commit tpm2.0-tools for openSUSE:Factory

6 Jul 2018

Hello community,

here is the log from the commit of package tpm2.0-tools for openSUSE:Factory checked in at 2018-07-06 10:41:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tpm2.0-tools (Old)
 and      /work/SRC/openSUSE:Factory/.tpm2.0-tools.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "tpm2.0-tools"

Fri Jul  6 10:41:14 2018 rev:14 rq:620445 version:3.1.0

Changes:
--------

--- /work/SRC/openSUSE:Factory/tpm2.0-tools/tpm2.0-tools.changes	2018-06-08 23:14:11.234833892 +0200
+++ /work/SRC/openSUSE:Factory/.tpm2.0-tools.new/tpm2.0-tools.changes	2018-07-06 10:41:22.275299313 +0200
@@ -1,0 +2,107 @@
+Fri Jun 29 12:03:48 UTC 2018 - matthias.gerstner@suse.com
+
+- update to major version 3.1.0:
+  - the tpm2 stack introduces an incompatible ABI to the previous version with
+    this update. There is no compatibility layer, libraries have new names
+  - install-man.patch: dropped, because we don't really need it
+  - tpm2.0-tools-fix-hardening.patch: contained in upstream tarball now
+s etc.
+  - upstream changelog:
+    * tpm2_unseal: -P becomes -p
+    * tpm2_sign: -P becomes -p
+    * tpm2_nvreadlock: long form for -P is now --auth-hierarchy
+    * tpm2_rsadecrypt: -P becomes -p
+    * tpm2_nvrelease: long-form of -P becomes --auth-hierarchy
+    * tpm2_nvdefine: -I becomes -p
+    * tpm2_encryptdecrypt: -P becomes -p
+    * tpm2_dictionarylockout: -P becomes -p
+    * tpm2_createprimary: -K becomes -p
+    * tpm2_createak: -E becomes -e
+    * tpm2_certify: -k becomes -p
+    * tpm2_hash: -g changes to -G
+    * tpm2_encryptdecrypt: Support IVs via -i and algorithm modes via -G.
+    * tpm2_hmac: drop -g, just use the algorithm associated with the object.
+    * tpm2_getmanufec: -g changes to -G
+    * tpm2_createek: -g changes to -G
+    * tpm2_createak: -g changes to -G
+    * tpm2_verifysignature: -g becomes -G
+    * tpm2_sign: -g becomes -G
+    * tpm2_import: support specifying parent key with a context file,
+      --parent-key-handle/-H becomes --parent-key/-C
+    * tpm2_nvwrite and tpm2_nvread: when -P is "index" -a is optional and defaults to
+      the NV_INDEX value passed to -x.
+    * Load TCTI's by SONAME, not raw .so file
+    * tpm2_activatecredential: -e becomes -E
+    * tpm2_activatecredential: -e becomes -E
+    * tpm2_certify: -c and -C are swapped, -k becomes -K
+    * tpm2_createprimary: -K becomes -k
+    * tpm2_encryptdecrypt: supports input and output to stdin and stdout respectively.
+    * tpm2_create: -g/-G become optional options.
+    * tpm2_createprimary: -g/-G become optional options.
+    * tpm2_verifysignature - Option `-r` changes to `-f` and supports signature format "rsa".
+    * tpm2_import - Parent public data option, `-K` is optional.
+    * tpm2_import - Supports importing external RSA 2048 keys via pem files.
+    * tpm2_pcrlist: Option `--algorithm` changes to `--halg`, which is in line with other tools.
+    * tpm2_verifysignature: Option `-r` and `--raw` have been removed. This were unused within the tool.
+    * tpm2_hmac: Option `--algorithm` changes to `--halg`, which is in line with the manpage.
+    * tpm2_makecredential: Option `--sec` changes to `--secret`.
+    * tpm2_activatecredential: Option `--Password` changes to `--auth-key`.
+    * system tests are now run with make check when --enable-unit is used in configure.
+    * tpm2_unseal: Option `--pwdk` changes to `--auth-key`.
+    * tpm2_sign: Option `--pwdk` changes to `--auth-key`.
+    * tpm2_rsadecrypt: Option `--pwdk` changes to `--auth-key`.
+    * tpm2_quote: Option `--ak-passwd` changes to `--auth-ak`
+    * tpm2_pcrevent: Option `--passwd` changes to `--auth-pcr`
+    * tpm2_nvwrite: Options `--authhandle` and `--handle-passwd`
+      changes to `--hierarchy` and `--auth-hierarchy` respectively.
+    * tpm2_nvread: Options `--authhandle` and `--handle-passwd`
+      changes to `--hierarchy` and `--auth-hierarchy` respectively.
+    * tpm2_nvdefine: Options `--authhandle`, `--handle-passwd` and `--index-passwd`
+      changes to `--hierarchy`, `--auth-hierarchy` and `--auth-index`
+      respectively.
+    * tpm2_loadexternal: `-H` changes to `-a` for specifying hierarchy.
+    * tpm2_load: Option `--pwdp` changes to `--auth-parent`.
+    * tpm2_hmac: Option `--pwdk` changes to `--auth-key`.
+    * tpm2_hash: `-H` changes to `-a` for specifying hierarchy.
+    * tpm2_getmanufec: Options `--owner-passwd`, `--endorse-passwd`
+    * and `--ek-passwd`change to `--auth-owner`, `--auth-endorse`
+      and `--auth-ek` respectively.
+    * tpm2_evictcontrol: Option group `-A` and `--auth` changes to `-a` and `--hierarchy`
+      Option `--pwda` changes to `--auth-hierarchy`
+    * tpm2_encryptdecrypt: Option `--pwdk` changes to `--auth-key`.
+    * tpm2_dictionarylockout: Option `--lockout-passwd` changes to `--auth-lockout`
+    * tpm2_createprimary: Options `--pwdp` and `--pwdk` change to
+      `--auth-hierarchy` and `--auth-object` respectively.
+    * tpm2_createek: Options `--owner-passwd`, `--endorse-passwd`
+    * and `--ek-passwd`change to `--auth-owner`, `--auth-endorse`
+      and `--auth-ek` respectively.
+    * tpm2_createak: Options `--owner-passwd`, `--endorse-passwd`
+    * and `--ak-passwd`change to `--auth-owner`, `--auth-endorse`
+      and `--auth-ak` respectively.
+    * tpm2_create: Options `--pwdo` and `--pwdk` change to `--auth-object` and
+      `--auth-key` respectively.
+    * tpm2_clearlock: Option `--lockout-passwd` changes to `--auth-lockout`
+    * tpm2_clear: Option `--lockout-passwd` changes to `--auth-lockout`
+    * tpm2_changeauth: Options, `--old-owner-passwd`, `--old-endorse-passwd`,
+      and `--old-lockout-passwd` go to `--old-auth-owner`, `--old-auth-endorse`,
+      and `--old-auth-lockout` respectively.
+    * tpm2_certify: Options `--pwdo` and `--pwdk` change to `--auth-object` and
+      `--auth-key` respectively.
+    * tpm2_createprimary: `-H` changes to `-a` for specifying hierarchy.
+    * tpm2_createak: support for non-persistent AK generation.
+    * tpm2_createek: support for non-persistent EK generation.
+    * tpm2_getpubak renamed to tpm2_createak, -f becomes -p and -f is used for format of public key
+      output.
+    * tpm2_getpubek renamed to tpm2_createek, -f becomes -p and -f is used for format of public key
+      output.
+    * Libre SSL builds fixed.
+    * Dynamic TCTIS. Support for pluggable TCTI modules via the -T or --tcti options.
+    * tpm2_sign: supports signing a pre-computed hash via -D
+    * tpm2_clearlock: tool added
+    * test: system testing scripts moved into subordinate test directory.
+    * fix a buffer overflow in nvread/write tools.
+    * configure: enable code coverage option.
+    * tpm2_takeownership: split into tpm2_clear and tpm2_changeauth
+    * env: add TPM2TOOLS_ENABLE_ERRATA to control the -Z or errata option.
+
+-------------------------------------------------------------------

