From 5b483f1a2294479a27258dd1926978a1328b8c9d Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar Date: Mar 18 2020 21:24:22 +0000 Subject: trousers: Rebase to 0.3.14 release Signed-off-by: Jerry Snitselaar --- diff --git a/.gitignore b/.gitignore index 1440662..fead07e 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ trousers-0.3.4.tar.gz /trousers-0.3.10.tar.gz /trousers-0.3.11.2.tar.gz /trousers-0.3.13.tar.gz +/trousers-0.3.14.tar.gz diff --git a/sources b/sources index 8ed3284..3289f69 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -562bb3d178ca91177aa2f6c2c1a83269 trousers-0.3.13.tar.gz +4a476b4f036dd20a764fb54fc24edbec trousers-0.3.14.tar.gz diff --git a/trousers-0.3.14-double-free.patch b/trousers-0.3.14-double-free.patch new file mode 100644 index 0000000..ef7a36a --- /dev/null +++ b/trousers-0.3.14-double-free.patch @@ -0,0 +1,27 @@ +diff -ur trousers-0.3.14/src/tspi/tsp_auth.c trousers-0.3.14-new/src/tspi/tsp_auth.c +--- trousers-0.3.14/src/tspi/tsp_auth.c 2014-07-23 12:42:45.000000000 -0700 ++++ trousers-0.3.14-new/src/tspi/tsp_auth.c 2019-05-27 13:41:57.316000945 -0700 +@@ -1221,7 +1221,7 @@ + } + + *handles = handle; +- handles_track = handles; ++ handles_track = handles; + + // Since the call tree of this function can possibly alloc memory + // (check RPC_ExecuteTransport_TP function), its better to keep track of +@@ -1229,9 +1229,11 @@ + result = obj_context_transport_execute(tspContext, TPM_ORD_Terminate_Handle, 0, NULL, + NULL, &handlesLen, &handles, NULL, NULL, NULL, NULL); + +- free(handles); +- handles = NULL; +- free(handles_track); ++ if (handles != handles_track) { ++ free(handles); ++ } ++ ++ free(handles_track); + + return result; + } diff --git a/trousers-0.3.14-fix-indent-obj_policy.patch b/trousers-0.3.14-fix-indent-obj_policy.patch new file mode 100644 index 0000000..af53ee4 --- /dev/null +++ b/trousers-0.3.14-fix-indent-obj_policy.patch @@ -0,0 +1,12 @@ +diff -ur trousers-0.3.14/src/tspi/obj_policy.c trousers-0.3.14-new/src/tspi/obj_policy.c +--- trousers-0.3.14/src/tspi/obj_policy.c 2014-07-23 12:42:44.000000000 -0700 ++++ trousers-0.3.14-new/src/tspi/obj_policy.c 2019-05-27 13:29:56.720899059 -0700 +@@ -984,7 +984,7 @@ + policy->popupString, + policy->Secret))) + goto done; +- policy->SecretSet = TRUE; ++ policy->SecretSet = TRUE; + } + memcpy(secret, policy->Secret, TPM_SHA1_160_HASH_LEN); + *mode = policy->SecretMode; diff --git a/trousers-0.3.14-fix-indent-tspi_key.patch b/trousers-0.3.14-fix-indent-tspi_key.patch new file mode 100644 index 0000000..9278fc8 --- /dev/null +++ b/trousers-0.3.14-fix-indent-tspi_key.patch @@ -0,0 +1,18 @@ +diff -ur trousers-0.3.14/src/tspi/tspi_key.c trousers-0.3.14-new/src/tspi/tspi_key.c +--- trousers-0.3.14/src/tspi/tspi_key.c 2014-07-23 12:42:45.000000000 -0700 ++++ trousers-0.3.14-new/src/tspi/tspi_key.c 2019-05-27 13:44:42.366735438 -0700 +@@ -370,10 +370,10 @@ + /* get the key to be wrapped's private key */ + if ((result = obj_rsakey_get_priv_blob(hKey, &keyPrivBlobLen, &keyPrivBlob))) + goto done; +- /* verify if its under the maximum size, according to the +- * TPM_STORE_ASYMKEY specification */ +- if (keyPrivBlobLen > TPM_STORE_PRIVKEY_LEN) +- return TSPERR(TSS_E_ENC_INVALID_LENGTH); ++ /* verify if its under the maximum size, according to the ++ * TPM_STORE_ASYMKEY specification */ ++ if (keyPrivBlobLen > TPM_STORE_PRIVKEY_LEN) ++ return TSPERR(TSS_E_ENC_INVALID_LENGTH); + + /* get the key to be wrapped's blob */ + if ((result = obj_rsakey_get_blob(hKey, &keyBlobLen, &keyBlob))) diff --git a/trousers-0.3.14-noinline.patch b/trousers-0.3.14-noinline.patch new file mode 100644 index 0000000..2880bb3 --- /dev/null +++ b/trousers-0.3.14-noinline.patch @@ -0,0 +1,14 @@ +diff -ur a/src/include/tspps.h b/src/include/tspps.h +--- a/src/include/tspps.h 2014-07-23 12:42:44.000000000 -0700 ++++ b/src/include/tspps.h 2018-08-01 19:33:42.454192873 -0700 +@@ -18,8 +18,8 @@ + + TSS_RESULT get_file(int *); + int put_file(int); +-inline TSS_RESULT read_data(int, void *, UINT32); +-inline TSS_RESULT write_data(int, void *, UINT32); ++TSS_RESULT read_data(int, void *, UINT32); ++TSS_RESULT