From 9d42f61d36757b50d5e8be4e208247ed7a3e43c1 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Tue, 19 Jan 2021 10:58:32 +0100 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/swtpm.git#cab809cc0cb3be1880aa8ae4849d59613d293349 --- .gitignore | 21 +++++ README.md | 3 + sources | 1 + swtpm.spec | 273 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 298 insertions(+) create mode 100644 README.md create mode 100644 sources create mode 100644 swtpm.spec diff --git a/.gitignore b/.gitignore index e69de29..7735291 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1,21 @@ +/swtpm.spec +/swtpm-ce13edf.tar.gz +/swtpm-0143c41.tar.gz +/swtpm-c782a85.tar.gz +/swtpm-05d8160.tar.gz +/swtpm-8b9484a.tar.gz +/swtpm-2c25d13.tar.gz +/swtpm-ca85606.tar.gz +/swtpm-374b669.tar.gz +/swtpm-f0b4137.tar.gz +/swtpm-13536aa.tar.gz +/swtpm-9227cf4.tar.gz +/swtpm-8dae4b3.tar.gz +/swtpm-0.3.0.tar.gz +/swtpm-74ae43b.tar.gz +/swtpm-80f0418.tar.gz +/swtpm-0c238a2.tar.gz +/swtpm-b931e10.tar.gz +/swtpm-390f5bd.tar.gz +/swtpm-96f5a04.tar.gz +/swtpm-e59c0c1.tar.gz diff --git a/README.md b/README.md new file mode 100644 index 0000000..b023f31 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# swtpm + +The swtpm package \ No newline at end of file diff --git a/sources b/sources new file mode 100644 index 0000000..1bcd186 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (swtpm-e59c0c1.tar.gz) = ba89301c266c6727ff3ca67c1761b67dce052f79d45d9120077812bef42147ad12ad6ac5632bc84404fc21bc53b26b295dd48ce81acaf075ac8a9a094a07483a diff --git a/swtpm.spec b/swtpm.spec new file mode 100644 index 0000000..2ca34f9 --- /dev/null +++ b/swtpm.spec @@ -0,0 +1,273 @@ +%bcond_without gnutls + +%global gitdate 20201226 +%global gitcommit e59c0c1a7b4c8d652dbb280fd6126895a7057464 +%global gitshortcommit %(c=%{gitcommit}; echo ${c:0:7}) + +# Macros needed by SELinux +%global selinuxtype targeted +%global moduletype contrib +%global modulename swtpm + +Summary: TPM Emulator +Name: swtpm +Version: 0.5.2 +Release: 1.%{gitdate}git%{gitshortcommit}%{?dist} +License: BSD +Url: http://github.com/stefanberger/swtpm +Source0: %{url}/archive/%{gitcommit}/%{name}-%{gitshortcommit}.tar.gz + +BuildRequires: git-core +BuildRequires: automake +BuildRequires: autoconf +BuildRequires: libtool +BuildRequires: libtpms-devel >= 0.6.0 +BuildRequires: expect +BuildRequires: net-tools +BuildRequires: openssl-devel +BuildRequires: socat +BuildRequires: python3 +BuildRequires: python3-devel +BuildRequires: python3-cryptography +BuildRequires: python3-pip +BuildRequires: python3-setuptools +BuildRequires: python3-twisted +BuildRequires: trousers >= 0.3.9 +BuildRequires: softhsm +%if %{with gnutls} +BuildRequires: gnutls >= 3.1.0 +BuildRequires: gnutls-devel +BuildRequires: gnutls-utils +BuildRequires: libtasn1-devel +BuildRequires: libtasn1 +%endif +BuildRequires: selinux-policy-devel +BuildRequires: gcc +BuildRequires: libseccomp-devel +BuildRequires: tpm2-pkcs11 tpm2-pkcs11-tools tpm2-tools tpm2-abrmd + +Requires: %{name}-libs = %{version}-%{release} +Requires: libtpms >= 0.6.0 +%{?selinux_requires} + +%description +TPM emulator built on libtpms providing TPM functionality for QEMU VMs + +%package libs +Summary: Private libraries for swtpm TPM emulators +License: BSD + +%description libs +A private library with callback functions for libtpms based swtpm TPM emulator + +%package devel +Summary: Include files for the TPM emulator's CUSE interface for usage by clients +License: BSD +Requires: %{name}-libs%{?