Old:
----
  install-man.patch
  tpm2-tools-3.0.4.tar.gz
  tpm2.0-tools-fix-hardening.patch

New:
----
  tpm2-tools-3.1.0.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tpm2.0-tools.spec ++++++
--- /var/tmp/diff_new_pack.csVce1/_old	2018-07-06 10:41:24.711296415 +0200
+++ /var/tmp/diff_new_pack.csVce1/_new	2018-07-06 10:41:24.711296415 +0200
@@ -17,15 +17,13 @@
 
 
 Name:           tpm2.0-tools
-Version:        3.0.4
+Version:        3.1.0
 Release:        0
 Summary:        Trusted Platform Module (TPM) 2.0 administration tools
 License:        BSD-3-Clause
 Group:          Productivity/Security
 Url:            https://github.com/tpm2-software/tpm2-tools/releases
 Source0:        https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/tpm2-tools-%{version}.tar.gz
-Patch0:         tpm2.0-tools-fix-hardening.patch
-Patch1:         install-man.patch
 BuildRequires:  autoconf-archive
 BuildRequires:  automake
 BuildRequires:  gcc-c++
@@ -41,6 +39,10 @@
 # don't need to generate them any more. On openSUSE we can still keep this
 # dependency for having fresh builds of the man pages (if that helps
 # anything?).
+#
+# Update: In the 3.1.0 a required patch is still missing and the man pages
+# won't be installed. they're shipped, though. so if pandoc isn't installed we
+# need to install them explicitly.
 BuildRequires:  pandoc
 %endif
 BuildRequires:  pkgconfig
@@ -59,13 +61,8 @@
 
 %prep
 %setup -q -n tpm2-tools-%{version}
-%patch0 -p1
-%patch1 -p1
 
 %build
-# patch1 (install-man) requires to run autoreconf ATM, because it modifies
-# Makefile.am. This can be dropped with the next release containing the fix.
-autoreconf
 %configure --disable-static
 make %{?_smp_mflags}
 
@@ -75,6 +72,12 @@
 %install
 make DESTDIR=%{buildroot} install %{?_smp_mflags}
 find %{buildroot} -type f -name "*.la" -delete -print
+%if ! 0%{?is_opensuse}
+# install man pages explicitly, until upstream fixes their installation
+# setup in autotools, see commit 72a28f36151db9bfa59a460ae0114dcece218862
+mkdir -p %{buildroot}/%{_mandir}/man1/
+cp %{_builddir}/tpm2-tools-%{version}/man/man1/* %{buildroot}/%{_mandir}/man1/
+%endif
 
 %files
 %defattr(-,root,root)

++++++ tpm2-tools-3.0.4.tar.gz -> tpm2-tools-3.1.0.tar.gz ++++++
++++ 23542 lines of diff (skipped)

    