Accepting request 1075018 from security

OBS-URL: https://build.opensuse.org/request/show/1075018 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/parsec?expand=0&rev=19
2023-03-28 15:52:09 +00:00 · 2023-03-28 15:52:09 +00:00 · 2d839b1db8
commit 2d839b1db8
parent a4f14ca210 e657aa794a
7 changed files with 27 additions and 58 deletions
--- a/664.patch
+++ b/664.patch
@ -1,45 +0,0 @@
 From 63a11e5f1f4d700230293cc736c6532ff032a49d Mon Sep 17 00:00:00 2001
 From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
 Date: Thu, 2 Mar 2023 09:24:14 +0000
 Subject: [PATCH] Update tss-esapi version
 The tmp2-tss version on meta-security has been updated to 4.0.1
 from 3.2.0. This is not compatible with the current tss-esapi crate.
 The newer version 7.2.0 of the crate is now available which
 resolves the issue.
 Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
 GuillaumeG: Drop Cargo.lock part since osc service already update it
 ---
 Cargo.lock           | 8 ++++----
 Cargo.toml           | 2 +-
 e2e_tests/Cargo.toml | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)
 diff --git a/Cargo.toml b/Cargo.toml
 index b6327dc8..87cc1a10 100644
 --- a/Cargo.toml
 +++ b/Cargo.toml
@@ -29,7 +29,7 @@ log = { version = "0.4.14", features = ["serde"] }
 cryptoki = { version = "0.3.0", optional = true, features = ["psa-crypto-conversions"] }
 picky-asn1-der = { version = "0.2.4", optional = true }
 picky-asn1 = { version = "0.3.0", optional = true }
 -tss-esapi = { version = "7.1.0", optional = true }
 +tss-esapi = { version = "7.2.0", optional = true }
 bincode = "1.3.1"
 structopt = "0.3.21"
 derivative = "2.2.0"
 diff --git a/e2e_tests/Cargo.toml b/e2e_tests/Cargo.toml
 index 3302ce38..b895e84b 100644
 --- a/e2e_tests/Cargo.toml
 +++ b/e2e_tests/Cargo.toml
@@ -17,7 +17,7 @@ log = "0.4.14"
 rand = "0.7.3"
 env_logger = "0.8.3"
 stdext = "0.3.1"
 -tss-esapi = { version = "7.1.0", optional = true }
 +tss-esapi = { version = "7.2.0", optional = true }
 [dev-dependencies]
 ring = "0.16.20"
--- a/4
+++ b/4
@ -1,10 +1,10 @@
 <services>
  <service name="cargo_vendor" mode="disabled">
    <param name="compression">xz</param>
-    <param name="srcdir">parsec-1.1.0</param>
+    <param name="srcdir">parsec-1.2.0-rc1</param>
    <param name="update">true</param>
  </service>
  <service name="cargo_audit" mode="disabled">
-     <param name="srcdir">parsec-1.1.0</param>
+     <param name="srcdir">parsec-1.2.0-rc1</param>
  </service>
 </services>
--- a/parsec-1.1.0.tar.gz
+++ b/parsec-1.1.0.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:198ac34379ea2676696566d625ac807cfc9be7d44bdc0f68790470ffabe83693
 size 918574
--- a/parsec-1.2.0-rc1.tar.gz
+++ b/parsec-1.2.0-rc1.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:a2de11c8cfd40b884f699f67be1dcabc1976a529885fc9837d9b059ef0785c8a
 size 922759
--- a/parsec.changes
+++ b/parsec.changes
@ -1,3 +1,16 @@
 -------------------------------------------------------------------
 Mon Mar 27 09:55:24 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
 - Disable jwt-svid-authenticator (SPIFFE) until fixed upstream
  with gcc13 - https://github.com/parallaxsecond/parsec/issues/672
 -------------------------------------------------------------------
 Thu Mar 23 09:01:01 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
 - Update to 1.2.0-rc1
 - Drop upstream patch:
  * 664.patch
 -------------------------------------------------------------------
 Wed Mar 15 07:27:47 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
--- a/parsec.spec
+++ b/parsec.spec
@ -17,11 +17,11 @@
 %global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
-%define archive_version 1.1.0
+%define archive_version 1.2.0-rc1
 %{?systemd_ordering}
 Name:           parsec
-Version:        1.1.0
+Version:        1.2.0~rc1
 Release:        0
 Summary:        Platform AbstRaction for SECurity
 License:        Apache-2.0
@ -34,8 +34,6 @@ Source4:        config.toml
 Source5:        parsec.conf
 Source6:        system-user-parsec.conf
 Source10:       https://git.trustedfirmware.org/TS/trusted-services.git/snapshot/trusted-services-389b506.tar.gz
 # PATCH-FIX-UPSTREAM - https://github.com/parallaxsecond/parsec/pull/664
 Patch1:         664.patch
 BuildRequires:  cargo
 BuildRequires:  clang-devel
 BuildRequires:  cmake
@ -71,16 +69,19 @@ enabling cloud-native delivery flows within the data center and at the edge.
 %prep
 %setup -q -a1 -a10 -n parsec-%{archive_version}
 %patch1 -p1
 rmdir trusted-services-vendor
 mv trusted-services-389b506 trusted-services-vendor
 rm -rf .cargo && mkdir .cargo
 cp %{SOURCE2} .cargo/config
 # Enable all providers
 sed -i -e 's#default = \["unix-peer-credentials-authenticator"\]##' Cargo.toml
-# Features available in 1.0.0:
+# Features available in 1.2.0-rc1:
 # all-providers = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "trusted-service-provider"]
 # all-authenticators = ["direct-authenticator", "unix-peer-credentials-authenticator", "jwt-svid-authenticator"]
 %if 0%{?suse_version} > 1550
 # But disable "jwt-svid-authenticator"/SPIFFE with gcc13 until build fixed upstream - https://github.com/parallaxsecond/parsec/issues/672
 sed -i -e 's#all-authenticators = \["direct-authenticator", "unix-peer-credentials-authenticator", "jwt-svid-authenticator"\]#all-authenticators = \["direct-authenticator", "unix-peer-credentials-authenticator"\]#' Cargo.toml
 %endif
 # But disable "trusted-service-provider" until we have a trusted-services package
 echo 'default = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "all-authenticators"]' >> Cargo.toml
--- a/vendor.tar.xz
+++ b/vendor.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:65a690914e0071eb0244df867f94d049b839c80817d6aa2dd32b06dc2c84fa02
+oid sha256:45181c399ab43b49d54e5304327dbcfbfa8c3607dfa5ce77fd675fe0ef2122e1
-size 46665220
+size 47082872