run/tcsd.pid +-INSMOD=/sbin/insmod ++MODPROBE=/sbin/modprobe + LSMOD=/sbin/lsmod + GREP=/bin/grep ++PWD=/bin/pwd ++MOD_DIR=/lib/modules/$(uname -r)/kernel/drivers/char/tpm ++START_OPT=" start" + + load_drivers() + { +- for d in `echo /lib/modules/$(uname -r)/kernel/drivers/char/tpm/tpm_*`; do +- $INSMOD $d +- if test $? -eq 0; then +- break; ++ CUR_DIR=`$PWD` ++ cd $MOD_DIR ++ ++ # Must load tpm_bios.ko first ++ $MODPROBE tpm_bios >/dev/null 2>&1 ++ RETVAL=$? ++ if [ $RETVAL -ne 0 ]; then ++ failure "Load tpm_bios" ++ echo ++ cd $CUR_DIR ++ return $RETVAL ++ fi ++ ++ # Must load tpm.ko second ++ $MODPROBE tpm >/dev/null 2>&1 ++ RETVAL=$? ++ if [ $RETVAL -ne 0 ]; then ++ failure "Load tpm" ++ echo ++ cd $CUR_DIR ++ return $RETVAL ++ fi ++ ++ # Attempt to load remaining tpm_*.ko ++ # But do NOT return error if they fail ++ for d in `echo tpm_*`; do ++ if [ "$d" != "tpm_bios.ko" ] ++ then ++ m=${d%".ko"} ++ $MODPROBE $m >/dev/null 2>&1 + fi + done ++ ++ cd $CUR_DIR ++ success "Load tpm" ++ echo ++ return $RETVAL + } + + check_drivers() + { +- $LSMOD | $GREP tpm_ ++ $LSMOD | $GREP tpm_ >/dev/null 2>&1 ++ RETVAL=$? ++ return $RETVAL + } + + start() + { +- check_drivers || load_drivers || failure ++ check_drivers ++ RETVAL=$? ++ if [ $RETVAL -ne 0 ]; then ++ load_drivers ++ RETVAL=$? ++ fi ++ if [ $RETVAL -ne 0 ]; then ++ failure $"Loading drivers" ++ fi + echo -n $"Starting $prog: " +- $TCSD $OPTIONS && success || failure ++ $TCSD $START_OPT && success ++ echo ++ touch /var/lock/subsys/tcsd && success + RETVAL=$? +- [ "$RETVAL" = 0 ] && touch /var/lock/subsys/tcsd + echo ++ return $RETVAL + } + + stop() diff --git a/trousers.spec b/trousers.spec index 90dfea3..416dd82 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,10 +3,10 @@ %define name trousers %define version 0.3.1 -%define release 8 +%define release 9 Name: %{name} -Summary: Implementation of the TCG's Software Stack v1.2 Specification +Summary: TCG's Software Stack v1.2 Version: %{version} Release: %{release}%{?dist} License: CPL @@ -25,6 +25,7 @@ Requires(preun): /sbin/service Patch0: trousers-0.3.1-remove-group-install-code.patch Patch1: trousers-0.3.1-limits.patch Patch2: trousers-0.3.1-cast.patch +Patch3: trousers-0.3.1-module-ordering.patch %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -36,6 +37,7 @@ state using cryptographic hashes and more. %package static Summary: TrouSerS TCG Device Driver Library Group: Development/Libraries +Requires: %{name}-devel = %{version}-%{release} %description static The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the @@ -57,13 +59,14 @@ applications. %patch0 -p1 %patch1 -p2 %patch2 -p1 +%patch3 -p1 %build %configure make %{?_smp_mflags} %install -mkdir -p ${RPM_BUILD_ROOT} +rm -rf ${RPM_BUILD_ROOT} mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm mkdir -p ${RPM_BUILD_ROOT}/%{_initrddir} cp -p dist/fedora/fedora.initrd.tcsd ${RPM_BUILD_ROOT}/%{_initrddir}/tcsd @@ -97,8 +100,8 @@ if [ $1 -gt 1 ]; then fi %files -%doc README AUTHORS LICENSE ChangeLog %defattr(-, root, root, -) +%doc README AUTHORS LICENSE ChangeLog %attr(755, tss, tss) %{_sbindir}/tcsd %{_libdir}/libtspi.so.? %{_libdir}/libtspi.so.?.?.? @@ -117,10 +120,14 @@ fi %{_mandir}/man3/Tspi_* %files static +%defattr(-, root, root, -) # The only static library shipped by trousers, the TDDL %{_libdir}/libtddl.a %changelog +* Fri Aug 01 2008 Emily Ratliff - 0.3.1-9 +- Incorporated changes from the RHEL package which were done by Steve Grubb + * Wed Jun 04 2008 Emily Ratliff - 0.3.1-8 - Fix cast issue preventing successful build on ppc64 and x86_64 From 2d87cfedcfb406c985b10eaddde73b74d27d9919 Mon Sep 17 00:00:00 2001 From: Emily Ratliff Date: Wed, 13 Aug 2008 16:01:39 +0000 Subject: [PATCH 10/74] Uses uid/gid pair assigned in BZ#457593 --- trousers.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/trousers.spec b/trousers.spec index 416dd82..0204eaf 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 9 +%define release 10 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -77,9 +77,9 @@ rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la rm -rf ${RPM_BUILD_ROOT} %pre -getent group tss >/dev/null || groupadd -r tss +getent group tss >/dev/null || groupadd -g 59 r tss getent passwd tss >/dev/null || \ -useradd -r -g tss -d /dev/null -s /sbin/nologin \ +useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ -c "Account used by the trousers package to sandbox the tcsd daemon" tss exit 0 @@ -125,6 +125,9 @@ fi %{_libdir}/libtddl.a %changelog +* Wed Aug 08 2008 Emily Ratliff - 0.3.1-10 +- Use the uid/gid pair assigned to trousers from BZ#457593 + * Fri Aug 01 2008 Emily Ratliff - 0.3.1-9 - Incorporated changes from the RHEL package which were done by Steve Grubb From 0b554c030253431de3afc44fe8a3911038c0b91a Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 16 Dec 2008 23:19:45 +0000 Subject: [PATCH 11/74] Fix long-standing segfault. And other things --- trousers-0.3.1-reuseaddr.patch | 11 +++ trousers-0.3.1-use-tpm-emu.patch | 80 +++++++++++++++++++ ...rkaround-selinux-namespace-pollution.patch | 39 +++++++++ trousers.spec | 13 ++- 4 files changed, 142 insertions(+), 1 deletion(-) create mode 100644 trousers-0.3.1-reuseaddr.patch create mode 100644 trousers-0.3.1-use-tpm-emu.patch create mode 100644 trousers-0.3.1-workaround-selinux-namespace-pollution.patch diff --git a/trousers-0.3.1-reuseaddr.patch b/trousers-0.3.1-reuseaddr.patch new file mode 100644 index 0000000..adbe1ce --- /dev/null +++ b/trousers-0.3.1-reuseaddr.patch @@ -0,0 +1,11 @@ +--- trousers-0.3.1/src/tcsd/svrside.c~ 2007-08-29 22:11:13.000000000 +0100 ++++ trousers-0.3.1/src/tcsd/svrside.c 2008-09-27 10:23:08.000000000 +0100 +@@ -268,6 +268,8 @@ main(int argc, char **argv) + else + serv_addr.sin_addr.s_addr = htonl(INADDR_ANY); + ++ c = 1; ++ setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &c, sizeof(c)); + if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) { + LogError("Failed bind: %s", strerror(errno)); + return -1; diff --git a/trousers-0.3.1-use-tpm-emu.patch b/trousers-0.3.1-use-tpm-emu.patch new file mode 100644 index 0000000..4bcfaf4 --- /dev/null +++ b/trousers-0.3.1-use-tpm-emu.patch @@ -0,0 +1,80 @@ +--- trousers-0.3.1/src/tddl/tddl.c~ 2006-06-08 20:23:34.000000000 +0100 ++++ trousers-0.3.1/src/tddl/tddl.c 2008-09-27 10:12:27.000000000 +0100 +@@ -15,6 +15,8 @@ + #include + #include + #include ++#include ++#include + + #include "trousers/tss.h" + #include "trousers_types.h" +@@ -22,14 +24,16 @@ + #include "tcslog.h" + #include "tddl.h" + +-struct tpm_device_node tpm_device_nodes[] = { +- {"/dev/tpm0", TDDL_UNDEF, TDDL_UNDEF}, +- {"/udev/tpm0", TDDL_UNDEF, TDDL_UNDEF}, +- {"/dev/tpm", TDDL_UNDEF, TDDL_UNDEF}, +- {NULL, 0, 0} ++static struct tpm_device_node tpm_device_nodes[] = { ++ {"/dev/tpm0", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF}, ++ {"/udev/tpm0", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF}, ++ {"/dev/tpm", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF}, ++ {"/var/run/tpm/tpmd_socket:0", TDDL_TYPE_SOCKET, TDDL_TRANSMIT_RW, ++ TDDL_UNDEF}, ++ {NULL, 0, 0, 0} + }; + +-struct tpm_device_node *opened_device = NULL; ++static struct tpm_device_node *opened_device = NULL; + + BYTE txBuffer[TDDL_TXBUF_SIZE]; + +@@ -40,12 +44,30 @@ open_device(void) + + /* tpm_device_paths is filled out in tddl.h */ + for (i = 0; tpm_device_nodes[i].path != NULL; i++) { ++ int fd = -1; + errno = 0; +- if ((tpm_device_nodes[i].fd = open(tpm_device_nodes[i].path, O_RDWR)) < 0) ++ ++ if (tpm_device_nodes[i].type == TDDL_TYPE_FILE) ++ fd = open(tpm_device_nodes[i].path, O_RDWR); ++ else if (tpm_device_nodes[i].type == TDDL_TYPE_SOCKET) { ++ struct sockaddr_un addr; ++ ++ fd = socket(AF_UNIX, SOCK_STREAM, 0); ++ if (fd >= 0) { ++ addr.sun_family = AF_UNIX; ++ strncpy(addr.sun_path, tpm_device_nodes[i].path, ++ sizeof(addr.sun_path)); ++ if (connect(fd, (void *)&addr, sizeof(addr)) < 0) { ++ close(fd); ++ fd = -1; ++ } ++ } ++ } ++ if (fd < 0) + continue; +- ++ tpm_device_nodes[i].fd = fd; + opened_device = &(tpm_device_nodes[i]); +- return opened_device->fd; ++ return fd; + } + + return -1; +--- trousers-0.3.1/src/include/tddl.h~ 2005-10-25 04:01:07.000000000 +0100 ++++ trousers-0.3.1/src/include/tddl.h 2008-09-27 10:00:20.000000000 +0100 +@@ -14,6 +14,9 @@ + + struct tpm_device_node { + char *path; ++#define TDDL_TYPE_FILE 1 ++#define TDDL_TYPE_SOCKET 2 ++ int type; + #define TDDL_TRANSMIT_IOCTL 1 + #define TDDL_TRANSMIT_RW 2 + int transmit; diff --git a/trousers-0.3.1-workaround-selinux-namespace-pollution.patch b/trousers-0.3.1-workaround-selinux-namespace-pollution.patch new file mode 100644 index 0000000..b6de61f --- /dev/null +++ b/trousers-0.3.1-workaround-selinux-namespace-pollution.patch @@ -0,0 +1,39 @@ +--- trousers-0.3.1/src/include/obj_context.h~ 2007-08-28 20:13:39.000000000 +0100 ++++ trousers-0.3.1/src/include/obj_context.h 2008-09-26 01:08:07.000000000 +0100 +@@ -44,7 +44,7 @@ struct tr_context_obj { + }; + + /* obj_context.c */ +-void context_free(void *data); ++void obj_context_free(void *data); + TSS_BOOL obj_is_context(TSS_HOBJECT); + TSS_RESULT obj_context_get_policy(TSS_HCONTEXT, UINT32, TSS_HPOLICY *); + TSS_BOOL obj_context_is_silent(TSS_HCONTEXT); +@@ -84,6 +84,6 @@ struct tcs_api_table *obj_context_get_tc + #define CONTEXT_LIST_DECLARE_EXTERN extern struct obj_list context_list + #define CONTEXT_LIST_INIT() list_init(&context_list) + #define CONTEXT_LIST_CONNECT(a,b) obj_connectContext_list(&context_list, a, b) +-#define CONTEXT_LIST_CLOSE(a) obj_list_close(&context_list, &context_free, a) ++#define CONTEXT_LIST_CLOSE(a) obj_list_close(&context_list, &obj_context_free, a) + + #endif +--- trousers-0.3.1/src/tspi/obj_context.c~ 2007-10-26 21:34:52.000000000 +0100 ++++ trousers-0.3.1/src/tspi/obj_context.c 2008-09-26 01:06:17.000000000 +0100 +@@ -60,7 +60,7 @@ obj_context_add(TSS_HOBJECT *phObject) + + /* Add the default policy */ + if ((result = obj_policy_add(*phObject, TSS_POLICY_USAGE, &context->policy))) { +- obj_list_remove(&context_list, &context_free, *phObject, *phObject); ++ obj_list_remove(&context_list, &obj_context_free, *phObject, *phObject); + return result; + } + +@@ -95,7 +95,7 @@ obj_context_get_tcs_api(TSS_HCONTEXT tsp + } + + void +-context_free(void *data) ++obj_context_free(void *data) + { + struct tr_context_obj *context = (struct tr_context_obj *)data; + diff --git a/trousers.spec b/trousers.spec index 0204eaf..c1ab594 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 10 +%define release 11 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -26,6 +26,9 @@ Patch0: trousers-0.3.1-remove-group-install-code.patch Patch1: trousers-0.3.1-limits.patch Patch2: trousers-0.3.1-cast.patch Patch3: trousers-0.3.1-module-ordering.patch +Patch4: trousers-0.3.1-workaround-selinux-namespace-pollution.patch +Patch5: trousers-0.3.1-reuseaddr.patch +Patch6: trousers-0.3.1-use-tpm-emu.patch %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -60,6 +63,9 @@ applications. %patch1 -p2 %patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 %build %configure @@ -125,6 +131,11 @@ fi %{_libdir}/libtddl.a %changelog +* Tue Dec 16 2008 David Woodhouse - 0.3.1-11 +- Work around SELinux namespace pollution (#464037) +- Use SO_REUSEADDR +- Use TPM emulator if it's available and no hardware is + * Wed Aug 08 2008 Emily Ratliff - 0.3.1-10 - Use the uid/gid pair assigned to trousers from BZ#457593 From e626b7230b98b1ba5d324533faacf485e5907a62 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 16 Dec 2008 23:29:59 +0000 Subject: [PATCH 12/74] bump release --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index c1ab594..26ab208 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 11 +%define release 12 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -131,6 +131,9 @@ fi %{_libdir}/libtddl.a %changelog +* Tue Dec 16 2008 David Woodhouse - 0.3.1-12 +- Bump release to avoid wrong tag in rawhide + * Tue Dec 16 2008 David Woodhouse - 0.3.1-11 - Work around SELinux namespace pollution (#464037) - Use SO_REUSEADDR From 19046798ffcdf9aae61247dff085fe44af2e3975 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Sun, 18 Jan 2009 14:18:02 +0000 Subject: [PATCH 13/74] - rebuild with new openssl --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 26ab208..69297de 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 12 +%define release 13 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -131,6 +131,9 @@ fi %{_libdir}/libtddl.a %changelog +* Sun Jan 18 2009 Tomas Mraz - 0.3.1-13 +- rebuild with new openssl + * Tue Dec 16 2008 David Woodhouse - 0.3.1-12 - Bump release to avoid wrong tag in rawhide From e5b2dffadaed35c58c5474948f3b76a27ce9b28f Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Wed, 25 Feb 2009 21:56:48 +0000 Subject: [PATCH 14/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 69297de..5e76cf1 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 13 +%define release 14 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -131,6 +131,9 @@ fi %{_libdir}/libtddl.a %changelog +* Wed Feb 25 2009 Fedora Release Engineering - 0.3.1-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + * Sun Jan 18 2009 Tomas Mraz - 0.3.1-13 - rebuild with new openssl From ba4221593266a9c1c3c88c4fcf6b47600ad84bcf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milo=C5=A1=20Jakub=C3=AD=C4=8Dek?= Date: Mon, 27 Apr 2009 16:07:23 +0000 Subject: [PATCH 15/74] - Fix FTBFS: added trousers-0.3.1-gcc44.patch --- trousers-0.3.1-gcc44.patch | 53 ++++++++++++++++++++++++++++++++++++++ trousers.spec | 11 ++++++-- 2 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 trousers-0.3.1-gcc44.patch diff --git a/trousers-0.3.1-gcc44.patch b/trousers-0.3.1-gcc44.patch new file mode 100644 index 0000000..d0db3d5 --- /dev/null +++ b/trousers-0.3.1-gcc44.patch @@ -0,0 +1,53 @@ +--- tools/ps_convert.c.orig 2009-04-27 16:33:31.000000000 +0200 ++++ tools/ps_convert.c 2009-04-27 16:33:53.000000000 +0200 +@@ -136,13 +136,14 @@ + version_0_convert(FILE *in, FILE *out) + { + int rc, members = 0; +- UINT32 i, u32 = *(UINT32 *)buf; ++ UINT32 i; ++ UINT32 *u32 = (UINT32 *) &buf; + + /* output the PS version */ + OUT(out, "\1", 1); + + /* number of keys */ +- OUT(out, &u32, sizeof(UINT32)); ++ OUT(out, u32, sizeof(UINT32)); + + /* The +- 1's below account for the byte we read in to determine + * if the PS file had a version byte at the beginning */ +@@ -163,7 +163,7 @@ + return -1; + } + +- for (i = 1; i < u32; i++) { ++ for (i = 1; i < *u32; i++) { + /* read in subsequent key's headers */ + if ((members = fread(buf, 2*sizeof(TSS_UUID) + 3*sizeof(UINT16), + 1, in)) != 1) { +--- tools/ps_inspect.c.orig 2009-04-27 17:49:46.000000000 +0200 ++++ tools/ps_inspect.c 2009-04-27 17:51:52.000000000 +0200 +@@ -179,10 +179,11 @@ + version_0_print(FILE *f) + { + int rc, members = 0; +- UINT32 i, u32 = *(UINT32 *)buf; ++ UINT32 i; ++ UINT32 *u32 = (UINT32 *) &buf; + + PRINT("version: 0\n"); +- PRINT("number of keys: %u\n", u32); ++ PRINT("number of keys: %u\n", *u32); + + /* The +- 1's below account for the byte we read in to determine + * if the PS file had a version byte at the beginning */ +@@ -203,7 +204,7 @@ + return -1; + } + +- for (i = 1; i < u32; i++) { ++ for (i = 1; i < *u32; i++) { + /* read in subsequent key's headers */ + if ((members = fread(buf, 2*sizeof(TSS_UUID) + 3*sizeof(UINT16), + 1, f)) != 1) { diff --git a/trousers.spec b/trousers.spec index 5e76cf1..73c4ea5 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 14 +%define release 15 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -29,6 +29,9 @@ Patch3: trousers-0.3.1-module-ordering.patch Patch4: trousers-0.3.1-workaround-selinux-namespace-pollution.patch Patch5: trousers-0.3.1-reuseaddr.patch Patch6: trousers-0.3.1-use-tpm-emu.patch +# Filed into upstream bugtracker at: +# https://sourceforge.net/tracker/?func=detail&aid=2782253&group_id=126012&atid=704358 +Patch7: trousers-0.3.1-gcc44.patch %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -66,10 +69,11 @@ applications. %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 %build %configure -make %{?_smp_mflags} +make -k %{?_smp_mflags} %install rm -rf ${RPM_BUILD_ROOT} @@ -131,6 +135,9 @@ fi %{_libdir}/libtddl.a %changelog +* Mon Apr 27 2009 Milos Jakubicek - 0.3.1-15 +- Fix FTBFS: added trousers-0.3.1-gcc44.patch + * Wed Feb 25 2009 Fedora Release Engineering - 0.3.1-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild From c42f485bb8e84a0145ae61c11646b86010dd03ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milo=C5=A1=20Jakub=C3=AD=C4=8Dek?= Date: Wed, 6 May 2009 21:55:58 +0000 Subject: [PATCH 16/74] - Fix a typo in groupadd causing the %%pre scriptlet to fail (resolves BZ#486155). --- trousers.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/trousers.spec b/trousers.spec index 73c4ea5..44d4781 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,7 @@ %define name trousers %define version 0.3.1 -%define release 15 +%define release 16 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -87,7 +87,7 @@ rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la rm -rf ${RPM_BUILD_ROOT} %pre -getent group tss >/dev/null || groupadd -g 59 r tss +getent group tss >/dev/null || groupadd -g 59 -r tss getent passwd tss >/dev/null || \ useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ -c "Account used by the trousers package to sandbox the tcsd daemon" tss @@ -135,6 +135,9 @@ fi %{_libdir}/libtddl.a %changelog +* Wed May 06 2009 Milos Jakubicek - 0.3.1-16 +- Fix a typo in groupadd causing the %%pre scriptlet to fail (resolves BZ#486155). + * Mon Apr 27 2009 Milos Jakubicek - 0.3.1-15 - Fix FTBFS: added trousers-0.3.1-gcc44.patch From 4fbae55e69d45b7316c7b13fe1b6949196ede93a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milo=C5=A1=20Jakub=C3=AD=C4=8Dek?= Date: Thu, 14 May 2009 13:53:25 +0000 Subject: [PATCH 17/74] - Do not overuse macros. - Removed unnecessary file requirements on chkconfig, ldconfig and service, now requiring the initscripts and chkconfig packages. --- trousers.spec | 60 ++++++++++++++++++++++++--------------------------- 1 file changed, 28 insertions(+), 32 deletions(-) diff --git a/trousers.spec b/trousers.spec index 44d4781..38416ce 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,37 +1,28 @@ - -# RPM specfile for the trousers project on Fedora - -%define name trousers -%define version 0.3.1 -%define release 16 - -Name: %{name} -Summary: TCG's Software Stack v1.2 -Version: %{version} -Release: %{release}%{?dist} -License: CPL -Group: System Environment/Libraries -Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz -Url: http://trousers.sourceforge.net -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Name: trousers +Summary: TCG's Software Stack v1.2 +Version: 0.3.1 +Release: 17%{?dist} +License: CPL +Group: System Environment/Libraries +Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz +Url: http://trousers.sourceforge.net +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, gtk2-devel, openssl-devel Requires(pre): shadow-utils -Requires(post): /sbin/ldconfig -Requires(post): /sbin/chkconfig -Requires(postun): /sbin/ldconfig -Requires(postun): /sbin/service -Requires(preun): /sbin/chkconfig -Requires(preun): /sbin/service -Patch0: trousers-0.3.1-remove-group-install-code.patch -Patch1: trousers-0.3.1-limits.patch -Patch2: trousers-0.3.1-cast.patch -Patch3: trousers-0.3.1-module-ordering.patch -Patch4: trousers-0.3.1-workaround-selinux-namespace-pollution.patch -Patch5: trousers-0.3.1-reuseaddr.patch -Patch6: trousers-0.3.1-use-tpm-emu.patch +Requires(post): chkconfig +Requires(preun): chkconfig +Requires(preun): initscripts +Requires(postun): initscripts +Patch0: trousers-0.3.1-remove-group-install-code.patch +Patch1: trousers-0.3.1-limits.patch +Patch2: trousers-0.3.1-cast.patch +Patch3: trousers-0.3.1-module-ordering.patch +Patch4: trousers-0.3.1-workaround-selinux-namespace-pollution.patch +Patch5: trousers-0.3.1-reuseaddr.patch +Patch6: trousers-0.3.1-use-tpm-emu.patch # Filed into upstream bugtracker at: # https://sourceforge.net/tracker/?func=detail&aid=2782253&group_id=126012&atid=704358 -Patch7: trousers-0.3.1-gcc44.patch +Patch7: trousers-0.3.1-gcc44.patch %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -90,7 +81,7 @@ rm -rf ${RPM_BUILD_ROOT} getent group tss >/dev/null || groupadd -g 59 -r tss getent passwd tss >/dev/null || \ useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ - -c "Account used by the trousers package to sandbox the tcsd daemon" tss + -c "Account used by the trousers package to sandbox the tcsd daemon" tss exit 0 %post @@ -106,7 +97,7 @@ fi %postun /sbin/ldconfig if [ $1 -gt 1 ]; then - /sbin/service tcsd condrestart &>/dev/null + /sbin/service tcsd condrestart &>/dev/null || : fi %files @@ -135,6 +126,11 @@ fi %{_libdir}/libtddl.a %changelog +* Thu May 14 2009 Milos Jakubicek - 0.3.1-17 +- Do not overuse macros. +- Removed unnecessary file requirements on chkconfig, ldconfig and service, + now requiring the initscripts and chkconfig packages. + * Wed May 06 2009 Milos Jakubicek - 0.3.1-16 - Fix a typo in groupadd causing the %%pre scriptlet to fail (resolves BZ#486155). From 6d2f0e476d31b6de90fc5c7f5a681bf14e9a028d Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Mon, 27 Jul 2009 06:18:09 +0000 Subject: [PATCH 18/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 38416ce..72c7769 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.1 -Release: 17%{?dist} +Release: 18%{?dist} License: CPL Group: System Environment/Libraries Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz @@ -126,6 +126,9 @@ fi %{_libdir}/libtddl.a %changelog +* Sun Jul 26 2009 Fedora Release Engineering - 0.3.1-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + * Thu May 14 2009 Milos Jakubicek - 0.3.1-17 - Do not overuse macros. - Removed unnecessary file requirements on chkconfig, ldconfig and service, From 18854ca2a95640aeab0368afa6dea181b64fca93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Fri, 21 Aug 2009 16:16:42 +0000 Subject: [PATCH 19/74] - rebuilt with new openssl --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 72c7769..1cb539d 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.1 -Release: 18%{?dist} +Release: 19%{?dist} License: CPL Group: System Environment/Libraries Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz @@ -126,6 +126,9 @@ fi %{_libdir}/libtddl.a %changelog +* Fri Aug 21 2009 Tomas Mraz - 0.3.1-19 +- rebuilt with new openssl + * Sun Jul 26 2009 Fedora Release Engineering - 0.3.1-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild From ee6a46f40c1291669e3c334e9f71a8bb34eeeb04 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Wed, 25 Nov 2009 22:52:26 +0000 Subject: [PATCH 20/74] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index c16324c..265b90d 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,10 @@ # Makefile for source rpm: trousers -# $Id$ +# $Id: Makefile,v 1.1 2007/12/18 20:13:49 spot Exp $ NAME := trousers SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From c585cabe48773c0cf43492461cee7ef30e851ea9 Mon Sep 17 00:00:00 2001 From: Steve Grubb Date: Fri, 29 Jan 2010 15:34:49 +0000 Subject: [PATCH 21/74] - New upstream bug fix release - Upstream requested the tpm-emulator patch be dropped --- .cvsignore | 1 + sources | 2 +- trousers-0.3.1-cast.patch | 12 -- trousers-0.3.1-gcc44.patch | 53 ------- trousers-0.3.1-limits.patch | 33 ---- trousers-0.3.1-module-ordering.patch | 91 ----------- ...sers-0.3.1-remove-group-install-code.patch | 148 ------------------ trousers-0.3.1-reuseaddr.patch | 11 -- ...rkaround-selinux-namespace-pollution.patch | 39 ----- trousers.spec | 101 ++++++------ 10 files changed, 48 insertions(+), 443 deletions(-) delete mode 100644 trousers-0.3.1-cast.patch delete mode 100644 trousers-0.3.1-gcc44.patch delete mode 100644 trousers-0.3.1-limits.patch delete mode 100644 trousers-0.3.1-module-ordering.patch delete mode 100644 trousers-0.3.1-remove-group-install-code.patch delete mode 100644 trousers-0.3.1-reuseaddr.patch delete mode 100644 trousers-0.3.1-workaround-selinux-namespace-pollution.patch diff --git a/.cvsignore b/.cvsignore index c643b73..96af01f 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1,2 @@ trousers-0.3.1.tar.gz +trousers-0.3.4.tar.gz diff --git a/sources b/sources index e186953..eaa16a7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -9d3a07380a0c5d2f0074a9ef79ea218a trousers-0.3.1.tar.gz +72235fd6d2bb35b898a654429946f2e6 trousers-0.3.4.tar.gz diff --git a/trousers-0.3.1-cast.patch b/trousers-0.3.1-cast.patch deleted file mode 100644 index 43416d2..0000000 --- a/trousers-0.3.1-cast.