write_data(int, void *, UINT32); + UINT32 psfile_get_num_keys(int); + TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *); + TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *); diff --git a/trousers-0.3.14-tcsd-header-fix.patch b/trousers-0.3.14-tcsd-header-fix.patch new file mode 100644 index 0000000..b5b3f3b --- /dev/null +++ b/trousers-0.3.14-tcsd-header-fix.patch @@ -0,0 +1,37 @@ +From b692f86a93c8f7e6ac938277a9aec434b02c252b Mon Sep 17 00:00:00 2001 +From: Jerry Snitselaar +Date: Wed, 18 Mar 2020 13:35:22 -0700 +Subject: [PATCH] trousers: resolve build failure + +The global variables tcsd_sa_chld and tcsd_sa_int in tcsd.h are +causing build failures in latest Fedora release: + +/usr/bin/ld: ../../src/tcs/libtcs.a(libtcs_a-tcsi_changeauth.o):/builddir/build/BUILD/trousers-0.3.13/src/tcs/../include/tcsd.h:169: multiple definition of `tcsd_sa_chld'; tcsd-svrside.o:/builddir/build/BUILD/trousers-0.3.13/src/tcsd/../../src/include/tcsd.h:169: first defined here +/usr/bin/ld: ../../src/tcs/libtcs.a(libtcs_a-tcsi_changeauth.o):/builddir/build/BUILD/trousers-0.3.13/src/tcs/../include/tcsd.h:168: multiple definition of `tcsd_sa_int'; tcsd-svrside.o:/builddir/build/BUILD/trousers-0.3.13/src/tcsd/../../src/include/tcsd.h:168: first defined here + +They are no longer used since 9b40e581470b ("Improved daemon's signal +handling") so just remove them. + +Signed-off-by: Jerry Snitselaar +--- + src/include/tcsd.h | 6 ------ + 1 file changed, 6 deletions(-) + +diff --git a/src/include/tcsd.h b/src/include/tcsd.h +index 5b9462b85ed6..f5c286e01c86 100644 +--- a/src/include/tcsd.h ++++ b/src/include/tcsd.h +@@ -164,10 +164,4 @@ TSS_RESULT tcsd_thread_create(int, char *); + void *tcsd_thread_run(void *); + void thread_signal_init(); + +-/* signal handling */ +-#ifndef __APPLE__ +-struct sigaction tcsd_sa_int; +-struct sigaction tcsd_sa_chld; +-#endif +- + #endif +-- +2.24.0 + diff --git a/trousers-0.3.14-unlock-in-err-path.patch b/trousers-0.3.14-unlock-in-err-path.patch new file mode 100644 index 0000000..d4f7540 --- /dev/null +++ b/trousers-0.3.14-unlock-in-err-path.patch @@ -0,0 +1,11 @@ +diff -ur a/src/tspi/obj_context.c b/src/tspi/obj_context.c +--- a/src/tspi/obj_context.c 2014-11-03 12:31:55.000000000 -0700 ++++ b/src/tspi/obj_context.c 2018-08-10 11:02:02.246962638 -0700 +@@ -276,6 +276,7 @@ + context->machineName = (BYTE *)calloc(1, len); + if (context->machineName == NULL) { + LogError("malloc of %u bytes failed.", len); ++ obj_list_put(&context_list); + return TSPERR(TSS_E_OUTOFMEMORY); + } + memcpy(context->machineName, name, len); diff --git a/trousers.spec b/trousers.spec index 2292bef..c52a6e9 100644 --- a/trousers.spec +++ b/trousers.spec @@ -1,14 +1,19 @@ Name: trousers Summary: TCG's Software Stack v1.2 -Version: 0.3.13 -Release: 14%{?dist} +Version: 0.3.14 +Release: 1%{?dist} License: BSD Url: http://trousers.sourceforge.net Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz Source1: tcsd.service -Patch1: trousers-0.3.13-noinline.patch -Patch2: trousers-openssl1.1.patch +Patch1: trousers-0.3.14-noinline.patch +# submitted upstream +Patch2: trousers-0.3.14-unlock-in-err-path.patch +Patch3: trousers-0.3.14-fix-indent-obj_policy.patch +Patch4: trousers-0.3.14-double-free.patch +Patch5: trousers-0.3.14-fix-indent-tspi_key.patch +Patch6: trousers-0.3.14-tcsd-header-fix.patch BuildRequires: libtool, openssl-devel BuildRequires: systemd @@ -52,9 +57,13 @@ Header files and man pages for use in creating Trusted Computing enabled applications. %prep -%setup -q +%setup -cq %patch1 -p1 -b .noinline -%patch2 -p1 -b .ssl1.1 +%patch2 -p1 -b .unlock +%patch3 -p1 -b .indent_obj_policy +%patch4 -p1 -b .double_free +%patch5 -p1 -b .indent_tspi_key +%patch6 -p1 -b .header # fix man page paths sed -i -e 's|/var/tpm|/var/lib/tpm|g' -e 's|/usr/local/var|/var|g' man/man5/tcsd.conf.5.in man/man8/tcsd.8.in @@ -114,6 +123,9 @@ exit 0 %{_libdir}/libtddl.a %changelog +* Wed Mar 18 2020 Jerry Snitselaar - 0.3.14-1 +- Rebase to 0.3.14 release + * Fri Jan 31 2020 Fedora Release Engineering - 0.3.13-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild