From 1984619ff9e9e681e11f2003d102151f207a6ade460866a8819507dbffc5eb32 Mon Sep 17 00:00:00 2001 From: Alberto Planas Dominguez Date: Wed, 10 Aug 2022 15:04:54 +0000 Subject: [PATCH 1/2] Accepting request 994355 from home:aplanas:branches:security - Update to version 0.1.0+git.1659977521.0186093: * Fix display of mb measurement file path * Add more helpful error when config file is not found * Fix small comment about implementing TPM ownership * main: die when cannot drop privileges * keylime.conf: add run_as section * Use Rust agent-specific config in Makefile * Fix typo in listen_notifications option in keylime.conf * tpm: Support pre-existing EK * Set swtpm context which is later used for test filtering * Add GitLeaks configuration to ignore RSA key used for testing * Handle whitespace in keylime.conf - Rename keylime.conf to keylime-agent.conf - Drop 0001-main-die-when-cannot-drop-privileges.patch, as is already merged upstream - Add bindgen.patch to add more architectures OBS-URL: https://build.opensuse.org/request/show/994355 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=23 --- ...main-die-when-cannot-drop-privileges.patch | 39 - _servicedata | 2 +- bindgen.patch | 1215 +++++++++++++++++ keylime-agent.conf.diff | 34 + keylime.conf.diff | 56 - ...eylime-0.1.0+git.1657303637.5b9072a.tar.xz | 3 - ...eylime-0.1.0+git.1659977521.0186093.tar.xz | 3 + rust-keylime.changes | 20 + rust-keylime.spec | 17 +- vendor.tar.xz | 4 +- 10 files changed, 1284 insertions(+), 109 deletions(-) delete mode 100644 0001-main-die-when-cannot-drop-privileges.patch create mode 100644 bindgen.patch create mode 100644 keylime-agent.conf.diff delete mode 100644 keylime.conf.diff delete mode 100644 rust-keylime-0.1.0+git.1657303637.5b9072a.tar.xz create mode 100644 rust-keylime-0.1.0+git.1659977521.0186093.tar.xz diff --git a/0001-main-die-when-cannot-drop-privileges.patch b/0001-main-die-when-cannot-drop-privileges.patch deleted file mode 100644 index 0a1688f..0000000 --- a/0001-main-die-when-cannot-drop-privileges.patch +++ /dev/null @@ -1,39 +0,0 @@ -From e34692c33914f7c9598c1bc9030bf94ef525d5eb Mon Sep 17 00:00:00 2001 -From: Alberto Planas -Date: Tue, 12 Jul 2022 14:09:24 +0200 -Subject: [PATCH 2/2] main: die when cannot drop privileges - -If `run_as` parameter is set but the user is missing in the system, -keylime will log an ERROR when trying to drop privileges, but continue -the execution as the current user (usually `root`). This can be a -security issue, as the agent is running "silently" as a privileged user. - -This commit stop the execution if an error is found when dropping -privileges for the agent service, and present an `info!` message with -the current user and group. - -Signed-off-by: Alberto Planas ---- - src/main.rs | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/main.rs b/src/main.rs -index ef29eb2..d646d09 100644 ---- a/src/main.rs -+++ b/src/main.rs -@@ -407,8 +407,10 @@ async fn main() -> Result<()> { - - // Drop privileges - if let Some(user_group) = &config.run_as { -- permissions::chown(user_group, &mount); -- permissions::run_as(user_group); -+ permissions::chown(user_group, &mount) -+ .expect("Error when changing directory ownership"); -+ permissions::run_as(user_group).expect("Error dropping privileges"); -+ info!("Running the service as {}...", user_group); - } - - info!("Starting server with API version {}...", API_VERSION); --- -2.37.0 - diff --git a/_servicedata b/_servicedata index 273470a..84a35c0 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/keylime/rust-keylime.git - 5b9072abae219bda0e9a95498b5aef4af5db1bda \ No newline at end of file + 01860934f7308bc5ea1e68c8d858aea056620ce8 \ No newline at end of file diff --git a/bindgen.patch b/bindgen.patch new file mode 100644 index 0000000..0faff81 --- /dev/null +++ b/bindgen.patch @@ -0,0 +1,1215 @@ +Index: rk/Cargo.lock +=================================================================== +--- rk.orig/Cargo.lock ++++ rk/Cargo.lock +@@ -21,9 +21,9 @@ dependencies = [ + + [[package]] + name = "actix-http" +-version = "3.0.4" ++version = "3.2.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "a5885cb81a0d4d0d322864bea1bb6c2a8144626b4fdc625d4c51eba197e7797a" ++checksum = "6f9ffb6db08c1c3a1f4aef540f1a63193adc73c4fbd40b75a95fc8c5258f6e51" + dependencies = [ + "actix-codec", + "actix-rt", +@@ -47,13 +47,13 @@ dependencies = [ + "itoa", + "language-tags", + "local-channel", +- "log", + "mime", + "percent-encoding", + "pin-project-lite", + "rand 0.8.5", +- "sha-1", ++ "sha1", + "smallvec", ++ "tracing", + "zstd", + ] + +@@ -151,9 +151,9 @@ dependencies = [ + + [[package]] + name = "actix-web" +-version = "4.0.1" ++version = "4.1.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "f4e5ebffd51d50df56a3ae0de0e59487340ca456f05dd0b90c0a7a6dd6a74d31" ++checksum = "a27e8fe9ba4ae613c21f677c2cfaf0696c3744030c6f485b34634e502d6bb379" + dependencies = [ + "actix-codec", + "actix-http", +@@ -192,9 +192,9 @@ dependencies = [ + + [[package]] + name = "actix-web-codegen" +-version = "4.0.0" ++version = "4.0.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "7525bedf54704abb1d469e88d7e7e9226df73778798a69cea5022d53b2ae91bc" ++checksum = "5f270541caec49c15673b0af0e9a00143421ad4f118d2df7edcb68b627632f56" + dependencies = [ + "actix-router", + "proc-macro2", +@@ -220,7 +220,7 @@ version = "0.7.6" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "fcb51a0695d8f838b1ee009b3fbf66bda078cd64590202a864a8f3e8c4315c47" + dependencies = [ +- "getrandom 0.2.6", ++ "getrandom 0.2.7", + "once_cell", + "version_check", + ] +@@ -250,16 +250,25 @@ dependencies = [ + ] + + [[package]] ++name = "ansi_term" ++version = "0.12.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2" ++dependencies = [ ++ "winapi", ++] ++ ++[[package]] + name = "anyhow" +-version = "1.0.57" ++version = "1.0.60" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc" ++checksum = "c794e162a5eff65c72ef524dfe393eb923c354e350bb78b9c7383df13f3bc142" + + [[package]] + name = "assert-json-diff" +-version = "2.0.1" ++version = "2.0.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "50f1c3703dd33532d7f0ca049168930e9099ecac238e23cf932f3a69c42f06da" ++checksum = "47e4f2b81832e72834d7518d8487a0396a28cc408186a2e8854c0f98011faf12" + dependencies = [ + "serde", + "serde_json", +@@ -267,9 +276,9 @@ dependencies = [ + + [[package]] + name = "async-channel" +-version = "1.6.1" ++version = "1.7.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "2114d64672151c0c5eaa5e131ec84a74f06e1e559830dabba01ca30605d66319" ++checksum = "4b31b87a3367ed04dbcbc252bce3f2a8172fef861d47177524c503c908dff2c6" + dependencies = [ + "concurrent-queue", + "event-listener", +@@ -278,9 +287,9 @@ dependencies = [ + + [[package]] + name = "async-trait" +-version = "0.1.56" ++version = "0.1.57" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "96cf8829f67d2eab0b2dfa42c5d0ef737e0724e4a82b01b3e292456202b19716" ++checksum = "76464446b8bc32758d7e88ee1a804d9914cd9b1cb264c029899680b0be29826f" + dependencies = [ + "proc-macro2", + "quote", +@@ -311,6 +320,29 @@ source = "registry+https://github.com/ru + checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" + + [[package]] ++name = "bindgen" ++version = "0.59.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "2bd2a9a458e8f4304c52c43ebb0cfbd520289f8379a52e329a38afda99bf8eb8" ++dependencies = [ ++ "bitflags", ++ "cexpr", ++ "clang-sys", ++ "clap 2.34.0", ++ "env_logger 0.9.0", ++ "lazy_static", ++ "lazycell", ++ "log", ++ "peeking_take_while", ++ "proc-macro2", ++ "quote", ++ "regex", ++ "rustc-hash", ++ "shlex", ++ "which", ++] ++ ++[[package]] + name = "bitfield" + version = "0.13.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -360,15 +392,15 @@ checksum = "37ccbd214614c6783386c1af30ca + + [[package]] + name = "bytes" +-version = "1.1.0" ++version = "1.2.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" ++checksum = "ec8a7b6a70fde80372154c65702f00a0f56f3e1c36abbc6c440484be248856db" + + [[package]] + name = "bytestring" +-version = "1.0.0" ++version = "1.1.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "90706ba19e97b90786e19dc0d5e2abd80008d99d4c0c5d1ad0b5e72cec7c494d" ++checksum = "86b6a75fd3048808ef06af5cd79712be8111960adaf89d90250974b38fc3928a" + dependencies = [ + "bytes", + ] +@@ -389,12 +421,47 @@ dependencies = [ + ] + + [[package]] ++name = "cexpr" ++version = "0.6.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" ++dependencies = [ ++ "nom", ++] ++ ++[[package]] + name = "cfg-if" + version = "1.0.0" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + + [[package]] ++name = "clang-sys" ++version = "1.3.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "5a050e2153c5be08febd6734e29298e844fdb0fa21aeddd63b4eb7baa106c69b" ++dependencies = [ ++ "glob", ++ "libc", ++ "libloading", ++] ++ ++[[package]] ++name = "clap" ++version = "2.34.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" ++dependencies = [ ++ "ansi_term", ++ "atty", ++ "bitflags", ++ "strsim 0.8.0", ++ "textwrap 0.11.0", ++ "unicode-width", ++ "vec_map", ++] ++ ++[[package]] + name = "clap" + version = "3.1.18" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -406,9 +473,9 @@ dependencies = [ + "clap_lex", + "indexmap", + "lazy_static", +- "strsim", ++ "strsim 0.10.0", + "termcolor", +- "textwrap", ++ "textwrap 0.15.0", + ] + + [[package]] +@@ -426,18 +493,18 @@ dependencies = [ + + [[package]] + name = "clap_lex" +-version = "0.2.0" ++version = "0.2.4" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "a37c35f1112dad5e6e0b1adaff798507497a18fceeb30cceb3bae7d1427b9213" ++checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" + dependencies = [ + "os_str_bytes", + ] + + [[package]] + name = "compress-tools" +-version = "0.12.2" ++version = "0.12.4" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "5a315608976a6f38f7dfa5cdd0b22f0fd059675a2963b1fe2dbce8bdd6b153f6" ++checksum = "ed2022acb201ed5fd3dca0a33a5a5d101305ce18239b97e7ddc1995e1caab77e" + dependencies = [ + "derive_more", + "libc", +@@ -447,9 +514,9 @@ dependencies = [ + + [[package]] + name = "concurrent-queue" +-version = "1.2.2" ++version = "1.2.4" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "30ed07550be01594c6026cff2a1d7fe9c8f683caa798e12b68694ac9e88286a3" ++checksum = "af4780a44ab5696ea9e28294517f1fffb421a83a25af521333c838635509db9c" + dependencies = [ + "cache-padded", + ] +@@ -507,9 +574,9 @@ dependencies = [ + + [[package]] + name = "crypto-common" +-version = "0.1.3" ++version = "0.1.6" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "57952ca27b5e3606ff4dd79b0020231aaf9d6aa76dc05fd30137538c50bd3ce8" ++checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" + dependencies = [ + "generic-array", + "typenum", +@@ -567,6 +634,12 @@ dependencies = [ + ] + + [[package]] ++name = "either" ++version = "1.7.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be" ++ ++[[package]] + name = "encoding_rs" + version = "0.8.31" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -602,7 +675,20 @@ source = "registry+https://github.com/ru + checksum = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36" + dependencies = [ + "atty", +- "humantime", ++ "humantime 1.3.0", ++ "log", ++ "regex", ++ "termcolor", ++] ++ ++[[package]] ++name = "env_logger" ++version = "0.9.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "0b2cf0344971ee6c64c31be0d530793fba457d322dfec2810c453d0ef228f9c3" ++dependencies = [ ++ "atty", ++ "humantime 2.1.0", + "log", + "regex", + "termcolor", +@@ -616,15 +702,15 @@ checksum = "d9435d864e017c3c6afeac165418 + + [[package]] + name = "event-listener" +-version = "2.5.2" ++version = "2.5.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "77f3309417938f28bf8228fcff79a4a37103981e3e186d2ccd19c74b38f4eb71" ++checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0" + + [[package]] + name = "fastrand" +-version = "1.7.0" ++version = "1.8.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "c3fcf0cee53519c866c09b5de1f6c56ff9d647101f81c1964fa632e148896cdf" ++checksum = "a7a407cfaa3385c4ae6b23e84623d48c2798d06e3e6a1878f7f59f17b3f86499" + dependencies = [ + "instant", + ] +@@ -788,9 +874,9 @@ dependencies = [ + + [[package]] + name = "generic-array" +-version = "0.14.5" ++version = "0.14.6" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "fd48d33ec7f05fbfa152300fdad764757cbded343c1aa1cff2fbaf4134851803" ++checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" + dependencies = [ + "typenum", + "version_check", +@@ -809,16 +895,22 @@ dependencies = [ + + [[package]] + name = "getrandom" +-version = "0.2.6" ++version = "0.2.7" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "9be70c98951c83b8d2f8f60d7065fa6d5146873094452a1008da8c2f1e4205ad" ++checksum = "4eb1a864a501629691edf6c15a593b7a51eebaa1e8468e9ddc623de7c9b58ec6" + dependencies = [ + "cfg-if", + "libc", +- "wasi 0.10.2+wasi-snapshot-preview1", ++ "wasi 0.11.0+wasi-snapshot-preview1", + ] + + [[package]] ++name = "glob" ++version = "0.3.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" ++ ++[[package]] + name = "h2" + version = "0.3.13" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -848,9 +940,9 @@ dependencies = [ + + [[package]] + name = "hashbrown" +-version = "0.11.2" ++version = "0.12.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "ab5ef0d4909ef3724cc8cce6ccc8572c5c817592e9285f5464f8e86f8bd3726e" ++checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + + [[package]] + name = "heck" +@@ -944,10 +1036,16 @@ dependencies = [ + ] + + [[package]] ++name = "humantime" ++version = "2.1.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" ++ ++[[package]] + name = "hyper" +-version = "0.14.19" ++version = "0.14.20" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "42dc3c131584288d375f2d07f822b0cb012d8c6fb899a5b9fdb3cb7eb9b6004f" ++checksum = "02c929dc5c39e335a03c405292728118860721b10190d98c2a0f0efd5baafbac" + dependencies = [ + "bytes", + "futures-channel", +@@ -993,12 +1091,12 @@ dependencies = [ + + [[package]] + name = "indexmap" +-version = "1.8.2" ++version = "1.9.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "e6012d540c5baa3589337a98ce73408de9b5a25ec9fc2c6fd6be8f0d39e0ca5a" ++checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" + dependencies = [ + "autocfg", +- "hashbrown 0.11.2", ++ "hashbrown 0.12.3", + ] + + [[package]] +@@ -1024,9 +1122,9 @@ checksum = "879d54834c8c76457ef4293a689b + + [[package]] + name = "itoa" +-version = "1.0.2" ++version = "1.0.