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur trousers-0.3.1-orig/src/tspi/tspi_nv.c trousers-0.3.1/src/tspi/tspi_nv.c ---- trousers-0.3.1-orig/src/tspi/tspi_nv.c 2007-09-25 13:57:58.000000000 -0500 -+++ trousers-0.3.1/src/tspi/tspi_nv.c 2008-06-03 22:20:30.000000000 -0500 -@@ -217,7 +217,7 @@ - - nv_data_public.tag = TPM_TAG_NV_DATA_PUBLIC; - -- if ((result = obj_nvstore_create_pcrshortinfo(hNvstore, (TSS_HPCRS)NULL, &pPCR_len, &pPCR))) -+ if ((result = obj_nvstore_create_pcrshortinfo(hNvstore, (TSS_HPCRS)0, &pPCR_len, &pPCR))) - return result; - - NVPublic_DataSize = 0; diff --git a/trousers-0.3.1-gcc44.patch b/trousers-0.3.1-gcc44.patch deleted file mode 100644 index d0db3d5..0000000 --- a/trousers-0.3.1-gcc44.patch +++ /dev/null @@ -1,53 +0,0 @@ ---- tools/ps_convert.c.orig 2009-04-27 16:33:31.000000000 +0200 -+++ tools/ps_convert.c 2009-04-27 16:33:53.000000000 +0200 -@@ -136,13 +136,14 @@ - version_0_convert(FILE *in, FILE *out) - { - int rc, members = 0; -- UINT32 i, u32 = *(UINT32 *)buf; -+ UINT32 i; -+ UINT32 *u32 = (UINT32 *) &buf; - - /* output the PS version */ - OUT(out, "\1", 1); - - /* number of keys */ -- OUT(out, &u32, sizeof(UINT32)); -+ OUT(out, u32, sizeof(UINT32)); - - /* The +- 1's below account for the byte we read in to determine - * if the PS file had a version byte at the beginning */ -@@ -163,7 +163,7 @@ - return -1; - } - -- for (i = 1; i < u32; i++) { -+ for (i = 1; i < *u32; i++) { - /* read in subsequent key's headers */ - if ((members = fread(buf, 2*sizeof(TSS_UUID) + 3*sizeof(UINT16), - 1, in)) != 1) { ---- tools/ps_inspect.c.orig 2009-04-27 17:49:46.000000000 +0200 -+++ tools/ps_inspect.c 2009-04-27 17:51:52.000000000 +0200 -@@ -179,10 +179,11 @@ - version_0_print(FILE *f) - { - int rc, members = 0; -- UINT32 i, u32 = *(UINT32 *)buf; -+ UINT32 i; -+ UINT32 *u32 = (UINT32 *) &buf; - - PRINT("version: 0\n"); -- PRINT("number of keys: %u\n", u32); -+ PRINT("number of keys: %u\n", *u32); - - /* The +- 1's below account for the byte we read in to determine - * if the PS file had a version byte at the beginning */ -@@ -203,7 +204,7 @@ - return -1; - } - -- for (i = 1; i < u32; i++) { -+ for (i = 1; i < *u32; i++) { - /* read in subsequent key's headers */ - if ((members = fread(buf, 2*sizeof(TSS_UUID) + 3*sizeof(UINT16), - 1, f)) != 1) { diff --git a/trousers-0.3.1-limits.patch b/trousers-0.3.1-limits.patch deleted file mode 100644 index 8896511..0000000 --- a/trousers-0.3.1-limits.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff -pur ./trousers-0.3.1/src/trspi/crypto/openssl/symmetric.c ./trousers-0.3.1.new/src/trspi/crypto/openssl/symmetric.c ---- ./trousers-0.3.1/src/trspi/crypto/openssl/symmetric.c 2008-03-01 14:40:51.000000000 -0800 -+++ ./trousers-0.3.1.new/src/trspi/crypto/openssl/symmetric.c 2008-03-01 14:51:32.000000000 -0800 -@@ -20,6 +20,7 @@ - #include - #include - #include -+#include - - #include "trousers/tss.h" - #include "trousers/trousers.h" -diff -pur ./trousers-0.3.1/src/tspi/tspi_aik.c ./trousers-0.3.1.new/src/tspi/tspi_aik.c ---- ./trousers-0.3.1/src/tspi/tspi_aik.c 2007-09-25 11:57:58.000000000 -0700 -+++ ./trousers-0.3.1.new/src/tspi/tspi_aik.c 2008-03-01 15:06:06.000000000 -0800 -@@ -12,6 +12,7 @@ - #include - #include - #include -+#include - - #include "trousers/tss.h" - #include "trousers/trousers.h" -diff -pur ./trousers-0.3.1/src/tspi/tsp_ps.c ./trousers-0.3.1.new/src/tspi/tsp_ps.c ---- ./trousers-0.3.1/src/tspi/tsp_ps.c 2007-07-19 11:00:05.000000000 -0700 -+++ ./trousers-0.3.1.new/src/tspi/tsp_ps.c 2008-03-01 15:05:10.000000000 -0800 -@@ -15,6 +15,7 @@ - #include - #include - #include -+#include - - #include "trousers/tss.h" - #include "trousers/trousers.h" diff --git a/trousers-0.3.1-module-ordering.patch b/trousers-0.3.1-module-ordering.patch deleted file mode 100644 index ff1a811..0000000 --- a/trousers-0.3.1-module-ordering.patch +++ /dev/null @@ -1,91 +0,0 @@ ---- trousers-0.3.1.orig/dist/fedora/fedora.initrd.tcsd 2008-03-28 15:07:20.000000000 -0700 -+++ trousers-0.3.1/dist/fedora/fedora.initrd.tcsd 2008-03-28 15:18:56.000000000 -0700 -@@ -21,33 +21,79 @@ prog="tcsd" - # Some variables to make the below more readable - TCSD=/usr/sbin/tcsd - PID_FILE=/var/run/tcsd.pid --INSMOD=/sbin/insmod -+MODPROBE=/sbin/modprobe - LSMOD=/sbin/lsmod - GREP=/bin/grep -+PWD=/bin/pwd -+MOD_DIR=/lib/modules/$(uname -r)/kernel/drivers/char/tpm -+START_OPT=" start" - - load_drivers() - { -- for d in `echo /lib/modules/$(uname -r)/kernel/drivers/char/tpm/tpm_*`; do -- $INSMOD $d -- if test $? -eq 0; then -- break; -+ CUR_DIR=`$PWD` -+ cd $MOD_DIR -+ -+ # Must load tpm_bios.ko first -+ $MODPROBE tpm_bios >/dev/null 2>&1 -+ RETVAL=$? -+ if [ $RETVAL -ne 0 ]; then -+ failure "Load tpm_bios" -+ echo -+ cd $CUR_DIR -+ return $RETVAL -+ fi -+ -+ # Must load tpm.ko second -+ $MODPROBE tpm >/dev/null 2>&1 -+ RETVAL=$? -+ if [ $RETVAL -ne 0 ]; then -+ failure "Load tpm" -+ echo -+ cd $CUR_DIR -+ return $RETVAL -+ fi -+ -+ # Attempt to load remaining tpm_*.ko -+ # But do NOT return error if they fail -+ for d in `echo tpm_*`; do -+ if [ "$d" != "tpm_bios.ko" ] -+ then -+ m=${d%".ko"} -+ $MODPROBE $m >/dev/null 2>&1 - fi - done -+ -+ cd $CUR_DIR -+ success "Load tpm" -+ echo -+ return $RETVAL - } - - check_drivers() - { -- $LSMOD | $GREP tpm_ -+ $LSMOD | $GREP tpm_ >/dev/null 2>&1 -+ RETVAL=$? -+ return $RETVAL - } - - start() - { -- check_drivers || load_drivers || failure -+ check_drivers -+ RETVAL=$? -+ if [ $RETVAL -ne 0 ]; then -+ load_drivers -+ RETVAL=$? -+ fi -+ if [ $RETVAL -ne 0 ]; then -+ failure $"Loading drivers" -+ fi - echo -n $"Starting $prog: " -- $TCSD $OPTIONS && success || failure -+ $TCSD $START_OPT && success -+ echo -+ touch /var/lock/subsys/tcsd && success - RETVAL=$? -- [ "$RETVAL" = 0 ] && touch /var/lock/subsys/tcsd - echo -+ return $RETVAL - } - - stop() diff --git a/trousers-0.3.1-remove-group-install-code.patch b/trousers-0.3.1-remove-group-install-code.patch deleted file mode 100644 index 78d6ace..0000000 --- a/trousers-0.3.1-remove-group-install-code.patch +++ /dev/null @@ -1,148 +0,0 @@ -diff -pburN trousers-0.3.1.vanilla/dist/Makefile.in trousers-0.3.1-newtest.build/dist/Makefile.in ---- trousers-0.3.1.vanilla/dist/Makefile.in 2007-11-02 16:59:43.000000000 -0500 -+++ trousers-0.3.1-newtest.build/dist/Makefile.in 2007-12-12 13:34:38.000000000 -0600 -@@ -1,4 +1,4 @@ --# Makefile.in generated by automake 1.9.5 from Makefile.am. -+# Makefile.in generated by automake 1.9.6 from Makefile.am. - # @configure_input@ - - # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -@@ -13,6 +13,7 @@ - # PARTICULAR PURPOSE. - - @SET_MAKE@ -+ - srcdir = @srcdir@ - top_srcdir = @top_srcdir@ - VPATH = @srcdir@ -@@ -47,6 +48,15 @@ mkinstalldirs = $(install_sh) -d - CONFIG_CLEAN_FILES = tcsd.conf trousers.spec - SOURCES = - DIST_SOURCES = -+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -+am__vpath_adj = case $$p in \ -+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ -+ *) f=$$p;; \ -+ esac; -+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -+am__installdirs = "$(DESTDIR)$(sysconfdir)" -+sysconfDATA_INSTALL = $(INSTALL_DATA) -+DATA = $(sysconf_DATA) - DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - ACLOCAL = @ACLOCAL@ - AMDEP_FALSE = @AMDEP_FALSE@ -@@ -106,6 +116,7 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ - PKG_CONFIG = @PKG_CONFIG@ - RANLIB = @RANLIB@ - RPC = @RPC@ -+SED = @SED@ - SET_MAKE = @SET_MAKE@ - SHELL = @SHELL@ - STRIP = @STRIP@ -@@ -213,6 +224,7 @@ ac_ct_CXX = @ac_ct_CXX@ - ac_ct_F77 = @ac_ct_F77@ - ac_ct_RANLIB = @ac_ct_RANLIB@ - ac_ct_STRIP = @ac_ct_STRIP@ -+ac_pt_PKG_CONFIG = @ac_pt_PKG_CONFIG@ - am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ - am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ - am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ -@@ -254,6 +266,7 @@ target_alias = @target_alias@ - target_cpu = @target_cpu@ - target_os = @target_os@ - target_vendor = @target_vendor@ -+sysconf_DATA = tcsd.conf - all: all-am - - .SUFFIXES: -@@ -300,6 +313,23 @@ clean-libtool: - distclean-libtool: - -rm -f libtool - uninstall-info-am: -+install-sysconfDATA: $(sysconf_DATA) -+ @$(NORMAL_INSTALL) -+ test -z "$(sysconfdir)" || $(mkdir_p) "$(DESTDIR)$(sysconfdir)" -+ @list='$(sysconf_DATA)'; for p in $$list; do \ -+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ -+ f=$(am__strip_dir) \ -+ echo " $(sysconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(sysconfdir)/$$f'"; \ -+ $(sysconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(sysconfdir)/$$f"; \ -+ done -+ -+uninstall-sysconfDATA: -+ @$(NORMAL_UNINSTALL) -+ @list='$(sysconf_DATA)'; for p in $$list; do \ -+ f=$(am__strip_dir) \ -+ echo " rm -f '$(DESTDIR)$(sysconfdir)/$$f'"; \ -+ rm -f "$(DESTDIR)$(sysconfdir)/$$f"; \ -+ done - tags: TAGS - TAGS: - -@@ -336,8 +366,12 @@ distdir: $(DISTFILES) - done - check-am: all-am - check: check-am --all-am: Makefile -+all-am: Makefile $(DATA) - installdirs: -+ for dir in "$(DESTDIR)$(sysconfdir)"; do \ -+ test -z "$$dir" || $(mkdir_p) "$$dir"; \ -+ done -+install: install-am - install-exec: install-exec-am - install-data: install-data-am - uninstall: uninstall-am -@@ -381,9 +415,7 @@ info-am: - - install-data-am: - --install-exec-am: -- @$(NORMAL_INSTALL) -- $(MAKE) $(AM_MAKEFLAGS) install-exec-hook -+install-exec-am: install-sysconfDATA - - install-info: install-info-am - -@@ -407,37 +439,18 @@ ps: ps-am - - ps-am: - --uninstall-am: uninstall-info-am -- @$(NORMAL_INSTALL) -- $(MAKE) $(AM_MAKEFLAGS) uninstall-hook -+uninstall-am: uninstall-info-am uninstall-sysconfDATA - - .PHONY: all all-am check check-am clean clean-generic clean-libtool \ - distclean distclean-generic distclean-libtool distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-exec install-exec-am \ -- install-exec-hook install-info install-info-am install-man \ -- install-strip installcheck installcheck-am installdirs \ -+ install-info install-info-am install-man install-strip \ -+ install-sysconfDATA installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ -- uninstall uninstall-am uninstall-hook uninstall-info-am -- -+ uninstall uninstall-am uninstall-info-am uninstall-sysconfDATA - --install: install-exec-hook -- if test ! -e ${DESTDIR}/@sysconfdir@/tcsd.conf; then mkdir -p ${DESTDIR}/@sysconfdir@ && cp tcsd.conf ${DESTDIR}/@sysconfdir@; fi -- /bin/chown tss:tss ${DESTDIR}/@sysconfdir@/tcsd.conf -- /bin/chmod 0600 ${DESTDIR}/@sysconfdir@/tcsd.conf -- --install-exec-hook: -- /usr/sbin/groupadd tss || true -- /usr/sbin/useradd -r tss -g tss || true -- /bin/chown tss:tss ${DESTDIR}/@sbindir@/tcsd -- /bin/sh -c 'if [ ! -e ${DESTDIR}/@localstatedir@/lib/tpm ];then mkdir -p ${DESTDIR}/@localstatedir@/lib/tpm; fi' -- /bin/chown tss:tss ${DESTDIR}/@localstatedir@/lib/tpm -- /bin/chmod 0700 ${DESTDIR}/@localstatedir@/lib/tpm -- --uninstall-hook: -- /usr/sbin/userdel tss -- /usr/sbin/groupdel tss - # Tell versions [3.59,3.63) of GNU make to not export all variables. - # Otherwise a system limit (for SysV at least) may be exceeded. - .NOEXPORT: diff --git a/trousers-0.3.1-reuseaddr.patch b/trousers-0.3.1-reuseaddr.patch deleted file mode 100644 index adbe1ce..0000000 --- a/trousers-0.3.1-reuseaddr.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- trousers-0.3.1/src/tcsd/svrside.c~ 2007-08-29 22:11:13.000000000 +0100 -+++ trousers-0.3.1/src/tcsd/svrside.c 2008-09-27 10:23:08.000000000 +0100 -@@ -268,6 +268,8 @@ main(int argc, char **argv) - else - serv_addr.sin_addr.s_addr = htonl(INADDR_ANY); - -+ c = 1; -+ setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &c, sizeof(c)); - if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) { - LogError("Failed bind: %s", strerror(errno)); - return -1; diff --git a/trousers-0.3.1-workaround-selinux-namespace-pollution.patch b/trousers-0.3.1-workaround-selinux-namespace-pollution.patch deleted file mode 100644 index b6de61f..0000000 --- a/trousers-0.3.1-workaround-selinux-namespace-pollution.patch +++ /dev/null @@ -1,39 +0,0 @@ ---- trousers-0.3.1/src/include/obj_context.h~ 2007-08-28 20:13:39.000000000 +0100 -+++ trousers-0.3.1/src/include/obj_context.h 2008-09-26 01:08:07.000000000 +0100 -@@ -44,7 +44,7 @@ struct tr_context_obj { - }; - - /* obj_context.c */ --void context_free(void *data); -+void obj_context_free(void *data); - TSS_BOOL obj_is_context(TSS_HOBJECT); - TSS_RESULT obj_context_get_policy(TSS_HCONTEXT, UINT32, TSS_HPOLICY *); - TSS_BOOL obj_context_is_silent(TSS_HCONTEXT); -@@ -84,6 +84,6 @@ struct tcs_api_table *obj_context_get_tc - #define CONTEXT_LIST_DECLARE_EXTERN extern struct obj_list context_list - #define CONTEXT_LIST_INIT() list_init(&context_list) - #define CONTEXT_LIST_CONNECT(a,b) obj_connectContext_list(&context_list, a, b) --#define CONTEXT_LIST_CLOSE(a) obj_list_close(&context_list, &context_free, a) -+#define CONTEXT_LIST_CLOSE(a) obj_list_close(&context_list, &obj_context_free, a) - - #endif ---- trousers-0.3.1/src/tspi/obj_context.c~ 2007-10-26 21:34:52.000000000 +0100 -+++ trousers-0.3.1/src/tspi/obj_context.c 2008-09-26 01:06:17.000000000 +0100 -@@ -60,7 +60,7 @@ obj_context_add(TSS_HOBJECT *phObject) - - /* Add the default policy */ - if ((result = obj_policy_add(*phObject, TSS_POLICY_USAGE, &context->policy))) { -- obj_list_remove(&context_list, &context_free, *phObject, *phObject); -+ obj_list_remove(&context_list, &obj_context_free, *phObject, *phObject); - return result; - } - -@@ -95,7 +95,7 @@ obj_context_get_tcs_api(TSS_HCONTEXT tsp - } - - void --context_free(void *data) -+obj_context_free(void *data) - { - struct tr_context_obj *context = (struct tr_context_obj *)data; - diff --git a/trousers.spec b/trousers.spec index 1cb539d..c70a9d4 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,28 +1,23 @@ -Name: trousers -Summary: TCG's Software Stack v1.2 -Version: 0.3.1 -Release: 19%{?dist} -License: CPL -Group: System Environment/Libraries -Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz -Url: http://trousers.sourceforge.net -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildRequires: libtool, gtk2-devel, openssl-devel -Requires(pre): shadow-utils -Requires(post): chkconfig -Requires(preun): chkconfig -Requires(preun): initscripts -Requires(postun): initscripts -Patch0: trousers-0.3.1-remove-group-install-code.patch -Patch1: trousers-0.3.1-limits.patch -Patch2: trousers-0.3.1-cast.patch -Patch3: trousers-0.3.1-module-ordering.patch -Patch4: trousers-0.3.1-workaround-selinux-namespace-pollution.patch -Patch5: trousers-0.3.1-reuseaddr.patch -Patch6: trousers-0.3.1-use-tpm-emu.patch -# Filed into upstream bugtracker at: -# https://sourceforge.net/tracker/?func=detail&aid=2782253&group_id=126012&atid=704358 -Patch7: trousers-0.3.1-gcc44.patch +%global name trousers +%global version 0.3.4 +%global tarballrev -1 +%global release 1 + +Name: %{name} +Summary: TCG's Software Stack v1.2 +Version: %{version} +Release: %{release}%{?dist} +License: CPL +Group: System Environment/Libraries +Url: http://trousers.sourceforge.net +Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: libtool, openssl-devel +Requires(pre): shadow-utils +Requires(post): chkconfig +Requires(preun): chkconfig +Requires(preun): initscripts +Requires(postun): initscripts %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -31,39 +26,31 @@ of your TPM hardware. TPM hardware can create, store and use RSA keys securely (without ever being exposed in memory), verify a platform's software state using cryptographic hashes and more. -%package static -Summary: TrouSerS TCG Device Driver Library -Group: Development/Libraries -Requires: %{name}-devel = %{version}-%{release} +%package static +Summary: TrouSerS TCG Device Driver Library +Group: Development/Libraries +Requires: %{name}-devel = %{version}-%{release} -%description static +%description static The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the interface to the TPM's device driver. For more information about writing applications to the TDDL interface, see the latest TSS spec at https://www.trustedcomputinggroup.org/specs/TSS. -%package devel -Summary: TrouSerS header files and documentation -Group: Development/Libraries -Requires: %{name} = %{version}-%{release} +%package devel +Summary: TrouSerS header files and documentation +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} -%description devel +%description devel Header files and man pages for use in creating Trusted Computing enabled applications. %prep %setup -q -%patch0 -p1 -%patch1 -p2 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 %build -%configure +%configure --with-gui=openssl make -k %{?