Another build of v0.5.1 after more fixes

Fixed /var/lib/swtpm-localca mode flags and ownership

.gitignore

@@ -9,3 +9,10 @@
 /swtpm-374b669.tar.gz
 /swtpm-f0b4137.tar.gz
 /swtpm-13536aa.tar.gz
+/swtpm-9227cf4.tar.gz
+/swtpm-8dae4b3.tar.gz
+/swtpm-80f0418.tar.gz
+/swtpm-0c238a2.tar.gz
+/swtpm-b931e10.tar.gz
+/swtpm-390f5bd.tar.gz
+/swtpm-96f5a04.tar.gz

sources

@@ -1,2 +1 @@
-SHA512 (swtpm.spec) = 893322eda4ab47be4a21682941a552c5361e732ee499c4e94c1a54d8602d3d35e91ab56d71a7ef3c24f2f5f1c31aeff36d662a03c0ddde8cec8f81f2ff8d23b6
-SHA512 (swtpm-13536aa.tar.gz) = aad9746266a8a38d415431045aaf6b1d8b0d4e1890efa048d6cbaba095bba807cb55ea2b705904058ab2fb9b89fd2d168c042f976abe6b11e8e9e18c91981a58
+SHA512 (swtpm-96f5a04.tar.gz) = 7d33756ea8109e0ca61400cac7a80de5d2614ba3b89108df445aa5a23b5b854299dd5daaa4426737065b27da2c144e38355e1ce1e92667134562156977b0e924

swtpm.spec

@@ -1,7 +1,7 @@
 %bcond_without gnutls
 
-%global gitdate     20190801
-%global gitcommit   13536aa01cb0d8b00b0f22e9274e7b494f10ff85
+%global gitdate     20201117
+%global gitcommit   96f5a04c3d6cc0a8604f311df246b872a93a70e4
 %global gitshortcommit  %(c=%{gitcommit}; echo ${c:0:7})
 
 # Macros needed by SELinux
@@ -11,8 +11,8 @@
 
 Summary: TPM Emulator
 Name:           swtpm
-Version:        0.2.0
-Release:        3.%{gitdate}git%{gitshortcommit}%{?dist}
+Version:        0.5.1
+Release:        2.%{gitdate}git%{gitshortcommit}%{?dist}
 License:        BSD
 Url:            http://github.com/stefanberger/swtpm
 Source0:        %{url}/archive/%{gitcommit}/%{name}-%{gitshortcommit}.tar.gz
@@ -21,16 +21,17 @@ BuildRequires:  automake
 BuildRequires:  autoconf
 BuildRequires:  libtool
 BuildRequires:  libtpms-devel >= 0.6.0
-BuildRequires:  glib2-devel
-BuildRequires:  gmp-devel
 BuildRequires:  expect
 BuildRequires:  net-tools
 BuildRequires:  openssl-devel
 BuildRequires:  socat
 BuildRequires:  python3
+BuildRequires:  python3-devel
+BuildRequires:  python3-cryptography
+BuildRequires:  python3-pip
+BuildRequires:  python3-setuptools
 BuildRequires:  python3-twisted
 BuildRequires:  trousers >= 0.3.9
-BuildRequires:  tpm-tools >= 1.3.8-6
 BuildRequires:  softhsm
 %if %{with gnutls}
 BuildRequires:  gnutls >= 3.1.0
@@ -69,7 +70,8 @@ Include files for the TPM emulator's CUSE interface.
 Summary:        Tools for the TPM emulator
 License:        BSD
 Requires:       swtpm = %{version}-%{release}
-Requires:       trousers >= 0.3.9 tpm-tools >= 1.3.8-6 expect bash net-tools gnutls-utils
+# trousers: for tss account
+Requires:       trousers >= 0.3.9 bash gnutls-utils python3 python3-cryptography
 
 %description    tools
 Tools for the TPM emulator from the swtpm package
@@ -103,6 +105,7 @@ for pp in /usr/share/selinux/packages/swtpm.pp \
           /usr/share/selinux/packages/swtpm_svirt.pp; do
   %selinux_modules_install -s %{selinuxtype} ${pp}
 done
+restorecon %{_bindir}/swtpm
 
 %postun
 if [ $1 -eq  0 ]; then
@@ -145,7 +148,6 @@ fi
 %{_bindir}/swtpm_cert
 %endif
 %{_bindir}/swtpm_setup
-%{_bindir}/swtpm_setup.sh
 %{_bindir}/swtpm_ioctl
 %{_mandir}/man8/swtpm_bios.8*
 %{_mandir}/man8/swtpm_cert.8*
@@ -161,10 +163,40 @@ fi
 %config(noreplace) %{_sysconfdir}/swtpm-localca.conf
 %dir %{_datadir}/swtpm
 %{_datadir}/swtpm/swtpm-localca
-%attr( 755, tss, tss) %{_localstatedir}/lib/swtpm-localca
+%{_datadir}/swtpm/swtpm-create-user-config-files
+%{python3_sitelib}/py_swtpm_setup/*
+%{python3_sitelib}/swtpm_setup-*/*
+%{python3_sitelib}/py_swtpm_localca/*
+%{python3_sitelib}/swtpm_localca-*/*
+%attr( 750, tss, root) %{_localstatedir}/lib/swtpm-localca
 
 %changelog
-* Fri Aug 01 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-3.20190801git13536aa
+* Tue Nov 13 2020 Stefan Berger <stefanb@linux.ibm.com> - 0.5.1-2.20201117git96f5a04c
+- Another build of v0.5.1 after more fixes
+
+* Fri Nov 13 2020 Stefan Berger <stefanb@linux.ibm.com> - 0.5.1-1.20201113git390f5bd4
+- Update to v0.5.1 addressing potential symlink attack issue (CVE-2020-28407)
+
+* Wed Oct 7 2020 Stefan Berger <stefanb@linux.ibm.com> - 0.5.0-1.20201007gitb931e109
+- Update to v0.5.0 release
+
+* Fri Aug 28 2020 Stefan Berger <stefanb@linux.ibm.com> - 0.4.0-1.20200828git0c238a2
+- Update to v0.4.0 release
+- Fixed /var/lib/swtpm-localca mode flags and ownership
+
+* Tue Aug 11 2020 Stefan Berger <stefanb@linux.ibm.com> - 0.3.4-1.20200811git80f0418
+- Update to v0.3.4 release
+
+* Fri Nov 15 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-6.20191018git8dae4b3
+- follow stable-0.2.0 branch with fix of GnuTLS API call to get subject key ID
+
+* Fri Oct 18 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-5.20191018git9227cf4
+- follow stable-0.2.0 branch with swtpm_cert OID bugfix for TPM 2
+
+* Tue Aug 13 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-4.20190801git13536aa
+- run 'restorecon' on swtpm in post to get SELinux label on first install
+
+* Thu Aug 01 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-3.20190801git13536aa
 - follow stable-0.2.0 branch with some bug fixes
 
 * Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.0-2.20190723gitf0b4137