- Update to version 0.2.4+git.1706692574.a744517:
* Bump version to 0.2.4
* build(deps): bump uuid from 1.4.1 to 1.7.0
* keylime-agent.conf: Allow setting event logs paths
* Mutable log paths: allow IMA and MBA log paths to be overridden by keylime configuration.
* workflows: Update checkout action to version 4
* build(deps): bump serde from 1.0.188 to 1.0.195
* build(deps): bump pest_derive from 2.7.0 to 2.7.6
* build(deps): bump openssl from 0.10.62 to 0.10.63
* build(deps): bump config from 0.13.3 to 0.13.4
* build(deps): bump base64 from 0.21.4 to 0.21.7
* build(deps): bump tempfile from 3.8.0 to 3.9.0
* build(deps): bump pest from 2.7.0 to 2.7.6
* build(deps): bump actix-web from 4.4.0 to 4.4.1
* build(deps): bump reqwest from 0.11.22 to 0.11.23
* build(deps): bump h2 from 0.3.17 to 0.3.24
* build(deps): bump shlex from 1.1.0 to 1.3.0
* cargo: Bump tss-esapi to version 7.4.0
* workflows: Fix keylime-bot token usage
* tpm: Add error context for every possible error
* tpm: Add AlgorithmError to TpmError
* detect idevid template from certificates
* build(deps): bump wiremock from 0.5.18 to 0.5.22
* build(deps): bump thiserror from 1.0.48 to 1.0.56
* Make use of workspace dependencies
* build(deps): bump openssl from 0.10.57 to 0.10.62
* packit: Bump Fedora version used for code coverage
OBS-URL: https://build.opensuse.org/request/show/1142969
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=65
- Drop zmq from the feature set
- Remove already merged patches:
* 0001-keylime-agent-remove-const_err-deny.patch
* 0001-Cargo.toml-tss-esapi-bindings.patch
- Update to version 0.1.0+git.1676549716.5382ed9:
* Cargo: Update clap minimum version to 3.2
* Cargo: Update uuid minimum version to 1.3
* Cargo: Update tokio minimum version to 1.24 and reduce features
* build(deps): bump tss-esapi from 7.1.0 to 7.2.0
* cargo deb: include shim.py in packaging
* build(deps): bump thiserror from 1.0.36 to 1.0.38
* keylime-agent.conf: Add comments on how to override options
* config: Fix overriding options with env vars
* Add missing e2e tests and reordering tests based on alphabetical order
* e2e tests: Fix test name
* Store associated U keys, auth tags, and payloads together
* Refactor ZeroMQ revocation listener to not block
* keylime-agent: Gracefully shutdown on SIGINT
* Refactor async code for keys and payloads
* main: Move payload related functions to payloads module
* main: Run ZeroMQ service in a separate task
* Remove unused option "openstack" for obtaining uuid
* algorithms: fix typo
* clippy: fix uninlined_format_args warnings
* clippy: fix needless_borrow warnings
* crypto, mTLS: allow certificate chain for trusted_client_ca
* build(deps): bump base64 from 0.13.0 to 0.13.1
* build(deps): bump serde_json from 1.0.85 to 1.0.91
* build(deps): bump libc from 0.2.133 to 0.2.139
* build(deps): bump bumpalo from 3.11.0 to 3.12.0
* build(deps): bump futures from 0.3.24 to 0.3.25
* Cargo.toml: tss-esapi bindings
* packit-ci: Disable Rawhide due to agent compilation issues
* packit-ci: Add hotfix for tpm2-tss Fedora BZ#2158598
* keylime-agent: remove const_err deny
* build(deps): bump tokio from 1.23.0 to 1.24.2
OBS-URL: https://build.opensuse.org/request/show/1066186
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=36
- Rebase bindgen.patch and upstream the change
- Rebase keylime-agent.conf.diff
- Store the configuration file in /usr/etc/keylime/agent.conf
- Fix keylime user creation
- Drop webapp service port in firewall XML service file
- Update to version 0.1.0+git.1663769444.6318234:
* Update comments in the configuration file
* config: Align config locations with the python components
* config: Add configuration file version
* config: Add back support for KEYLIME_DIR env var
* Change configuration format to TOML
* Add support for using passphrase protected key
* Do not try to load TPM data generated by another TPM
* Allow using existing key and certificate
* Remove the agent TPM data from the config struct
* Rename the configuration options
* Use password to generate EK when provided
* Add tpm_ownerpassword option to keylime.conf
* Add cargo audit to CI static tests
* Add agent and faked_measured_boot_log tests context
* Appease clippy
OBS-URL: https://build.opensuse.org/request/show/1006459
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=26
- Update to version 0.1.0+git.1659977521.0186093:
* Fix display of mb measurement file path
* Add more helpful error when config file is not found
* Fix small comment about implementing TPM ownership
* main: die when cannot drop privileges
* keylime.conf: add run_as section
* Use Rust agent-specific config in Makefile
* Fix typo in listen_notifications option in keylime.conf
* tpm: Support pre-existing EK
* Set swtpm context which is later used for test filtering
* Add GitLeaks configuration to ignore RSA key used for testing
* Handle whitespace in keylime.conf
- Rename keylime.conf to keylime-agent.conf
- Drop 0001-main-die-when-cannot-drop-privileges.patch, as is already
merged upstream
- Add bindgen.patch to add more architectures
OBS-URL: https://build.opensuse.org/request/show/994355
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=23
