From 2a08837f5e46ef7598abc45a21309477c935bc89b6728ea13f9c623399cc9513 Mon Sep 17 00:00:00 2001
From: Guillaume GARDET <guillaume.gardet@opensuse.org>
Date: Thu, 23 Mar 2023 09:27:14 +0000
Subject: [PATCH 1/2] Accepting request 1073923 from
 home:Guillaume_G:branches:security

- Update to 1.2.0-rc1
- Drop upstream patch:
  * 664.patch

OBS-URL: https://build.opensuse.org/request/show/1073923
OBS-URL: https://build.opensuse.org/package/show/security/parsec?expand=0&rev=41
---
 664.patch               | 45 -----------------------------------------
 _service                |  4 ++--
 parsec-1.1.0.tar.gz     |  3 ---
 parsec-1.2.0-rc1.tar.gz |  3 +++
 parsec.changes          |  7 +++++++
 parsec.spec             |  7 ++-----
 vendor.tar.xz           |  4 ++--
 7 files changed, 16 insertions(+), 57 deletions(-)
 delete mode 100644 664.patch
 delete mode 100644 parsec-1.1.0.tar.gz
 create mode 100644 parsec-1.2.0-rc1.tar.gz

diff --git a/664.patch b/664.patch
deleted file mode 100644
index 8d2834e..0000000
--- a/664.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 63a11e5f1f4d700230293cc736c6532ff032a49d Mon Sep 17 00:00:00 2001
-From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
-Date: Thu, 2 Mar 2023 09:24:14 +0000
-Subject: [PATCH] Update tss-esapi version
-
-The tmp2-tss version on meta-security has been updated to 4.0.1
-from 3.2.0. This is not compatible with the current tss-esapi crate.
-The newer version 7.2.0 of the crate is now available which
-resolves the issue.
-
-Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
-
-GuillaumeG: Drop Cargo.lock part since osc service already update it
----
- Cargo.lock           | 8 ++++----
- Cargo.toml           | 2 +-
- e2e_tests/Cargo.toml | 2 +-
- 3 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/Cargo.toml b/Cargo.toml
-index b6327dc8..87cc1a10 100644
---- a/Cargo.toml
-+++ b/Cargo.toml
-@@ -29,7 +29,7 @@ log = { version = "0.4.14", features = ["serde"] }
- cryptoki = { version = "0.3.0", optional = true, features = ["psa-crypto-conversions"] }
- picky-asn1-der = { version = "0.2.4", optional = true }
- picky-asn1 = { version = "0.3.0", optional = true }
--tss-esapi = { version = "7.1.0", optional = true }
-+tss-esapi = { version = "7.2.0", optional = true }
- bincode = "1.3.1"
- structopt = "0.3.21"
- derivative = "2.2.0"
-diff --git a/e2e_tests/Cargo.toml b/e2e_tests/Cargo.toml
-index 3302ce38..b895e84b 100644
---- a/e2e_tests/Cargo.toml
-+++ b/e2e_tests/Cargo.toml
-@@ -17,7 +17,7 @@ log = "0.4.14"
- rand = "0.7.3"
- env_logger = "0.8.3"
- stdext = "0.3.1"
--tss-esapi = { version = "7.1.0", optional = true }
-+tss-esapi = { version = "7.2.0", optional = true }
- 
- [dev-dependencies]
- ring = "0.16.20"
diff --git a/_service b/_service
index 48e502d..bd85fd4 100644
--- a/_service
+++ b/_service
@@ -1,10 +1,10 @@
 <services>
   <service name="cargo_vendor" mode="disabled">
     <param name="compression">xz</param>
-    <param name="srcdir">parsec-1.1.0</param>
+    <param name="srcdir">parsec-1.2.0-rc1</param>
     <param name="update">true</param>
   </service>
   <service name="cargo_audit" mode="disabled">
-     <param name="srcdir">parsec-1.1.0</param>
+     <param name="srcdir">parsec-1.2.0-rc1</param>
   </service>
 </services>
diff --git a/parsec-1.1.0.tar.gz b/parsec-1.1.0.tar.gz
deleted file mode 100644
index 23f2dd2..0000000
--- a/parsec-1.1.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:198ac34379ea2676696566d625ac807cfc9be7d44bdc0f68790470ffabe83693
-size 918574
diff --git a/parsec-1.2.0-rc1.tar.gz b/parsec-1.2.0-rc1.tar.gz
new file mode 100644
index 0000000..3541cc6
--- /dev/null
+++ b/parsec-1.2.0-rc1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a2de11c8cfd40b884f699f67be1dcabc1976a529885fc9837d9b059ef0785c8a
+size 922759
diff --git a/parsec.changes b/parsec.changes
index c4f4981..bbaf32e 100644
--- a/parsec.changes
+++ b/parsec.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Mar 23 09:01:01 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Update to 1.2.0-rc1
+- Drop upstream patch:
+  * 664.patch
+
 -------------------------------------------------------------------
 Wed Mar 15 07:27:47 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
 
diff --git a/parsec.spec b/parsec.spec
index a3613d6..7a1c4b4 100644
--- a/parsec.spec
+++ b/parsec.spec
@@ -17,11 +17,11 @@
 