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "112c678d4050afce233f4f2852bb2eb519230b3cf12f33585275537d7e41578d" ++checksum = "6c8af84674fe1f223a982c933a0ee1086ac4d4052aa0fb8060c12c6ad838e754" + + [[package]] + name = "jobserver" +@@ -1039,9 +1137,9 @@ dependencies = [ + + [[package]] + name = "js-sys" +-version = "0.3.57" ++version = "0.3.59" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "671a26f820db17c2a2750743f1dd03bafd15b98c9f30c7c2628c024c05d73397" ++checksum = "258451ab10b34f8af53416d1fdab72c22e805f0c92a1136d59470ec0b11138b2" + dependencies = [ + "wasm-bindgen", + ] +@@ -1054,7 +1152,7 @@ dependencies = [ + "actix-web", + "base64", + "cfg-if", +- "clap", ++ "clap 3.1.18", + "compress-tools", + "futures", + "hex", +@@ -1092,10 +1190,26 @@ source = "registry+https://github.com/ru + checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + + [[package]] ++name = "lazycell" ++version = "1.3.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" ++ ++[[package]] + name = "libc" +-version = "0.2.126" ++version = "0.2.129" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "64de3cc433455c14174d42e554d4027ee631c4d046d43e3ecc6efc4636cdc7a7" ++ ++[[package]] ++name = "libloading" ++version = "0.7.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836" ++checksum = "efbc0f03f9a775e9f6aed295c6a1ba2253c5757a9e03d55c6caa46a681abcddd" ++dependencies = [ ++ "cfg-if", ++ "winapi", ++] + + [[package]] + name = "local-channel" +@@ -1175,6 +1289,12 @@ source = "registry+https://github.com/ru + checksum = "2a60c7ce501c71e03a9c9c0d35b861413ae925bd979cc7a4e30d060069aaac8d" + + [[package]] ++name = "minimal-lexical" ++version = "0.2.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" ++ ++[[package]] + name = "miniz_oxide" + version = "0.5.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -1185,9 +1305,9 @@ dependencies = [ + + [[package]] + name = "mio" +-version = "0.8.3" ++version = "0.8.4" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "713d550d9b44d89174e066b7a6217ae06234c10cb47819a88290d2b353c31799" ++checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" + dependencies = [ + "libc", + "log", +@@ -1214,6 +1334,16 @@ dependencies = [ + ] + + [[package]] ++name = "nom" ++version = "7.1.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "a8903e5a29a317527874d0402f867152a3d21c908bb0b933e416c65e301d4c36" ++dependencies = [ ++ "memchr", ++ "minimal-lexical", ++] ++ ++[[package]] + name = "num-derive" + version = "0.3.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -1263,15 +1393,15 @@ dependencies = [ + + [[package]] + name = "once_cell" +-version = "1.12.0" ++version = "1.13.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "7709cef83f0c1f58f666e746a08b21e0085f7440fa6a29cc194d68aac97a4225" ++checksum = "18a6dbe30758c9f83eb00cbea4ac95966305f5a7772f3f42ebfc7fc7eddbd8e1" + + [[package]] + name = "openssl" +-version = "0.10.40" ++version = "0.10.41" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "fb81a6430ac911acb25fe5ac8f1d2af1b4ea8a4fdfda0f1ee4292af2e2d8eb0e" ++checksum = "618febf65336490dfcf20b73f885f5651a0c89c64c2d4a8c3662585a70bf5bd0" + dependencies = [ + "bitflags", + "cfg-if", +@@ -1301,9 +1431,9 @@ checksum = "ff011a302c396a5197692431fc19 + + [[package]] + name = "openssl-sys" +-version = "0.9.74" ++version = "0.9.75" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "835363342df5fba8354c5b453325b110ffd54044e588c539cf2f20a8014e4cb1" ++checksum = "e5f9bd0c2710541a3cda73d6f9ac4f1b240de4ae261065d309dbe73d9dceb42f" + dependencies = [ + "autocfg", + "cc", +@@ -1324,9 +1454,9 @@ dependencies = [ + + [[package]] + name = "os_str_bytes" +-version = "6.1.0" ++version = "6.2.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "21326818e99cfe6ce1e524c2a805c189a99b5ae555a35d19f9a284b427d86afa" ++checksum = "648001efe5d5c0102d8cea768e348da85d90af8ba91f0bea908f157951493cd4" + + [[package]] + name = "parking" +@@ -1359,9 +1489,15 @@ dependencies = [ + + [[package]] + name = "paste" +-version = "1.0.7" ++version = "1.0.8" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "9423e2b32f7a043629287a536f21951e8c6a82482d0acb1eeebfc90bc2225b22" ++ ++[[package]] ++name = "peeking_take_while" ++version = "0.1.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "0c520e05135d6e763148b6426a837e239041653ba7becd2e538c076c738025fc" ++checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" + + [[package]] + name = "percent-encoding" +@@ -1371,10 +1507,11 @@ checksum = "d4fd5641d01c8f18a23da7b6fe29 + + [[package]] + name = "pest" +-version = "2.1.3" ++version = "2.2.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "10f4872ae94d7b90ae48754df22fd42ad52ce740b8f370b03da4835417403e53" ++checksum = "69486e2b8c2d2aeb9762db7b4e00b0331156393555cff467f4163ff06821eef8" + dependencies = [ ++ "thiserror", + "ucd-trie", + ] + +@@ -1465,7 +1602,7 @@ version = "0.4.0" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "926d36b9553851b8b0005f1275891b392ee4d2d833852c417ed025477350fb9d" + dependencies = [ +- "env_logger", ++ "env_logger 0.7.1", + "log", + ] + +@@ -1495,9 +1632,9 @@ dependencies = [ + + [[package]] + name = "proc-macro2" +-version = "1.0.39" ++version = "1.0.43" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "c54b25569025b7fc9651de43004ae593a75ad88543b17178aa5e1b9c4f15f56f" ++checksum = "0a2ca2c61bc9f3d74d2886294ab7b9853abd9c1ad903a3ac7815c58989bb7bab" + dependencies = [ + "unicode-ident", + ] +@@ -1510,9 +1647,9 @@ checksum = "a1d01941d82fa2ab50be1e79e671 + + [[package]] + name = "quote" +-version = "1.0.18" ++version = "1.0.21" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "a1feb54ed693b93a84e14094943b84b7c4eae204c512b7ccb95ab0c66d278ad1" ++checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" + dependencies = [ + "proc-macro2", + ] +@@ -1576,7 +1713,7 @@ version = "0.6.3" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" + dependencies = [ +- "getrandom 0.2.6", ++ "getrandom 0.2.7", + ] + + [[package]] +@@ -1590,18 +1727,18 @@ dependencies = [ + + [[package]] + name = "redox_syscall" +-version = "0.2.13" ++version = "0.2.16" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "62f25bc4c7e55e0b0b7a1d43fb893f4fa1361d0abe38b9ce4f323c2adfe6ef42" ++checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" + dependencies = [ + "bitflags", + ] + + [[package]] + name = "regex" +-version = "1.5.6" ++version = "1.6.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "d83f127d94bdbcda4c8cc2e50f6f84f4b611f69c902699ca385a39c3a75f9ff1" ++checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b" + dependencies = [ + "aho-corasick", + "memchr", +@@ -1610,9 +1747,9 @@ dependencies = [ + + [[package]] + name = "regex-syntax" +-version = "0.6.26" ++version = "0.6.27" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "49b3de9ec5dc0a3417da371aab17d729997c15010e7fd24ff707773a33bddb64" ++checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244" + + [[package]] + name = "remove_dir_all" +@@ -1625,9 +1762,9 @@ dependencies = [ + + [[package]] + name = "reqwest" +-version = "0.11.10" ++version = "0.11.11" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "46a1f7aa4f35e5e8b4160449f51afc758f0ce6454315a9fa7d0d113e958c41eb" ++checksum = "b75aa69a3f06bbcc66ede33af2af253c6f7a86b1ca0033f60c580a27074fbf92" + dependencies = [ + "base64", + "bytes", +@@ -1652,6 +1789,7 @@ dependencies = [ + "serde_urlencoded", + "tokio", + "tokio-native-tls", ++ "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", +@@ -1676,6 +1814,12 @@ dependencies = [ + ] + + [[package]] ++name = "rustc-hash" ++version = "1.1.