78 lines
2.2 KiB
Diff
78 lines
2.2 KiB
Diff
From 53ecfcf6d934206e3daef4ed3515a0d6f098e276 Mon Sep 17 00:00:00 2001
|
|
From: Sergio Correia <scorreia@redhat.com>
|
|
Date: Wed, 16 Oct 2019 11:40:33 -0300
|
|
Subject: [PATCH 1/2] Adjust pin-tang test to account for newer tang without
|
|
tangd-update
|
|
|
|
---
|
|
src/pins/tang/meson.build | 9 ++-------
|
|
src/pins/tang/pin-tang | 11 ++++++++---
|
|
2 files changed, 10 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/src/pins/tang/meson.build b/src/pins/tang/meson.build
|
|
index 110d72d..061a79f 100644
|
|
--- a/src/pins/tang/meson.build
|
|
+++ b/src/pins/tang/meson.build
|
|
@@ -8,11 +8,6 @@ kgen = find_program(
|
|
'/usr/libexec/tangd-keygen',
|
|
required: false
|
|
)
|
|
-updt = find_program(
|
|
- join_paths(libexecdir, 'tangd-update'),
|
|
- '/usr/libexec/tangd-update',
|
|
- required: false
|
|
-)
|
|
tang = find_program(
|
|
join_paths(libexecdir, 'tangd'),
|
|
'/usr/libexec/tangd',
|
|
@@ -25,7 +20,7 @@ if curl.found()
|
|
bins += join_paths(meson.current_source_dir(), 'clevis-encrypt-tang')
|
|
mans += join_paths(meson.current_source_dir(), 'clevis-encrypt-tang.1')
|
|
|
|
- if actv.found() and kgen.found() and updt.found() and tang.found()
|
|
+ if actv.found() and kgen.found() and tang.found()
|
|
env = environment()
|
|
env.set('SD_ACTIVATE', actv.path())
|
|
env.append('PATH',
|
|
@@ -42,4 +37,4 @@ if curl.found()
|
|
endif
|
|
else
|
|
warning('Will not install tang pin due to missing dependencies!')
|
|
-endif
|
|
\ No newline at end of file
|
|
+endif
|
|
diff --git a/src/pins/tang/pin-tang b/src/pins/tang/pin-tang
|
|
index f420818..9dcc2da 100755
|
|
--- a/src/pins/tang/pin-tang
|
|
+++ b/src/pins/tang/pin-tang
|
|
@@ -31,18 +31,23 @@ mkdir -p $TMP/db
|
|
mkdir -p $TMP/cache
|
|
|
|
# Generate the server keys
|
|
+KEYS=$TMP/db
|
|
tangd-keygen $TMP/db sig exc
|
|
-tangd-update $TMP/db $TMP/cache
|
|
+if which tangd-update; then
|
|
+ tangd-update $TMP/db $TMP/cache
|
|
+ KEYS=$TMP/cache
|
|
+fi
|
|
|
|
# Start the server
|
|
port=`shuf -i 1024-65536 -n 1`
|
|
-$SD_ACTIVATE --inetd -l 127.0.0.1:$port -a tangd $TMP/cache &
|
|
+$SD_ACTIVATE --inetd -l 127.0.0.1:$port -a tangd $KEYS &
|
|
export PID=$!
|
|
sleep 0.25
|
|
|
|
thp=`jose jwk thp -i "$TMP/db/sig.jwk"`
|
|
-adv="$TMP/cache/default.jws"
|
|
url="http://localhost:${port}"
|
|
+adv="$TMP/adv"
|
|
+curl "$url/adv" -o $adv
|
|
|
|
cfg=`printf '{"url":"%s","adv":"%s"}' "$url" "$adv"`
|
|
enc=`echo -n "hi" | clevis encrypt tang "$cfg"`
|
|
--
|
|
2.21.0
|
|
|