#
# spec file for package tpm2-0-tss
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           tpm2-0-tss
Version:        1.0
Release:        0
Summary:        Intel's TCG Software Stack access library for TPM 2.0 chips
License:        BSD-2-Clause
Group:          Productivity/Security
Url:            https://github.com/01org/TPM2.0-TSS
Source0:        https://github.com/01org/TPM2.0-TSS/archive/%{version}.tar.gz
Source2:        baselibs.conf
Patch0:         tpm2-0-tss-configure.patch
# PATCH-FIX-UPSTREAM bmwiedemann https://github.com/01org/TPM2.0-TSS/pull/419
Patch1:         reproducible.patch
BuildRequires:  autoconf-archive
BuildRequires:  automake
BuildRequires:  gcc-c++
BuildRequires:  libtool
BuildRequires:  pkg-config
BuildRequires:  systemd-rpm-macros
Requires(pre):  pwdutils
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

%description
The tpm2-0-tss package provides a TPM 2.0 TSS implementation. This
implementation is developed by INTEL. Note that the current resource manager
implementation is considered deprecated (a prototype, probably buggy and
insecure) by its developers.

%package devel
Summary:        Development headers for the Intel TSS library for TPM 2.0 chips
Group:          Development/Libraries/C and C++
Requires:       glibc-devel
Requires:       libsapi0 = %{version}
Requires:       libtcti-device0 = %{version}
Requires:       libtcti-socket0 = %{version}

%description devel
This package provides the development files for the libsapi library
for accessing TPM 2.0 chips.

%package -n libsapi0
Summary:        TPM2 System API library
Group:          System/Libraries
# Non-SLPP package name from earlier
Obsoletes:      libtss2 < %version-%release
Provides:       libtss2 = %version-%release

%description -n libsapi0
This package provides the library to access the TSS (TCG Software Stack) for
accessing TPM 2.0 chips.

%package -n libtcti-device0
Summary:        TCTI library for communicating with a TPM device node
Group:          System/Libraries

%description -n libtcti-device0
TPM Command Transmission Interface library for communicating with a
TPM device node.

%package -n libtcti-socket0
Summary:        TCTI library for communicating with a TPM over a socket
Group:          System/Libraries

%description -n libtcti-socket0
TPM Command Transmission Interface library for communicating with a
TPM over a socket.

%prep
%setup -q -n TPM2.0-TSS-%{version}
%patch0 -p1
%patch1 -p1

%build
bash bootstrap
%configure --disable-static
make %{?_smp_mflags} PTHREAD_LDFLAGS=-pthread

%install
%make_install
find %{buildroot} -type f -name "*.la" -delete -print
install -D -m 0644 contrib/resourcemgr.service %{buildroot}/%{_unitdir}/resourcemgr.service
sed -e 's#usr/local/sbin/#usr/sbin/#;' -i %{buildroot}/%{_unitdir}/resourcemgr.service
ln -sv %{_sbindir}/service %{buildroot}%{_sbindir}/rcresourcemgr
%define udev_rule_file 90-tpm.rules
install -D -m 0644 contrib/tpm-udev.rules %{buildroot}%{_udevrulesdir}/%{udev_rule_file}

%post -n libsapi0 -p /sbin/ldconfig
%postun -n libsapi0 -p /sbin/ldconfig
%post -n libtcti-device0 -p /sbin/ldconfig
%postun -n libtcti-device0 -p /sbin/ldconfig
%post -n libtcti-socket0 -p /sbin/ldconfig
%postun -n libtcti-socket0 -p /sbin/ldconfig

%pre
# the same user is employed by trousers:
#
# trousers just needs those accounts for dropping privileges to. The service
# starts as root and uses set*id to drop to tss, after the tpm device has been
# opened.
#
# resourcemgr has no set*id handling and thus requires /dev/tpm to be owned
# by the tss user. Therefore we also need to install a udev rule file.
#
# trousers was here first and created the user like this, also giving it a
# home in /var/lib/tpm. I don't think the home directory is used by any of
# both packages ATM. Trousers is keeping state there, but the directory is
# owned by root and files are opened before dropping privileges. The passwd
# entry seems not to be evaluated.
#
# so I guess we can share the account between the two packages for now.
%_bindir/getent group tss >/dev/null || %{_sbindir}/groupadd -g 98 tss
%_bindir/getent passwd tss >/dev/null || \
	%{_sbindir}/useradd -u 98 -o -g tss -s /bin/false -c "TSS daemon" \
	-d %{_localstatedir}/lib/tpm tss
%service_add_pre resourcemgr.service

%post
%service_add_post resourcemgr.service

%postun
%service_del_postun resourcemgr.service

%preun
%service_del_preun resourcemgr.service

%files
%defattr(-,root,root)
%doc *.md LICENSE
%{_sbindir}/resourcemgr
/%{_unitdir}/resourcemgr.service
%{_sbindir}/rcresourcemgr
%{_udevrulesdir}/%{udev_rule_file}

%files devel
%defattr(-,root,root)
%{_includedir}/tcti
%{_includedir}/sapi
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
##only available in static form
#%%{_libdir}/libtddl.a

%files -n libsapi0
%defattr(-,root,root)
%{_libdir}/libsapi.so.*

%files -n libtcti-device0
%defattr(-,root,root)
%{_libdir}/libtcti-device.so.*

%files -n libtcti-socket0
%defattr(-,root,root)
%{_libdir}/libtcti-socket.so.*

%changelog