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" ++ ++[[package]] + name = "rustc_version" + version = "0.3.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -1690,14 +1834,14 @@ version = "0.4.0" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" + dependencies = [ +- "semver 1.0.9", ++ "semver 1.0.13", + ] + + [[package]] + name = "ryu" +-version = "1.0.10" ++version = "1.0.11" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "f3f6f92acf49d1b98f7a81226834412ada05458b7364277387724a237f062695" ++checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09" + + [[package]] + name = "schannel" +@@ -1749,9 +1893,9 @@ dependencies = [ + + [[package]] + name = "semver" +-version = "1.0.9" ++version = "1.0.13" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "8cb243bdfdb5936c8dc3c45762a19d12ab4550cdc753bc247637d4ec35a040fd" ++checksum = "93f6841e709003d68bb2deee8c343572bf446003ec20a583e76f7b15cebf3711" + + [[package]] + name = "semver-parser" +@@ -1764,27 +1908,27 @@ dependencies = [ + + [[package]] + name = "serde" +-version = "1.0.137" ++version = "1.0.143" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "61ea8d54c77f8315140a05f4c7237403bf38b72704d031543aa1d16abbf517d1" ++checksum = "53e8e5d5b70924f74ff5c6d64d9a5acd91422117c60f48c4e07855238a254553" + dependencies = [ + "serde_derive", + ] + + [[package]] + name = "serde_bytes" +-version = "0.11.6" ++version = "0.11.7" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "212e73464ebcde48d723aa02eb270ba62eff38a9b732df31f33f1b4e145f3a54" ++checksum = "cfc50e8183eeeb6178dcb167ae34a8051d63535023ae38b5d8d12beae193d37b" + dependencies = [ + "serde", + ] + + [[package]] + name = "serde_derive" +-version = "1.0.137" ++version = "1.0.143" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "1f26faba0c3959972377d3b2d306ee9f71faee9714294e41bb777f83f88578be" ++checksum = "d3d8e8de557aee63c26b85b947f5e59b690d0454c753f3adeb5cd7835ab88391" + dependencies = [ + "proc-macro2", + "quote", +@@ -1793,9 +1937,9 @@ dependencies = [ + + [[package]] + name = "serde_json" +-version = "1.0.81" ++version = "1.0.83" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "9b7ce2b32a1aed03c558dc61a5cd328f15aff2dbc17daad8fb8af04d2100e15c" ++checksum = "38dd04e3c8279e75b31ef29dbdceebfe5ad89f4d0937213c53f7d49d01b3d5a7" + dependencies = [ + "itoa", + "ryu", +@@ -1826,10 +1970,10 @@ dependencies = [ + ] + + [[package]] +-name = "sha-1" +-version = "0.10.0" ++name = "sha1" ++version = "0.10.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "028f48d513f9678cda28f6e4064755b3fbb2af6acd672f2c209b62323f7aea0f" ++checksum = "c77f4e7f65455545c2153c1253d25056825e77ee2533f0e41deb65a93a34852f" + dependencies = [ + "cfg-if", + "cpufeatures", +@@ -1837,6 +1981,12 @@ dependencies = [ + ] + + [[package]] ++name = "shlex" ++version = "1.1.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "43b2853a4d09f215c24cc5489c992ce46052d359b5109343cbafbf26bc62f8a3" ++ ++[[package]] + name = "signal-hook-registry" + version = "1.4.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -1847,15 +1997,18 @@ dependencies = [ + + [[package]] + name = "slab" +-version = "0.4.6" ++version = "0.4.7" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "eb703cfe953bccee95685111adeedb76fabe4e97549a58d16f03ea7b9367bb32" ++checksum = "4614a76b2a8be0058caa9dbbaf66d988527d86d003c11a94fbd335d7661edcef" ++dependencies = [ ++ "autocfg", ++] + + [[package]] + name = "smallvec" +-version = "1.8.0" ++version = "1.9.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "f2dd574626839106c320a323308629dcb1acfc96e32a8cba364ddc61ac23ee83" ++checksum = "2fd0db749597d91ff862fd1d55ea87f7855a744a8425a64695b6fca237d1dad1" + + [[package]] + name = "socket2" +@@ -1881,15 +2034,21 @@ checksum = "a2eb9349b6444b326872e140eb1c + + [[package]] + name = "strsim" ++version = "0.8.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" ++ ++[[package]] ++name = "strsim" + version = "0.10.0" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + + [[package]] + name = "syn" +-version = "1.0.96" ++version = "1.0.99" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "0748dd251e24453cb8717f0354206b91557e4ec8703673a4b30208f2abaf1ebf" ++checksum = "58dbef6ec655055e20b86b15a8cc6d439cca19b667537ac6a1369572d151ab13" + dependencies = [ + "proc-macro2", + "quote", +@@ -1939,24 +2098,33 @@ dependencies = [ + + [[package]] + name = "textwrap" ++version = "0.11.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" ++dependencies = [ ++ "unicode-width", ++] ++ ++[[package]] ++name = "textwrap" + version = "0.15.0" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb" + + [[package]] + name = "thiserror" +-version = "1.0.31" ++version = "1.0.32" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "bd829fe32373d27f76265620b5309d0340cb8550f523c1dda251d6298069069a" ++checksum = "f5f6586b7f764adc0231f4c79be7b920e766bb2f3e51b3661cdb263828f19994" + dependencies = [ + "thiserror-impl", + ] + + [[package]] + name = "thiserror-impl" +-version = "1.0.31" ++version = "1.0.32" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "0396bc89e626244658bef819e22d0cc459e795a5ebe878e6ec336d1674a8d79a" ++checksum = "12bafc5b54507e0149cdf1b145a5d80ab80a90bcd9275df43d4fff68460f6c21" + dependencies = [ + "proc-macro2", + "quote", +@@ -1965,9 +2133,9 @@ dependencies = [ + + [[package]] + name = "time" +-version = "0.3.9" ++version = "0.3.13" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "c2702e08a7a860f005826c6815dcac101b19b5eb330c27fe4a5928fec1d20ddd" ++checksum = "db76ff9fa4b1458b3c7f077f3ff9887394058460d21e634355b273aaf11eea45" + dependencies = [ + "itoa", + "libc", +@@ -1998,10 +2166,11 @@ checksum = "cda74da7e1a664f795bb1f8a87ec + + [[package]] + name = "tokio" +-version = "1.19.2" ++version = "1.20.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "c51a52ed6686dd62c320f9b89299e9dfb46f730c7a48e635c19f21d116cb1439" ++checksum = "7a8325f63a7d4774dd041e363b2409ed1c5cbbd0f867795e661df066b2b0a581" + dependencies = [ ++ "autocfg", + "bytes", + "libc", + "memchr", +@@ -2071,15 +2240,15 @@ checksum = "736b60249cb25337bc196faa43ee + + [[package]] + name = "tower-service" +-version = "0.3.1" ++version = "0.3.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "360dfd1d6d30e05fda32ace2c8c70e9c0a9da713275777f5a4dbb8a1893930c6" ++checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" + + [[package]] + name = "tracing" +-version = "0.1.35" ++version = "0.1.36" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "a400e31aa60b9d44a52a8ee0343b5b18566b03a8321e0d321f695cf56e940160" ++checksum = "2fce9567bd60a67d08a16488756721ba392f24f29006402881e43b19aac64307" + dependencies = [ + "cfg-if", + "log", +@@ -2089,9 +2258,9 @@ dependencies = [ + + [[package]] + name = "tracing-core" +-version = "0.1.27" ++version = "0.1.29" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "7709595b8878a4965ce5e87ebf880a7d39c9afc6837721b21a5a816a8117d921" ++checksum = "5aeea4303076558a00714b823f9ad67d58a3bbda1df83d8827d21193156e22f7" + dependencies = [ + "once_cell", + ] +@@ -2130,6 +2299,7 @@ version = "0.3.0" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "0e2f37914ec4d494d145cfa18bb8429498b238d63c47a08b89d09c1ec2545ff0" + dependencies = [ ++ "bindgen", + "pkg-config", + "target-lexicon", + ] +@@ -2142,9 +2312,9 @@ checksum = "dcf81ac59edc17cc8697ff311e8f + + [[package]] + name = "ucd-trie" +-version = "0.1.3" ++version = "0.1.4" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "56dee185309b50d1f11bfedef0fe6d036842e3fb77413abef29f8f8d1c5d4c1c" ++checksum = "89570599c4fe5585de2b388aab47e99f7fa4e9238a1399f707a02e356058141c" + + [[package]] + name = "unicode-bidi" +@@ -2154,20 +2324,26 @@ checksum = "099b7128301d285f79ddd55b9a83 + + [[package]] + name = "unicode-ident" +-version = "1.0.0" ++version = "1.0.