import swtpm-0.6.0-2.20210607gitea627b3.module+el8.6.0+12861+13975d62

.gitignore

@@ -0,0 +1 @@
+SOURCES/swtpm-ea627b3.tar.gz

.swtpm.metadata

@@ -0,0 +1 @@
+12b1b68e25479473e9ab33102df40ba368d9b74c SOURCES/swtpm-ea627b3.tar.gz

SOURCES/0001-build-sys-add-missing-AM_CFLAGS.patch

@@ -0,0 +1,80 @@
+From b40714634099d8a6ba342397a29ca20b50128c3c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
+Date: Thu, 16 Sep 2021 15:39:00 +0400
+Subject: [PATCH] build-sys: add missing AM_CFLAGS
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Some binaries are being built without configure time CFLAGS, fix it.
+
+Upstream commit is cab1e2186fa6f73ffe5848362d5f7c5a2c555bdb ("build-sys:
+Add MY_CFLAGS, CFLAGS, and MY_LDFLAGS to all Makefile.am's") and earlier.
+
+Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+---
+ src/swtpm_bios/Makefile.am  | 3 ++-
+ src/swtpm_cert/Makefile.am  | 3 ++-
+ src/swtpm_ioctl/Makefile.am | 3 ++-
+ src/swtpm_setup/Makefile.am | 3 ++-
+ 4 files changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/src/swtpm_bios/Makefile.am b/src/swtpm_bios/Makefile.am
+index c7c3016..a6c7166 100644
+--- a/src/swtpm_bios/Makefile.am
++++ b/src/swtpm_bios/Makefile.am
+@@ -13,7 +13,8 @@ bin_PROGRAMS = \
+ swtpm_bios_CFLAGS = \
+ 	-I$(top_builddir)/include \
+ 	-I$(top_srcdir)/include \
+-	$(HARDENING_CFLAGS)
++	$(HARDENING_CFLAGS) \
++	@AM_CFLAGS@
+ 
+ swtpm_bios_LDFLAGS = \
+ 	$(HARDENING_LDFLAGS)
+diff --git a/src/swtpm_cert/Makefile.am b/src/swtpm_cert/Makefile.am
+index bf0d8b7..74e4d2a 100644
+--- a/src/swtpm_cert/Makefile.am
++++ b/src/swtpm_cert/Makefile.am
+@@ -18,7 +18,8 @@ swtpm_cert_SOURCES = \
+ 
+ swtpm_cert_CFLAGS = \
+ 	-I$(top_builddir)/include \
+-	-I$(top_srcdir)/include
++	-I$(top_srcdir)/include \
++	@AM_CFLAGS@
+ 
+ ek-cert.o : tpm_asn1.h
+ 
+diff --git a/src/swtpm_ioctl/Makefile.am b/src/swtpm_ioctl/Makefile.am
+index cc8388c..3b722bd 100644
+--- a/src/swtpm_ioctl/Makefile.am
++++ b/src/swtpm_ioctl/Makefile.am
+@@ -14,7 +14,8 @@ swtpm_ioctl_SOURCES = tpm_ioctl.c
+ swtpm_ioctl_CFLAGS = \
+ 	-I$(top_builddir)/include \
+ 	-I$(top_srcdir)/include \
+-	$(HARDENING_CFLAGS)
++	$(HARDENING_CFLAGS) \
++	@AM_CFLAGS@
+ 
+ swtpm_ioctl_LDFLAGS = \
+ 	$(HARDENING_LDFLAGS)
+diff --git a/src/swtpm_setup/Makefile.am b/src/swtpm_setup/Makefile.am
+index 045bdb1..5696dde 100644
+--- a/src/swtpm_setup/Makefile.am
++++ b/src/swtpm_setup/Makefile.am
+@@ -40,7 +40,8 @@ swtpm_setup_CFLAGS = \
+ 	-I$(top_srcdir)/src/utils \
+ 	$(HARDENING_CFLAGS) \
+ 	$(GLIB_CFLAGS) \
+-	$(JSON_GLIB_CFLAGS)
++	$(JSON_GLIB_CFLAGS) \
++	@AM_CFLAGS@
+ 
+ EXTRA_DIST = \
+ 	README
+-- 
+2.33.0.113.g6c40894d24
+