_isa} = %{version}-%{release} + +%description devel +Include files for the TPM emulator's CUSE interface. + +%package tools +Summary: Tools for the TPM emulator +License: BSD +Requires: swtpm = %{version}-%{release} +# trousers: for tss account +Requires: trousers >= 0.3.9 bash gnutls-utils python3 python3-cryptography + +%description tools +Tools for the TPM emulator from the swtpm package + +%package tools-pkcs11 +Summary: Tools for creating a local CA based on a TPM pkcs11 device +License: BSD +Requires: swtpm-tools = %{version}-%{release} +Requires: tpm2-pkcs11 tpm2-pkcs11-tools tpm2-tools tpm2-abrmd +Requires: expect gnutls-utils trousers >= 0.3.9 + +%description tools-pkcs11 +Tools for creating a local CA based on a pkcs11 device + +%prep +%autosetup -S git -n %{name}-%{gitcommit} -p1 + +%build + +NOCONFIGURE=1 ./autogen.sh +%configure \ +%if %{with gnutls} + --with-gnutls \ +%endif + --without-cuse + +%make_build + +%check +make %{?_smp_mflags} check VERBOSE=1 + +%install + +%make_install +rm -f $RPM_BUILD_ROOT%{_libdir}/%{name}/*.{a,la,so} + +%post +for pp in /usr/share/selinux/packages/swtpm.pp \ + /usr/share/selinux/packages/swtpm_svirt.pp; do + %selinux_modules_install -s %{selinuxtype} ${pp} +done +restorecon %{_bindir}/swtpm + +%postun +if [ $1 -eq 0 ]; then + for p in swtpm swtpm_svirt; do + %selinux_modules_uninstall -s %{selinuxtype} $p + done +fi + +%posttrans +%selinux_relabel_post -s %{selinuxtype} + +%ldconfig_post libs +%ldconfig_postun libs + +%files +%license LICENSE +%doc README +%{_bindir}/swtpm +%{_mandir}/man8/swtpm.8* +%{_datadir}/selinux/packages/swtpm.pp +%{_datadir}/selinux/packages/swtpm_svirt.pp + +%files libs +%license LICENSE +%doc README + +%dir %{_libdir}/%{name} +%{_libdir}/%{name}/libswtpm_libtpms.so.0 +%{_libdir}/%{name}/libswtpm_libtpms.so.0.0.0 + +%files devel +%dir %{_includedir}/%{name} +%{_includedir}/%{name}/*.h +%{_mandir}/man3/swtpm_ioctls.3* + +%files tools +%doc README +%{_bindir}/swtpm_bios +%if %{with gnutls} +%{_bindir}/swtpm_cert +%endif +%{_bindir}/swtpm_setup +%{_bindir}/swtpm_ioctl +%{_mandir}/man8/swtpm_bios.8* +%{_mandir}/man8/swtpm_cert.8* +%{_mandir}/man8/swtpm_ioctl.8* +%{_mandir}/man8/swtpm-localca.conf.8* +%{_mandir}/man8/swtpm-localca.options.8* +%{_mandir}/man8/swtpm-localca.8* +%{_mandir}/man8/swtpm_setup.8* +%{_mandir}/man8/swtpm_setup.conf.8* +%{_mandir}/man8/swtpm_setup.sh.8* +%config(noreplace) %{_sysconfdir}/swtpm_setup.conf +%config(noreplace) %{_sysconfdir}/swtpm-localca.options +%config(noreplace) %{_sysconfdir}/swtpm-localca.conf +%dir %{_datadir}/swtpm +%{_datadir}/swtpm/swtpm-localca +%{_datadir}/swtpm/swtpm-create-user-config-files +%{python3_sitelib}/py_swtpm_setup/* +%{python3_sitelib}/swtpm_setup-*/* +%{python3_sitelib}/py_swtpm_localca/* +%{python3_sitelib}/swtpm_localca-*/* +%attr( 750, tss, root) %{_localstatedir}/lib/swtpm-localca + +%files tools-pkcs11 +%{_mandir}/man8/swtpm-create-tpmca.8* +%{_datadir}/swtpm/swtpm-create-tpmca + +%changelog +* Sat Dec 26 2020 Stefan Berger - 0.5.2-1.20201226gite59c0c1a +- Bugfixes for stable release + +* Mon Dec 07 2020 Jeff Law - 0.5.1-3.20201117git96f5a04c +- Avoid diagnostic from gcc-11 + +* Fri Nov 13 2020 Stefan Berger - 0.5.1-2.20201117git96f5a04c +- Another build of v0.5.1 after more fixes + +* Fri Nov 13 2020 Stefan Berger - 0.5.1-1.20201007git390f5bd4 +- Update to v0.5.1 addressing potential symlink attack issue (CVE-2020-28407) + +* Wed Oct 7 2020 Stefan Berger - 0.5.0-1.20201007gitb931e109 +- Update to v0.5.0 release + +* Fri Aug 28 2020 Stefan Berger - 0.4.0-1.20200828git0c238a2 +- Update to v0.4.0 release + +* Thu Aug 27 2020 Stefan Berger - 0.3.4-2.20200711git80f0418 +- Disable pkcs11 related test case running into GnuTLS locking bug + +* Tue Aug 11 2020 Stefan Berger - 0.3.4-1.20200711git80f0418 +- Update to v0.3.4 release + +* Sat Aug 01 2020 Fedora Release Engineering - 0.3.0-3.20200218git74ae43b +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 0.3.0-2.20200218git74ae43b +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Feb 24 2020 Marc-André Lureau - 0.3.0-1.20200218git74ae43b +- Update to v0.3.0 release + +* Fri Jan 31 2020 Fedora Release Engineering - 0.2.0-7.20191115git8dae4b3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Nov 15 2019 Stefan Berger - 0.2.0-6.20191018git8dae4b3 +- follow stable-0.2.0 branch with fix of GnuTLS API call to get subject key ID + +* Fri Oct 18 2019 Stefan Berger - 0.2.0-5.20191018git9227cf4 +- follow stable-0.2.0 branch with swtpm_cert OID bugfix for TPM 2 + +* Tue Aug 13 2019 Stefan Berger - 0.2.0-4.20190801git13536aa +- run 'restorecon' on swtpm in post to get SELinux label on first install + +* Thu Aug 01 2019 Stefan Berger - 0.2.0-3.20190801git13536aa +- follow stable-0.2.0 branch with some bug fixes + +* Sat Jul 27 2019 Fedora Release Engineering - 0.2.0-2.20190723gitf0b4137 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Tue Jul 23 2019 Stefan Berger - 0.2.0-1.20190723gitf0b4137 +- follow stable-0.2.0 branch with some bug fixes + +* Tue Jul 16 2019 Stefan Berger - 0.2.0-0.20190716git374b669 +- (tentative) v0.2.0 release of swtpm + +* Thu Apr 25 2019 Stefan Berger - 0.1.0-0.20190425gitca85606 +- pick up bug fixes + +* Mon Feb 04 2019 Stefan Berger - 0.1.0-0.20190204git2c25d13.1 +- v0.1.0 release of swtpm + +* Sun Feb 03 2019 Fedora Release Engineering - 0.1.0-0.20181212git8b9484a.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Wed Dec 12 2018 Stefan Berger - 0.1.0-0.20181212git8b9484a +- Follow improvements in swtpm repo primarily related to fixes for 'ubsan' + +* Tue Nov 06 2018 Stefan Berger - 0.1.0-0.20181106git05d8160 +- Follow improvements in swtpm repo +- Remove ownership change of swtpm_setup.sh; have root own the file as required + +* Wed Oct 31 2018 Stefan Berger - 0.1.0-0.20181031gitc782a85 +- Follow improvements and fixes in swtpm + +* Tue Oct 02 2018 Stefan Berger - 0.1.0-0.20181002git0143c41 +- Fixes to SELinux policy +- Improvements on various other parts +* Tue Sep 25 2018 Stefan Berger - 0.1.0-0.20180924gitce13edf +- Initial Fedora build +* Mon Sep 17 2018 Stefan Berger - 0.1.0-0.20180918git67d7ea3 +- Created initial version of rpm spec files +- Version is now 0.1.0 +- Bugzilla for this spec: https://bugzilla.redhat.com/show_bug.cgi?id=1611829