Properly fix malformed TPM certificates workaround

The previous fix attempt on commit 7b863e8 was incorrect. This is a replacement for that fix. Restore the possibility of using an alternative certificate verification script to verify the EK certificate. Resolves: RHEL-111244 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2025-09-15 14:04:47 +02:00 · 2025-09-15 14:04:47 +02:00 · 552b797963
commit 552b797963
parent 7b863e83f7
2 changed files with 1171 additions and 330 deletions
--- a/0013-fix-malformed-certs-workaround.patch
+++ b/0013-fix-malformed-certs-workaround.patch
--- a/keylime.spec
+++ b/keylime.spec
@ -9,7 +9,7 @@

 Name:    keylime
 Version: 7.12.1
-Release: 11%{?dist}.1
+Release: 11%{?dist}.2
 Summary: Open source TPM software for Bootstrapping and Maintaining Trust

 URL:            https://github.com/keylime/keylime
@ -434,6 +434,10 @@ fi
 %license LICENSE

 %changelog
+* Mon Sep 15 2025 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.12.1-11.2
+- Properly fix the malformed certificate workaround
+  Resolves: RHEL-111244
+
 * Mon Aug 18 2025 Sergio Correia <scorreia@redhat.com> - 7.12.1-11
 -  Fix for revocation notifier not closing TLS session correctly
   Resolves: RHEL-109656