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "d22af068fba1eb5edcb4aea19d382b2a3deb4c8f9d475c589b6ada9e0fd493ee" ++checksum = "c4f5b37a154999a8f3f98cc23a628d850e154479cd94decf3414696e12e31aaf" + + [[package]] + name = "unicode-normalization" +-version = "0.1.19" ++version = "0.1.21" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "d54590932941a9e9266f0832deed84ebe1bf2e4c9e4a3554d393d18f5e854bf9" ++checksum = "854cbdc4f7bc6ae19c820d44abdc3277ac3e1b2b93db20a636825d9322fb60e6" + dependencies = [ + "tinyvec", + ] + + [[package]] ++name = "unicode-width" ++version = "0.1.9" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973" ++ ++[[package]] + name = "unicode-xid" + version = "0.2.3" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -2192,7 +2368,7 @@ version = "0.8.2" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7" + dependencies = [ +- "getrandom 0.2.6", ++ "getrandom 0.2.7", + ] + + [[package]] +@@ -2202,6 +2378,12 @@ source = "registry+https://github.com/ru + checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + + [[package]] ++name = "vec_map" ++version = "0.8.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" ++ ++[[package]] + name = "version_check" + version = "0.9.4" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -2231,21 +2413,15 @@ checksum = "cccddf32554fecc6acb585f82a32 + + [[package]] + name = "wasi" +-version = "0.10.2+wasi-snapshot-preview1" +-source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6" +- +-[[package]] +-name = "wasi" + version = "0.11.0+wasi-snapshot-preview1" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + + [[package]] + name = "wasm-bindgen" +-version = "0.2.80" ++version = "0.2.82" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "27370197c907c55e3f1a9fbe26f44e937fe6451368324e009cba39e139dc08ad" ++checksum = "fc7652e3f6c4706c8d9cd54832c4a4ccb9b5336e2c3bd154d5cccfbf1c1f5f7d" + dependencies = [ + "cfg-if", + "wasm-bindgen-macro", +@@ -2253,13 +2429,13 @@ dependencies = [ + + [[package]] + name = "wasm-bindgen-backend" +-version = "0.2.80" ++version = "0.2.82" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "53e04185bfa3a779273da532f5025e33398409573f348985af9a1cbf3774d3f4" ++checksum = "662cd44805586bd52971b9586b1df85cdbbd9112e4ef4d8f41559c334dc6ac3f" + dependencies = [ + "bumpalo", +- "lazy_static", + "log", ++ "once_cell", + "proc-macro2", + "quote", + "syn", +@@ -2268,9 +2444,9 @@ dependencies = [ + + [[package]] + name = "wasm-bindgen-futures" +-version = "0.4.30" ++version = "0.4.32" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "6f741de44b75e14c35df886aff5f1eb73aa114fa5d4d00dcd37b5e01259bf3b2" ++checksum = "fa76fb221a1f8acddf5b54ace85912606980ad661ac7a503b4570ffd3a624dad" + dependencies = [ + "cfg-if", + "js-sys", +@@ -2280,9 +2456,9 @@ dependencies = [ + + [[package]] + name = "wasm-bindgen-macro" +-version = "0.2.80" ++version = "0.2.82" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "17cae7ff784d7e83a2fe7611cfe766ecf034111b49deb850a3dc7699c08251f5" ++checksum = "b260f13d3012071dfb1512849c033b1925038373aea48ced3012c09df952c602" + dependencies = [ + "quote", + "wasm-bindgen-macro-support", +@@ -2290,9 +2466,9 @@ dependencies = [ + + [[package]] + name = "wasm-bindgen-macro-support" +-version = "0.2.80" ++version = "0.2.82" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "99ec0dc7a4756fffc231aab1b9f2f578d23cd391390ab27f952ae0c9b3ece20b" ++checksum = "5be8e654bdd9b79216c2929ab90721aa82faf65c48cdf08bdc4e7f51357b80da" + dependencies = [ + "proc-macro2", + "quote", +@@ -2303,21 +2479,32 @@ dependencies = [ + + [[package]] + name = "wasm-bindgen-shared" +-version = "0.2.80" ++version = "0.2.82" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "d554b7f530dee5964d9a9468d95c1f8b8acae4f282807e7d27d4b03099a46744" ++checksum = "6598dd0bd3c7d51095ff6531a5b23e02acdc81804e30d8f07afb77b7215a140a" + + [[package]] + name = "web-sys" +-version = "0.3.57" ++version = "0.3.59" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "7b17e741662c70c8bd24ac5c5b18de314a2c26c32bf8346ee1e6f53de919c283" ++checksum = "ed055ab27f941423197eb86b2035720b1a3ce40504df082cac2ecc6ed73335a1" + dependencies = [ + "js-sys", + "wasm-bindgen", + ] + + [[package]] ++name = "which" ++version = "4.2.5" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "5c4fb54e6113b6a8772ee41c3404fb0301ac79604489467e0a9ce1f3e97c24ae" ++dependencies = [ ++ "either", ++ "lazy_static", ++ "libc", ++] ++ ++[[package]] + name = "winapi" + version = "0.3.9" + source = "registry+https://github.com/rust-lang/crates.io-index" +@@ -2402,12 +2589,13 @@ dependencies = [ + + [[package]] + name = "wiremock" +-version = "0.5.13" ++version = "0.5.14" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "1b12f508bdca434a55d43614d26f02e6b3e98ebeecfbc5a1614e0a0c8bf3e315" ++checksum = "cc3c7b7557dbfdad6431b5a51196c9110cef9d83f6a9b26699f35cdc0ae113ec" + dependencies = [ + "assert-json-diff", + "async-trait", ++ "base64", + "deadpool", + "futures", + "futures-timer", +@@ -2423,9 +2611,9 @@ dependencies = [ + + [[package]] + name = "zeroize" +-version = "1.5.5" ++version = "1.5.7" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "94693807d016b2f2d2e14420eb3bfcca689311ff775dcf113d74ea624b7cdf07" ++checksum = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" + dependencies = [ + "zeroize_derive", + ] +@@ -2466,18 +2654,18 @@ dependencies = [ + + [[package]] + name = "zstd" +-version = "0.10.2+zstd.1.5.2" ++version = "0.11.2+zstd.1.5.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "5f4a6bd64f22b5e3e94b4e238669ff9f10815c27a5180108b849d24174a83847" ++checksum = "20cc960326ece64f010d2d2107537f26dc589a6573a316bd5b1dba685fa5fde4" + dependencies = [ + "zstd-safe", + ] + + [[package]] + name = "zstd-safe" +-version = "4.1.6+zstd.1.5.2" ++version = "5.0.2+zstd.1.5.