SPECS/swtpm.spec

@@ -0,0 +1,242 @@
+%bcond_without gnutls
+
+%global gitdate     20210607
+%global gitcommit   ea627b3b5e847f9141fcf25de0c03004d35fb375
+%global gitshortcommit  %(c=%{gitcommit}; echo ${c:0:7})
+
+# Macros needed by SELinux
+%global selinuxtype targeted
+%global moduletype  contrib
+%global modulename  swtpm
+
+Summary: TPM Emulator
+Name:           swtpm
+Version:        0.6.0
+Release:        2.%{gitdate}git%{gitshortcommit}%{?dist}
+License:        BSD
+Url:            http://github.com/stefanberger/swtpm
+Source0:        %{url}/archive/%{gitcommit}/%{name}-%{gitshortcommit}.tar.gz
+Patch0001:      0001-build-sys-add-missing-AM_CFLAGS.patch
+ExcludeArch:    i686
+
+BuildRequires: make
+BuildRequires:  git-core
+BuildRequires:  automake
+BuildRequires:  autoconf
+BuildRequires:  libtool
+BuildRequires:  libtpms-devel >= 0.6.0
+BuildRequires:  expect
+BuildRequires:  net-tools
+BuildRequires:  openssl-devel
+BuildRequires:  socat
+BuildRequires:  softhsm
+BuildRequires:  json-glib-devel
+%if %{with gnutls}
+BuildRequires:  gnutls >= 3.4.0
+BuildRequires:  gnutls-devel
+BuildRequires:  gnutls-utils
+BuildRequires:  libtasn1-devel
+BuildRequires:  libtasn1
+%endif
+BuildRequires:  selinux-policy-devel
+BuildRequires:  gcc
+BuildRequires:  libseccomp-devel
+BuildRequires:  tpm2-tools tpm2-abrmd
+BuildRequires:  python3
+
+Requires:       %{name}-libs = %{version}-%{release}
+Requires:       libtpms >= 0.6.0
+%{?selinux_requires}
+
+%description
+TPM emulator built on libtpms providing TPM functionality for QEMU VMs
+
+%package        libs
+Summary:        Private libraries for swtpm TPM emulators
+License:        BSD
+
+%description    libs
+A private library with callback functions for libtpms based swtpm TPM emulator
+
+%package        devel
+Summary:        Include files for the TPM emulator's CUSE interface for usage by clients
+License:        BSD
+Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
+
+%description    devel
+Include files for the TPM emulator's CUSE interface.
+
+%package        tools
+Summary:        Tools for the TPM emulator
+License:        BSD
+Requires:       swtpm = %{version}-%{release}
+Requires:       bash gnutls-utils
+
+%description    tools
+Tools for the TPM emulator from the swtpm package
+
+%package        tools-pkcs11
+Summary:        Tools for creating a local CA based on a TPM pkcs11 device
+License:        BSD
+Requires:       swtpm-tools = %{version}-%{release}
+Requires:       tpm2-tools tpm2-abrmd
+Requires:       expect gnutls-utils
+
+%description   tools-pkcs11
+Tools for creating a local CA based on a pkcs11 device
+
+%prep
+%autosetup -S git -n %{name}-%{gitcommit} -p1
+
+%build
+
+NOCONFIGURE=1 ./autogen.sh
+%configure \
+%if %{with gnutls}
+        --with-gnutls \
+%endif
+        --without-cuse
+
+%make_build CFLAGS="-Wno-error=deprecated-declarations -fPIE" V=1
+
+%check
+make %{?_smp_mflags} check VERBOSE=1 CFLAGS="-Wno-error=deprecated-declarations -fPIE"
+
+%install
+
+%make_install
+rm -f $RPM_BUILD_ROOT%{_libdir}/%{name}/*.{a,la,so}
+
+%post
+for pp in /usr/share/selinux/packages/swtpm.pp \
+          /usr/share/selinux/packages/swtpm_svirt.pp; do
+  %selinux_modules_install -s %{selinuxtype} ${pp}
+done
+restorecon %{_bindir}/swtpm
+
+%postun
+if [ $1 -eq  0 ]; then
+  for p in swtpm swtpm_svirt; do
+    %selinux_modules_uninstall -s %{selinuxtype} $p
+  done
+fi
+
+%posttrans
+%selinux_relabel_post -s %{selinuxtype}
+
+%ldconfig_post libs
+%ldconfig_postun libs
+
+%files
+%license LICENSE
+%doc README
+%{_bindir}/swtpm
+%{_mandir}/man8/swtpm.8*
+%{_datadir}/selinux/packages/swtpm.pp
+%{_datadir}/selinux/packages/swtpm_svirt.pp
+
+%files libs
+%license LICENSE
+%doc README
+
+%dir %{_libdir}/%{name}
+%{_libdir}/%{name}/libswtpm_libtpms.so.0
+%{_libdir}/%{name}/libswtpm_libtpms.so.0.0.0
+
+%files devel
+%dir %{_includedir}/%{name}
+%{_includedir}/%{name}/*.h
+%{_mandir}/man3/swtpm_ioctls.3*
+
+%files tools