_smp_mflags} %install @@ -90,42 +77,46 @@ exit 0 %preun if [ $1 = 0 ]; then - /sbin/service tcsd stop &> /dev/null + /sbin/service tcsd stop > /dev/null 2>&1 /sbin/chkconfig --del tcsd fi %postun /sbin/ldconfig if [ $1 -gt 1 ]; then - /sbin/service tcsd condrestart &>/dev/null || : + /sbin/service tcsd condrestart > /dev/null 2>&1 || : fi %files %defattr(-, root, root, -) -%doc README AUTHORS LICENSE ChangeLog -%attr(755, tss, tss) %{_sbindir}/tcsd +%doc README LICENSE ChangeLog +%{_sbindir}/tcsd %{_libdir}/libtspi.so.? %{_libdir}/libtspi.so.?.?.? -%config(noreplace) %attr(600, tss, tss) %{_sysconfdir}/tcsd.conf -%attr(644, root, root) %{_mandir}/man5/* -%attr(644, root, root) %{_mandir}/man8/* +%config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf +%attr(0644, root, root) %{_mandir}/man5/* +%attr(0644, root, root) %{_mandir}/man8/* %{_initrddir}/tcsd -%{_localstatedir}/lib/tpm/ +%attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ -%files devel +%files devel # The files to be used by developers, 'trousers-devel' %defattr(-, root, root, -) -%attr(755, root, root) %{_libdir}/libtspi.so +%attr(0755, root, root) %{_libdir}/libtspi.so %{_includedir}/tss/ %{_includedir}/trousers/ %{_mandir}/man3/Tspi_* -%files static +%files static %defattr(-, root, root, -) # The only static library shipped by trousers, the TDDL %{_libdir}/libtddl.a %changelog +* Fri Jan 29 2010 Steve Grubb 0.3.4-1 +- New upstream bug fix release +- Upstream requested the tpm-emulator patch be dropped + * Fri Aug 21 2009 Tomas Mraz - 0.3.1-19 - rebuilt with new openssl From 3615e1faa85eef38f7fa10509bd13e9aa25b94ea Mon Sep 17 00:00:00 2001 From: Steve Grubb Date: Mon, 8 Feb 2010 14:39:43 +0000 Subject: [PATCH 22/74] - Fix issue freeing a data structure --- trousers-0.3.4-free.patch | 66 +++++++++++++++++++++++++++++++++++++++ trousers.spec | 7 ++++- 2 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 trousers-0.3.4-free.patch diff --git a/trousers-0.3.4-free.patch b/trousers-0.3.4-free.patch new file mode 100644 index 0000000..70eb4bd --- /dev/null +++ b/trousers-0.3.4-free.patch @@ -0,0 +1,66 @@ +diff -urp trousers-0.3.4.orig/src/tspi/tspi_seal.c trousers-0.3.4/src/tspi/tspi_seal.c +--- trousers-0.3.4.orig/src/tspi/tspi_seal.c 2010-02-08 09:34:52.000000000 -0500 ++++ trousers-0.3.4/src/tspi/tspi_seal.c 2010-02-08 09:35:25.000000000 -0500 +@@ -42,7 +42,7 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* + TCS_KEY_HANDLE tcsKeyHandle; + TSS_HCONTEXT tspContext; + Trspi_HashCtx hashCtx; +- BYTE *sealData; ++ BYTE *sealData = NULL; + struct authsess *xsap = NULL; + #ifdef TSS_BUILD_SEALX + UINT32 protectMode; +@@ -91,13 +91,12 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* + + if ((result = authsess_xsap_init(tspContext, hEncKey, hEncData, TSS_AUTH_POLICY_REQUIRED, + sealOrdinal, TPM_ET_KEYHANDLE, &xsap))) +- return result; ++ goto error; + + #ifdef TSS_BUILD_SEALX + if (sealOrdinal == TPM_ORD_Seal) + sealData = rgbDataToSeal; + else { +- sealData = NULL; + if ((sealData = (BYTE *)calloc(1, ulDataLength)) == NULL) { + LogError("malloc of %u bytes failed", ulDataLength); + result = TSPERR(TSS_E_OUTOFMEMORY); +@@ -128,8 +127,6 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* + result |= Trspi_Hash_UINT32(&hashCtx, ulDataLength); + result |= Trspi_HashUpdate(&hashCtx, ulDataLength, sealData); + if ((result |= Trspi_HashFinal(&hashCtx, digest.digest))) { +- if (sealData != rgbDataToSeal) +- free(sealData); + goto error; + } + +@@ -142,15 +139,14 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* + pcrDataSize, pcrData, ulDataLength, + sealData, xsap->pAuth, &encDataSize, + &encData))) { +- free(sealData); +- return result; ++ goto error; + } + } else if (sealOrdinal == TPM_ORD_Sealx) { +- result = TCS_API(tspContext)->Sealx(tspContext, tcsKeyHandle, &xsap->encAuthUse, ++ if ((result = TCS_API(tspContext)->Sealx(tspContext, tcsKeyHandle, &xsap->encAuthUse, + pcrDataSize, pcrData, ulDataLength, sealData, +- xsap->pAuth, &encDataSize, &encData); +- if (result != TSS_SUCCESS) ++ xsap->pAuth, &encDataSize, &encData))) { + goto error; ++ } + } else { + result = TSPERR(TSS_E_INTERNAL_ERROR); + goto error; +@@ -183,7 +179,8 @@ error: + authsess_free(xsap); + free(encData); + free(pcrData); +- free(sealData); ++ if (sealData != rgbDataToSeal) ++ free(sealData); + return result; + } + diff --git a/trousers.spec b/trousers.spec index c70a9d4..81b72c3 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ %global name trousers %global version 0.3.4 %global tarballrev -1 -%global release 1 +%global release 2 Name: %{name} Summary: TCG's Software Stack v1.2 @@ -11,6 +11,7 @@ License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz +Patch1: trousers-0.3.4-free.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel Requires(pre): shadow-utils @@ -48,6 +49,7 @@ applications. %prep %setup -q +%patch1 -p1 %build %configure --with-gui=openssl @@ -113,6 +115,9 @@ fi %{_libdir}/libtddl.a %changelog +* Mon Feb 08 2010 Steve Grubb 0.3.4-2 +- Fix issue freeing a data structure + * Fri Jan 29 2010 Steve Grubb 0.3.4-1 - New upstream bug fix release - Upstream requested the tpm-emulator patch be dropped From cc52a7b495fcf6c2496097ec6fbabfd2880ed93a Mon Sep 17 00:00:00 2001 From: Steve Grubb Date: Thu, 25 Feb 2010 17:20:59 +0000 Subject: [PATCH 23/74] Add documentation for the patch --- trousers.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/trousers.spec b/trousers.spec index 81b72c3..d58198e 100644 --- a/trousers.spec +++ b/trousers.spec @@ -11,6 +11,7 @@ License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz +# Patch from upstream cleaning up some use of free() Patch1: trousers-0.3.4-free.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel From acab9db20cbb8302ab371602d47c62e107c933c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milo=C5=A1=20Jakub=C3=AD=C4=8Dek?= Date: Sat, 1 May 2010 11:19:40 +0000 Subject: [PATCH 24/74] - Fix init script to conform to Fedora guidelines - Do not overuse macros --- trousers-init.patch | 174 ++++++++++++++++++++++++++++++++++++++++++++ trousers.spec | 18 +++-- 2 files changed, 184 insertions(+), 8 deletions(-) create mode 100644 trousers-init.patch diff --git a/trousers-init.patch b/trousers-init.patch new file mode 100644 index 0000000..8597067 --- /dev/null +++ b/trousers-init.patch @@ -0,0 +1,174 @@ +--- dist/fedora/fedora.initrd.tcsd.orig 2010-05-01 13:16:32.000000000 +0200 ++++ dist/fedora/fedora.initrd.tcsd 2010-05-01 13:16:53.000000000 +0200 +@@ -1,51 +1,46 @@ + #!/bin/bash + # +-# Init file for the TrouSerS TCG Core Services daemon ++# tcsd Init script for the TrouSerS TCG Core Services daemon + # + # chkconfig: - 90 10 + # description: TrouSerS server daemon +-# +-# processname: tcsd +-# config: /etc/tcsd.conf +-# pidfile: /var/run/tcsd.pid +-# +-# Return values according to LSB for all commands but status: +-# 0 - success +-# 1 - generic or unspecified error +-# 2 - invalid or excess argument(s) +-# 3 - unimplemented feature (e.g. "reload") +-# 4 - insufficient privilege +-# 5 - program is not installed +-# 6 - program is not configured +-# 7 - program is not running +-# + ++### BEGIN INIT INFO ++# Provides: ++# Required-Start: ++# Required-Stop: ++# Should-Start: ++# Should-Stop: ++# Default-Start: 2 3 4 5 ++# Default-Stop: 0 1 6 ++# Short-Description: Init script for TCSD ++# Description: TrouSerS TCG Core Services daemon ++### END INIT INFO ++ ++exec="/usr/sbin/tcsd" + prog="tcsd" ++config="/etc/tcsd.conf" ++PID_FILE="/var/run/tcsd.pid" ++INSMOD="/sbin/insmod" ++LSMOD="/sbin/lsmod" ++GREP="/bin/grep" + + # source function library + . /etc/rc.d/init.d/functions + ++[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog ++ ++lockfile=/var/lock/subsys/$prog ++ + # Allow anyone to run status +-if [ "$1" = "status" ] ; then +- status $prog ++if [ "$1" = "status" -o "$1" = "rh_status" -o "$1" = "rh_status_q" ] ; then ++ $1 $prog + RETVAL=$? + exit $RETVAL + fi + + # Check that we are root ... so non-root users stop here +-test $EUID = 0 || exit 4 +- +-# pull in sysconfig settings +-test -f /etc/sysconfig/tcsd && . /etc/sysconfig/tcsd +- +-RETVAL=0 +- +-# Some variables to make the below more readable +-TCSD=/usr/sbin/tcsd +-PID_FILE=/var/run/tcsd.pid +-INSMOD=/sbin/insmod +-LSMOD=/sbin/lsmod +-GREP=/bin/grep ++test $EUID = 0 || exit 4 + + load_drivers() + { +@@ -64,14 +59,15 @@ + + start() + { +- test -x $TCSD || exit 5 +- test -f /etc/tcsd.conf || exit 6 ++ test -x $exec || exit 5 ++ test -f $config || exit 6 + check_drivers || load_drivers || failure + echo -n $"Starting $prog: " +- $TCSD $OPTIONS && success || failure ++ $exec $OPTIONS && success || failure + RETVAL=$? +- [ "$RETVAL" = 0 ] && touch /var/lock/subsys/tcsd + echo ++ [ "$RETVAL" = 0 ] && touch $lockfile ++ return $RETVAL + } + + stop() +@@ -79,32 +75,59 @@ + echo -n $"Stopping $prog: " + killproc $prog + RETVAL=$? +- [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/tcsd + echo ++ [ "$RETVAL" = 0 ] && rm -f $lockfile ++ return $RETVAL ++} ++ ++restart() { ++ stop ++ start + } + ++reload() { ++ restart ++} ++ ++force_reload() { ++ restart ++} ++ ++rh_status() { ++ # run checks to determine if the service is running or use generic status ++ status $prog ++} ++ ++rh_status_q() { ++ rh_status >/dev/null 2>&1 ++} ++ ++ + case "$1" in + start) +- start ++ rh_status_q && exit 0 ++ $1 + ;; + stop) +- stop ++ rh_status_q || exit 0 ++ $1 + ;; + restart) +- test -f /etc/tcsd.conf || exit 6 +- stop +- start ++ $1 + ;; +- reload|force-reload) +- restart ++ reload) ++ rh_status_q || exit 7 ++ $1 + ;; ++ force-reload) ++ force_reload ++ ;; + condrestart|try-restart) +- if [ -f /var/lock/subsys/tcsd ] ; then +- restart +- fi ++ rh_status_q || exit 0 ++ restart + ;; + *) +- echo $"Usage: $0 {start|stop|restart|reload|force-reload|condrestart|try-restart|status}" +- RETVAL=3 ++ echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" ++ exit 2 + esac +-exit $RETVAL ++exit $? diff --git a/trousers.spec b/trousers.spec index d58198e..ba7d4a0 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,18 +1,15 @@ -%global name trousers -%global version 0.3.4 -%global tarballrev -1 -%global release 2 - -Name: %{name} +Name: trousers Summary: TCG's Software Stack v1.2 -Version: %{version} -Release: %{release}%{?dist} +Version: 0.3.4 +Release: 3%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz # Patch from upstream cleaning up some use of free() Patch1: trousers-0.3.4-free.patch +# Patch init script to conform to our guidelines +Patch2: trousers-init.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel Requires(pre): shadow-utils @@ -51,6 +48,7 @@ applications. %prep %setup -q %patch1 -p1 +%patch2 %build %configure --with-gui=openssl @@ -116,6 +114,10 @@ fi %{_libdir}/libtddl.a %changelog +* Sat May 01 2010 Miloš Jakubíček - 0.3.4-3 +- Fix init script to conform to Fedora guidelines +- Do not overuse macros + * Mon Feb 08 2010 Steve Grubb 0.3.4-2 - Fix issue freeing a data structure From c6cebd950f4d5fa25816cf81b7f03b9ea4480c18 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 29 Jul 2010 14:30:49 +0000 Subject: [PATCH 25/74] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- 2 files changed, 21 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index 265b90d..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: trousers -# $Id: Makefile,v 1.1 2007/12/18 20:13:49 spot Exp $ -NAME := trousers -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) From a998c7b1969924092b8b8172cc31b3f273580370 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 9 Feb 2011 15:00:24 -0600 Subject: [PATCH 26/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index ba7d4a0..a0e6939 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.4 -Release: 3%{?dist} +Release: 4%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -114,6 +114,9 @@ fi %{_libdir}/libtddl.a %changelog +* Wed Feb 09 2011 Fedora Release Engineering - 0.3.4-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + * Sat May 01 2010 Miloš Jakubíček - 0.3.4-3 - Fix init script to conform to Fedora guidelines - Do not overuse macros From afb5b64b0d7c838a34b03189a7ec6abbbde7030f Mon Sep 17 00:00:00 2001 From: Milos Jakubicek Date: Thu, 10 Feb 2011 08:11:29 +0100 Subject: [PATCH 27/74] - Fix paths in man pages, mark them as %%doc -- fix BZ#676394 --- trousers.spec | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/trousers.spec b/trousers.spec index a0e6939..4afaae9 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.4 -Release: 4%{?dist} +Release: 5%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -51,6 +51,8 @@ applications. %patch2 %build +# fix man page paths +sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in %configure --with-gui=openssl make -k %{?_smp_mflags} @@ -95,8 +97,8 @@ fi %{_libdir}/libtspi.so.? %{_libdir}/libtspi.so.?.?.? %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf -%attr(0644, root, root) %{_mandir}/man5/* -%attr(0644, root, root) %{_mandir}/man8/* +%doc %{_mandir}/man5/* +%doc %{_mandir}/man8/* %{_initrddir}/tcsd %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ @@ -106,7 +108,7 @@ fi %attr(0755, root, root) %{_libdir}/libtspi.so %{_includedir}/tss/ %{_includedir}/trousers/ -%{_mandir}/man3/Tspi_* +%doc %{_mandir}/man3/Tspi_* %files static %defattr(-, root, root, -) @@ -114,6 +116,9 @@ fi %{_libdir}/libtddl.a %changelog +* Thu Feb 10 2011 Miloš Jakubíček - 0.3.4-5 +- Fix paths in man pages, mark them as %%doc -- fix BZ#676394 + * Wed Feb 09 2011 Fedora Release Engineering - 0.3.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild From 554d8fb3a45b429cfc2024741d1450142230b190 Mon Sep 17 00:00:00 2001 From: Steve Date: Fri, 8 Apr 2011 09:26:06 -0400 Subject: [PATCH 28/74] New upstream bug fix release --- .gitignore | 1 + sources | 2 +- trousers.spec | 15 ++++++++------- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 96af01f..4458ea0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ trousers-0.3.1.tar.gz trousers-0.3.4.tar.gz +/trousers-0.3.6.tar.gz diff --git a/sources b/sources index eaa16a7..ee731a9 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -72235fd6d2bb35b898a654429946f2e6 trousers-0.3.4.tar.gz +f4609e6446099e1403e23bb671df87f4 trousers-0.3.6.tar.gz diff --git a/trousers.spec b/trousers.spec index 4afaae9..7e39abe 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,15 +1,13 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.4 -Release: 5%{?dist} +Version: 0.3.6 +Release: 1%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz -# Patch from upstream cleaning up some use of free() -Patch1: trousers-0.3.4-free.patch # Patch init script to conform to our guidelines -Patch2: trousers-init.patch +Patch1: trousers-init.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel Requires(pre): shadow-utils @@ -47,8 +45,7 @@ applications. %prep %setup -q -%patch1 -p1 -%patch2 +%patch1 -p0 %build # fix man page paths @@ -105,6 +102,7 @@ fi %files devel # The files to be used by developers, 'trousers-devel' %defattr(-, root, root, -) +%doc doc/LTC-TSS_LLD_08_r2.pdf doc/TSS_programming_SNAFUs.txt %attr(0755, root, root) %{_libdir}/libtspi.so %{_includedir}/tss/ %{_includedir}/trousers/ @@ -116,6 +114,9 @@ fi %{_libdir}/libtddl.a %changelog +* Fri Apr 08 2011 Steve Grubb 0.3.6-1 +- New upstream bug fix release + * Thu Feb 10 2011 Miloš Jakubíček - 0.3.4-5 - Fix paths in man pages, mark them as %%doc -- fix BZ#676394 From 1136867bbb3219995d64413032083166f53e1f42 Mon Sep 17 00:00:00 2001 From: Steve Date: Fri, 8 Apr 2011 09:55:32 -0400 Subject: [PATCH 29/74] New upstream bug fix release --- trousers-0.3.1-use-tpm-emu.patch | 80 -------------------------------- trousers-0.3.4-free.patch | 66 -------------------------- trousers-no-werror.patch | 12 +++++ trousers.spec | 8 +++- 4 files changed, 19 insertions(+), 147 deletions(-) delete mode 100644 trousers-0.3.1-use-tpm-emu.patch delete mode 100644 trousers-0.3.4-free.patch create mode 100644 trousers-no-werror.patch diff --git a/trousers-0.3.1-use-tpm-emu.patch b/trousers-0.3.1-use-tpm-emu.patch deleted file mode 100644 index 4bcfaf4..0000000 --- a/trousers-0.3.1-use-tpm-emu.patch +++ /dev/null @@ -1,80 +0,0 @@ ---- trousers-0.3.1/src/tddl/tddl.c~ 2006-06-08 20:23:34.000000000 +0100 -+++ trousers-0.3.1/src/tddl/tddl.c 2008-09-27 10:12:27.000000000 +0100 -@@ -15,6 +15,8 @@ - #include - #include - #include -+#include -+#include - - #include "trousers/tss.h" - #include "trousers_types.h" -@@ -22,14 +24,16 @@ - #include "tcslog.h" - #include "tddl.h" - --struct tpm_device_node tpm_device_nodes[] = { -- {"/dev/tpm0", TDDL_UNDEF, TDDL_UNDEF}, -- {"/udev/tpm0", TDDL_UNDEF, TDDL_UNDEF}, -- {"/dev/tpm", TDDL_UNDEF, TDDL_UNDEF}, -- {NULL, 0, 0} -+static struct tpm_device_node tpm_device_nodes[] = { -+ {"/dev/tpm0", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF}, -+ {"/udev/tpm0", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF}, -+ {"/dev/tpm", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF}, -+ {"/var/run/tpm/tpmd_socket:0", TDDL_TYPE_SOCKET, TDDL_TRANSMIT_RW, -+ TDDL_UNDEF}, -+ {NULL, 0, 0, 0} - }; - --struct tpm_device_node *opened_device = NULL; -+static struct tpm_device_node *opened_device = NULL; - - BYTE txBuffer[TDDL_TXBUF_SIZE]; - -@@ -40,12 +44,30 @@ open_device(void) - - /* tpm_device_paths is filled out in tddl.h */ - for (i = 0; tpm_device_nodes[i].path != NULL; i++) { -+ int fd = -1; - errno = 0; -- if ((tpm_device_nodes[i].fd = open(tpm_device_nodes[i].path, O_RDWR)) < 0) -+ -+ if (tpm_device_nodes[i].type == TDDL_TYPE_FILE) -+ fd = open(tpm_device_nodes[i].path, O_RDWR); -+ else if (tpm_device_nodes[i].type == TDDL_TYPE_SOCKET) { -+ struct sockaddr_un addr; -+ -+ fd = socket(AF_UNIX, SOCK_STREAM, 0); -+ if (fd >= 0) { -+ addr.sun_family = AF_UNIX; -+ strncpy(addr.sun_path, tpm_device_nodes[i].path, -+ sizeof(addr.sun_path)); -+ if (connect(fd, (void *)&addr, sizeof(addr)) < 0) { -+ close(fd); -+ fd = -1; -+ } -+ } -+ } -+ if (fd < 0) - continue; -- -+ tpm_device_nodes[i].fd = fd; - opened_device = &(tpm_device_nodes[i]); -- return opened_device->fd; -+ return fd; - } - - return -1; ---- trousers-0.3.1/src/include/tddl.h~ 2005-10-25 04:01:07.000000000 +0100 -+++ trousers-0.3.1/src/include/tddl.h 2008-09-27 10:00:20.000000000 +0100 -@@ -14,6 +14,9 @@ - - struct tpm_device_node { - char *path; -+#define TDDL_TYPE_FILE 1 -+#define TDDL_TYPE_SOCKET 2 -+ int type; - #define TDDL_TRANSMIT_IOCTL 1 - #define TDDL_TRANSMIT_RW 2 - int transmit; diff --git a/trousers-0.3.4-free.patch b/trousers-0.3.4-free.patch deleted file mode 100644 index 70eb4bd..0000000 --- a/trousers-0.3.4-free.patch +++ /dev/null @@ -1,66 +0,0 @@ -diff -urp trousers-0.3.4.orig/src/tspi/tspi_seal.c trousers-0.3.4/src/tspi/tspi_seal.c ---- trousers-0.3.4.orig/src/tspi/tspi_seal.c 2010-02-08 09:34:52.000000000 -0500 -+++ trousers-0.3.4/src/tspi/tspi_seal.c 2010-02-08 09:35:25.000000000 -0500 -@@ -42,7 +42,7 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* - TCS_KEY_HANDLE tcsKeyHandle; - TSS_HCONTEXT tspContext; - Trspi_HashCtx hashCtx; -- BYTE *sealData; -+ BYTE *sealData = NULL; - struct authsess *xsap = NULL; - #ifdef TSS_BUILD_SEALX - UINT32 protectMode; -@@ -91,13 +91,12 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* - - if ((result = authsess_xsap_init(tspContext, hEncKey, hEncData, TSS_AUTH_POLICY_REQUIRED, - sealOrdinal, TPM_ET_KEYHANDLE, &xsap))) -- return result; -+ goto error; - - #ifdef TSS_BUILD_SEALX - if (sealOrdinal == TPM_ORD_Seal) - sealData = rgbDataToSeal; - else { -- sealData = NULL; - if ((sealData = (BYTE *)calloc(1, ulDataLength)) == NULL) { - LogError("malloc of %u bytes failed", ulDataLength); - result = TSPERR(TSS_E_OUTOFMEMORY); -@@ -128,8 +127,6 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* - result |= Trspi_Hash_UINT32(&hashCtx, ulDataLength); - result |= Trspi_HashUpdate(&hashCtx, ulDataLength, sealData); - if ((result |= Trspi_HashFinal(&hashCtx, digest.digest))) { -- if (sealData != rgbDataToSeal) -- free(sealData); - goto error; - } - -@@ -142,15 +139,14 @@ Tspi_Data_Seal(TSS_HENCDATA hEncData, /* - pcrDataSize, pcrData, ulDataLength, - sealData, xsap->pAuth, &encDataSize, - &encData))) { -- free(sealData); -- return result; -+ goto error; - } - } else if (sealOrdinal == TPM_ORD_Sealx) { -- result = TCS_API(tspContext)->Sealx(tspContext, tcsKeyHandle, &xsap->encAuthUse, -+ if ((result = TCS_API(tspContext)->Sealx(tspContext, tcsKeyHandle, &xsap->encAuthUse, - pcrDataSize, pcrData, ulDataLength, sealData, -- xsap->pAuth, &encDataSize, &encData); -- if (result != TSS_SUCCESS) -+ xsap->pAuth, &encDataSize, &encData))) { - goto error; -+ } - } else { - result = TSPERR(TSS_E_INTERNAL_ERROR); - goto error; -@@ -183,7 +179,8 @@ error: - authsess_free(xsap); - free(encData); - free(pcrData); -- free(sealData); -+ if (sealData != rgbDataToSeal) -+ free(sealData); - return result; - } - diff --git a/trousers-no-werror.patch b/trousers-no-werror.patch new file mode 100644 index 0000000..58d60fb --- /dev/null +++ b/trousers-no-werror.patch @@ -0,0 +1,12 @@ +diff -ur trousers-0.3.6.orig/configure trousers-0.3.6/configure +--- trousers-0.3.6.orig/configure 2011-04-08 09:09:38.000000000 -0400 ++++ trousers-0.3.6/configure 2011-04-08 09:41:49.000000000 -0400 +@@ -14379,7 +14379,7 @@ + + + if test "x${GCC}" = "xyes"; then +- CFLAGS="$CFLAGS -W -Wall -Werror -Wno-unused-parameter -Wsign-compare" ++ CFLAGS="$CFLAGS -W -Wall -Wno-unused-parameter -Wsign-compare" + fi + + CFLAGS="$CFLAGS -I../include \ diff --git a/trousers.spec b/trousers.spec index 7e39abe..91beeb9 100644 --- a/trousers.spec +++ b/trousers.spec @@ -8,8 +8,11 @@ Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz # Patch init script to conform to our guidelines Patch1: trousers-init.patch +# We have newer compiler which has new warnings +Patch2: trousers-no-werror.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel +BuildRequires: autoconf Requires(pre): shadow-utils Requires(post): chkconfig Requires(preun): chkconfig @@ -46,10 +49,13 @@ applications. %prep %setup -q %patch1 -p0 +%patch2 -p1 + +sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in +autoconf %build # fix man page paths -sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in %configure --with-gui=openssl make -k %{?_smp_mflags} From 5a353d775bc46e55c1c4a4750761c294949b3dbe Mon Sep 17 00:00:00 2001 From: Steve Date: Fri, 8 Apr 2011 10:06:25 -0400 Subject: [PATCH 30/74] New upstream bug fix release --- trousers.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 91beeb9..234f7a9 100644 --- a/trousers.spec +++ b/trousers.spec @@ -52,7 +52,6 @@ applications. %patch2 -p1 sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in -autoconf %build # fix man page paths From 1b7bc9578850d8e67e9e8f1470491fda11f57c3e Mon Sep 17 00:00:00 2001 From: Steve Date: Fri, 8 Apr 2011 10:08:00 -0400 Subject: [PATCH 31/74] New upstream bug fix release --- trousers.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 234f7a9..624c6f2 100644 --- a/trousers.spec +++ b/trousers.spec @@ -12,7 +12,6 @@ Patch1: trousers-init.patch Patch2: trousers-no-werror.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel -BuildRequires: autoconf Requires(pre): shadow-utils Requires(post): chkconfig Requires(preun): chkconfig From 59d5a5ff51855dbcf7f3d3c39a684717c8c31920 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 14 Jan 2012 01:07:17 -0600 Subject: [PATCH 32/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 624c6f2..ed0df1d 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.6 -Release: 1%{?dist} +Release: 2%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -118,6 +118,9 @@ fi %{_libdir}/libtddl.a %changelog +* Sat Jan 14 2012 Fedora Release Engineering - 0.3.