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "94b61c51bb270702d6167b8ce67340d2754b088d0c091b06e593aa772c3ee9bb" ++checksum = "1d2a5585e04f9eea4b2a3d1eca508c4dee9592a89ef6f450c11719da0726f4db" + dependencies = [ + "libc", + "zstd-sys", +@@ -2485,9 +2673,9 @@ dependencies = [ + + [[package]] + name = "zstd-sys" +-version = "1.6.3+zstd.1.5.2" ++version = "2.0.1+zstd.1.5.2" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "fc49afa5c8d634e75761feda8c592051e7eeb4683ba827211eb0d731d3402ea8" ++checksum = "9fd07cbbc53846d9145dbffdf6dd09a7a0aa52be46741825f5c97bdd4f73f12b" + dependencies = [ + "cc", + "libc", +Index: rk/Cargo.toml +=================================================================== +--- rk.orig/Cargo.toml ++++ rk/Cargo.toml +@@ -39,7 +39,7 @@ serde_json = { version = "1.0", features + static_assertions = "1" + tempfile = "3.0.4" + tokio = {version = "1.13.1", features = ["full"]} +-tss-esapi = "7.1.0" ++tss-esapi = {version = "7.1.0", features = ["generate-bindings"]} + thiserror = "1.0" + uuid = {version = "0.8", features = ["v4"]} + zmq = {version = "0.9.2", optional = true} diff --git a/keylime-agent.conf.diff b/keylime-agent.conf.diff new file mode 100644 index 0000000..eba81da --- /dev/null +++ b/keylime-agent.conf.diff @@ -0,0 +1,34 @@ +Index: rust-keylime-0.1.0+git.1659977521.0186093/keylime-agent.conf +=================================================================== +--- rust-keylime-0.1.0+git.1659977521.0186093.orig/keylime-agent.conf ++++ rust-keylime-0.1.0+git.1659977521.0186093/keylime-agent.conf +@@ -4,7 +4,8 @@ + + # Revocation IP & Port used by either the cloud_agent or keylime_ca to receive + # revocation events from the verifier. +-receive_revocation_ip = 127.0.0.1 ++# receive_revocation_ip = 127.0.0.1 ++receive_revocation_ip = + receive_revocation_port = 8992 + + +@@ -13,7 +14,8 @@ receive_revocation_port = 8992 + #============================================================================= + + # The binding address and port for the agent server +-cloudagent_ip = 127.0.0.1 ++# cloudagent_ip = 127.0.0.1 ++cloudagent_ip = 0.0.0.0 + cloudagent_port = 9002 + + # Address and port where the verifier and tenant can connect to reach the agent. +@@ -22,7 +24,8 @@ agent_contact_ip = 127.0.0.1 + agent_contact_port = 9002 + + # The address and port of registrar server which agent communicate with +-registrar_ip = 127.0.0.1 ++# registrar_ip = 127.0.0.1 ++registrar_ip = + registrar_port = 8890 + + # The keylime working directory. Can be overriden by setting the KEYLIME_DIR diff --git a/keylime.conf.diff b/keylime.conf.diff deleted file mode 100644 index 82b6736..0000000 --- a/keylime.conf.diff +++ /dev/null @@ -1,56 +0,0 @@ -Index: rust-keylime-0.1.0+git.1657303637.5b9072a/keylime.conf -=================================================================== ---- rust-keylime-0.1.0+git.1657303637.5b9072a.orig/keylime.conf -+++ rust-keylime-0.1.0+git.1657303637.5b9072a/keylime.conf -@@ -4,7 +4,8 @@ - - # Revocation IP & Port used by either the cloud_agent or keylime_ca to receive - # revocation events from the verifier. --receive_revocation_ip = 127.0.0.1 -+# receive_revocation_ip = 127.0.0.1 -+receive_revocation_ip = - receive_revocation_port = 8992 - - -@@ -13,7 +14,8 @@ receive_revocation_port = 8992 - #============================================================================= - - # The binding address and port for the agent server --cloudagent_ip = 127.0.0.1 -+# cloudagent_ip = 127.0.0.1 -+cloudagent_ip = 0.0.0.0 - cloudagent_port = 9002 - - # Address and port where the verifier and tenant can connect to reach the agent. -@@ -22,7 +24,8 @@ agent_contact_ip = 127.0.0.1 - agent_contact_port = 9002 - - # The address and port of registrar server which agent communicate with --registrar_ip = 127.0.0.1 -+# registrar_ip = 127.0.0.1 -+registrar_ip = - registrar_port = 8890 - - # The keylime working directory. Can be overriden by setting the KEYLIME_DIR -@@ -127,3 +130,21 @@ tpm_signing_alg = rsassa - # handle (e.g. "0x81000000"). The Keylime agent will then not attempt to - # create a new EK upon startup, and neither will it flush the EK upon exit. - ek_handle = generate -+ -+# The user account to switch to to drop privileges when started as root -+# If left empty, the agent will keep running with high privileges. -+# The user and group specified here must allow the user to access the -+# WORK_DIR (typically /var/lib/keylime) and /dev/tpmrm0. Therefore, -+# suggested value for the run_as parameter is keylime:tss. -+# The following commands should be used to set ownership before running the -+# agent: -+# chown keylime /var/lib/keylime -+# -+# If agent_data.json already exists: -+# chown keylime /var/lib/keylime/agent_data.json -+# -+# If cv_ca directory exists: -+# chown keylime /var/lib/keylime/cv_ca -+# chown keylime /var/lib/keylime/cv_ca/cacert.crt -+# -+run_as = keylime:tss diff --git a/rust-keylime-0.1.0+git.1657303637.5b9072a.tar.xz b/rust-keylime-0.1.0+git.1657303637.5b9072a.tar.xz deleted file mode 100644 index b3e4bc5..0000000 --- a/rust-keylime-0.1.0+git.1657303637.5b9072a.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:41af18ed5086bc5e4726275eb1407b7136073c9b08141fe866125305c41431ad -size 119140 diff --git a/rust-keylime-0.1.0+git.1659977521.0186093.tar.xz b/rust-keylime-0.1.0+git.1659977521.0186093.tar.xz new file mode 100644 index 0000000..90a10e6 --- /dev/null +++ b/rust-keylime-0.1.0+git.1659977521.0186093.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c6e878e1b8ba3106f7ce152fd227fc2f6a3b17c6ffc98fc9a3093a41e6327336 +size 119944 diff --git a/rust-keylime.changes b/rust-keylime.changes index a2681e6..1c45e25 100644 --- a/rust-keylime.changes +++ b/rust-keylime.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Wed Aug 10 13:39:08 UTC 2022 - aplanas@suse.com + +- Update to version 0.1.0+git.1659977521.0186093: + * Fix display of mb measurement file path + * Add more helpful error when config file is not found + * Fix small comment about implementing TPM ownership + * main: die when cannot drop privileges + * keylime.conf: add run_as section + * Use Rust agent-specific config in Makefile + * Fix typo in listen_notifications option in keylime.conf + * tpm: Support pre-existing EK + * Set swtpm context which is later used for test filtering + * Add GitLeaks configuration to ignore RSA key used for testing + * Handle whitespace in keylime.conf +- Rename keylime.conf to keylime-agent.conf +- Drop 0001-main-die-when-cannot-drop-privileges.patch, as is already + merged upstream +- Add bindgen.patch to add more architectures + ------------------------------------------------------------------- Tue Jul 12 09:20:39 UTC 2022 - aplanas@suse.com diff --git a/rust-keylime.spec b/rust-keylime.spec index 22da12a..f92c973 100644 --- a/rust-keylime.spec +++ b/rust-keylime.spec @@ -25,7 +25,7 @@ %define _config_norepl %config(noreplace) %endif Name: rust-keylime -Version: 0.1.0+git.1657303637.5b9072a +Version: 0.1.0+git.1659977521.0186093 Release: 0 Summary: Rust implementation of the keylime agent License: Apache-2.0 AND MIT @@ -36,11 +36,12 @@ Source2: cargo_config Source3: keylime.xml Source4: keylime-user.conf Source5: tmpfiles.keylime -# PATCH-FIX-OPENSUSE keylime.conf.diff -Patch1: keylime.conf.diff -# PATCH-FIX-UPSTREAM 0001-main-die-when-cannot-drop-privileges.patch -- based on PR 423 -Patch2: 0001-main-die-when-cannot-drop-privileges.patch +# PATCH-FIX-OPENSUSE keylime-agent.conf.diff +Patch1: keylime-agent.conf.diff +# PATCH-FIX-OPENSUSE bindgen.patch +Patch2: bindgen.patch BuildRequires: cargo +BuildRequires: clang BuildRequires: firewall-macros BuildRequires: libarchive-devel BuildRequires: rust @@ -50,7 +51,7 @@ BuildRequires: zeromq-devel Requires: libtss2-tcti-device0 Requires: logrotate Requires: tpm2.0-abrmd -ExcludeArch: %{ix86} s390x ppc64 ppc64le armhfp armv7hl +# ExcludeArch: %{ix86} s390x ppc ppc64 ppc64le armhfp armv7hl %description Rust implementation of keylime agent. Keylime is system integrity @@ -69,7 +70,7 @@ RUSTFLAGS=%{rustflags} cargo build --release --no-default-features --features "w RUSTFLAGS=%{rustflags} cargo install --frozen --no-default-features --features "with-zmq" --root=%{buildroot}%{_prefix} --path . # TODO: move the configuration file into _distconfdir -install -Dpm 0600 keylime.conf %{buildroot}%{_sysconfdir}/keylime.conf +install -Dpm 0600 keylime-agent.conf %{buildroot}%{_sysconfdir}/keylime-agent.conf install -Dpm 0644 ./dist/systemd/system/keylime_agent.service %{buildroot}%{_unitdir}/keylime_agent.service install -Dpm 0644 ./dist/systemd/system/var-lib-keylime-secure.mount %{buildroot}%{_unitdir}/var-lib-keylime-secure.mount @@ -108,7 +109,7 @@ rm %{buildroot}%{_prefix}/.crates2.json %license LICENSE %{_bindir}/keylime_agent %{_bindir}/keylime_ima_emulator -%config(noreplace) %attr (0600,keylime,tss) %{_sysconfdir}/keylime.conf +%config(noreplace) %attr (0600,keylime,tss) %{_sysconfdir}/keylime-agent.conf %{_unitdir}/keylime_agent.service %{_unitdir}/var-lib-keylime-secure.mount %dir %{_prefix}/lib/firewalld diff --git a/vendor.tar.xz b/vendor.tar.xz index a1a390d..1efec65 100644 --- a/vendor.tar.xz +++ b/vendor.