+%doc README
+%{_bindir}/swtpm_bios
+%if %{with gnutls}
+%{_bindir}/swtpm_cert
+%endif
+%{_bindir}/swtpm_setup
+%{_bindir}/swtpm_ioctl
+%{_mandir}/man8/swtpm_bios.8*
+%{_mandir}/man8/swtpm_cert.8*
+%{_mandir}/man8/swtpm_ioctl.8*
+%{_mandir}/man8/swtpm-localca.conf.8*
+%{_mandir}/man8/swtpm-localca.options.8*
+%{_mandir}/man8/swtpm-localca.8*
+%{_mandir}/man8/swtpm_setup.8*
+%{_mandir}/man8/swtpm_setup.conf.8*
+%{_mandir}/man8/swtpm_setup.sh.8*
+%config(noreplace) %{_sysconfdir}/swtpm_setup.conf
+%config(noreplace) %{_sysconfdir}/swtpm-localca.options
+%config(noreplace) %{_sysconfdir}/swtpm-localca.conf
+%dir %{_datadir}/swtpm
+%{_datadir}/swtpm/swtpm-localca
+%{_datadir}/swtpm/swtpm-create-user-config-files
+%attr( 750, tss, root) %{_localstatedir}/lib/swtpm-localca
+
+%files tools-pkcs11
+%{_mandir}/man8/swtpm-create-tpmca.8*
+%{_datadir}/swtpm/swtpm-create-tpmca
+
+%changelog
+* Thu Sep 16 2021 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.6.0-2.20210607gitea627b3
+- rebuilt with missing CFLAGS fix.
+
+* Mon Jun 28 2021 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.6.0-1.20210607gitea627b3
+- Update to 0.6.0.
+  Resolves: rhbz#1972783
+
+* Tue Dec  1 20:40:07 +04 2020 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.4.2-1.20201201git2df14e3
+- Update to 0.4.2, to address potential symlink vulnerabilities (CVE-2020-28407).
+  Resolves: rhbz#1906043
+
+* Thu Sep 24 2020 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.4.0-3.20200828git0c238a2
+- swtpm_setup: Add missing .config path when using ${HOME}. Resolves: rhbz#1881418
+
+* Thu Sep 17 2020 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.4.0-2.20200828git0c238a2
+- Backport fixes from 0.4.0 stable branch. Resolves: rhbz#1868375
+  (fixes usage of swtpm-localca with passwords when signing keys)
+
+* Sat Sep 12 2020 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.4.0-1.20200828git0c238a2
+- Update to v0.4.0. Resolves: rhbz#1868375
+
+* Thu May 28 2020 Marc-André Lureau <marcandre.lureau@gmail.com> - 0.3.0-1.20200218git74ae43b
+- Update to v0.3.0. Fixes rhbz#1809778
+- exclude i686 build
+
+* Mon Jan 27 2020 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.2.0-2.20200127gitff5a83b
+- Update to latest 0.2-stable branch, fix random test failure. rhbz#1782451
+
+* Fri Oct 18 2019 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.2.0-1.20191018git9227cf4
+- rebuilt
+
+* Tue Aug 13 2019 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.1.0-1.20190425gitca85606.1
+- Fix SELinux labels on /usr/bin/swtpm installation rhbz#1739994
+
+* Thu Apr 25 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20190425gitca85606
+- pick up bug fixes
+
+* Mon Feb 04 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20190204git2c25d13.1
+- v0.1.0 release of swtpm
+
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.0-0.20181212git8b9484a.1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Wed Dec 12 2018 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20181212git8b9484a
+- Follow improvements in swtpm repo primarily related to fixes for 'ubsan'
+
+* Tue Nov 06 2018 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20181106git05d8160
+- Follow improvements in swtpm repo
+- Remove ownership change of swtpm_setup.sh; have root own the file as required
+
+* Wed Oct 31 2018 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20181031gitc782a85
+- Follow improvements and fixes in swtpm
+
+* Tue Oct 02 2018 Stefan Berger <stefanb@linux.vnet.ibm.com> - 0.1.0-0.20181002git0143c41
+- Fixes to SELinux policy
+- Improvements on various other parts
+* Tue Sep 25 2018 Stefan Berger <stefanb@linux.vnet.ibm.com> - 0.1.0-0.20180924gitce13edf
+- Initial Fedora build
+* Mon Sep 17 2018 Stefan Berger <stefanb@linux.vnet.ibm.com> - 0.1.0-0.20180918git67d7ea3
+- Created initial version of rpm spec files
+- Version is now 0.1.0
+- Bugzilla for this spec: https://bugzilla.redhat.com/show_bug.cgi?id=1611829