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + * Fri Apr 08 2011 Steve Grubb 0.3.6-1 - New upstream bug fix release From 9c0d3ab1b958fa76e81866a8366e20232dcdba1d Mon Sep 17 00:00:00 2001 From: Steve Date: Thu, 21 Jun 2012 12:38:57 -0400 Subject: [PATCH 33/74] New upstream bug fix release --- .gitignore | 1 + sources | 2 +- trousers.spec | 7 +++++-- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 4458ea0..2d85d98 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ trousers-0.3.1.tar.gz trousers-0.3.4.tar.gz /trousers-0.3.6.tar.gz +/trousers-0.3.9.tar.gz diff --git a/sources b/sources index ee731a9..d471d82 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f4609e6446099e1403e23bb671df87f4 trousers-0.3.6.tar.gz +1322030eb2540ea0640cfe471b077f32 trousers-0.3.9.tar.gz diff --git a/trousers.spec b/trousers.spec index ed0df1d..b271438 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.6 -Release: 2%{?dist} +Version: 0.3.9 +Release: 1%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -118,6 +118,9 @@ fi %{_libdir}/libtddl.a %changelog +* Thu Jun 21 2012 Steve Grubb 0.3.9-1 +- New upstream bug fix release + * Sat Jan 14 2012 Fedora Release Engineering - 0.3.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild From 845ef5600d134fdbe45277948e4f144c81245038 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 21 Jul 2012 19:25:01 -0500 Subject: [PATCH 34/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index b271438..2c743d5 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.9 -Release: 1%{?dist} +Release: 2%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -118,6 +118,9 @@ fi %{_libdir}/libtddl.a %changelog +* Sun Jul 22 2012 Fedora Release Engineering - 0.3.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + * Thu Jun 21 2012 Steve Grubb 0.3.9-1 - New upstream bug fix release From d759a1073d19e035fb5f31fb1e38938417b5356a Mon Sep 17 00:00:00 2001 From: Steve Date: Mon, 27 Aug 2012 13:03:56 -0400 Subject: [PATCH 35/74] bz #836476 - Provide native systemd service --- tcsd.service | 11 +++ trousers-init.patch | 174 --------------------------------------- trousers-no-werror.patch | 8 +- trousers.spec | 47 ++++++----- 4 files changed, 41 insertions(+), 199 deletions(-) create mode 100644 tcsd.service delete mode 100644 trousers-init.patch diff --git a/tcsd.service b/tcsd.service new file mode 100644 index 0000000..25647fd --- /dev/null +++ b/tcsd.service @@ -0,0 +1,11 @@ +[Unit] +Description=TCG Core Services Daemon +After=syslog.target + +[Service] +Type=forking +ExecStart=/sbin/tcsd + +[Install] +WantedBy=multi-user.target + diff --git a/trousers-init.patch b/trousers-init.patch deleted file mode 100644 index 8597067..0000000 --- a/trousers-init.patch +++ /dev/null @@ -1,174 +0,0 @@ ---- dist/fedora/fedora.initrd.tcsd.orig 2010-05-01 13:16:32.000000000 +0200 -+++ dist/fedora/fedora.initrd.tcsd 2010-05-01 13:16:53.000000000 +0200 -@@ -1,51 +1,46 @@ - #!/bin/bash - # --# Init file for the TrouSerS TCG Core Services daemon -+# tcsd Init script for the TrouSerS TCG Core Services daemon - # - # chkconfig: - 90 10 - # description: TrouSerS server daemon --# --# processname: tcsd --# config: /etc/tcsd.conf --# pidfile: /var/run/tcsd.pid --# --# Return values according to LSB for all commands but status: --# 0 - success --# 1 - generic or unspecified error --# 2 - invalid or excess argument(s) --# 3 - unimplemented feature (e.g. "reload") --# 4 - insufficient privilege --# 5 - program is not installed --# 6 - program is not configured --# 7 - program is not running --# - -+### BEGIN INIT INFO -+# Provides: -+# Required-Start: -+# Required-Stop: -+# Should-Start: -+# Should-Stop: -+# Default-Start: 2 3 4 5 -+# Default-Stop: 0 1 6 -+# Short-Description: Init script for TCSD -+# Description: TrouSerS TCG Core Services daemon -+### END INIT INFO -+ -+exec="/usr/sbin/tcsd" - prog="tcsd" -+config="/etc/tcsd.conf" -+PID_FILE="/var/run/tcsd.pid" -+INSMOD="/sbin/insmod" -+LSMOD="/sbin/lsmod" -+GREP="/bin/grep" - - # source function library - . /etc/rc.d/init.d/functions - -+[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog -+ -+lockfile=/var/lock/subsys/$prog -+ - # Allow anyone to run status --if [ "$1" = "status" ] ; then -- status $prog -+if [ "$1" = "status" -o "$1" = "rh_status" -o "$1" = "rh_status_q" ] ; then -+ $1 $prog - RETVAL=$? - exit $RETVAL - fi - - # Check that we are root ... so non-root users stop here --test $EUID = 0 || exit 4 -- --# pull in sysconfig settings --test -f /etc/sysconfig/tcsd && . /etc/sysconfig/tcsd -- --RETVAL=0 -- --# Some variables to make the below more readable --TCSD=/usr/sbin/tcsd --PID_FILE=/var/run/tcsd.pid --INSMOD=/sbin/insmod --LSMOD=/sbin/lsmod --GREP=/bin/grep -+test $EUID = 0 || exit 4 - - load_drivers() - { -@@ -64,14 +59,15 @@ - - start() - { -- test -x $TCSD || exit 5 -- test -f /etc/tcsd.conf || exit 6 -+ test -x $exec || exit 5 -+ test -f $config || exit 6 - check_drivers || load_drivers || failure - echo -n $"Starting $prog: " -- $TCSD $OPTIONS && success || failure -+ $exec $OPTIONS && success || failure - RETVAL=$? -- [ "$RETVAL" = 0 ] && touch /var/lock/subsys/tcsd - echo -+ [ "$RETVAL" = 0 ] && touch $lockfile -+ return $RETVAL - } - - stop() -@@ -79,32 +75,59 @@ - echo -n $"Stopping $prog: " - killproc $prog - RETVAL=$? -- [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/tcsd - echo -+ [ "$RETVAL" = 0 ] && rm -f $lockfile -+ return $RETVAL -+} -+ -+restart() { -+ stop -+ start - } - -+reload() { -+ restart -+} -+ -+force_reload() { -+ restart -+} -+ -+rh_status() { -+ # run checks to determine if the service is running or use generic status -+ status $prog -+} -+ -+rh_status_q() { -+ rh_status >/dev/null 2>&1 -+} -+ -+ - case "$1" in - start) -- start -+ rh_status_q && exit 0 -+ $1 - ;; - stop) -- stop -+ rh_status_q || exit 0 -+ $1 - ;; - restart) -- test -f /etc/tcsd.conf || exit 6 -- stop -- start -+ $1 - ;; -- reload|force-reload) -- restart -+ reload) -+ rh_status_q || exit 7 -+ $1 - ;; -+ force-reload) -+ force_reload -+ ;; - condrestart|try-restart) -- if [ -f /var/lock/subsys/tcsd ] ; then -- restart -- fi -+ rh_status_q || exit 0 -+ restart - ;; - *) -- echo $"Usage: $0 {start|stop|restart|reload|force-reload|condrestart|try-restart|status}" -- RETVAL=3 -+ echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" -+ exit 2 - esac --exit $RETVAL -+exit $? diff --git a/trousers-no-werror.patch b/trousers-no-werror.patch index 58d60fb..f8697ab 100644 --- a/trousers-no-werror.patch +++ b/trousers-no-werror.patch @@ -1,7 +1,7 @@ -diff -ur trousers-0.3.6.orig/configure trousers-0.3.6/configure ---- trousers-0.3.6.orig/configure 2011-04-08 09:09:38.000000000 -0400 -+++ trousers-0.3.6/configure 2011-04-08 09:41:49.000000000 -0400 -@@ -14379,7 +14379,7 @@ +diff -ur trousers-0.3.9.orig/configure trousers-0.3.9/configure +--- trousers-0.3.9.orig/configure 2012-05-30 11:16:40.000000000 -0400 ++++ trousers-0.3.9/configure 2012-08-27 12:39:14.432278839 -0400 +@@ -13503,7 +13503,7 @@ if test "x${GCC}" = "xyes"; then diff --git a/trousers.spec b/trousers.spec index 2c743d5..fa5fa9c 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,22 +1,21 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.9 -Release: 2%{?dist} +Release: 3%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz -# Patch init script to conform to our guidelines -Patch1: trousers-init.patch +Source1: tcsd.service # We have newer compiler which has new warnings -Patch2: trousers-no-werror.patch +Patch1: trousers-no-werror.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel +BuildRequires: systemd-units Requires(pre): shadow-utils -Requires(post): chkconfig -Requires(preun): chkconfig -Requires(preun): initscripts -Requires(postun): initscripts +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -47,8 +46,7 @@ applications. %prep %setup -q -%patch1 -p0 -%patch2 -p1 +%patch1 -p1 sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -60,10 +58,10 @@ make -k %{?_smp_mflags} %install rm -rf ${RPM_BUILD_ROOT} mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm -mkdir -p ${RPM_BUILD_ROOT}/%{_initrddir} -cp -p dist/fedora/fedora.initrd.tcsd ${RPM_BUILD_ROOT}/%{_initrddir}/tcsd make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p" rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la +mkdir -p $RPM_BUILD_ROOT%{_unitdir} +install -m 0755 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ %clean rm -rf ${RPM_BUILD_ROOT} @@ -76,19 +74,23 @@ useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ exit 0 %post -/sbin/ldconfig -/sbin/chkconfig --add tcsd +if [ $1 -eq 1 ] ; then + # Initial installation + /bin/systemctl daemon-reload >/dev/null 2>&1 || : +fi %preun -if [ $1 = 0 ]; then - /sbin/service tcsd stop > /dev/null 2>&1 - /sbin/chkconfig --del tcsd +if [ $1 -eq 0 ] ; then + # Package removal, not upgrade + /bin/systemctl --no-reload disable tcsd.service > /dev/null 2>&1 || : + /bin/systemctl stop tcsd.service > /dev/null 2>&1 || : fi %postun -/sbin/ldconfig -if [ $1 -gt 1 ]; then - /sbin/service tcsd condrestart > /dev/null 2>&1 || : +/bin/systemctl daemon-reload >/dev/null 2>&1 || : +if [ $1 -ge 1 ] ; then + # Package upgrade, not uninstall + /bin/systemctl try-restart tcsd.service >/dev/null 2>&1 || : fi %files @@ -100,7 +102,7 @@ fi %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf %doc %{_mandir}/man5/* %doc %{_mandir}/man8/* -%{_initrddir}/tcsd +%attr(755,root,root) %{_unitdir}/tcsd.service %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ %files devel @@ -118,6 +120,9 @@ fi %{_libdir}/libtddl.a %changelog +* Mon Aug 27 2012 Steve Grubb 0.3.9-3 +- bz #836476 - Provide native systemd service + * Sun Jul 22 2012 Fedora Release Engineering - 0.3.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild From d7edada88f8b048ed0470bb1a8cae9d767e6e572 Mon Sep 17 00:00:00 2001 From: Steve Date: Thu, 30 Aug 2012 14:46:59 -0400 Subject: [PATCH 36/74] Make daemon full RELRO --- trousers-no-werror.patch | 14 +++++++++++++- trousers.spec | 22 +++++++--------------- 2 files changed, 20 insertions(+), 16 deletions(-) diff --git a/trousers-no-werror.patch b/trousers-no-werror.patch index f8697ab..639b580 100644 --- a/trousers-no-werror.patch +++ b/trousers-no-werror.patch @@ -1,6 +1,6 @@ diff -ur trousers-0.3.9.orig/configure trousers-0.3.9/configure --- trousers-0.3.9.orig/configure 2012-05-30 11:16:40.000000000 -0400 -+++ trousers-0.3.9/configure 2012-08-27 12:39:14.432278839 -0400 ++++ trousers-0.3.9/configure 2012-08-30 14:14:18.569347485 -0400 @@ -13503,7 +13503,7 @@ @@ -10,3 +10,15 @@ diff -ur trousers-0.3.9.orig/configure trousers-0.3.9/configure fi CFLAGS="$CFLAGS -I../include \ +diff -ur trousers-0.3.9.orig/src/tcsd/Makefile.in trousers-0.3.9/src/tcsd/Makefile.in +--- trousers-0.3.9.orig/src/tcsd/Makefile.in 2012-05-30 11:16:41.000000000 -0400 ++++ trousers-0.3.9/src/tcsd/Makefile.in 2012-08-30 14:14:18.570347484 -0400 +@@ -56,7 +56,7 @@ + ${top_builddir}/src/tddl/libtddl.a + tcsd_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(tcsd_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ +- $(LDFLAGS) -o $@ ++ -Wl,-z,relro -Wl,-z,now $(LDFLAGS) -o $@ + DEFAULT_INCLUDES = -I.@am__isrc@ + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles diff --git a/trousers.spec b/trousers.spec index fa5fa9c..23d6f83 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.9 -Release: 3%{?dist} +Release: 4%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -74,24 +74,13 @@ useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ exit 0 %post -if [ $1 -eq 1 ] ; then - # Initial installation - /bin/systemctl daemon-reload >/dev/null 2>&1 || : -fi +%systemd_post tcsd.service %preun -if [ $1 -eq 0 ] ; then - # Package removal, not upgrade - /bin/systemctl --no-reload disable tcsd.service > /dev/null 2>&1 || : - /bin/systemctl stop tcsd.service > /dev/null 2>&1 || : -fi +%systemd_preun tcsd.service %postun -/bin/systemctl daemon-reload >/dev/null 2>&1 || : -if [ $1 -ge 1 ] ; then - # Package upgrade, not uninstall - /bin/systemctl try-restart tcsd.service >/dev/null 2>&1 || : -fi +%systemd_postun_with_restart tcsd.service %files %defattr(-, root, root, -) @@ -120,6 +109,9 @@ fi %{_libdir}/libtddl.a %changelog +* Thu Aug 30 2012 Steve Grubb 0.3.9-4 +- Make daemon full RELRO + * Mon Aug 27 2012 Steve Grubb 0.3.9-3 - bz #836476 - Provide native systemd service From c1d009398adfbbb0469a5fd9b315e7598696f9ff Mon Sep 17 00:00:00 2001 From: Steve Date: Tue, 25 Sep 2012 18:53:20 -0400 Subject: [PATCH 37/74] New upstream bug fix release --- .gitignore | 1 + sources | 2 +- trousers-no-werror.patch | 24 ------------------------ trousers.spec | 10 +++++----- 4 files changed, 7 insertions(+), 30 deletions(-) delete mode 100644 trousers-no-werror.patch diff --git a/.gitignore b/.gitignore index 2d85d98..fcf168a 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ trousers-0.3.1.tar.gz trousers-0.3.4.tar.gz /trousers-0.3.6.tar.gz /trousers-0.3.9.tar.gz +/trousers-0.3.10.tar.gz diff --git a/sources b/sources index d471d82..7741b79 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1322030eb2540ea0640cfe471b077f32 trousers-0.3.9.tar.gz +27b7374d991874b4a0a973b1c952c79f trousers-0.3.10.tar.gz diff --git a/trousers-no-werror.patch b/trousers-no-werror.patch deleted file mode 100644 index 639b580..0000000 --- a/trousers-no-werror.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -ur trousers-0.3.9.orig/configure trousers-0.3.9/configure ---- trousers-0.3.9.orig/configure 2012-05-30 11:16:40.000000000 -0400 -+++ trousers-0.3.9/configure 2012-08-30 14:14:18.569347485 -0400 -@@ -13503,7 +13503,7 @@ - - - if test "x${GCC}" = "xyes"; then -- CFLAGS="$CFLAGS -W -Wall -Werror -Wno-unused-parameter -Wsign-compare" -+ CFLAGS="$CFLAGS -W -Wall -Wno-unused-parameter -Wsign-compare" - fi - - CFLAGS="$CFLAGS -I../include \ -diff -ur trousers-0.3.9.orig/src/tcsd/Makefile.in trousers-0.3.9/src/tcsd/Makefile.in ---- trousers-0.3.9.orig/src/tcsd/Makefile.in 2012-05-30 11:16:41.000000000 -0400 -+++ trousers-0.3.9/src/tcsd/Makefile.in 2012-08-30 14:14:18.570347484 -0400 -@@ -56,7 +56,7 @@ - ${top_builddir}/src/tddl/libtddl.a - tcsd_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(tcsd_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ -- $(LDFLAGS) -o $@ -+ -Wl,-z,relro -Wl,-z,now $(LDFLAGS) -o $@ - DEFAULT_INCLUDES = -I.@am__isrc@ - depcomp = $(SHELL) $(top_srcdir)/depcomp - am__depfiles_maybe = depfiles diff --git a/trousers.spec b/trousers.spec index 23d6f83..ae52bc8 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,14 +1,12 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.9 -Release: 4%{?dist} +Version: 0.3.10 +Release: 1%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service -# We have newer compiler which has new warnings -Patch1: trousers-no-werror.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libtool, openssl-devel BuildRequires: systemd-units @@ -46,7 +44,6 @@ applications. %prep %setup -q -%patch1 -p1 sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -109,6 +106,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Tue Sep 25 2012 Steve Grubb 0.3.10-1 +- New upstream bug fix release + * Thu Aug 30 2012 Steve Grubb 0.3.9-4 - Make daemon full RELRO From c9800cc555bfaa7d4de38b22df01335e82b8f914 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Thu, 14 Feb 2013 20:02:29 -0600 Subject: [PATCH 38/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index ae52bc8..3031681 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.10 -Release: 1%{?dist} +Release: 2%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -106,6 +106,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Fri Feb 15 2013 Fedora Release Engineering - 0.3.10-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + * Tue Sep 25 2012 Steve Grubb 0.3.10-1 - New upstream bug fix release From c554b6ff500d88ae49e1ccd2c94f2f9a7387373d Mon Sep 17 00:00:00 2001 From: Steve Date: Sun, 2 Jun 2013 09:23:51 -0400 Subject: [PATCH 39/74] Remove +x bit from service file (#963916) --- trousers.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/trousers.spec b/trousers.spec index 3031681..5e59ea0 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.10 -Release: 2%{?dist} +Release: 3%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -88,7 +88,7 @@ exit 0 %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf %doc %{_mandir}/man5/* %doc %{_mandir}/man8/* -%attr(755,root,root) %{_unitdir}/tcsd.service +%attr(644,root,root) %{_unitdir}/tcsd.service %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ %files devel @@ -106,6 +106,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Sun Jun 02 2013 Steve Grubb 0.3.10-3 +- Remove +x bit from service file (#963916) + * Fri Feb 15 2013 Fedora Release Engineering - 0.3.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild From f7d1664fce163434769f28bbb3af11befdee24ad Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 3 Aug 2013 23:47:39 -0500 Subject: [PATCH 40/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 5e59ea0..569a6e6 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.10 -Release: 3%{?dist} +Release: 4%{?dist} License: CPL Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -106,6 +106,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Sun Aug 04 2013 Fedora Release Engineering - 0.3.10-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + * Sun Jun 02 2013 Steve Grubb 0.3.10-3 - Remove +x bit from service file (#963916) From c02754c999231f38e44df5f07c44ee675417059d Mon Sep 17 00:00:00 2001 From: Steve Date: Mon, 19 Aug 2013 14:01:28 -0400 Subject: [PATCH 41/74] New upstream bug fix and license change release --- .gitignore | 1 + sources | 1 + trousers.spec | 15 ++++++++++----- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index fcf168a..a5c24d4 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ trousers-0.3.4.tar.gz /trousers-0.3.6.tar.gz /trousers-0.3.9.tar.gz /trousers-0.3.10.tar.gz +/trousers-0.3.11.2.tar.gz diff --git a/sources b/sources index 7741b79..c8f492b 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ 27b7374d991874b4a0a973b1c952c79f trousers-0.3.10.tar.gz +ab38dcb2811099dce379c64d43589f50 trousers-0.3.11.2.tar.gz diff --git a/trousers.spec b/trousers.spec index 569a6e6..164c83d 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,8 +1,8 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.10 -Release: 4%{?dist} -License: CPL +Version: 0.3.11.2 +Release: 1%{?dist} +License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz @@ -58,7 +58,7 @@ mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p" rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la mkdir -p $RPM_BUILD_ROOT%{_unitdir} -install -m 0755 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ +install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ %clean rm -rf ${RPM_BUILD_ROOT} @@ -72,12 +72,14 @@ exit 0 %post %systemd_post tcsd.service +/sbin/ldconfig %preun %systemd_preun tcsd.service %postun %systemd_postun_with_restart tcsd.service +/sbin/ldconfig %files %defattr(-, root, root, -) @@ -106,6 +108,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Mon Aug 19 2013 Steve Grubb 0.3.11.2-1 +- New upstream bug fix and license change release + * Sun Aug 04 2013 Fedora Release Engineering - 0.3.10-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild @@ -184,7 +189,7 @@ exit 0 - Use SO_REUSEADDR - Use TPM emulator if it's available and no hardware is -* Wed Aug 08 2008 Emily Ratliff - 0.3.1-10 +* Fri Aug 08 2008 Emily Ratliff - 0.3.1-10 - Use the uid/gid pair assigned to trousers from BZ#457593 * Fri Aug 01 2008 Emily Ratliff - 0.3.1-9 From 7d6b60bd5801b4bfe08d2804cf3cae05d4c2cb52 Mon Sep 17 00:00:00 2001 From: Steve Date: Mon, 19 Aug 2013 14:01:46 -0400 Subject: [PATCH 42/74] New upstream bug fix and license change release --- sources | 1 - 1 file changed, 1 deletion(-) diff --git a/sources b/sources index c8f492b..21c2b51 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -27b7374d991874b4a0a973b1c952c79f trousers-0.3.10.tar.gz ab38dcb2811099dce379c64d43589f50 trousers-0.3.11.2.tar.gz From 7d09ecae40bd6f2fd64e60f11050856e25572358 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Thu, 13 Feb 2014 08:30:25 +0000 Subject: [PATCH 43/74] Minor spec cleanups --- trousers.spec | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/trousers.spec b/trousers.spec index 164c83d..45ae1fc 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,15 +1,16 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.11.2 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net + Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + BuildRequires: libtool, openssl-devel -BuildRequires: systemd-units +BuildRequires: systemd Requires(pre): shadow-utils Requires(post): systemd-units Requires(preun): systemd-units @@ -53,16 +54,12 @@ sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd make -k %{?