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:f3f8afa64ddb32cfa4f3749616f57cd47826f0bb8dfa3b99ed83e1c5ebf471d9 -size 20105088 +oid sha256:fcc10303f90db5ff1485a76892b1c7eef8904d848e26e67af928eeb96c071aa4 +size 20796756 From 96038d33ba3a5c652c9685524361d1f9c8a8fc5bd800db2cdf1ce5d076db2cc0 Mon Sep 17 00:00:00 2001 From: Alberto Planas Dominguez Date: Thu, 11 Aug 2022 06:10:09 +0000 Subject: [PATCH 2/2] Accepting request 994442 from home:aplanas:branches:security - Update to version 0.1.0+git.1659977521.0186093: * Fix display of mb measurement file path * Add more helpful error when config file is not found * Fix small comment about implementing TPM ownership * main: die when cannot drop privileges * keylime.conf: add run_as section * Use Rust agent-specific config in Makefile * Fix typo in listen_notifications option in keylime.conf * tpm: Support pre-existing EK * Set swtpm context which is later used for test filtering * Add GitLeaks configuration to ignore RSA key used for testing * Handle whitespace in keylime.conf - Rename keylime.conf.diff to keylime-agent.conf.diff - Drop 0001-main-die-when-cannot-drop-privileges.patch, as is already merged upstream - Add bindgen.patch to add more architectures - Update to version 0.1.0+git.1657303637.5b9072a: * keys_handler: Use scopes to drop mutexes before await * Enable usage of Rust IMA emulator in E2E tests. * ima_emulator: Support PCR hash algorithms other than SHA-1 * ima_entry: add IMA entry parser ported from Python Keylime * algorithms: Add conversion between our hash algorithms and OpenSSL's * Remove unused functions revocation_ip_get and revocation_port_get. Change String to &str. * Adjust function usage comments to account for new parameters. * Load config file less at startup in src/common.rs * GNUmakefile: Make target dependencies explicit * permissions: Set supplementary groups when dropping privileges * main: Use more descriptive message for missing files error * Show path when fail to load the certificate * tpm: Add serialization functions for structures in quotes - Requires tpm2.0-abrmd dependency, as the kernel resource manager could be not enough - Downgrade /var/run/keylime permissions - Set "run_as" parameter to "keylime:tss" - Create the keylime user via systemd - Fix keylime service home directory - Add 0001-main-die-when-cannot-drop-privileges.patch to avoid the execution as root when the run_as user is missing in the system - Update to version 0.1.0+git.1655384301.b834667: * Update fmf plans to run test with IMA policy * .github/dependabot.yml: prevent updates that require manifest change - Add logrotate configuration for the agent service - Requires libtss2-tcti-device0 to interact with the real device - Drop legacy Python subpackage and feature - Move conflicts into the Python version - Drop CFSSL port from the keylime.xml firewalld rules - Update to version 0.1.0+git.1655143451.7c4121e: * Add dependabot for automatic dependency updates * config: remove unused options * persist AK, NK and mTLS certificate to disk * Update tokio minimum version * Adjust CI test name according to keylime-tests PR#125 * Make wiremock an optional dependency * Drop unused dependency flate2 * Drop unused dependency rustc-serialize * Update clap dependency to 3.1.18 * add support for "hash_ek" UUID creation * tpm: add and use EKResult struct as return value for create_ek(..) * replace custom marshall functions with the offical one * update to tss-esapi 7.1.0 * quotes_handler: Rewind measured boot log file * Add test /functional/measured-boot-swtpm-sanity to Packit CI plan * OpenSSL on deb family is now libssl-dev - Update to version 0.1.0+git.1653314004.ceda2ec: * Skip serialization of optional fields * Make support for legacy python revocation actions optional * main: Do not try to load CA cert if mTLS is disabled * CI: Add packit to run end-to-end tests * GNUmakefile: Install shim.py * Add service for secure mount * secure_mount: Do not try to give ownership to root * secure_mount: Rewrite check_mount() * main: Ignore original ownership when unzipping files * Drop privileges to run as normal user and group * main: Mount secure mount before dropping the privileges * main: Open files that require privilege at the beginning * quotes_handler: Fix measured boot list encoding * Fix typo in config_get() * Add option to disable mTLS * Update actix-web to 4, remove tokio 0.2 dependencies * crypto: Add helper function to convert public key to PEM string * Add ansasaki as maintainer - Update to version 0.1.0+git.1649449492.59856c2: * errors_handler: Add handler for 404 error * errors_handler: Add tests for error handlers * main: Add handler for actix request parsing errors * main: Add default handlers for each scope * main: Use actix middleware to log requests * common: Change status code type from u32 to u16 * common: Use trait ToString for status on JsonWrapper::error * quotes_handler: Add used measured boot path to warning message * common: Rename JsonWrapper::new as JsonWrapper::success * Generalize error JSON wrapping * main: Use scopes to organize API * Use JSON wrapper on error responses * quotes_handler: Simplify integrity quote structures * quotes_handler: Improve query parameters parsing * quotes_handler: Add missing log messages * keys_handler: Add API to verify derived key * keys_handler: Remove workaround for missing JSON Content-Type * keys_handler: Fix test for 256-bits keys * Use shared JSON wrapper for HTTP responses * ima: Avoid using unwrap() or panic!