- actix-web update moves rustls as feature (bsc#1223234, CVE-2024-32650)
- Update to version 0.2.4~39:
* build(deps): bump openssl from 0.10.63 to 0.10.64
* build(deps): bump h2 from 0.3.24 to 0.3.26
* build(deps): bump serde_json from 1.0.107 to 1.0.116
* build(deps): bump actix-web from 4.4.1 to 4.5.1
* crypto: Enable TLS 1.3
* build(deps): bump tempfile from 3.9.0 to 3.10.1
* build(deps): bump mio from 0.8.4 to 0.8.11
* enable hex values to be used for tpm_ownerpassword
* config: Support IPv6 with or without brackets
* keylime: Implement a simple IP parser to remove brackets
* crypto: Implement CertificateBuilder to generate certificates
* tests: Fix coverage download by supporting arbitrary URL
* cargo: Add testing feature to keylime library
* Set X509 SAN with local DNSname/IP/IPv6
* Include newest Node20 versions for Github actions
* tpm: Add unit test for uncovered public functions
* crypto: Implement ECC key generation support
* crypto: Add test for match_cert_to_template()
* Fix minor typo, format and remove end whitespaces
* crypto: Make error types less specific
* tests/run.sh: Run tarpaulin with a single thread
* payloads: Remove explicit drop of channel transmitter
* crypto: Move to keylime library
* crypto: Add specific type for every possible error
* tpm: Rename origin of error as source in structures
* list_parser: Add source for error for backtrace
* algorithms: Make errors more specific
* typo fix for default path to measured boot log file
* README: remove mentions of libarchive as a dependency
* Dockerfile.wolfi: Update clang to version 17
* docker: Remove libarchive as a dependency
* rpm: Remove libarchive from dependencies
* cargo: Replace compress-tools with zip crate
* cargo: Bump ahash to version 0.8.7
* build(deps): bump serde from 1.0.195 to 1.0.196
* build(deps): bump libc from 0.2.152 to 0.2.153
* build(deps): bump reqwest from 0.11.23 to 0.11.24
* docker: Install configuration file in the correct path
* config: Make IAK/IDevID disabled by default
OBS-URL: https://build.opensuse.org/request/show/1171003
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=67
- Update to version 0.2.4+git.1706692574.a744517:
* Bump version to 0.2.4
* build(deps): bump uuid from 1.4.1 to 1.7.0
* keylime-agent.conf: Allow setting event logs paths
* Mutable log paths: allow IMA and MBA log paths to be overridden by keylime configuration.
* workflows: Update checkout action to version 4
* build(deps): bump serde from 1.0.188 to 1.0.195
* build(deps): bump pest_derive from 2.7.0 to 2.7.6
* build(deps): bump openssl from 0.10.62 to 0.10.63
* build(deps): bump config from 0.13.3 to 0.13.4
* build(deps): bump base64 from 0.21.4 to 0.21.7
* build(deps): bump tempfile from 3.8.0 to 3.9.0
* build(deps): bump pest from 2.7.0 to 2.7.6
* build(deps): bump actix-web from 4.4.0 to 4.4.1
* build(deps): bump reqwest from 0.11.22 to 0.11.23
* build(deps): bump h2 from 0.3.17 to 0.3.24
* build(deps): bump shlex from 1.1.0 to 1.3.0
* cargo: Bump tss-esapi to version 7.4.0
* workflows: Fix keylime-bot token usage
* tpm: Add error context for every possible error
* tpm: Add AlgorithmError to TpmError
* detect idevid template from certificates
* build(deps): bump wiremock from 0.5.18 to 0.5.22
* build(deps): bump thiserror from 1.0.48 to 1.0.56
* Make use of workspace dependencies
* build(deps): bump openssl from 0.10.57 to 0.10.62
* packit: Bump Fedora version used for code coverage
OBS-URL: https://build.opensuse.org/request/show/1142969
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=65
- Update to version 0.2.3+git.1701075380.a5dc985:
* build(deps): bump actix-rt from 2.8.0 to 2.9.0
* Bump version to 0.2.3
* build(deps): bump reqwest from 0.11.20 to 0.11.22
* Bump configuration version and fix enable_iak_idevid
* Enable test functional/iak-idevid-register-with-certificates
* Update packit plan with new tests
* Add certificates and certificate checking for IDevID and IAK keys (#669)
OBS-URL: https://build.opensuse.org/request/show/1130184
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=63
- Update to version 0.2.1+git.1682587333.b497f1d:
* Bump version to 0.2.1
* Cargo: Update base64 to version 0.21
* build(deps): bump enumflags2 from 0.7.5 to 0.7.7
* build(deps): bump uuid from 1.3.0 to 1.3.1
* build(deps): bump libc from 0.2.141 to 0.2.142
* keylime-agent/src/common.rs: remove VTPM and IMA stub variables
* rpm/fedora: Use vendored dependencies for all versions
* packit: Enable building RPM on Copr for fedora-all
* rpm/fedora: Fix metadata patch
* build(deps): bump serde from 1.0.159 to 1.0.160
* build(deps): bump serde_json from 1.0.95 to 1.0.96
* cargo: Drop default features from actix-web
* cargo: Drop default features from reqwest crate
* cargo: Drop default features from config crate
* build(deps): bump tempfile from 3.4.0 to 3.5.0
* build(deps): bump libc from 0.2.140 to 0.2.141
OBS-URL: https://build.opensuse.org/request/show/1083240
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=51
- Add generate-cargo-lock-file.patch to fix the build system in OBS
- Add keylime.conf.diff to adjust the default config file
- Adjust build requirements
- Add firewalld XML rules
- Add systemd keylime_agent.service
- Fix license tag
- Update to version 0.0.1+git.1626706730.a009476:
* libarchive-devel is needed to build on Fedora
* Accept sets of U and V keys; use new Key types
* Output mask info
* Fix for race condition bug
* Do not resend pubkey to CV after attestation
* Run payload script from a shell
* Write out data and run payload
* Decrypt payload after key handlers find symm key
* Add handler for U and V keys
* Add helper functions for handling U and V keys
* Some TPM fixes for IMA PCR validation
* Do not flush AK context as this causes an error
* Fix bug in revocation service
* Drop references to vmask
* Better documentation of consts
* Do not fail if EK cert is not present in TPM NV
* Add more verbose logging to better match Python agent
* Remove verify stub as we are not using it
* tests: Don't pass --allow-signing to swtpm_setup
* Fix typos
* Add dependency for libzmq3-dev / zeromq-devel
* Fix new clippy lints
* Add handling for Identity and Integrity quotes
* Add Quote functionality
* Add marshaling functions for TPM structs
OBS-URL: https://build.opensuse.org/request/show/908894
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=3
