Accepting request 796145 from home:gary_lin:branches:security

Update to 0.3.1 OBS-URL: https://build.opensuse.org/request/show/796145 OBS-URL: https://build.opensuse.org/package/show/security/swtpm?expand=0&rev=3
2020-04-22 05:29:30 +00:00 · 2020-04-22 05:29:30 +00:00 · 8d82668977
commit 8d82668977
parent 8d6fea0d58
5 changed files with 47 additions and 10 deletions
--- a/swtpm-setup-tcsd-path.patch
+++ b/swtpm-setup-tcsd-path.patch
@ -1,13 +1,13 @@
-Index: swtpm-0.1.0-tpm2/src/swtpm_setup/swtpm_setup.sh.in
+Index: swtpm-0.3.1/src/swtpm_setup/swtpm_setup.sh.in
 ===================================================================
--- swtpm-0.1.0-tpm2.orig/src/swtpm_setup/swtpm_setup.sh.in
-+++ swtpm-0.1.0-tpm2/src/swtpm_setup/swtpm_setup.sh.in
-@@ -2171,7 +2171,7 @@ main()
+--- swtpm-0.3.1.orig/src/swtpm_setup/swtpm_setup.sh.in
+++ swtpm-0.3.1/src/swtpm_setup/swtpm_setup.sh.in
+@@ -2296,7 +2296,7 @@ main()
 	fi
 
 	if [ $((flags & SETUP_TPM2_F)) -eq 0 ]; then
-		TCSD=`type -P tcsd`
-+		TCSD=`type -P /usr/sbin/tcsd`
+-		TCSD=$(type -P tcsd)
+		TCSD=$(type -P /usr/sbin/tcsd)
 		if [ -z "$TCSD" ]; then
 			logerr "tcsd program not found. (PATH=$PATH)"
 			exit 1
--- a/swtpm.changes
+++ b/swtpm.changes
@ -1,3 +1,40 @@
+-------------------------------------------------------------------
+Wed Apr 22 03:25:36 UTC 2020 - Gary Ching-Pang Lin <glin@suse.com>
+
+- Update to 0.3.1
+  + swtpm: Fix vtpm proxy case without startup flags
+  + swtpm: Only call memcpy if tocopy != 0 (coverity)
+  + man: Document new startup options and capabilities
+    advertisement
+  + swtpm: Enable sending startup commands before processing
+    commands
+  + swtpm_cert: Accept serial numbers that use up to 64bits
+  + swtpm_cert: Use getopt_long_only to parse options
+  + swtpm_cert: Add support for --print-capabilities option
+  + swtpm_cert: Allow passing signing key and parent key via new
+    option
+  + swtpm_setup: Enable spaces in paths and other variables
+  + swtpm_ioctl: Calculate strlen(input) only once
+  + swtpm_ioctl: Block SIGPIPE so we can get EPIPE on write()
+  + swtpm_bios: Block SIGPIPE so we can get EPIPE on write()
+  + swtpm: Only accept() new client ctrl connection if we have none
+  + swtpm_setup: Do not fail on future PCR banks' hashes
+  + swtpm_setup: Use 1st part of SWTPM_EXE/SWTPM_IOCTL to determine
+    executable
+  + swtpm_setup: Keep reserved range of file descriptors for
+    swtpm_setup.sh
+  + swtpm_setup: Log about encryption and fix c&p error in err msg
+  + swtpm: Add --print-capabilities to help screen of
+    'swtpm chardev'
+  + swtpm_ioctl: Fix uninitialized variable 'pgi'
+  + swtpm_cert: Use gnutls_x509_crt_get_subject_key_id API call for
+    subj keyId
+  + swtpm_cert: Fix OIDs for TPM 2 platforms data
+  + swtpm: Fix typo in error report: HMAC instead of hash
+  + swtpm: Use writev_full rather than writev; fixes --vtpm-proxy
+    EIO error
+- Refresh swtpm-setup-tcsd-path.patch
+
 -------------------------------------------------------------------
 Fri Jan  3 01:52:45 UTC 2020 - Gary Ching-Pang Lin <glin@suse.com>

--- a/swtpm.spec
+++ b/swtpm.spec
@ -16,7 +16,7 @@
 #

 Name:           swtpm
-Version:        0.2.0
+Version:        0.3.1
 Release:        0
 Summary:        Software TPM emulator
 License:        BSD-3-Clause
--- a/v0.2.0.tar.gz
+++ b/v0.2.0.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:977477e341f8b5db0820c8d3cc9946652ef8d7a93403c4dcf88667f9a84ae999
-size 297419
--- a/v0.3.1.tar.gz
+++ b/v0.3.1.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f1723e3a61a8a61f297636b19adb21eec4bdd3b8f4dd788275e2ada309c1c058
+size 308576