() * Apply changes suggested by cargo fmt and cargo clippy * ima: Read IMA measurement list begining at n-th entry. * ima: Get ima_ml_entry from HTTP request * version_handler: Introduce /version REST endpoint (#313) * main: Do not error if payload_script is not found * Remove revocation actions naming restriction * Revert API version to 2.0 * Set working directory via KEYLIME_DIR env variable - Add work_dir directory in /var/lib/keylime - Add subpackage rust-keylime-python to execute revocation payload in Python - Update to version 0.1.0+git.1645537954.2f1447d: * Make zmq an optional dependency * notifications_handler: Introduce /notifications/revocation REST endpoint * revocation: Move out revocation message processing * revocation: Make get_revocation_cert_path() public * Install systemd unit file - Update to version 0.1.0+git.1645023877.811a869: * Make clippy happy. * Add a --help message. * Depend on Rust-TSS-ESAPI 7.0.0 stable * main: Return error on initialization if python shim is missing * common: Add hardcoded config defaults for revocation * main: Add execution permissions to revocation actions * revocation: Log revocation actions output * revocation: Fix get_revocation_cert_path() comment * gitignore: Add filters for some temporary files * revocation: Do not ignore revocation actions from config * revocation: Implement python actions support * tests: Implement proof-of-concept python shim * revocation: Implement lookup_action() function * common: Add revocation actions configurations * revocation: Enforce local action naming restriction * revocation: Remove duplicate logger initialization * crypto: unfiy import_x509 and load_x509 * update Cargo.lock * common: update API version to v2.0 * tpm: drop zlib compression in quotes * run agent webserver with mTLS enabled and add mtls_cert to registrar * crypto: load and generate X509 certificates, mTLS context generation * keylime.conf: add setting for Keylime CA * Bump tss-esapi crate to 7.0.0-beta.1 * Update to fix typo * Use Path and PathBuf consistently to represent paths * Bump versions of some dependencies * quotes_handler: Check quotes in tests * tpm: Remove hard-coded struct sizes with std::mem::size_of * tpm: Let compiler to infer arch-dependent integer types * Use CString as the first argument of libc::chown * keys_handler: Add API to get public key (#284) * crypto: Fix algorithms used for revocation signature (#275) * revocation: Use revocation certificate set by configuration (#300) * common: Add revocation_cert to the global configuration structure * ima_emulator: Fix running hash calculation on resumption * keys_handler: Add test with encrypted payload * main: Use condition variable to wait for payload encryption key * main: Use Option to represent a combined key * main: Redefine KeySet as a vector * keys_handler, main: Move crypto operations to crypto module * keys_handler: Make use of type safe payload deserialization * Remove unused imports * Remove duplicate CODEOWNERS file * Remove panic when running rev action * move global configuration into a single struct * Add codeowners - Update to version 0.1.0+git.1641587454.1248597: * quotes_handler: send TPM2 event log for measured boot * serialization: move serialization into separate module * try to load AK from disk instead of always creating a new one * update Cargo.lock file * make hash, encryption and signing algorithm configurable * tpm: remove get_sig_scheme(..) function * hash: rename to algorithms and implement tss conversions * cmd_exec: remove cmd_exec module * secure_mount: fix mount of tmpfs for secure directory * common: change default WORK_DIR to /var/lib/keylime * tpm: remove special handling for PCR10 - Update to version 0.1.0+git.1639176416.fc90088: * Code refactor to use updated tss-esapi - Drop add_property_tag_variant_for_maxcapbuffer.patch, included in the upstream crate - Conflict with keylime-agent, keylime-config and keylime-firewalld - Add keylime_ima_emulator tool - Add patch add_property_tag_variant_for_maxcapbuffer.patch - Update to version 0.1.0+git.1637095429.d5a3191: * Run Fedora tests on unified Keylime test container * ima_emulator: Print error message when TCTI envvar is not set * Add keylime_ima_emulator executable for testing * Fix 0mq problem * ci: Check unit test coverage with cargo tarpaulin (#216) * config: merge with Python keylime.conf and remove unused entries * Add support for contact ip and port * common: move get env or from config into sperate function * keys_handler: Add unit tests * quotes_handler: Add unit tests (#265) * Fix bugs that occur after a delete and re-add from the tenant * Retain the main loop running after payload execution (#249) * keys_handler: verify HMAC in constant-time (#248) * build: Adjust package dependencies to compile in Fedora (#245) * Generate Cargo.lock file * Add Ueno as a maintainer and set codeowners * Fix clippy errors, update to newest TSS-ESAPI - Drop generate-cargo-lock-file.patch (already in upstream) - Update to version 0.1.0+git.1629114992.890e8c9: * Add "v1.0" prefix to agent APIs - Update generate-cargo-lock-file.patch - Add generate-cargo-lock-file.patch to fix the build system in OBS - Add keylime.conf.diff to adjust the default config file - Adjust build requirements - Add firewalld XML rules - Add systemd keylime_agent.service - Fix license tag - Update to version 0.0.1+git.1626706730.a009476: * libarchive-devel is needed to build on Fedora * Accept sets of U and V keys; use new Key types * Output mask info * Fix for race condition bug * Do not resend pubkey to CV after attestation * Run payload script from a shell * Write out data and run payload * Decrypt payload after key handlers find symm key * Add handler for U and V keys * Add helper functions for handling U and V keys * Some TPM fixes for IMA PCR validation * Do not flush AK context as this causes an error * Fix bug in revocation service * Drop references to vmask * Better documentation of consts * Do not fail if EK cert is not present in TPM NV * Add more verbose logging to better match Python agent * Remove verify stub as we are not using it * tests: Don't pass --allow-signing to swtpm_setup * Fix typos * Add dependency for libzmq3-dev / zeromq-devel * Fix new clippy lints * Add handling for Identity and Integrity quotes * Add Quote functionality * Add marshaling functions for TPM structs - Update to version 0.0.1+git.1620935374.4df2148: * Add function to read PCR mask * Small fixes in TPM functions * Send quote data to actixweb handlers - Update to version 0.0.1+git.1618949271.f609525: * Add more TPM helper functions * Use PKeys consistently * Rebase on tss-esapi 5.0 * Pass a PKeyRef to asym_verify * Use #[[from] from thiserror * Fix uppercase acronyms * Add testing feature * Remove port bindings for agent * More verbose TPM and revocation error, verbose success * Fix docker networking OBS-URL: https://build.opensuse.org/request/show/994442 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=24 --- rust-keylime.changes | 2 +- rust-keylime.spec | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/rust-keylime.changes b/rust-keylime.changes index 1c45e25..9fd4371 100644 --- a/rust-keylime.changes +++ b/rust-keylime.changes @@ -13,7 +13,7 @@ Wed Aug 10 13:39:08 UTC 2022 - aplanas@suse.com * Set swtpm context which is later used for test filtering * Add GitLeaks configuration to ignore RSA key used for testing * Handle whitespace in keylime.conf -- Rename keylime.conf to keylime-agent.conf +- Rename keylime.conf.diff to keylime-agent.conf.diff - Drop 0001-main-die-when-cannot-drop-privileges.patch, as is already merged upstream - Add bindgen.patch to add more architectures diff --git a/rust-keylime.spec b/rust-keylime.spec index f92c973..1049b7d 100644 --- a/rust-keylime.spec +++ b/rust-keylime.spec @@ -51,7 +51,6 @@ BuildRequires: zeromq-devel Requires: libtss2-tcti-device0 Requires: logrotate Requires: tpm2.0-abrmd -# ExcludeArch: %{ix86} s390x ppc ppc64 ppc64le armhfp armv7hl %description Rust implementation of keylime agent. Keylime is system integrity