 
 %global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
-%define archive_version 1.1.0
+%define archive_version 1.2.0-rc1
 
 %{?systemd_ordering}
 Name:           parsec
-Version:        1.1.0
+Version:        1.2.0~rc1
 Release:        0
 Summary:        Platform AbstRaction for SECurity
 License:        Apache-2.0
@@ -34,8 +34,6 @@ Source4:        config.toml
 Source5:        parsec.conf
 Source6:        system-user-parsec.conf
 Source10:       https://git.trustedfirmware.org/TS/trusted-services.git/snapshot/trusted-services-389b506.tar.gz
-# PATCH-FIX-UPSTREAM - https://github.com/parallaxsecond/parsec/pull/664
-Patch1:         664.patch
 BuildRequires:  cargo
 BuildRequires:  clang-devel
 BuildRequires:  cmake
@@ -71,7 +69,6 @@ enabling cloud-native delivery flows within the data center and at the edge.
 
 %prep
 %setup -q -a1 -a10 -n parsec-%{archive_version}
-%patch1 -p1
 rmdir trusted-services-vendor
 mv trusted-services-389b506 trusted-services-vendor
 rm -rf .cargo && mkdir .cargo
diff --git a/vendor.tar.xz b/vendor.tar.xz
index fb522ff..1e5d271 100644
--- a/vendor.tar.xz
+++ b/vendor.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:65a690914e0071eb0244df867f94d049b839c80817d6aa2dd32b06dc2c84fa02
-size 46665220
+oid sha256:45181c399ab43b49d54e5304327dbcfbfa8c3607dfa5ce77fd675fe0ef2122e1
+size 47082872

From e657aa794ac6606df164c4fde7d7643e6d002bf87daefd52620b8faa9a8b7464 Mon Sep 17 00:00:00 2001
From: Guillaume GARDET <guillaume.gardet@opensuse.org>
Date: Tue, 28 Mar 2023 13:00:46 +0000
Subject: [PATCH 2/2] Accepting request 1075017 from
 home:Guillaume_G:branches:security

- Disable jwt-svid-authenticator (SPIFFE) until fixed upstream
  with gcc13 - https://github.com/parallaxsecond/parsec/issues/672

OBS-URL: https://build.opensuse.org/request/show/1075017
OBS-URL: https://build.opensuse.org/package/show/security/parsec?expand=0&rev=42
---
 parsec.changes | 6 ++++++
 parsec.spec    | 6 +++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/parsec.changes b/parsec.changes
index bbaf32e..d6fd5dc 100644
--- a/parsec.changes
+++ b/parsec.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Mar 27 09:55:24 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Disable jwt-svid-authenticator (SPIFFE) until fixed upstream
+  with gcc13 - https://github.com/parallaxsecond/parsec/issues/672
+
 -------------------------------------------------------------------
 Thu Mar 23 09:01:01 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
 
diff --git a/parsec.spec b/parsec.spec
index 7a1c4b4..b135304 100644
--- a/parsec.spec
+++ b/parsec.spec
@@ -75,9 +75,13 @@ rm -rf .cargo && mkdir .cargo
 cp %{SOURCE2} .cargo/config
 # Enable all providers
 sed -i -e 's#default = \["unix-peer-credentials-authenticator"\]##' Cargo.toml
-# Features available in 1.0.0:
+# Features available in 1.2.0-rc1:
 # all-providers = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "trusted-service-provider"]
 # all-authenticators = ["direct-authenticator", "unix-peer-credentials-authenticator", "jwt-svid-authenticator"]
+%if 0%{?suse_version} > 1550
+# But disable "jwt-svid-authenticator"/SPIFFE with gcc13 until build fixed upstream - https://github.com/parallaxsecond/parsec/issues/672
+sed -i -e 's#all-authenticators = \["direct-authenticator", "unix-peer-credentials-authenticator", "jwt-svid-authenticator"\]#all-authenticators = \["direct-authenticator", "unix-peer-credentials-authenticator"\]#' Cargo.toml
+%endif
 # But disable "trusted-service-provider" until we have a trusted-services package
 echo 'default = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "all-authenticators"]' >> Cargo.toml