Revert changes to default server_key_password for verifier/registrar

Resolves: RHEL-93678

Signed-off-by: Sergio Correia <scorreia@redhat.com>

0006-Revert-default-server_key_password-for-verifier-regi.patch

@@ -0,0 +1,66 @@
+From 733db4036f2142152795fc51b761f05e39594b08 Mon Sep 17 00:00:00 2001
+From: Sergio Correia <scorreia@redhat.com>
+Date: Tue, 27 May 2025 09:31:54 +0000
+Subject: [PATCH 6/6] Revert "default" server_key_password for
+ verifier/registrar
+
+Signed-off-by: Sergio Correia <scorreia@redhat.com>
+---
+ templates/2.0/mapping.json | 4 ++--
+ templates/2.1/mapping.json | 6 +++---
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/templates/2.0/mapping.json b/templates/2.0/mapping.json
+index 80dcdde..8fce124 100644
+--- a/templates/2.0/mapping.json
++++ b/templates/2.0/mapping.json
+@@ -232,7 +232,7 @@
+             "server_key_password": {
+                 "section": "cloud_verifier",
+                 "option": "private_key_pw",
+-                "default": ""
++                "default": "default"
+             },
+             "enable_agent_mtls": {
+                 "section": "cloud_verifier",
+@@ -563,7 +563,7 @@
+             "server_key_password": {
+                 "section": "registrar",
+                 "option": "private_key_pw",
+-                "default": ""
++                "default": "default"
+             },
+             "server_cert": {
+                 "section": "registrar",
+diff --git a/templates/2.1/mapping.json b/templates/2.1/mapping.json
+index 956a53a..88e3fb6 100644
+--- a/templates/2.1/mapping.json
++++ b/templates/2.1/mapping.json
+@@ -262,7 +262,7 @@
+             "server_key_password": {
+                 "section": "verifier",
+                 "option": "server_key_password",
+-                "default": ""
++                "default": "default"
+             },
+             "enable_agent_mtls": {
+                 "section": "verifier",
+@@ -593,7 +593,7 @@
+             "server_key_password": {
+                 "section": "registrar",
+                 "option": "server_key_password",
+-                "default": ""
++                "default": "default"
+             },
+             "server_cert": {
+                 "section": "registrar",
+@@ -835,4 +835,4 @@
+         "handler_consoleHandler": "logging",
+         "logger_keylime": "logging"
+     }
+-}
+\ No newline at end of file
++}
+-- 
+2.47.1
+

keylime.spec

@@ -9,7 +9,7 @@
 
 Name:    keylime
 Version: 7.12.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: Open source TPM software for Bootstrapping and Maintaining Trust
 
 URL:            https://github.com/keylime/keylime
@@ -21,9 +21,11 @@ Patch: 0001-Make-keylime-compatible-with-python-3.9.patch
 Patch: 0002-tests-fix-rpm-repo-tests-from-create-runtime-policy.patch
 Patch: 0003-tests-skip-measured-boot-related-tests-for-s390x-and.patch
 Patch: 0004-templates-duplicate-str_to_version-in-the-adjust-scr.patch
-# RHEL-9 ships a slightly modified version of create_allowlist.sh.
-# DO NOT REMOVE THE FOLLOWING PATCH IN FOLLOWING RHEL-9.x REBASES.
+# RHEL-9 ships a slightly modified version of create_allowlist.sh and
+# also a "default" server_key_password for the registrar and verifier.
+# DO NOT REMOVE THE FOLLOWING TWO PATCHES IN FOLLOWING RHEL-9.x REBASES.
 Patch: 0005-Restore-RHEL-9-version-of-create_allowlist.sh.patch
+Patch: 0006-Revert-default-server_key_password-for-verifier-regi.patch
 
 License: ASL 2.0 and MIT
 
@@ -417,6 +419,10 @@ fi
 %license LICENSE
 
 %changelog
+* Tue May 27 2025 Sergio Correia <scorreia@redhat.com> - 7.12.1-2
+- Revert changes to default server_key_password for verifier/registrar
+  Resolves: RHEL-93678
+
 * Thu May 22 2025 Sergio Correia <scorreia@redhat.com> - 7.12.1-1
 - Update to 7.12.1
   Resolves: RHEL-78418