_smp_mflags} %install -rm -rf ${RPM_BUILD_ROOT} mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p" rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la mkdir -p $RPM_BUILD_ROOT%{_unitdir} install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ -%clean -rm -rf ${RPM_BUILD_ROOT} - %pre getent group tss >/dev/null || groupadd -g 59 -r tss getent passwd tss >/dev/null || \ @@ -82,7 +79,6 @@ exit 0 /sbin/ldconfig %files -%defattr(-, root, root, -) %doc README LICENSE ChangeLog %{_sbindir}/tcsd %{_libdir}/libtspi.so.? @@ -95,7 +91,6 @@ exit 0 %files devel # The files to be used by developers, 'trousers-devel' -%defattr(-, root, root, -) %doc doc/LTC-TSS_LLD_08_r2.pdf doc/TSS_programming_SNAFUs.txt %attr(0755, root, root) %{_libdir}/libtspi.so %{_includedir}/tss/ @@ -103,11 +98,13 @@ exit 0 %doc %{_mandir}/man3/Tspi_* %files static -%defattr(-, root, root, -) # The only static library shipped by trousers, the TDDL %{_libdir}/libtddl.a %changelog +* Thu Feb 13 2014 Peter Robinson 0.3.11.2-2 +- Minor spec cleanups + * Mon Aug 19 2013 Steve Grubb 0.3.11.2-1 - New upstream bug fix and license change release From e5540117ba1c6563cfbf85e5ed5ba8c21dbbdbb1 Mon Sep 17 00:00:00 2001 From: sgrubb Date: Tue, 18 Mar 2014 16:49:09 -0400 Subject: [PATCH 44/74] Fix crash when linking libgnutls and libmysqlclient (#1069079) - Don't order tcsd after syslog.target (#1055198) --- tcsd.service | 1 - trousers-0.3.11.2-constr.patch | 21 +++++++++++++++++++++ trousers.spec | 8 +++++++- 3 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 trousers-0.3.11.2-constr.patch diff --git a/tcsd.service b/tcsd.service index 25647fd..dd76a33 100644 --- a/tcsd.service +++ b/tcsd.service @@ -1,6 +1,5 @@ [Unit] Description=TCG Core Services Daemon -After=syslog.target [Service] Type=forking diff --git a/trousers-0.3.11.2-constr.patch b/trousers-0.3.11.2-constr.patch new file mode 100644 index 0000000..fa59d1f --- /dev/null +++ b/trousers-0.3.11.2-constr.patch @@ -0,0 +1,21 @@ +diff -ur trousers-0.3.11.2/src/tspi/rpc/hosttable.c trousers-0.3.11.2.new/src/tspi/rpc/hosttable.c +--- trousers-0.3.11.2/src/tspi/rpc/hosttable.c 2013-07-12 18:27:37.000000000 +0200 ++++ trousers-0.3.11.2.new/src/tspi/rpc/hosttable.c 2014-02-28 12:13:25.763293218 +0100 +@@ -39,7 +39,7 @@ + #pragma init(_init) + void _init(void) + #else +-void __attribute__ ((constructor)) my_init(void) ++static void __attribute__ ((constructor)) my_init(void) + #endif + { + host_table_init(); +@@ -73,7 +72,7 @@ + #pragma fini(_fini) + void _fini(void) + #else +-void __attribute__ ((destructor)) my_fini(void) ++static void __attribute__ ((destructor)) my_fini(void) + #endif + { + host_table_final(); diff --git a/trousers.spec b/trousers.spec index 45ae1fc..91b70a0 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,13 +1,14 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.11.2 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service +Patch1: trousers-0.3.11.2-constr.patch BuildRequires: libtool, openssl-devel BuildRequires: systemd @@ -45,6 +46,7 @@ applications. %prep %setup -q +%patch1 -p1 sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -102,6 +104,10 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Tue Mar 18 2014 Steve Grubb 0.3.11.2-3 +- Fix crash when linking libgnutls and libmysqlclient (#1069079) +- Don't order tcsd after syslog.target (#1055198) + * Thu Feb 13 2014 Peter Robinson 0.3.11.2-2 - Minor spec cleanups From 381f6a823ff1ed8de4d520dd785a3f4e604f7574 Mon Sep 17 00:00:00 2001 From: sgrubb Date: Thu, 15 May 2014 14:54:34 -0400 Subject: [PATCH 45/74] New upstream bug fix release --- .gitignore | 1 + sources | 2 +- trousers-0.3.11.2-constr.patch | 21 --------------------- trousers.spec | 9 +++++---- 4 files changed, 7 insertions(+), 26 deletions(-) delete mode 100644 trousers-0.3.11.2-constr.patch diff --git a/.gitignore b/.gitignore index a5c24d4..1440662 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ trousers-0.3.4.tar.gz /trousers-0.3.9.tar.gz /trousers-0.3.10.tar.gz /trousers-0.3.11.2.tar.gz +/trousers-0.3.13.tar.gz diff --git a/sources b/sources index 21c2b51..8ed3284 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -ab38dcb2811099dce379c64d43589f50 trousers-0.3.11.2.tar.gz +562bb3d178ca91177aa2f6c2c1a83269 trousers-0.3.13.tar.gz diff --git a/trousers-0.3.11.2-constr.patch b/trousers-0.3.11.2-constr.patch deleted file mode 100644 index fa59d1f..0000000 --- a/trousers-0.3.11.2-constr.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -ur trousers-0.3.11.2/src/tspi/rpc/hosttable.c trousers-0.3.11.2.new/src/tspi/rpc/hosttable.c ---- trousers-0.3.11.2/src/tspi/rpc/hosttable.c 2013-07-12 18:27:37.000000000 +0200 -+++ trousers-0.3.11.2.new/src/tspi/rpc/hosttable.c 2014-02-28 12:13:25.763293218 +0100 -@@ -39,7 +39,7 @@ - #pragma init(_init) - void _init(void) - #else --void __attribute__ ((constructor)) my_init(void) -+static void __attribute__ ((constructor)) my_init(void) - #endif - { - host_table_init(); -@@ -73,7 +72,7 @@ - #pragma fini(_fini) - void _fini(void) - #else --void __attribute__ ((destructor)) my_fini(void) -+static void __attribute__ ((destructor)) my_fini(void) - #endif - { - host_table_final(); diff --git a/trousers.spec b/trousers.spec index 91b70a0..4a17a58 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,14 +1,13 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.11.2 -Release: 3%{?dist} +Version: 0.3.13 +Release: 1%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service -Patch1: trousers-0.3.11.2-constr.patch BuildRequires: libtool, openssl-devel BuildRequires: systemd @@ -46,7 +45,6 @@ applications. %prep %setup -q -%patch1 -p1 sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -104,6 +102,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Thu May 15 2014 Steve Grubb 0.3.13-1 +- New upstream bug fix release + * Tue Mar 18 2014 Steve Grubb 0.3.11.2-3 - Fix crash when linking libgnutls and libmysqlclient (#1069079) - Don't order tcsd after syslog.target (#1055198) From b9345b286f950c21ef15658ba5e9a493d5d03e73 Mon Sep 17 00:00:00 2001 From: sgrubb Date: Mon, 2 Jun 2014 16:35:25 -0400 Subject: [PATCH 46/74] spec file clean up --- trousers.spec | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/trousers.spec b/trousers.spec index 4a17a58..cce51b6 100644 --- a/trousers.spec +++ b/trousers.spec @@ -45,11 +45,10 @@ applications. %prep %setup -q - +# fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in %build -# fix man page paths %configure --with-gui=openssl make -k %{?_smp_mflags} @@ -84,8 +83,8 @@ exit 0 %{_libdir}/libtspi.so.? %{_libdir}/libtspi.so.?.?.? %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf -%doc %{_mandir}/man5/* -%doc %{_mandir}/man8/* +%{_mandir}/man5/* +%{_mandir}/man8/* %attr(644,root,root) %{_unitdir}/tcsd.service %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ @@ -95,7 +94,7 @@ exit 0 %attr(0755, root, root) %{_libdir}/libtspi.so %{_includedir}/tss/ %{_includedir}/trousers/ -%doc %{_mandir}/man3/Tspi_* +%{_mandir}/man3/Tspi_* %files static # The only static library shipped by trousers, the TDDL From 2525b848f6bd5adef563e082c9c1604bd18ca573 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sun, 8 Jun 2014 04:01:33 -0500 Subject: [PATCH 47/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index cce51b6..7eed0df 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -101,6 +101,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Sun Jun 08 2014 Fedora Release Engineering - 0.3.13-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + * Thu May 15 2014 Steve Grubb 0.3.13-1 - New upstream bug fix release From 6adf09c4d0eea85b8a52db1905789f91917186ec Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Mon, 18 Aug 2014 06:23:57 +0000 Subject: [PATCH 48/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 7eed0df..391c898 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -101,6 +101,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Mon Aug 18 2014 Fedora Release Engineering - 0.3.13-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + * Sun Jun 08 2014 Fedora Release Engineering - 0.3.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild From f6cede619fc3bcb4566a87e042a2375b1e03727d Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Tue, 26 May 2015 16:18:44 +0200 Subject: [PATCH 49/74] Split libtspi to a trousers-lib subpackage (#1225062) --- trousers.spec | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/trousers.spec b/trousers.spec index 391c898..b9d8a31 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 3%{?dist} +Release: 4%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -15,6 +15,7 @@ Requires(pre): shadow-utils Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units +Requires: %{name}-lib%{?_isa} = %{version}-%{release} %description TrouSerS is an implementation of the Trusted Computing Group's Software Stack @@ -23,10 +24,19 @@ of your TPM hardware. TPM hardware can create, store and use RSA keys securely (without ever being exposed in memory), verify a platform's software state using cryptographic hashes and more. +%package lib +Summary: TrouSerS libtspi library +Group: Development/Libraries +# Needed obsoletes due to the -lib subpackage split +Obsoletes: trousers < 0.3.13-4 + +%description lib +The libtspi library for use in Trusted Computing enabled applications. + %package static Summary: TrouSerS TCG Device Driver Library Group: Development/Libraries -Requires: %{name}-devel = %{version}-%{release} +Requires: %{name}-devel%{?_isa} = %{version}-%{release} %description static The TCG Device Driver Library (TDDL) used by the TrouSerS tcsd as the @@ -37,7 +47,7 @@ https://www.trustedcomputinggroup.org/specs/TSS. %package devel Summary: TrouSerS header files and documentation Group: Development/Libraries -Requires: %{name} = %{version}-%{release} +Requires: %{name}-lib%{?_isa} = %{version}-%{release} %description devel Header files and man pages for use in creating Trusted Computing enabled @@ -68,26 +78,31 @@ exit 0 %post %systemd_post tcsd.service -/sbin/ldconfig %preun %systemd_preun tcsd.service %postun %systemd_postun_with_restart tcsd.service -/sbin/ldconfig + +%post lib -p /sbin/ldconfig + +%postun lib -p /sbin/ldconfig %files -%doc README LICENSE ChangeLog +%doc README ChangeLog %{_sbindir}/tcsd -%{_libdir}/libtspi.so.? -%{_libdir}/libtspi.so.?.?.? %config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf %{_mandir}/man5/* %{_mandir}/man8/* %attr(644,root,root) %{_unitdir}/tcsd.service %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/ +%files lib +%license LICENSE +%{_libdir}/libtspi.so.? +%{_libdir}/libtspi.so.?.?.? + %files devel # The files to be used by developers, 'trousers-devel' %doc doc/LTC-TSS_LLD_08_r2.pdf doc/TSS_programming_SNAFUs.txt @@ -101,6 +116,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Tue May 26 2015 Tomáš Mráz 0.3.13-4 +- Split libtspi to a trousers-lib subpackage (#1225062) + * Mon Aug 18 2014 Fedora Release Engineering - 0.3.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild From 046f3542770aacd33386a31729c43981e58cb8e0 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Tue, 26 May 2015 16:42:22 +0200 Subject: [PATCH 50/74] Fix FTBFS with current gcc (drop inline keyword when bogus) --- trousers-0.3.13-noinline.patch | 70 ++++++++++++++++++++++++++++++++++ trousers.spec | 3 ++ 2 files changed, 73 insertions(+) create mode 100644 trousers-0.3.13-noinline.patch diff --git a/trousers-0.3.13-noinline.patch b/trousers-0.3.13-noinline.patch new file mode 100644 index 0000000..da1b09c --- /dev/null +++ b/trousers-0.3.13-noinline.patch @@ -0,0 +1,70 @@ +diff -up trousers-0.3.13/src/include/tcsps.h.noinline trousers-0.3.13/src/include/tcsps.h +--- trousers-0.3.13/src/include/tcsps.h.noinline 2014-04-24 20:05:44.000000000 +0200 ++++ trousers-0.3.13/src/include/tcsps.h 2015-05-26 16:36:20.685075185 +0200 +@@ -27,8 +27,8 @@ void ps_destroy(); + TSS_RESULT read_data(int, void *, UINT32); + TSS_RESULT write_data(int, void *, UINT32); + #else +-inline TSS_RESULT read_data(int, void *, UINT32); +-inline TSS_RESULT write_data(int, void *, UINT32); ++TSS_RESULT read_data(int, void *, UINT32); ++TSS_RESULT write_data(int, void *, UINT32); + #endif + int write_key_init(int, UINT32, UINT32, UINT32); + TSS_RESULT cache_key(UINT32, UINT16, TSS_UUID *, TSS_UUID *, UINT16, UINT32, UINT32); +diff -up trousers-0.3.13/src/include/tspps.h.noinline trousers-0.3.13/src/include/tspps.h +--- trousers-0.3.13/src/include/tspps.h.noinline 2014-04-24 20:05:44.000000000 +0200 ++++ trousers-0.3.13/src/include/tspps.h 2015-05-26 16:36:31.730325291 +0200 +@@ -18,8 +18,8 @@ + + TSS_RESULT get_file(int *); + int put_file(int); +-inline TSS_RESULT read_data(int, void *, UINT32); +-inline TSS_RESULT write_data(int, void *, UINT32); ++TSS_RESULT read_data(int, void *, UINT32); ++TSS_RESULT write_data(int, void *, UINT32); + UINT32 psfile_get_num_keys(int); + TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *); + TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *); +diff -up trousers-0.3.13/src/tcs/ps/ps_utils.c.noinline trousers-0.3.13/src/tcs/ps/ps_utils.c +--- trousers-0.3.13/src/tcs/ps/ps_utils.c.noinline 2014-04-24 20:05:44.000000000 +0200 ++++ trousers-0.3.13/src/tcs/ps/ps_utils.c 2015-05-26 16:38:33.626085483 +0200 +@@ -45,7 +45,7 @@ struct key_disk_cache *key_disk_cache_he + #ifdef SOLARIS + TSS_RESULT + #else +-inline TSS_RESULT ++TSS_RESULT + #endif + read_data(int fd, void *data, UINT32 size) + { +@@ -67,7 +67,7 @@ read_data(int fd, void *data, UINT32 siz + #ifdef SOLARIS + TSS_RESULT + #else +-inline TSS_RESULT ++TSS_RESULT + #endif + write_data(int fd, void *data, UINT32 size) + { +diff -up trousers-0.3.13/src/tspi/ps/ps_utils.c.noinline trousers-0.3.13/src/tspi/ps/ps_utils.c +--- trousers-0.3.13/src/tspi/ps/ps_utils.c.noinline 2014-04-24 20:05:44.000000000 +0200 ++++ trousers-0.3.13/src/tspi/ps/ps_utils.c 2015-05-26 16:39:30.881381965 +0200 +@@ -22,7 +22,7 @@ + #include "tspps.h" + #include "tsplog.h" + +-inline TSS_RESULT ++TSS_RESULT + read_data(int fd, void *data, UINT32 size) + { + int rc; +@@ -39,7 +39,7 @@ read_data(int fd, void *data, UINT32 siz + return TSS_SUCCESS; + } + +-inline TSS_RESULT ++TSS_RESULT + write_data(int fd, void *data, UINT32 size) + { + int rc; diff --git a/trousers.spec b/trousers.spec index b9d8a31..60f8e6e 100644 --- a/trousers.spec +++ b/trousers.spec @@ -8,6 +8,7 @@ Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service +Patch1: trousers-0.3.13-noinline.patch BuildRequires: libtool, openssl-devel BuildRequires: systemd @@ -55,6 +56,7 @@ applications. %prep %setup -q +%patch1 -p1 -b .noinline # fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -118,6 +120,7 @@ exit 0 %changelog * Tue May 26 2015 Tomáš Mráz 0.3.13-4 - Split libtspi to a trousers-lib subpackage (#1225062) +- Fix FTBFS with current gcc (drop inline keyword when bogus) * Mon Aug 18 2014 Fedora Release Engineering - 0.3.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild From 786b36ee43224e8ae5af3e66a008f0fc003e9a9f Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Fri, 19 Jun 2015 03:21:47 +0000 Subject: [PATCH 51/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 60f8e6e..923219d 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 4%{?dist} +Release: 5%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -118,6 +118,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Fri Jun 19 2015 Fedora Release Engineering - 0.3.13-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Tue May 26 2015 Tomáš Mráz 0.3.13-4 - Split libtspi to a trousers-lib subpackage (#1225062) - Fix FTBFS with current gcc (drop inline keyword when bogus) From f3171af1a6d9c665ee571090edc07de939fb53cd Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 5 Feb 2016 01:58:47 +0000 Subject: [PATCH 52/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 923219d..c6d7f84 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 5%{?dist} +Release: 6%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -118,6 +118,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Fri Feb 05 2016 Fedora Release Engineering - 0.3.13-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + * Fri Jun 19 2015 Fedora Release Engineering - 0.3.13-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild From 911e25ea4553481934261181f719d3b67d7085da Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Wed, 8 Feb 2017 07:31:16 +0000 Subject: [PATCH 53/74] Add patch for OpenSSL 1. --- trousers-openssl1.1.patch | 448 ++++++++++++++++++++++++++++++++++++++ trousers.spec | 7 +- 2 files changed, 454 insertions(+), 1 deletion(-) create mode 100644 trousers-openssl1.1.patch diff --git a/trousers-openssl1.1.patch b/trousers-openssl1.1.patch new file mode 100644 index 0000000..1fa2ebc --- /dev/null +++ b/trousers-openssl1.1.patch @@ -0,0 +1,448 @@ +@@ -, +, @@ +--- + src/tcs/crypto/openssl/crypto.c | 15 ++++++--- + src/trspi/crypto/openssl/hash.c | 17 ++++++---- + src/trspi/crypto/openssl/rsa.c | 64 ++++++++++++++++++++++++++++++----- + src/trspi/crypto/openssl/symmetric.c | 65 +++++++++++++++++++++--------------- + 4 files changed, 115 insertions(+), 46 deletions(-) +--- a/src/tcs/crypto/openssl/crypto.c ++++ a/src/tcs/crypto/openssl/crypto.c +@@ -31,13 +31,17 @@ + TSS_RESULT + Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) + { +- EVP_MD_CTX md_ctx; ++ EVP_MD_CTX *md_ctx; + unsigned int result_size; + int rv; + ++ md_ctx = EVP_MD_CTX_new(); ++ if (md_ctx == NULL) ++ return TSPERR(TSS_E_OUTOFMEMORY); ++ + switch (HashType) { + case TSS_HASH_SHA1: +- rv = EVP_DigestInit(&md_ctx, EVP_sha1()); ++ rv = EVP_DigestInit(md_ctx, EVP_sha1()); + break; + default: + rv = TCSERR(TSS_E_BAD_PARAMETER); +@@ -50,19 +54,20 @@ Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) + goto out; + } + +- rv = EVP_DigestUpdate(&md_ctx, Buf, BufSize); ++ rv = EVP_DigestUpdate(md_ctx, Buf, BufSize); + if (rv != EVP_SUCCESS) { + rv = TCSERR(TSS_E_INTERNAL_ERROR); + goto out; + } + +- result_size = EVP_MD_CTX_size(&md_ctx); +- rv = EVP_DigestFinal(&md_ctx, Digest, &result_size); ++ result_size = EVP_MD_CTX_size(md_ctx); ++ rv = EVP_DigestFinal(md_ctx, Digest, &result_size); + if (rv != EVP_SUCCESS) { + rv = TCSERR(TSS_E_INTERNAL_ERROR); + } else + rv = TSS_SUCCESS; + + out: ++ EVP_MD_CTX_free(md_ctx); + return rv; + } +--- a/src/trspi/crypto/openssl/hash.c ++++ a/src/trspi/crypto/openssl/hash.c +@@ -56,13 +56,17 @@ int MGF1(unsigned char *, long, const unsigned char *, long); + TSS_RESULT + Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) + { +- EVP_MD_CTX md_ctx; ++ EVP_MD_CTX *md_ctx; + unsigned int result_size; + int rv; + ++ md_ctx = EVP_MD_CTX_new(); ++ if (md_ctx == NULL) ++ return TSPERR(TSS_E_OUTOFMEMORY); ++ + switch (HashType) { + case TSS_HASH_SHA1: +- rv = EVP_DigestInit(&md_ctx, EVP_sha1()); ++ rv = EVP_DigestInit(md_ctx, EVP_sha1()); + break; + default: + rv = TSPERR(TSS_E_BAD_PARAMETER); +@@ -75,14 +79,14 @@ Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) + goto err; + } + +- rv = EVP_DigestUpdate(&md_ctx, Buf, BufSize); ++ rv = EVP_DigestUpdate(md_ctx, Buf, BufSize); + if (rv != EVP_SUCCESS) { + rv = TSPERR(TSS_E_INTERNAL_ERROR); + goto err; + } + +- result_size = EVP_MD_CTX_size(&md_ctx); +- rv = EVP_DigestFinal(&md_ctx, Digest, &result_size); ++ result_size = EVP_MD_CTX_size(md_ctx); ++ rv = EVP_DigestFinal(md_ctx, Digest, &result_size); + if (rv != EVP_SUCCESS) { + rv = TSPERR(TSS_E_INTERNAL_ERROR); + goto err; +@@ -94,6 +98,7 @@ Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) + err: + DEBUG_print_openssl_errors(); + out: ++ EVP_MD_CTX_free(md_ctx); + return rv; + } + +@@ -112,7 +117,7 @@ Trspi_HashInit(Trspi_HashCtx *ctx, UINT32 HashType) + break; + } + +- if ((ctx->ctx = malloc(sizeof(EVP_MD_CTX))) == NULL) ++ if ((ctx->ctx = EVP_MD_CTX_new()) == NULL) + return TSPERR(TSS_E_OUTOFMEMORY); + + rv = EVP_DigestInit((EVP_MD_CTX *)ctx->ctx, (const EVP_MD *)md); +--- a/src/trspi/crypto/openssl/rsa.c ++++ a/src/trspi/crypto/openssl/rsa.c +@@ -38,6 +38,25 @@ + #define DEBUG_print_openssl_errors() + #endif + ++#if OPENSSL_VERSION_NUMBER < 0x10100001L ++static int ++RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) ++{ ++ if (n != NULL) { ++ BN_free(r->n); ++ r->n = n; ++ } ++ if (e != NULL) { ++ BN_free(r->e); ++ r->e = e; ++ } ++ if (d != NULL) { ++ BN_free(r->d); ++ r->d = d; ++ } ++ return 1; ++} ++#endif + + /* + * Hopefully this will make the code clearer since +@@ -61,6 +80,7 @@ Trspi_RSA_Encrypt(unsigned char *dataToEncrypt, /* in */ + RSA *rsa = RSA_new(); + BYTE encodedData[256]; + int encodedDataLen; ++ BIGNUM *rsa_n = NULL, *rsa_e = NULL; + + if (rsa == NULL) { + rv = TSPERR(TSS_E_OUTOFMEMORY); +@@ -68,12 +88,20 @@ Trspi_RSA_Encrypt(unsigned char *dataToEncrypt, /* in */ + } + + /* set the public key value in the OpenSSL object */ +- rsa->n = BN_bin2bn(publicKey, keysize, rsa->n); ++ rsa_n = BN_bin2bn(publicKey, keysize, NULL); + /* set the public exponent */ +- rsa->e = BN_bin2bn(exp, sizeof(exp), rsa->e); ++ rsa_e = BN_bin2bn(exp, sizeof(exp), NULL); + +- if (rsa->n == NULL || rsa->e == NULL) { ++ if (rsa_n == NULL || rsa_e == NULL) { + rv = TSPERR(TSS_E_OUTOFMEMORY); ++ BN_free(rsa_n); ++ BN_free(rsa_e); ++ goto err; ++ } ++ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) { ++ rv = TSPERR(TSS_E_FAIL); ++ BN_free(rsa_n); ++ BN_free(rsa_e); + goto err; + } + +@@ -123,6 +151,7 @@ Trspi_Verify(UINT32 HashType, BYTE *pHash, UINT32 iHashLength, + unsigned char exp[] = { 0x01, 0x00, 0x01 }; /* The default public exponent for the TPM */ + unsigned char buf[256]; + RSA *rsa = RSA_new(); ++ BIGNUM *rsa_n = NULL, *rsa_e = NULL; + + if (rsa == NULL) { + rv = TSPERR(TSS_E_OUTOFMEMORY); +@@ -146,12 +175,20 @@ Trspi_Verify(UINT32 HashType, BYTE *pHash, UINT32 iHashLength, + } + + /* set the public key value in the OpenSSL object */ +- rsa->n = BN_bin2bn(pModulus, iKeyLength, rsa->n); ++ rsa_n = BN_bin2bn(pModulus, iKeyLength, NULL); + /* set the public exponent */ +- rsa->e = BN_bin2bn(exp, sizeof(exp), rsa->e); ++ rsa_e = BN_bin2bn(exp, sizeof(exp), NULL); + +- if (rsa->n == NULL || rsa->e == NULL) { ++ if (rsa_n == NULL || rsa_e == NULL) { + rv = TSPERR(TSS_E_OUTOFMEMORY); ++ BN_free(rsa_n); ++ BN_free(rsa_e); ++ goto err; ++ } ++ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) { ++ rv = TSPERR(TSS_E_FAIL); ++ BN_free(rsa_n); ++ BN_free(rsa_e); + goto err; + } + +@@ -195,6 +232,7 @@ Trspi_RSA_Public_Encrypt(unsigned