mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-09-20 04:19:00 +02:00
Merge pull request #266568 from nbdd0121/tpm2
tpm2-pkcs11: 1.8.0 -> 1.9.0
This commit is contained in:
commit
71dbd20e29
|
@ -1,13 +0,0 @@
|
|||
diff --git a/configure.ac b/configure.ac
|
||||
index e861e42..018c19c 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -26,7 +26,7 @@
|
||||
#;**********************************************************************;
|
||||
|
||||
AC_INIT([tpm2-pkcs11],
|
||||
- [m4_esyscmd_s([git describe --tags --always --dirty])],
|
||||
+ [git-@VERSION@],
|
||||
[https://github.com/tpm2-software/tpm2-pkcs11/issues],
|
||||
[],
|
||||
[https://github.com/tpm2-software/tpm2-pkcs11])
|
|
@ -2,32 +2,38 @@
|
|||
, pkg-config, autoreconfHook, autoconf-archive, makeWrapper, patchelf
|
||||
, tpm2-tss, tpm2-tools, opensc, openssl, sqlite, python3, glibc, libyaml
|
||||
, abrmdSupport ? true, tpm2-abrmd ? null
|
||||
, fapiSupport ? true
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "tpm2-pkcs11";
|
||||
version = "1.8.0";
|
||||
version = "1.9.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "tpm2-software";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-f5wi0nIM071yaQCwPkY1agKc7OEQa/IxHJc4V2i0Q9I=";
|
||||
sha256 = "sha256-SoHtgZRIYNJg4/w1MIocZAM26mkrM+UOQ+RKCh6nwCk=";
|
||||
};
|
||||
|
||||
patches = lib.singleton (
|
||||
substituteAll {
|
||||
src = ./0001-configure-ac-version.patch;
|
||||
VERSION = version;
|
||||
});
|
||||
patches = [
|
||||
./version.patch
|
||||
./graceful-fapi-fail.patch
|
||||
];
|
||||
|
||||
# The preConfigure phase doesn't seem to be working here
|
||||
# ./bootstrap MUST be executed as the first step, before all
|
||||
# of the autoreconfHook stuff
|
||||
postPatch = ''
|
||||
echo ${version} > VERSION
|
||||
./bootstrap
|
||||
'';
|
||||
|
||||
configureFlags = lib.optionals (!fapiSupport) [
|
||||
# Note: this will be renamed to with-fapi in next release.
|
||||
"--enable-fapi=no"
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config autoreconfHook autoconf-archive makeWrapper patchelf
|
||||
];
|
||||
|
|
51
pkgs/misc/tpm2-pkcs11/graceful-fapi-fail.patch
Normal file
51
pkgs/misc/tpm2-pkcs11/graceful-fapi-fail.patch
Normal file
|
@ -0,0 +1,51 @@
|
|||
From 2e3e3c0b0f4e0c19e411fd46358930bf158ad3f5 Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan McDowell <noodles@earth.li>
|
||||
Date: Wed, 1 Feb 2023 09:29:58 +0000
|
||||
Subject: [PATCH] Gracefully fail FAPI init when it's not compiled in
|
||||
|
||||
Instead of emitting:
|
||||
|
||||
WARNING: Getting tokens from fapi backend failed.
|
||||
|
||||
errors when FAPI support is not compiled in gracefully fail the FAPI
|
||||
init and don't log any warnings. We'll still produce a message
|
||||
indicating this is what's happened in verbose mode, but normal operation
|
||||
no longer gets an unnecessary message.
|
||||
|
||||
Fixes #792
|
||||
|
||||
Signed-off-by: Jonathan McDowell <noodles@earth.li>
|
||||
---
|
||||
src/lib/backend.c | 4 +++-
|
||||
src/lib/backend_fapi.c | 3 ++-
|
||||
2 files changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/lib/backend.c b/src/lib/backend.c
|
||||
index ca5e2ccf..128f58b9 100644
|
||||
--- a/src/lib/backend.c
|
||||
+++ b/src/lib/backend.c
|
||||
@@ -53,7 +53,9 @@ CK_RV backend_init(void) {
|
||||
LOGE(msg);
|
||||
return rv;
|
||||
}
|
||||
- LOGW(msg);
|
||||
+ if (rv != CKR_FUNCTION_NOT_SUPPORTED) {
|
||||
+ LOGW(msg);
|
||||
+ }
|
||||
} else {
|
||||
fapi_init = true;
|
||||
}
|
||||
diff --git a/src/lib/backend_fapi.c b/src/lib/backend_fapi.c
|
||||
index fe594f0e..3a203632 100644
|
||||
--- a/src/lib/backend_fapi.c
|
||||
+++ b/src/lib/backend_fapi.c
|
||||
@@ -977,7 +977,8 @@ CK_RV backend_fapi_token_changeauth(token *tok, bool user, twist toldpin, twist
|
||||
|
||||
CK_RV backend_fapi_init(void) {
|
||||
|
||||
- return CKR_OK;
|
||||
+ LOGV("FAPI not enabled, failing init");
|
||||
+ return CKR_FUNCTION_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
CK_RV backend_fapi_destroy(void) {
|
10
pkgs/misc/tpm2-pkcs11/version.patch
Normal file
10
pkgs/misc/tpm2-pkcs11/version.patch
Normal file
|
@ -0,0 +1,10 @@
|
|||
--- a/bootstrap
|
||||
+++ b/bootstrap
|
||||
@@ -4,7 +4,6 @@
|
||||
|
||||
# Generate a VERSION file that is included in the dist tarball to avoid needed git
|
||||
# when calling autoreconf in a release tarball.
|
||||
-git describe --tags --always --dirty > VERSION
|
||||
|
||||
# generate list of source files for use in Makefile.am
|
||||
# if you add new source files, you must run ./bootstrap again
|
Loading…
Reference in a new issue