char *in, unsigned int inlen, + int rv, e_size = 3; + unsigned char exp[] = { 0x01, 0x00, 0x01 }; + RSA *rsa = RSA_new(); ++ BIGNUM *rsa_n = NULL, *rsa_e = NULL; + + if (rsa == NULL) { + rv = TSPERR(TSS_E_OUTOFMEMORY); +@@ -237,12 +275,20 @@ Trspi_RSA_Public_Encrypt(unsigned char *in, unsigned int inlen, + } + + /* set the public key value in the OpenSSL object */ +- rsa->n = BN_bin2bn(pubkey, pubsize, rsa->n); ++ rsa_n = BN_bin2bn(pubkey, pubsize, NULL); + /* set the public exponent */ +- rsa->e = BN_bin2bn(exp, e_size, rsa->e); ++ rsa_e = BN_bin2bn(exp, e_size, NULL); + +- if (rsa->n == NULL || rsa->e == NULL) { ++ if (rsa_n == NULL || rsa_e == NULL) { + rv = TSPERR(TSS_E_OUTOFMEMORY); ++ BN_free(rsa_n); ++ BN_free(rsa_e); ++ goto err; ++ } ++ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) { ++ rv = TSPERR(TSS_E_FAIL); ++ BN_free(rsa_n); ++ BN_free(rsa_e); + goto err; + } + +--- a/src/trspi/crypto/openssl/symmetric.c ++++ a/src/trspi/crypto/openssl/symmetric.c +@@ -52,7 +52,7 @@ Trspi_Encrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, + UINT32 *out_len) + { + TSS_RESULT result = TSS_SUCCESS; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx = NULL; + UINT32 tmp; + + switch (alg) { +@@ -64,33 +64,37 @@ Trspi_Encrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, + break; + } + +- EVP_CIPHER_CTX_init(&ctx); ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) { ++ result = TSPERR(TSS_E_OUTOFMEMORY); ++ goto done; ++ } + +- if (!EVP_EncryptInit(&ctx, EVP_aes_256_ecb(), key, NULL)) { ++ if (!EVP_EncryptInit(ctx, EVP_aes_256_ecb(), key, NULL)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if (*out_len < in_len + EVP_CIPHER_CTX_block_size(&ctx) - 1) { ++ if (*out_len < in_len + EVP_CIPHER_CTX_block_size(ctx) - 1) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + goto done; + } + +- if (!EVP_EncryptUpdate(&ctx, out, (int *)out_len, in, in_len)) { ++ if (!EVP_EncryptUpdate(ctx, out, (int *)out_len, in, in_len)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if (!EVP_EncryptFinal(&ctx, out + *out_len, (int *)&tmp)) { ++ if (!EVP_EncryptFinal(ctx, out + *out_len, (int *)&tmp)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + *out_len += tmp; + done: +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_free(ctx); + return result; + } + +@@ -99,7 +103,7 @@ Trspi_Decrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, + UINT32 *out_len) + { + TSS_RESULT result = TSS_SUCCESS; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx = NULL; + UINT32 tmp; + + switch (alg) { +@@ -111,28 +115,32 @@ Trspi_Decrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, + break; + } + +- EVP_CIPHER_CTX_init(&ctx); ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) { ++ result = TSPERR(TSS_E_OUTOFMEMORY); ++ goto done; ++ } + +- if (!EVP_DecryptInit(&ctx, EVP_aes_256_ecb(), key, NULL)) { ++ if (!EVP_DecryptInit(ctx, EVP_aes_256_ecb(), key, NULL)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if (!EVP_DecryptUpdate(&ctx, out, (int *)out_len, in, in_len)) { ++ if (!EVP_DecryptUpdate(ctx, out, (int *)out_len, in, in_len)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if (!EVP_DecryptFinal(&ctx, out + *out_len, (int *)&tmp)) { ++ if (!EVP_DecryptFinal(ctx, out + *out_len, (int *)&tmp)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + *out_len += tmp; + done: +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_free(ctx); + return result; + } + +@@ -255,7 +263,7 @@ Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 + UINT32 *out_len) + { + TSS_RESULT result = TSS_SUCCESS; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + EVP_CIPHER *cipher; + BYTE *def_iv = NULL, *outiv_ptr; + UINT32 tmp; +@@ -269,7 +277,9 @@ Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 + if ((cipher = get_openssl_cipher(alg, mode)) == NULL) + return TSPERR(TSS_E_INTERNAL_ERROR); + +- EVP_CIPHER_CTX_init(&ctx); ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) ++ return TSPERR(TSS_E_OUTOFMEMORY); + + /* If the iv passed in is NULL, create a new random iv and prepend it to the ciphertext */ + iv_len = EVP_CIPHER_iv_length(cipher); +@@ -289,25 +299,25 @@ Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 + outiv_ptr = out; + } + +- if (!EVP_EncryptInit(&ctx, (const EVP_CIPHER *)cipher, key, def_iv)) { ++ if (!EVP_EncryptInit(ctx, (const EVP_CIPHER *)cipher, key, def_iv)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if ((UINT32)outiv_len < in_len + (EVP_CIPHER_CTX_block_size(&ctx) * 2) - 1) { ++ if ((UINT32)outiv_len < in_len + (EVP_CIPHER_CTX_block_size(ctx) * 2) - 1) { + LogDebug("Not enough space to do symmetric encryption"); + result = TSPERR(TSS_E_INTERNAL_ERROR); + goto done; + } + +- if (!EVP_EncryptUpdate(&ctx, outiv_ptr, &outiv_len, in, in_len)) { ++ if (!EVP_EncryptUpdate(ctx, outiv_ptr, &outiv_len, in, in_len)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if (!EVP_EncryptFinal(&ctx, outiv_ptr + outiv_len, (int *)&tmp)) { ++ if (!EVP_EncryptFinal(ctx, outiv_ptr + outiv_len, (int *)&tmp)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; +@@ -320,7 +330,7 @@ done: + *out_len += iv_len; + free(def_iv); + } +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_free(ctx); + return result; + } + +@@ -329,7 +339,7 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 + UINT32 *out_len) + { + TSS_RESULT result = TSS_SUCCESS; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx = NULL; + EVP_CIPHER *cipher; + BYTE *def_iv = NULL, *iniv_ptr; + UINT32 tmp; +@@ -341,7 +351,10 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 + if ((cipher = get_openssl_cipher(alg, mode)) == NULL) + return TSPERR(TSS_E_INTERNAL_ERROR); + +- EVP_CIPHER_CTX_init(&ctx); ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) { ++ return TSPERR(TSS_E_OUTOFMEMORY); ++ } + + /* If the iv is NULL, assume that its prepended to the ciphertext */ + if (iv == NULL) { +@@ -361,19 +374,19 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 + iniv_len = in_len; + } + +- if (!EVP_DecryptInit(&ctx, cipher, key, def_iv)) { ++ if (!EVP_DecryptInit(ctx, cipher, key, def_iv)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if (!EVP_DecryptUpdate(&ctx, out, (int *)out_len, iniv_ptr, iniv_len)) { ++ if (!EVP_DecryptUpdate(ctx, out, (int *)out_len, iniv_ptr, iniv_len)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; + } + +- if (!EVP_DecryptFinal(&ctx, out + *out_len, (int *)&tmp)) { ++ if (!EVP_DecryptFinal(ctx, out + *out_len, (int *)&tmp)) { + result = TSPERR(TSS_E_INTERNAL_ERROR); + DEBUG_print_openssl_errors(); + goto done; +@@ -383,6 +396,6 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 + done: + if (def_iv != iv) + free(def_iv); +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_free(ctx); + return result; + } +-- diff --git a/trousers.spec b/trousers.spec index c6d7f84..6429b58 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 6%{?dist} +Release: 7%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -9,6 +9,7 @@ Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service Patch1: trousers-0.3.13-noinline.patch +Patch2: trousers-openssl1.1.patch BuildRequires: libtool, openssl-devel BuildRequires: systemd @@ -57,6 +58,7 @@ applications. %prep %setup -q %patch1 -p1 -b .noinline +%patch2 -p1 -b .ssl1.1 # fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -118,6 +120,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Tue Feb 7 2017 Peter Robinson 0.3.13-7 +- Add patch for OpenSSL 1.1 + * Fri Feb 05 2016 Fedora Release Engineering - 0.3.13-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild From 78e4752ff36874fefeaad58b1527fbca3051c0dc Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 27 Jul 2017 20:38:09 +0000 Subject: [PATCH 54/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 6429b58..ba3c16c 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 7%{?dist} +Release: 8%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -120,6 +120,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Thu Jul 27 2017 Fedora Release Engineering - 0.3.13-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + * Tue Feb 7 2017 Peter Robinson 0.3.13-7 - Add patch for OpenSSL 1.1 From a4d730851f629d6f3b9fb8e3bf6b674c071010bb Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 3 Aug 2017 09:37:12 +0000 Subject: [PATCH 55/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index ba3c16c..f49c8f7 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 8%{?dist} +Release: 9%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -120,6 +120,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Thu Aug 03 2017 Fedora Release Engineering - 0.3.13-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + * Thu Jul 27 2017 Fedora Release Engineering - 0.3.13-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild From 9b9be982cb7d9d7eb7efabb363461d2e9423f5f9 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 9 Feb 2018 19:29:32 +0000 Subject: [PATCH 56/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index f49c8f7..ab1d30f 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 9%{?dist} +Release: 10%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -120,6 +120,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Fri Feb 09 2018 Fedora Release Engineering - 0.3.13-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + * Thu Aug 03 2017 Fedora Release Engineering - 0.3.13-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild From 0db7ce729ea27d69411a6965205a4d9ace88bb7f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 14 Jul 2018 07:54:22 +0000 Subject: [PATCH 57/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index ab1d30f..f60cc7b 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 10%{?dist} +Release: 11%{?dist} License: BSD Group: System Environment/Libraries Url: http://trousers.sourceforge.net @@ -120,6 +120,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Sat Jul 14 2018 Fedora Release Engineering - 0.3.13-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + * Fri Feb 09 2018 Fedora Release Engineering - 0.3.13-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild From 4effbb81a6027424239db0972c2d06f98780cdf5 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Tue, 22 Jan 2019 18:41:12 +0100 Subject: [PATCH 58/74] Remove obsolete ldconfig scriptlets References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets Signed-off-by: Igor Gnatenko --- trousers.spec | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/trousers.spec b/trousers.spec index f60cc7b..3564d08 100644 --- a/trousers.spec +++ b/trousers.spec @@ -89,9 +89,7 @@ exit 0 %postun %systemd_postun_with_restart tcsd.service -%post lib -p /sbin/ldconfig - -%postun lib -p /sbin/ldconfig +%ldconfig_scriptlets lib %files %doc README ChangeLog From eb89c5cc225748b755fadb848010952d596073b4 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Mon, 28 Jan 2019 20:18:28 +0100 Subject: [PATCH 59/74] Remove obsolete Group tag References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag --- trousers.spec | 4 ---- 1 file changed, 4 deletions(-) diff --git a/trousers.spec b/trousers.spec index 3564d08..332e738 100644 --- a/trousers.spec +++ b/trousers.spec @@ -3,7 +3,6 @@ Summary: TCG's Software Stack v1.2 Version: 0.3.13 Release: 11%{?dist} License: BSD -Group: System Environment/Libraries Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz @@ -28,7 +27,6 @@ state using cryptographic hashes and more. %package lib Summary: TrouSerS libtspi library -Group: Development/Libraries # Needed obsoletes due to the -lib subpackage split Obsoletes: trousers < 0.3.13-4 @@ -37,7 +35,6 @@ The libtspi library for use in Trusted Computing enabled applications. %package static Summary: TrouSerS TCG Device Driver Library -Group: Development/Libraries Requires: %{name}-devel%{?_isa} = %{version}-%{release} %description static @@ -48,7 +45,6 @@ https://www.trustedcomputinggroup.org/specs/TSS. %package devel Summary: TrouSerS header files and documentation -Group: Development/Libraries Requires: %{name}-lib%{?_isa} = %{version}-%{release} %description devel From cbe59efd2651fd5ab772ef293790ebe5eb9b4c33 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sun, 3 Feb 2019 10:19:59 +0000 Subject: [PATCH 60/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 332e738..dbd9368 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 11%{?dist} +Release: 12%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -114,6 +114,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Sun Feb 03 2019 Fedora Release Engineering - 0.3.13-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + * Sat Jul 14 2018 Fedora Release Engineering - 0.3.13-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild From 89a0b1abefbbb54d00d18e86759040e7c6f43f22 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 27 Jul 2019 01:57:17 +0000 Subject: [PATCH 61/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index dbd9368..5058283 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 12%{?dist} +Release: 13%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -114,6 +114,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Sat Jul 27 2019 Fedora Release Engineering - 0.3.13-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + * Sun Feb 03 2019 Fedora Release Engineering - 0.3.13-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild From 709b7ec700c8b0e436701bfbe87c30c9ca66d0fb Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 31 Jan 2020 02:04:47 +0000 Subject: [PATCH 62/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 5058283..2292bef 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.13 -Release: 13%{?dist} +Release: 14%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -114,6 +114,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Fri Jan 31 2020 Fedora Release Engineering - 0.3.13-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + * Sat Jul 27 2019 Fedora Release Engineering - 0.3.13-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild From 5b483f1a2294479a27258dd1926978a1328b8c9d Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar Date: Tue, 19 Nov 2019 03:38:33 -0700 Subject: [PATCH 63/74] trousers: Rebase to 0.3.14 release Signed-off-by: Jerry Snitselaar --- .gitignore | 1 + sources | 2 +- trousers-0.3.14-double-free.patch | 27 +++++++++++++++ trousers-0.3.14-fix-indent-obj_policy.patch | 12 +++++++ trousers-0.3.14-fix-indent-tspi_key.patch | 18 ++++++++++ trousers-0.3.14-noinline.patch | 14 ++++++++ trousers-0.3.14-tcsd-header-fix.patch | 37 +++++++++++++++++++++ trousers-0.3.14-unlock-in-err-path.patch | 11 ++++++ trousers.spec | 24 +++++++++---- 9 files changed, 139 insertions(+), 7 deletions(-) create mode 100644 trousers-0.3.14-double-free.patch create mode 100644 trousers-0.3.14-fix-indent-obj_policy.patch create mode 100644 trousers-0.3.14-fix-indent-tspi_key.patch create mode 100644 trousers-0.3.14-noinline.patch create mode 100644 trousers-0.3.14-tcsd-header-fix.patch create mode 100644 trousers-0.3.14-unlock-in-err-path.patch diff --git a/.gitignore b/.gitignore index 1440662..fead07e 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ trousers-0.3.4.tar.gz /trousers-0.3.10.tar.gz /trousers-0.3.11.2.tar.gz /trousers-0.3.13.tar.gz +/trousers-0.3.14.tar.gz diff --git a/sources b/sources index 8ed3284..3289f69 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -562bb3d178ca91177aa2f6c2c1a83269 trousers-0.3.13.tar.gz +4a476b4f036dd20a764fb54fc24edbec trousers-0.3.14.tar.gz diff --git a/trousers-0.3.14-double-free.patch b/trousers-0.3.14-double-free.patch new file mode 100644 index 0000000..ef7a36a --- /dev/null +++ b/trousers-0.3.14-double-free.patch @@ -0,0 +1,27 @@ +diff -ur trousers-0.3.14/src/tspi/tsp_auth.c trousers-0.3.14-new/src/tspi/tsp_auth.c +--- trousers-0.3.14/src/tspi/tsp_auth.c 2014-07-23 12:42:45.000000000 -0700 ++++ trousers-0.3.14-new/src/tspi/tsp_auth.c 2019-05-27 13:41:57.316000945 -0700 +@@ -1221,7 +1221,7 @@ + } + + *handles = handle; +- handles_track = handles; ++ handles_track = handles; + + // Since the call tree of this function can possibly alloc memory + // (check RPC_ExecuteTransport_TP function), its better to keep track of +@@ -1229,9 +1229,11 @@ + result = obj_context_transport_execute(tspContext, TPM_ORD_Terminate_Handle, 0, NULL, + NULL, &handlesLen, &handles, NULL, NULL, NULL, NULL); + +- free(handles); +- handles = NULL; +- free(handles_track); ++ if (handles != handles_track) { ++ free(handles); ++ } ++ ++ free(handles_track); + + return result; + } diff --git a/trousers-0.3.14-fix-indent-obj_policy.patch b/trousers-0.3.14-fix-indent-obj_policy.patch new file mode 100644 index 0000000..af53ee4 --- /dev/null +++ b/trousers-0.3.14-fix-indent-obj_policy.patch @@ -0,0 +1,12 @@ +diff -ur trousers-0.3.14/src/tspi/obj_policy.c trousers-0.3.14-new/src/tspi/obj_policy.c +--- trousers-0.3.14/src/tspi/obj_policy.c 2014-07-23 12:42:44.000000000 -0700 ++++ trousers-0.3.14-new/src/tspi/obj_policy.c 2019-05-27 13:29:56.720899059 -0700 +@@ -984,7 +984,7 @@ + policy->popupString, + policy->Secret))) + goto done; +- policy->SecretSet = TRUE; ++ policy->SecretSet = TRUE; + } + memcpy(secret, policy->Secret, TPM_SHA1_160_HASH_LEN); + *mode = policy->SecretMode; diff --git a/trousers-0.3.14-fix-indent-tspi_key.patch b/trousers-0.3.14-fix-indent-tspi_key.patch new file mode 100644 index 0000000..9278fc8 --- /dev/null +++ b/trousers-0.3.14-fix-indent-tspi_key.patch @@ -0,0 +1,18 @@ +diff -ur trousers-0.3.14/src/tspi/tspi_key.c trousers-0.3.14-new/src/tspi/tspi_key.c +--- trousers-0.3.14/src/tspi/tspi_key.c 2014-07-23 12:42:45.000000000 -0700 ++++ trousers-0.3.14-new/src/tspi/tspi_key.c 2019-05-27 13:44:42.366735438 -0700 +@@ -370,10 +370,10 @@ + /* get the key to be wrapped's private key */ + if ((result = obj_rsakey_get_priv_blob(hKey, &keyPrivBlobLen, &keyPrivBlob))) + goto done; +- /* verify if its under the maximum size, according to the +- * TPM_STORE_ASYMKEY specification */ +- if (keyPrivBlobLen > TPM_STORE_PRIVKEY_LEN) +- return TSPERR(TSS_E_ENC_INVALID_LENGTH); ++ /* verify if its under the maximum size, according to the ++ * TPM_STORE_ASYMKEY specification */ ++ if (keyPrivBlobLen > TPM_STORE_PRIVKEY_LEN) ++ return TSPERR(TSS_E_ENC_INVALID_LENGTH); + + /* get the key to be wrapped's blob */ + if ((result = obj_rsakey_get_blob(hKey, &keyBlobLen, &keyBlob))) diff --git a/trousers-0.3.14-noinline.patch b/trousers-0.3.14-noinline.patch new file mode 100644 index 0000000..2880bb3 --- /dev/null +++ b/trousers-0.3.14-noinline.patch @@ -0,0 +1,14 @@ +diff -ur a/src/include/tspps.h b/src/include/tspps.h +--- a/src/include/tspps.h 2014-07-23 12:42:44.000000000 -0700 ++++ b/src/include/tspps.h 2018-08-01 19:33:42.454192873 -0700 +@@ -18,8 +18,8 @@ + + TSS_RESULT get_file(int *); + int put_file(int); +-inline TSS_RESULT read_data(int, void *, UINT32); +-inline TSS_RESULT write_data(int, void *, UINT32); ++TSS_RESULT read_data(int, void *, UINT32); ++TSS_RESULT write_data(int, void *, UINT32); + UINT32 psfile_get_num_keys(int); + TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *); + TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *); diff --git a/trousers-0.3.14-tcsd-header-fix.patch b/trousers-0.3.14-tcsd-header-fix.patch new file mode 100644 index 0000000..b5b3f3b --- /dev/null +++ b/trousers-0.3.14-tcsd-header-fix.patch @@ -0,0 +1,37 @@ +From b692f86a93c8f7e6ac938277a9aec434b02c252b Mon Sep 17 00:00:00 2001 +From: Jerry Snitselaar +Date: Wed, 18 Mar 2020 13:35:22 -0700 +Subject: [PATCH] trousers: resolve build failure + +The global variables tcsd_sa_chld and tcsd_sa_int in tcsd.h are +causing build failures in latest Fedora release: + +/usr/bin/ld: ../../src/tcs/libtcs.a(libtcs_a-tcsi_changeauth.o):/builddir/build/BUILD/trousers-0.3.13/src/tcs/../include/tcsd.h:169: multiple definition of `tcsd_sa_chld'; tcsd-svrside.o:/builddir/build/BUILD/trousers-0.3.13/src/tcsd/../../src/include/tcsd.h:169: first defined here +/usr/bin/ld: ../../src/tcs/libtcs.a(libtcs_a-tcsi_changeauth.o):/builddir/build/BUILD/trousers-0.3.13/src/tcs/../include/tcsd.h:168: multiple definition of `tcsd_sa_int'; tcsd-svrside.o:/builddir/build/BUILD/trousers-0.3.13/src/tcsd/../../src/include/tcsd.h:168: first defined here + +They are no longer used since 9b40e581470b ("Improved daemon's signal +handling") so just remove them. + +Signed-off-by: Jerry Snitselaar +--- + src/include/tcsd.h | 6 ------ + 1 file changed, 6 deletions(-) + +diff --git a/src/include/tcsd.h b/src/include/tcsd.h +index 5b9462b85ed6..f5c286e01c86 100644 +--- a/src/include/tcsd.h ++++ b/src/include/tcsd.h +@@ -164,10 +164,4 @@ TSS_RESULT tcsd_thread_create(int, char *); + void *tcsd_thread_run(void *); + void thread_signal_init(); + +-/* signal handling */ +-#ifndef __APPLE__ +-struct sigaction tcsd_sa_int; +-struct sigaction tcsd_sa_chld; +-#endif +- + #endif +-- +2.24.0 + diff --git a/trousers-0.3.14-unlock-in-err-path.patch b/trousers-0.3.14-unlock-in-err-path.patch new file mode 100644 index 0000000..d4f7540 --- /dev/null +++ b/trousers-0.3.14-unlock-in-err-path.patch @@ -0,0 +1,11 @@ +diff -ur a/src/tspi/obj_context.c b/src/tspi/obj_context.c +--- a/src/tspi/obj_context.c 2014-11-03 12:31:55.000000000 -0700 ++++ b/src/tspi/obj_context.c 2018-08-10 11:02:02.246962638 -0700 +@@ -276,6 +276,7 @@ + context->machineName = (BYTE *)calloc(1, len); + if (context->machineName == NULL) { + LogError("malloc of %u bytes failed.", len); ++ obj_list_put(&context_list); + return TSPERR(TSS_E_OUTOFMEMORY); + } + memcpy(context->machineName, name, len); diff --git a/trousers.spec b/trousers.spec index 2292bef..c52a6e9 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,14 +1,19 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.13 -Release: 14%{?dist} +Version: 0.3.14 +Release: 1%{?dist} License: BSD Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service -Patch1: trousers-0.3.13-noinline.patch -Patch2: trousers-openssl1.1.patch +Patch1: trousers-0.3.14-noinline.patch +# submitted upstream +Patch2: trousers-0.3.14-unlock-in-err-path.patch +Patch3: trousers-0.3.14-fix-indent-obj_policy.patch +Patch4: trousers-0.3.14-double-free.patch +Patch5: trousers-0.3.14-fix-indent-tspi_key.patch +Patch6: trousers-0.3.14-tcsd-header-fix.patch BuildRequires: libtool, openssl-devel BuildRequires: systemd @@ -52,9 +57,13 @@ Header files and man pages for use in creating Trusted Computing enabled applications. %prep -%setup -q +%setup -cq %patch1 -p1 -b .noinline -%patch2 -p1 -b .ssl1.1 +%patch2 -p1 -b .unlock +%patch3 -p1 -b .indent_obj_policy +%patch4 -p1 -b .double_free +%patch5 -p1 -b .indent_tspi_key +%patch6 -p1 -b .header # fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -114,6 +123,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Wed Mar 18 2020 Jerry Snitselaar - 0.3.14-1 +- Rebase to 0.3.14 release + * Fri Jan 31 2020 Fedora Release Engineering - 0.3.13-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild From d0f83e6b9cf63914555789b9b55e2812788d1908 Mon Sep 17 00:00:00 2001 From: Igor Raits Date: Mon, 8 Jun 2020 14:56:14 +0200 Subject: [PATCH 64/74] Cleanup spec Signed-off-by: Igor Raits --- sources | 2 +- trousers.spec | 23 +++++++---------------- 2 files changed, 8 insertions(+), 17 deletions(-) diff --git a/sources b/sources index 3289f69..8948cd5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4a476b4f036dd20a764fb54fc24edbec trousers-0.3.14.tar.gz +SHA512 (trousers-0.3.14.tar.gz) = bf87f00329cf1d76a12cf6b6181fa22f90e76af3c5786e6e2db98438d2d3f0c0e05364374664173f45e3a2f6c0e2364948d0b958a7845cb23fcb340150cd9b21 diff --git a/trousers.spec b/trousers.spec index c52a6e9..9ba023f 100644 --- a/trousers.spec +++ b/trousers.spec @@ -57,13 +57,7 @@ Header files and man pages for use in creating Trusted Computing enabled applications. %prep -%setup -cq -%patch1 -p1 -b .noinline -%patch2 -p1 -b .unlock -%patch3 -p1 -b .indent_obj_policy -%patch4 -p1 -b .double_free -%patch5 -p1 -b .indent_tspi_key -%patch6 -p1 -b .header +%autosetup -c -p1 # fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -72,11 +66,11 @@ sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd make -k %{?_smp_mflags} %install -mkdir -p ${RPM_BUILD_ROOT}/%{_localstatedir}/lib/tpm -make install DESTDIR=${RPM_BUILD_ROOT} INSTALL="install -p" -rm -f ${RPM_BUILD_ROOT}/%{_libdir}/libtspi.la -mkdir -p $RPM_BUILD_ROOT%{_unitdir} -install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/ +mkdir -p %{buildroot}%{_localstatedir}/lib/tpm +%make_install +find %{buildroot} -type f -name '*.la' -print -delete +mkdir -p %{buildroot}%{_unitdir} +install -Dpm0644 %{SOURCE1} %{buildroot}%{_unitdir}/ %pre getent group tss >/dev/null || groupadd -g 59 -r tss @@ -94,8 +88,6 @@ exit 0 %postun %systemd_postun_with_restart tcsd.service -%ldconfig_scriptlets lib - %files %doc README ChangeLog %{_sbindir}/tcsd @@ -107,8 +99,7 @@ exit 0 %files lib %license LICENSE -%{_libdir}/libtspi.so.? -%{_libdir}/libtspi.so.?.?.? +%{_libdir}/libtspi.so.1* %files devel # The files to be used by developers, 'trousers-devel' From ad748f906a6286b551e204c75b80034469c1f69f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 29 Jul 2020 12:53:35 +0000 Subject: [PATCH 65/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 9ba023f..3a284be 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.14 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -114,6 +114,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Wed Jul 29 2020 Fedora Release Engineering - 0.3.14-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + * Wed Mar 18 2020 Jerry Snitselaar - 0.3.14-1 - Rebase to 0.3.14 release From ba65b02d14df4e4a21c824845cabda9bf5b5995d Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Tue, 15 Sep 2020 10:58:17 +0100 Subject: [PATCH 66/74] Update user creation to latest guidelines Signed-off-by: Peter Robinson --- trousers.spec | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/trousers.spec b/trousers.spec index 3a284be..b6f9618 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.14 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -73,10 +73,14 @@ mkdir -p %{buildroot}%{_unitdir} install -Dpm0644 %{SOURCE1} %{buildroot}%{_unitdir}/ %pre -getent group tss >/dev/null || groupadd -g 59 -r tss -getent passwd tss >/dev/null || \ -useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \ - -c "Account used by the trousers package to sandbox the tcsd daemon" tss +getent group tss >/dev/null || groupadd -f -g 59 -r tss +if ! getent passwd tss >/dev/null ; then + if ! getent passwd 59 >/dev/null ; then + useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin -c "Account used for TPM access" tss + else + useradd -r -g tss -d /dev/null -s /sbin/nologin -c "Account used for TPM access" tss + fi +fi exit 0 %post @@ -114,6 +118,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Tue Sep 15 2020 Peter Robinson - 0.3.14-3 +- Update user creation to latest guidelines + * Wed Jul 29 2020 Fedora Release Engineering - 0.3.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild From 3459d0cdf62335d30ae118a8952e34165f14782d Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar Date: Thu, 29 Oct 2020 16:00:41 -0700 Subject: [PATCH 67/74] trousers: security fixes Fixes for the following CVEs, plus a fix for an annocheck warning. - Fix for CVE-2020-24330 (RHBZ#1874824) - Fix for CVE-2020-24331 (RHBZ#1870057) - Fix for CVE-2020-24332 (RHBZ#1870053) Signed-off-by: Jerry Snitselaar --- trousers-0.3.14-correct-security-issues.patch | 89 +++++++++++++++++++ trousers-0.3.14-no-optimize.patch | 49 ++++++++++ trousers.spec | 11 ++- 3 files changed, 147 insertions(+), 2 deletions(-) create mode 100644 trousers-0.3.14-correct-security-issues.patch create mode 100644 trousers-0.3.14-no-optimize.patch diff --git a/trousers-0.3.14-correct-security-issues.patch b/trousers-0.3.14-correct-security-issues.patch new file mode 100644 index 0000000..afa80e9 --- /dev/null +++ b/trousers-0.3.14-correct-security-issues.patch @@ -0,0 +1,89 @@ +From e74dd1d96753b0538192143adf58d04fcd3b242b Mon Sep 17 00:00:00 2001 +From: Matthias Gerstner +Date: Fri, 14 Aug 2020 22:14:36 -0700 +Subject: [PATCH 1/2] Correct multiple security issues that are present if the + tcsd is started by root instead of the tss user. + +Patch fixes the following 3 CVEs: + +CVE-2020-24332 +If the tcsd daemon is started with root privileges, +the creation of the system.data file is prone to symlink attacks + +CVE-2020-24330 +If the tcsd daemon is started with root privileges, +it fails to drop the root gid after it is no longer needed + +CVE-2020-24331 +If the tcsd daemon is started with root privileges, +the tss user has read and write access to the /etc/tcsd.conf file + +Authored-by: Matthias Gerstner +Signed-off-by: Debora Velarde Babb +--- + src/tcs/ps/tcsps.c | 2 +- + src/tcsd/svrside.c | 1 + + src/tcsd/tcsd_conf.c | 10 +++++----- + 3 files changed, 7 insertions(+), 6 deletions(-) + +diff --git a/src/tcs/ps/tcsps.c b/src/tcs/ps/tcsps.c +index e47154b20612..85d45a96b7c3 100644 +--- a/src/tcs/ps/tcsps.c ++++ b/src/tcs/ps/tcsps.c +@@ -72,7 +72,7 @@ get_file() + } + + /* open and lock the file */ +- system_ps_fd = open(tcsd_options.system_ps_file, O_CREAT|O_RDWR, 0600); ++ system_ps_fd = open(tcsd_options.system_ps_file, O_CREAT|O_RDWR|O_NOFOLLOW, 0600); + if (system_ps_fd < 0) { + LogError("system PS: open() of %s failed: %s", + tcsd_options.system_ps_file, strerror(errno)); +diff --git a/src/tcsd/svrside.c b/src/tcsd/svrside.c +index 1ae1636f8730..1c12ff3afdd0 100644 +--- a/src/tcsd/svrside.c ++++ b/src/tcsd/svrside.c +@@ -473,6 +473,7 @@ main(int argc, char **argv) + } + return TCSERR(TSS_E_INTERNAL_ERROR); + } ++ setgid(pwd->pw_gid); + setuid(pwd->pw_uid); + #endif + #endif +diff --git a/src/tcsd/tcsd_conf.c b/src/tcsd/tcsd_conf.c +index a31503df3f1f..ea8ea13f5f16 100644 +--- a/src/tcsd/tcsd_conf.c ++++ b/src/tcsd/tcsd_conf.c +@@ -743,7 +743,7 @@ conf_file_init(struct tcsd_config *conf) + #ifndef SOLARIS + struct group *grp; + struct passwd *pw; +- mode_t mode = (S_IRUSR|S_IWUSR); ++ mode_t mode = (S_IRUSR|S_IWUSR|S_IRGRP); + #endif /* SOLARIS */ + TSS_RESULT result; + +@@ -798,15 +798,15 @@ conf_file_init(struct tcsd_config *conf) + } + + /* make sure user/group TSS owns the conf file */ +- if (pw->pw_uid != stat_buf.st_uid || grp->gr_gid != stat_buf.st_gid) { ++ if (stat_buf.st_uid != 0 || grp->gr_gid != stat_buf.st_gid) { + LogError("TCSD config file (%s) must be user/group %s/%s", tcsd_config_file, +- TSS_USER_NAME, TSS_GROUP_NAME); ++ "root", TSS_GROUP_NAME); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + +- /* make sure only the tss user can manipulate the config file */ ++ /* make sure only the tss user can read (but not manipulate) the config file */ + if (((stat_buf.st_mode & 0777) ^ mode) != 0) { +- LogError("TCSD config file (%s) must be mode 0600", tcsd_config_file); ++ LogError("TCSD config file (%s) must be mode 0640", tcsd_config_file); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + #endif /* SOLARIS */ +-- +2.27.0 + diff --git a/trousers-0.3.14-no-optimize.patch b/trousers-0.3.14-no-optimize.patch new file mode 100644 index 0000000..a7af3df --- /dev/null +++ b/trousers-0.3.14-no-optimize.patch @@ -0,0 +1,49 @@ +From 6edef3777f9b9a26e63168bb81c8d4f4ddb17017 Mon Sep 17 00:00:00 2001 +From: Jerry Snitselaar +Date: Wed, 5 Jun 2019 11:51:33 -0700 +Subject: [PATCH 2/2] trousers: don't use __no_optimize + +The trousers is failing annocheck hardened check due to +__no_optimize being used for __tspi_memset(). Instead of +__no_optimize use a asm memory barrier. + +Signed-off-by: Jerry Snitselaar +Signed-off-by: Debora Velarde Babb +--- + src/include/spi_utils.h | 2 +- + src/tspi/tsp_context_mem.c | 6 ++++-- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/include/spi_utils.h b/src/include/spi_utils.h +index 11255b20a21d..6ef21ce0cc83 100644 +--- a/src/include/spi_utils.h ++++ b/src/include/spi_utils.h +@@ -53,7 +53,7 @@ MUTEX_DECLARE_EXTERN(mem_cache_lock); + void *calloc_tspi(TSS_HCONTEXT, UINT32); + TSS_RESULT free_tspi(TSS_HCONTEXT, void *); + TSS_RESULT __tspi_add_mem_entry(TSS_HCONTEXT, void *); +-void * __no_optimize __tspi_memset(void *, int, size_t); ++void * __tspi_memset(void *, int, size_t); + + /* secrets.c */ + +diff --git a/src/tspi/tsp_context_mem.c b/src/tspi/tsp_context_mem.c +index 2982df9fed06..2769af3662b9 100644 +--- a/src/tspi/tsp_context_mem.c ++++ b/src/tspi/tsp_context_mem.c +@@ -258,8 +258,10 @@ free_tspi(TSS_HCONTEXT tspContext, void *memPointer) + } + + /* definition for a memset that cannot be optimized away */ +-void * __no_optimize ++void * + __tspi_memset(void *s, int c, size_t n) + { +- return memset(s, c, n); ++ memset(s, c, n); ++ asm volatile("" ::: "memory"); ++ return s; + } +-- +2.27.0 + diff --git a/trousers.spec b/trousers.spec index b6f9618..4e087f9 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.14 -Release: 3%{?dist} +Release: 4%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -14,6 +14,8 @@ Patch3: trousers-0.3.14-fix-indent-obj_policy.patch Patch4: trousers-0.3.14-double-free.patch Patch5: trousers-0.3.14-fix-indent-tspi_key.patch Patch6: trousers-0.3.14-tcsd-header-fix.patch +Patch7: trousers-0.3.14-correct-security-issues.patch +Patch8: trousers-0.3.14-no-optimize.patch BuildRequires: libtool, openssl-devel BuildRequires: systemd @@ -95,7 +97,7 @@ exit 0 %files %doc README ChangeLog %{_sbindir}/tcsd -%config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf +%config(noreplace) %attr(0640, root, tss) %{_sysconfdir}/tcsd.conf %{_mandir}/man5/* %{_mandir}/man8/* %attr(644,root,root) %{_unitdir}/tcsd.service @@ -118,6 +120,11 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Thu Oct 29 2020 Jerry Snitselaar - 0.3.14-4 +- Fix for CVE-2020-24330 (RHBZ#1874824) +- Fix for CVE-2020-24331 (RHBZ#1870057) +- Fix for CVE-2020-24332 (RHBZ#1870053) + * Tue Sep 15 2020 Peter Robinson - 0.3.14-3 - Update user creation to latest guidelines From b3294b70736f67aa8fe8795c817b05d1c5a5ba09 Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar Date: Fri, 6 Nov 2020 17:56:25 -0700 Subject: [PATCH 68/74] trousers: Rebase to 0.3.15 release Signed-off-by: Jerry Snitselaar --- trousers-0.3.13-noinline.patch | 70 --- trousers-0.3.14-correct-security-issues.patch | 89 ---- trousers-0.3.14-double-free.patch | 27 -- trousers-0.3.14-no-optimize.patch | 49 -- trousers-0.3.14-noinline.patch | 10 +- trousers-0.3.14-tcsd-header-fix.patch | 37 -- trousers-openssl1.1.patch | 448 ------------------ trousers.spec | 19 +- 8 files changed, 15 insertions(+), 734 deletions(-) delete mode 100644 trousers-0.3.13-noinline.patch delete mode 100644 trousers-0.3.14-correct-security-issues.patch delete mode 100644 trousers-0.3.14-double-free.patch delete mode 100644 trousers-0.3.14-no-optimize.patch delete mode 100644 trousers-0.3.14-tcsd-header-fix.patch delete mode 100644 trousers-openssl1.1.patch diff --git a/trousers-0.3.13-noinline.patch b/trousers-0.3.13-noinline.patch deleted file mode 100644 index da1b09c..0000000 --- a/trousers-0.3.13-noinline.patch +++ /dev/null @@ -1,70 +0,0 @@ -diff -up trousers-0.3.13/src/include/tcsps.h.noinline trousers-0.3.13/src/include/tcsps.h ---- trousers-0.3.13/src/include/tcsps.h.noinline 2014-04-24 20:05:44.000000000 +0200 -+++ trousers-0.3.13/src/include/tcsps.h 2015-05-26 16:36:20.685075185 +0200 -@@ -27,8 +27,8 @@ void ps_destroy(); - TSS_RESULT read_data(int, void *, UINT32); - TSS_RESULT write_data(int, void *, UINT32); - #else --inline TSS_RESULT read_data(int, void *, UINT32); --inline TSS_RESULT write_data(int, void *, UINT32); -+TSS_RESULT read_data(int, void *, UINT32); -+TSS_RESULT write_data(int, void *, UINT32); - #endif - int write_key_init(int, UINT32, UINT32, UINT32); - TSS_RESULT cache_key(UINT32, UINT16, TSS_UUID *, TSS_UUID *, UINT16, UINT32, UINT32); -diff -up trousers-0.3.13/src/include/tspps.h.noinline trousers-0.3.13/src/include/tspps.h ---- trousers-0.3.13/src/include/tspps.h.noinline 2014-04-24 20:05:44.000000000 +0200 -+++ trousers-0.3.13/src/include/tspps.h 2015-05-26 16:36:31.730325291 +0200 -@@ -18,8 +18,8 @@ - - TSS_RESULT get_file(int *); - int put_file(int); --inline TSS_RESULT read_data(int, void *, UINT32); --inline TSS_RESULT write_data(int, void *, UINT32); -+TSS_RESULT read_data(int, void *, UINT32); -+TSS_RESULT write_data(int, void *, UINT32); - UINT32 psfile_get_num_keys(int); - TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *); - TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *); -diff -up trousers-0.3.13/src/tcs/ps/ps_utils.c.noinline trousers-0.3.13/src/tcs/ps/ps_utils.c ---- trousers-0.3.13/src/tcs/ps/ps_utils.c.noinline 2014-04-24 20:05:44.000000000 +0200 -+++ trousers-0.3.13/src/tcs/ps/ps_utils.c 2015-05-26 16:38:33.626085483 +0200 -@@ -45,7 +45,7 @@ struct key_disk_cache *key_disk_cache_he - #ifdef SOLARIS - TSS_RESULT - #else --inline TSS_RESULT -+TSS_RESULT - #endif - read_data(int fd, void *data, UINT32 size) - { -@@ -67,7 +67,7 @@ read_data(int fd, void *data, UINT32 siz - #ifdef SOLARIS - TSS_RESULT - #else --inline TSS_RESULT -+TSS_RESULT - #endif - write_data(int fd, void *data, UINT32 size) - { -diff -up trousers-0.3.13/src/tspi/ps/ps_utils.c.noinline trousers-0.3.13/src/tspi/ps/ps_utils.c ---- trousers-0.3.13/src/tspi/ps/ps_utils.c.noinline 2014-04-24 20:05:44.000000000 +0200 -+++ trousers-0.3.13/src/tspi/ps/ps_utils.c 2015-05-26 16:39:30.881381965 +0200 -@@ -22,7 +22,7 @@ - #include "tspps.h" - #include "tsplog.h" - --inline TSS_RESULT -+TSS_RESULT - read_data(int fd, void *data, UINT32 size) - { - int rc; -@@ -39,7 +39,7 @@ read_data(int fd, void *data, UINT32 siz - return TSS_SUCCESS; - } - --inline TSS_RESULT -+TSS_RESULT - write_data(int fd, void *data, UINT32 size) - { - int rc; diff --git a/trousers-0.3.14-correct-security-issues.patch b/trousers-0.3.14-correct-security-issues.patch deleted file mode 100644 index afa80e9..0000000 --- a/trousers-0.3.14-correct-security-issues.patch +++ /dev/null @@ -1,89 +0,0 @@ -From e74dd1d96753b0538192143adf58d04fcd3b242b Mon Sep 17 00:00:00 2001 -From: Matthias Gerstner -Date: Fri, 14 Aug 2020 22:14:36 -0700 -Subject: [PATCH 1/2] Correct multiple security issues that are present if the - tcsd is started by root instead of the tss user. - -Patch fixes the following 3 CVEs: - -CVE-2020-24332 -If the tcsd daemon is started with root privileges, -the creation of the system.data file is prone to symlink attacks - -CVE-2020-24330 -If the tcsd daemon is started with root privileges, -it fails to drop the root gid after it is no longer needed - -CVE-2020-24331 -If the tcsd daemon is started with root privileges, -the tss user has read and write access to the /etc/tcsd.conf file - -Authored-by: Matthias Gerstner -Signed-off-by: Debora Velarde Babb ---- - src/tcs/ps/tcsps.c | 2 +- - src/tcsd/svrside.c | 1 + - src/tcsd/tcsd_conf.c | 10 +++++----- - 3 files changed, 7 insertions(+), 6 deletions(-) - -diff --git a/src/tcs/ps/tcsps.c b/src/tcs/ps/tcsps.c -index e47154b20612..85d45a96b7c3 100644 ---- a/src/tcs/ps/tcsps.c -+++ b/src/tcs/ps/tcsps.c -@@ -72,7 +72,7 @@ get_file() - } - - /* open and lock the file */ -- system_ps_fd = open(tcsd_options.system_ps_file, O_CREAT|O_RDWR, 0600); -+ system_ps_fd = open(tcsd_options.system_ps_file, O_CREAT|O_RDWR|O_NOFOLLOW, 0600); - if (system_ps_fd < 0) { - LogError("system PS: open() of %s failed: %s", - tcsd_options.system_ps_file, strerror(errno)); -diff --git a/src/tcsd/svrside.c b/src/tcsd/svrside.c -index 1ae1636f8730..1c12ff3afdd0 100644 ---- a/src/tcsd/svrside.c -+++ b/src/tcsd/svrside.c -@@ -473,6 +473,7 @@ main(int argc, char **argv) - } - return TCSERR(TSS_E_INTERNAL_ERROR); - } -+ setgid(pwd->pw_gid); - setuid(pwd->pw_uid); - #endif - #endif -diff --git a/src/tcsd/tcsd_conf.c b/src/tcsd/tcsd_conf.c -index a31503df3f1f..ea8ea13f5f16 100644 ---- a/src/tcsd/tcsd_conf.c -+++ b/src/tcsd/tcsd_conf.c -@@ -743,7 +743,7 @@ conf_file_init(struct tcsd_config *conf) - #ifndef SOLARIS - struct group *grp; - struct passwd *pw; -- mode_t mode = (S_IRUSR|S_IWUSR); -+ mode_t mode = (S_IRUSR|S_IWUSR|S_IRGRP); - #endif /* SOLARIS */ - TSS_RESULT result; - -@@ -798,15 +798,15 @@ conf_file_init(struct tcsd_config *conf) - } - - /* make sure user/group TSS owns the conf file */ -- if (pw->pw_uid != stat_buf.st_uid || grp->gr_gid != stat_buf.st_gid) { -+ if (stat_buf.st_uid != 0 || grp->gr_gid != stat_buf.st_gid) { - LogError("TCSD config file (%s) must be user/group %s/%s", tcsd_config_file, -- TSS_USER_NAME, TSS_GROUP_NAME); -+ "root", TSS_GROUP_NAME); - return TCSERR(TSS_E_INTERNAL_ERROR); - } - -- /* make sure only the tss user can manipulate the config file */ -+ /* make sure only the tss user can read (but not manipulate) the config file */ - if (((stat_buf.st_mode & 0777) ^ mode) != 0) { -- LogError("TCSD config file (%s) must be mode 0600", tcsd_config_file); -+ LogError("TCSD config file (%s) must be mode 0640", tcsd_config_file); - return TCSERR(TSS_E_INTERNAL_ERROR); - } - #endif /* SOLARIS */ --- -2.27.0 - diff --git a/trousers-0.3.14-double-free.patch b/trousers-0.3.14-double-free.patch deleted file mode 100644 index ef7a36a..0000000 --- a/trousers-0.3.14-double-free.patch +++ /dev/null @@ -1,27 +0,0 @@ -diff -ur trousers-0.3.14/src/tspi/tsp_auth.c trousers-0.3.14-new/src/tspi/tsp_auth.c ---- trousers-0.3.14/src/tspi/tsp_auth.c 2014-07-23 12:42:45.000000000 -0700 -+++ trousers-0.3.14-new/src/tspi/tsp_auth.c 2019-05-27 13:41:57.316000945 -0700 -@@ -1221,7 +1221,7 @@ - } - - *handles = handle; -- handles_track = handles; -+ handles_track = handles; - - // Since the call tree of this function can possibly alloc memory - // (check RPC_ExecuteTransport_TP function), its better to keep track of -@@ -1229,9 +1229,11 @@ - result = obj_context_transport_execute(tspContext, TPM_ORD_Terminate_Handle, 0, NULL, - NULL, &handlesLen, &handles, NULL, NULL, NULL, NULL); - -- free(handles); -- handles = NULL; -- free(handles_track); -+ if (handles != handles_track) { -+ free(handles); -+ } -+ -+ free(handles_track); - - return result; - } diff --git a/trousers-0.3.14-no-optimize.patch b/trousers-0.3.14-no-optimize.patch deleted file mode 100644 index a7af3df..0000000 --- a/trousers-0.3.14-no-optimize.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 6edef3777f9b9a26e63168bb81c8d4f4ddb17017 Mon Sep 17 00:00:00 2001 -From: Jerry Snitselaar -Date: Wed, 5 Jun 2019 11:51:33 -0700 -Subject: [PATCH 2/2] trousers: don't use __no_optimize - -The trousers is failing annocheck hardened check due to -__no_optimize being used for __tspi_memset(). Instead of -__no_optimize use a asm memory barrier. - -Signed-off-by: Jerry Snitselaar -Signed-off-by: Debora Velarde Babb ---- - src/include/spi_utils.h | 2 +- - src/tspi/tsp_context_mem.c | 6 ++++-- - 2 files changed, 5 insertions(+), 3 deletions(-) - -diff --git a/src/include/spi_utils.h b/src/include/spi_utils.h -index 11255b20a21d..6ef21ce0cc83 100644 ---- a/src/include/spi_utils.h -+++ b/src/include/spi_utils.h -@@ -53,7 +53,7 @@ MUTEX_DECLARE_EXTERN(mem_cache_lock); - void *calloc_tspi(TSS_HCONTEXT, UINT32); - TSS_RESULT free_tspi(TSS_HCONTEXT, void *); - TSS_RESULT __tspi_add_mem_entry(TSS_HCONTEXT, void *); --void * __no_optimize __tspi_memset(void *, int, size_t); -+void * __tspi_memset(void *, int, size_t); - - /* secrets.c */ - -diff --git a/src/tspi/tsp_context_mem.c b/src/tspi/tsp_context_mem.c -index 2982df9fed06..2769af3662b9 100644 ---- a/src/tspi/tsp_context_mem.c -+++ b/src/tspi/tsp_context_mem.c -@@ -258,8 +258,10 @@ free_tspi(TSS_HCONTEXT tspContext, void *memPointer) - } - - /* definition for a memset that cannot be optimized away */ --void * __no_optimize -+void * - __tspi_memset(void *s, int c, size_t n) - { -- return memset(s, c, n); -+ memset(s, c, n); -+ asm volatile("" ::: "memory"); -+ return s; - } --- -2.27.0 - diff --git a/trousers-0.3.14-noinline.patch b/trousers-0.3.14-noinline.patch index 2880bb3..856fd5d 100644 --- a/trousers-0.3.14-noinline.patch +++ b/trousers-0.3.14-noinline.patch @@ -1,14 +1,14 @@ -diff -ur a/src/include/tspps.h b/src/include/tspps.h ---- a/src/include/tspps.h 2014-07-23 12:42:44.000000000 -0700 -+++ b/src/include/tspps.h 2018-08-01 19:33:42.454192873 -0700 +diff -ur trousers-0.3.15/src/include/tspps.h trousers-0.3.15-new/src/include/tspps.h +--- trousers-0.3.15/src/include/tspps.h 2020-05-27 23:01:45.000000000 -0700 ++++ trousers-0.3.15-new/src/include/tspps.h 2020-11-06 17:46:53.796319788 -0700 @@ -18,8 +18,8 @@ TSS_RESULT get_file(int *); int put_file(int); -inline TSS_RESULT read_data(int, void *, UINT32); -inline TSS_RESULT write_data(int, void *, UINT32); -+TSS_RESULT read_data(int, void *, UINT32); -+TSS_RESULT write_data(int, void *, UINT32); ++TSS_RESULT read_data(int, void *, UINT32); ++TSS_RESULT write_data(int, void *, UINT32); UINT32 psfile_get_num_keys(int); TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *); TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *); diff --git a/trousers-0.3.14-tcsd-header-fix.patch b/trousers-0.3.14-tcsd-header-fix.patch deleted file mode 100644 index b5b3f3b..0000000 --- a/trousers-0.3.14-tcsd-header-fix.patch +++ /dev/null @@ -1,37 +0,0 @@ -From b692f86a93c8f7e6ac938277a9aec434b02c252b Mon Sep 17 00:00:00 2001 -From: Jerry Snitselaar -Date: Wed, 18 Mar 2020 13:35:22 -0700 -Subject: [PATCH] trousers: resolve build failure - -The global variables tcsd_sa_chld and tcsd_sa_int in tcsd.h are -causing build failures in latest Fedora release: - -/usr/bin/ld: ../../src/tcs/libtcs.a(libtcs_a-tcsi_changeauth.o):/builddir/build/BUILD/trousers-0.3.13/src/tcs/../include/tcsd.h:169: multiple definition of `tcsd_sa_chld'; tcsd-svrside.o:/builddir/build/BUILD/trousers-0.3.13/src/tcsd/../../src/include/tcsd.h:169: first defined here -/usr/bin/ld: ../../src/tcs/libtcs.a(libtcs_a-tcsi_changeauth.o):/builddir/build/BUILD/trousers-0.3.13/src/tcs/../include/tcsd.h:168: multiple definition of `tcsd_sa_int'; tcsd-svrside.o:/builddir/build/BUILD/trousers-0.3.13/src/tcsd/../../src/include/tcsd.h:168: first defined here - -They are no longer used since 9b40e581470b ("Improved daemon's signal -handling") so just remove them. - -Signed-off-by: Jerry Snitselaar ---- - src/include/tcsd.h | 6 ------ - 1 file changed, 6 deletions(-) - -diff --git a/src/include/tcsd.h b/src/include/tcsd.h -index 5b9462b85ed6..f5c286e01c86 100644 ---- a/src/include/tcsd.h -+++ b/src/include/tcsd.h -@@ -164,10 +164,4 @@ TSS_RESULT tcsd_thread_create(int, char *); - void *tcsd_thread_run(void *); - void thread_signal_init(); - --/* signal handling */ --#ifndef __APPLE__ --struct sigaction tcsd_sa_int; --struct sigaction tcsd_sa_chld; --#endif -- - #endif --- -2.24.0 - diff --git a/trousers-openssl1.1.patch b/trousers-openssl1.1.patch deleted file mode 100644 index 1fa2ebc..0000000 --- a/trousers-openssl1.1.patch +++ /dev/null @@ -1,448 +0,0 @@ -@@ -, +, @@ ---- - src/tcs/crypto/openssl/crypto.c | 15 ++++++--- - src/trspi/crypto/openssl/hash.c | 17 ++++++---- - src/trspi/crypto/openssl/rsa.c | 64 ++++++++++++++++++++++++++++++----- - src/trspi/crypto/openssl/symmetric.c | 65 +++++++++++++++++++++--------------- - 4 files changed, 115 insertions(+), 46 deletions(-) ---- a/src/tcs/crypto/openssl/crypto.c -+++ a/src/tcs/crypto/openssl/crypto.c -@@ -31,13 +31,17 @@ - TSS_RESULT - Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) - { -- EVP_MD_CTX md_ctx; -+ EVP_MD_CTX *md_ctx; - unsigned int result_size; - int rv; - -+ md_ctx = EVP_MD_CTX_new(); -+ if (md_ctx == NULL) -+ return TSPERR(TSS_E_OUTOFMEMORY); -+ - switch (HashType) { - case TSS_HASH_SHA1: -- rv = EVP_DigestInit(&md_ctx, EVP_sha1()); -+ rv = EVP_DigestInit(md_ctx, EVP_sha1()); - break; - default: - rv = TCSERR(TSS_E_BAD_PARAMETER); -@@ -50,19 +54,20 @@ Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) - goto out; - } - -- rv = EVP_DigestUpdate(&md_ctx, Buf, BufSize); -+ rv = EVP_DigestUpdate(md_ctx, Buf, BufSize); - if (rv != EVP_SUCCESS) { - rv = TCSERR(TSS_E_INTERNAL_ERROR); - goto out; - } - -- result_size = EVP_MD_CTX_size(&md_ctx); -- rv = EVP_DigestFinal(&md_ctx, Digest, &result_size); -+ result_size = EVP_MD_CTX_size(md_ctx); -+ rv = EVP_DigestFinal(md_ctx, Digest, &result_size); - if (rv != EVP_SUCCESS) { - rv = TCSERR(TSS_E_INTERNAL_ERROR); - } else - rv = TSS_SUCCESS; - - out: -+ EVP_MD_CTX_free(md_ctx); - return rv; - } ---- a/src/trspi/crypto/openssl/hash.c -+++ a/src/trspi/crypto/openssl/hash.c -@@ -56,13 +56,17 @@ int MGF1(unsigned char *, long, const unsigned char *, long); - TSS_RESULT - Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) - { -- EVP_MD_CTX md_ctx; -+ EVP_MD_CTX *md_ctx; - unsigned int result_size; - int rv; - -+ md_ctx = EVP_MD_CTX_new(); -+ if (md_ctx == NULL) -+ return TSPERR(TSS_E_OUTOFMEMORY); -+ - switch (HashType) { - case TSS_HASH_SHA1: -- rv = EVP_DigestInit(&md_ctx, EVP_sha1()); -+ rv = EVP_DigestInit(md_ctx, EVP_sha1()); - break; - default: - rv = TSPERR(TSS_E_BAD_PARAMETER); -@@ -75,14 +79,14 @@ Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) - goto err; - } - -- rv = EVP_DigestUpdate(&md_ctx, Buf, BufSize); -+ rv = EVP_DigestUpdate(md_ctx, Buf, BufSize); - if (rv != EVP_SUCCESS) { - rv = TSPERR(TSS_E_INTERNAL_ERROR); - goto err; - } - -- result_size = EVP_MD_CTX_size(&md_ctx); -- rv = EVP_DigestFinal(&md_ctx, Digest, &result_size); -+ result_size = EVP_MD_CTX_size(md_ctx); -+ rv = EVP_DigestFinal(md_ctx, Digest, &result_size); - if (rv != EVP_SUCCESS) { - rv = TSPERR(TSS_E_INTERNAL_ERROR); - goto err; -@@ -94,6 +98,7 @@ Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest) - err: - DEBUG_print_openssl_errors(); - out: -+ EVP_MD_CTX_free(md_ctx); - return rv; - } - -@@ -112,7 +117,7 @@ Trspi_HashInit(Trspi_HashCtx *ctx, UINT32 HashType) - break; - } - -- if ((ctx->ctx = malloc(sizeof(EVP_MD_CTX))) == NULL) -+ if ((ctx->ctx = EVP_MD_CTX_new()) == NULL) - return TSPERR(TSS_E_OUTOFMEMORY); - - rv = EVP_DigestInit((EVP_MD_CTX *)ctx->ctx, (const EVP_MD *)md); ---- a/src/trspi/crypto/openssl/rsa.c -+++ a/src/trspi/crypto/openssl/rsa.c -@@ -38,6 +38,25 @@ - #define DEBUG_print_openssl_errors() - #endif - -+#if OPENSSL_VERSION_NUMBER < 0x10100001L -+static int -+RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -+{ -+ if (n != NULL) { -+ BN_free(r->n); -+ r->n = n; -+ } -+ if (e != NULL) { -+ BN_free(r->e); -+ r->e = e; -+ } -+ if (d != NULL) { -+ BN_free(r->d); -+ r->d = d; -+ } -+ return 1; -+} -+#endif - - /* - * Hopefully this will make the code clearer since -@@ -61,6 +80,7 @@ Trspi_RSA_Encrypt(unsigned char *dataToEncrypt, /* in */ - RSA *rsa = RSA_new(); - BYTE encodedData[256]; - int encodedDataLen; -+ BIGNUM *rsa_n = NULL, *rsa_e = NULL; - - if (rsa == NULL) { - rv = TSPERR(TSS_E_OUTOFMEMORY); -@@ -68,12 +88,20 @@ Trspi_RSA_Encrypt(unsigned char *dataToEncrypt, /* in */ - } - - /* set the public key value in the OpenSSL object */ -- rsa->n = BN_bin2bn(publicKey, keysize, rsa->n); -+ rsa_n = BN_bin2bn(publicKey, keysize, NULL); - /* set the public exponent */ -- rsa->e = BN_bin2bn(exp, sizeof(exp), rsa->e); -+ rsa_e = BN_bin2bn(exp, sizeof(exp), NULL); - -- if (rsa->n == NULL || rsa->e == NULL) { -+ if (rsa_n == NULL || rsa_e == NULL) { - rv = TSPERR(TSS_E_OUTOFMEMORY); -+ BN_free(rsa_n); -+ BN_free(rsa_e); -+ goto err; -+ } -+ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) { -+ rv = TSPERR(TSS_E_FAIL); -+ BN_free(rsa_n); -+ BN_free(rsa_e); - goto err; - } - -@@ -123,6 +151,7 @@ Trspi_Verify(UINT32 HashType, BYTE *pHash, UINT32 iHashLength, - unsigned char exp[] = { 0x01, 0x00, 0x01 }; /* The default public exponent for the TPM */ - unsigned char buf[256]; - RSA *rsa = RSA_new(); -+ BIGNUM *rsa_n = NULL, *rsa_e = NULL; - - if (rsa == NULL) { - rv = TSPERR(TSS_E_OUTOFMEMORY); -@@ -146,12 +175,20 @@ Trspi_Verify(UINT32 HashType, BYTE *pHash, UINT32 iHashLength, - } - - /* set the public key value in the OpenSSL object */ -- rsa->n = BN_bin2bn(pModulus, iKeyLength, rsa->n); -+ rsa_n = BN_bin2bn(pModulus, iKeyLength, NULL); - /* set the public exponent */ -- rsa->e = BN_bin2bn(exp, sizeof(exp), rsa->e); -+ rsa_e = BN_bin2bn(exp, sizeof(exp), NULL); - -- if (rsa->n == NULL || rsa->e == NULL) { -+ if (rsa_n == NULL || rsa_e == NULL) { - rv = TSPERR(TSS_E_OUTOFMEMORY); -+ BN_free(rsa_n); -+ BN_free(rsa_e); -+ goto err; -+ } -+ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) { -+ rv = TSPERR(TSS_E_FAIL); -+ BN_free(rsa_n); -+ BN_free(rsa_e); - goto err; - } - -@@ -195,6 +232,7 @@ Trspi_RSA_Public_Encrypt(unsigned char *in, unsigned int inlen, - int rv, e_size = 3; - unsigned char exp[] = { 0x01, 0x00, 0x01 }; - RSA *rsa = RSA_new(); -+ BIGNUM *rsa_n = NULL, *rsa_e = NULL; - - if (rsa == NULL) { - rv = TSPERR(TSS_E_OUTOFMEMORY); -@@ -237,12 +275,20 @@ Trspi_RSA_Public_Encrypt(unsigned char *in, unsigned int inlen, - } - - /* set the public key value in the OpenSSL object */ -- rsa->n = BN_bin2bn(pubkey, pubsize, rsa->n); -+ rsa_n = BN_bin2bn(pubkey, pubsize, NULL); - /* set the public exponent */ -- rsa->e = BN_bin2bn(exp, e_size, rsa->e); -+ rsa_e = BN_bin2bn(exp, e_size, NULL); - -- if (rsa->n == NULL || rsa->e == NULL) { -+ if (rsa_n == NULL || rsa_e == NULL) { - rv = TSPERR(TSS_E_OUTOFMEMORY); -+ BN_free(rsa_n); -+ BN_free(rsa_e); -+ goto err; -+ } -+ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) { -+ rv = TSPERR(TSS_E_FAIL); -+ BN_free(rsa_n); -+ BN_free(rsa_e); - goto err; - } - ---- a/src/trspi/crypto/openssl/symmetric.c -+++ a/src/trspi/crypto/openssl/symmetric.c -@@ -52,7 +52,7 @@ Trspi_Encrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, - UINT32 *out_len) - { - TSS_RESULT result = TSS_SUCCESS; -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx = NULL; - UINT32 tmp; - - switch (alg) { -@@ -64,33 +64,37 @@ Trspi_Encrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, - break; - } - -- EVP_CIPHER_CTX_init(&ctx); -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) { -+ result = TSPERR(TSS_E_OUTOFMEMORY); -+ goto done; -+ } - -- if (!EVP_EncryptInit(&ctx, EVP_aes_256_ecb(), key, NULL)) { -+ if (!EVP_EncryptInit(ctx, EVP_aes_256_ecb(), key, NULL)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if (*out_len < in_len + EVP_CIPHER_CTX_block_size(&ctx) - 1) { -+ if (*out_len < in_len + EVP_CIPHER_CTX_block_size(ctx) - 1) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - goto done; - } - -- if (!EVP_EncryptUpdate(&ctx, out, (int *)out_len, in, in_len)) { -+ if (!EVP_EncryptUpdate(ctx, out, (int *)out_len, in, in_len)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if (!EVP_EncryptFinal(&ctx, out + *out_len, (int *)&tmp)) { -+ if (!EVP_EncryptFinal(ctx, out + *out_len, (int *)&tmp)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - *out_len += tmp; - done: -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - return result; - } - -@@ -99,7 +103,7 @@ Trspi_Decrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, - UINT32 *out_len) - { - TSS_RESULT result = TSS_SUCCESS; -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx = NULL; - UINT32 tmp; - - switch (alg) { -@@ -111,28 +115,32 @@ Trspi_Decrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out, - break; - } - -- EVP_CIPHER_CTX_init(&ctx); -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) { -+ result = TSPERR(TSS_E_OUTOFMEMORY); -+ goto done; -+ } - -- if (!EVP_DecryptInit(&ctx, EVP_aes_256_ecb(), key, NULL)) { -+ if (!EVP_DecryptInit(ctx, EVP_aes_256_ecb(), key, NULL)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if (!EVP_DecryptUpdate(&ctx, out, (int *)out_len, in, in_len)) { -+ if (!EVP_DecryptUpdate(ctx, out, (int *)out_len, in, in_len)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if (!EVP_DecryptFinal(&ctx, out + *out_len, (int *)&tmp)) { -+ if (!EVP_DecryptFinal(ctx, out + *out_len, (int *)&tmp)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - *out_len += tmp; - done: -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - return result; - } - -@@ -255,7 +263,7 @@ Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 - UINT32 *out_len) - { - TSS_RESULT result = TSS_SUCCESS; -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - EVP_CIPHER *cipher; - BYTE *def_iv = NULL, *outiv_ptr; - UINT32 tmp; -@@ -269,7 +277,9 @@ Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 - if ((cipher = get_openssl_cipher(alg, mode)) == NULL) - return TSPERR(TSS_E_INTERNAL_ERROR); - -- EVP_CIPHER_CTX_init(&ctx); -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) -+ return TSPERR(TSS_E_OUTOFMEMORY); - - /* If the iv passed in is NULL, create a new random iv and prepend it to the ciphertext */ - iv_len = EVP_CIPHER_iv_length(cipher); -@@ -289,25 +299,25 @@ Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 - outiv_ptr = out; - } - -- if (!EVP_EncryptInit(&ctx, (const EVP_CIPHER *)cipher, key, def_iv)) { -+ if (!EVP_EncryptInit(ctx, (const EVP_CIPHER *)cipher, key, def_iv)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if ((UINT32)outiv_len < in_len + (EVP_CIPHER_CTX_block_size(&ctx) * 2) - 1) { -+ if ((UINT32)outiv_len < in_len + (EVP_CIPHER_CTX_block_size(ctx) * 2) - 1) { - LogDebug("Not enough space to do symmetric encryption"); - result = TSPERR(TSS_E_INTERNAL_ERROR); - goto done; - } - -- if (!EVP_EncryptUpdate(&ctx, outiv_ptr, &outiv_len, in, in_len)) { -+ if (!EVP_EncryptUpdate(ctx, outiv_ptr, &outiv_len, in, in_len)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if (!EVP_EncryptFinal(&ctx, outiv_ptr + outiv_len, (int *)&tmp)) { -+ if (!EVP_EncryptFinal(ctx, outiv_ptr + outiv_len, (int *)&tmp)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; -@@ -320,7 +330,7 @@ done: - *out_len += iv_len; - free(def_iv); - } -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - return result; - } - -@@ -329,7 +339,7 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 - UINT32 *out_len) - { - TSS_RESULT result = TSS_SUCCESS; -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx = NULL; - EVP_CIPHER *cipher; - BYTE *def_iv = NULL, *iniv_ptr; - UINT32 tmp; -@@ -341,7 +351,10 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 - if ((cipher = get_openssl_cipher(alg, mode)) == NULL) - return TSPERR(TSS_E_INTERNAL_ERROR); - -- EVP_CIPHER_CTX_init(&ctx); -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) { -+ return TSPERR(TSS_E_OUTOFMEMORY); -+ } - - /* If the iv is NULL, assume that its prepended to the ciphertext */ - if (iv == NULL) { -@@ -361,19 +374,19 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 - iniv_len = in_len; - } - -- if (!EVP_DecryptInit(&ctx, cipher, key, def_iv)) { -+ if (!EVP_DecryptInit(ctx, cipher, key, def_iv)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if (!EVP_DecryptUpdate(&ctx, out, (int *)out_len, iniv_ptr, iniv_len)) { -+ if (!EVP_DecryptUpdate(ctx, out, (int *)out_len, iniv_ptr, iniv_len)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; - } - -- if (!EVP_DecryptFinal(&ctx, out + *out_len, (int *)&tmp)) { -+ if (!EVP_DecryptFinal(ctx, out + *out_len, (int *)&tmp)) { - result = TSPERR(TSS_E_INTERNAL_ERROR); - DEBUG_print_openssl_errors(); - goto done; -@@ -383,6 +396,6 @@ Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 - done: - if (def_iv != iv) - free(def_iv); -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - return result; - } --- diff --git a/trousers.spec b/trousers.spec index 4e087f9..9f1d626 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.14 -Release: 4%{?dist} +Version: 0.3.15 +Release: 1%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -11,13 +11,9 @@ Patch1: trousers-0.3.14-noinline.patch # submitted upstream Patch2: trousers-0.3.14-unlock-in-err-path.patch Patch3: trousers-0.3.14-fix-indent-obj_policy.patch -Patch4: trousers-0.3.14-double-free.patch -Patch5: trousers-0.3.14-fix-indent-tspi_key.patch -Patch6: trousers-0.3.14-tcsd-header-fix.patch -Patch7: trousers-0.3.14-correct-security-issues.patch -Patch8: trousers-0.3.14-no-optimize.patch +Patch4: trousers-0.3.14-fix-indent-tspi_key.patch -BuildRequires: libtool, openssl-devel +BuildRequires: libtool openssl-devel gettext-devel autoconf automake BuildRequires: systemd Requires(pre): shadow-utils Requires(post): systemd-units @@ -59,11 +55,13 @@ Header files and man pages for use in creating Trusted Computing enabled applications. %prep -%autosetup -c -p1 +%autosetup -p1 # fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in %build +chmod +x ./bootstrap.sh +./bootstrap.sh %configure --with-gui=openssl make -k %{?_smp_mflags} @@ -120,6 +118,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Fri Nov 06 2020 Jerry Snitselaar - 0.3.15-1 +- Rebase to 0.3.15 release. + * Thu Oct 29 2020 Jerry Snitselaar - 0.3.14-4 - Fix for CVE-2020-24330 (RHBZ#1874824) - Fix for CVE-2020-24331 (RHBZ#1870057) From 16f74e55185e71ad1d63e31e50c8639e5a0b8a4b Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar Date: Fri, 6 Nov 2020 18:16:30 -0700 Subject: [PATCH 69/74] trousers: update sources file Update sources file with new hash Signed-off-by: Jerry Snitselaar --- .gitignore | 1 + sources | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index fead07e..ba9e0aa 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ trousers-0.3.4.tar.gz /trousers-0.3.11.2.tar.gz /trousers-0.3.13.tar.gz /trousers-0.3.14.tar.gz +/trousers-0.3.15.tar.gz diff --git a/sources b/sources index 8948cd5..8d5886f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (trousers-0.3.14.tar.gz) = bf87f00329cf1d76a12cf6b6181fa22f90e76af3c5786e6e2db98438d2d3f0c0e05364374664173f45e3a2f6c0e2364948d0b958a7845cb23fcb340150cd9b21 +SHA512 (trousers-0.3.15.tar.gz) = 769c7d891c6306c1b3252448f86e3043ee837e566c9431f5b4353512113e2907f6ce29c91e8044c420025b79c5f3ff2396ddce93f73b1eb2a15ea1de89ac0fdb From 003376f15f6113650dbe813541ba3fb2ab62d5d4 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Tue, 19 Jan 2021 15:05:28 +0000 Subject: [PATCH 70/74] Add BuildRequires: make https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot Signed-off-by: Tom Stellard --- trousers.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/trousers.spec b/trousers.spec index 9f1d626..446972e 100644 --- a/trousers.spec +++ b/trousers.spec @@ -13,6 +13,7 @@ Patch2: trousers-0.3.14-unlock-in-err-path.patch Patch3: trousers-0.3.14-fix-indent-obj_policy.patch Patch4: trousers-0.3.14-fix-indent-tspi_key.patch +BuildRequires: make BuildRequires: libtool openssl-devel gettext-devel autoconf automake BuildRequires: systemd Requires(pre): shadow-utils From fc597f6b1771dcc497fba1b703ae3237c40072e8 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 27 Jan 2021 22:18:29 +0000 Subject: [PATCH 71/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 446972e..f0e29af 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.15 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -119,6 +119,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Wed Jan 27 2021 Fedora Release Engineering - 0.3.15-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Fri Nov 06 2020 Jerry Snitselaar - 0.3.15-1 - Rebase to 0.3.15 release. From c4ee41144a32abfb588f25ecbe2c76ed4757031e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 2 Mar 2021 16:12:08 +0100 Subject: [PATCH 72/74] Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. --- trousers.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index f0e29af..b7f22a7 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.15 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -119,6 +119,10 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 0.3.15-3 +- Rebuilt for updated systemd-rpm-macros + See https://pagure.io/fesco/issue/2583. + * Wed Jan 27 2021 Fedora Release Engineering - 0.3.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild From 7f3785762259dfaa22c24d1eb339b97c2e40b934 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 23 Jul 2021 19:38:49 +0000 Subject: [PATCH 73/74] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index b7f22a7..8463d47 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.15 -Release: 3%{?dist} +Release: 4%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -119,6 +119,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Fri Jul 23 2021 Fedora Release Engineering - 0.3.15-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + * Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 0.3.15-3 - Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. From 06dc5cdec043e6e0dfc6a0db24656f4c6f78ad4b Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Tue, 14 Sep 2021 19:17:04 +0200 Subject: [PATCH 74/74] Rebuilt with OpenSSL 3.0.0 --- trousers.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/trousers.spec b/trousers.spec index 8463d47..e51325e 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,7 +1,7 @@ Name: trousers Summary: TCG's Software Stack v1.2 Version: 0.3.15 -Release: 4%{?dist} +Release: 5%{?dist} License: BSD Url: http://trousers.sourceforge.net @@ -119,6 +119,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Tue Sep 14 2021 Sahana Prasad - 0.3.15-5 +- Rebuilt with OpenSSL 3.0.0 + * Fri Jul 23 2021 Fedora Release Engineering - 0.3.15-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild