From 0328e2a19f45adee0fe4e3da165c9c0bef8289c7 Mon Sep 17 00:00:00 2001 From: Joe Bo Run Date: Thu, 11 May 2023 03:53:30 +0300 Subject: [PATCH] upg gawk gpgme libnghttp2 pam tpm2-tss --- gawk/PKGBUILD | 11 +++-- gawk/PKGBUILD-arch | 6 +-- gpgme/deps | 4 ++ libnghttp2/PKGBUILD | 11 ++--- libnghttp2/PKGBUILD-arch | 6 +-- pam/PKGBUILD | 21 ++++++---- pam/PKGBUILD-arch | 11 ++--- pam/deps | 7 +++- tpm2-tss/218c0da8.patch | 88 ++++++++++++++++++++++++++++++++++++++++ tpm2-tss/PKGBUILD | 28 ++++++++----- tpm2-tss/PKGBUILD-arch | 15 ++++--- tpm2-tss/key | 2 +- 12 files changed, 158 insertions(+), 52 deletions(-) create mode 100644 tpm2-tss/218c0da8.patch diff --git a/gawk/PKGBUILD b/gawk/PKGBUILD index 581f544..9d1ae0e 100644 --- a/gawk/PKGBUILD +++ b/gawk/PKGBUILD @@ -6,8 +6,8 @@ #-----------------------------------------| DESCRIPTION |--------------------------------------- pkgname=gawk -pkgver=5.2.1 -pkgrel=02 +pkgver=5.2.2 +pkgrel=01 pkgdesc="GNU version of awk" url="https://www.gnu.org/software/gawk/" # groups=('base-devel') @@ -47,8 +47,7 @@ license=('GPL') validpgpkeys=('D1967C63788713177D861ED7DF597815937EC0D2') # Arnold Robbins -sha256sums=(529e7c8c6acf21ff3a6183f4d763c632810908989c24675c77995d51ac37b79c # gawk-5.2.1.tar.gz - 27e39518586c9e40749cd3e0deff8af345a1f66f5f7653d25c04f09f53c4147d) # gawk-5.2.1.tar.gz.sig - -## 2971dfea3bba111d83838adb62ba2b021ebd23bc69d64e70da231540b4af002d gawk-5.2.1-02-x86_64.pkg.tar.lz +sha256sums=(945aef7ccff101f20b22a10802bc005e994ab2b8ea3e724cc1a197c62f41f650 # gawk-5.2.2.tar.gz + c62800d10899dc37490e63eb7c05f456a74514515e5a75949369089848f1e481) # gawk-5.2.2.tar.gz.sig +## f8d524d29250ed03f48267533fac9bc230e40ebf059825b263653fc5121a3129 gawk-5.2.2-01-x86_64.pkg.tar.lz diff --git a/gawk/PKGBUILD-arch b/gawk/PKGBUILD-arch index 3e38f60..bd029a6 100644 --- a/gawk/PKGBUILD-arch +++ b/gawk/PKGBUILD-arch @@ -2,8 +2,8 @@ # Contributor: Tom Newsom pkgname=gawk -pkgver=5.2.1 -pkgrel=2 +pkgver=5.2.2 +pkgrel=1 pkgdesc="GNU version of awk" arch=('x86_64') url="https://www.gnu.org/software/gawk/" @@ -12,7 +12,7 @@ depends=('sh' 'glibc' 'mpfr') provides=('awk') source=(https://ftp.gnu.org/pub/gnu/${pkgname}/${pkgname}-${pkgver}.tar.gz{,.sig}) validpgpkeys=('D1967C63788713177D861ED7DF597815937EC0D2') # Arnold Robbins -sha256sums=('529e7c8c6acf21ff3a6183f4d763c632810908989c24675c77995d51ac37b79c' +sha256sums=('945aef7ccff101f20b22a10802bc005e994ab2b8ea3e724cc1a197c62f41f650' 'SKIP') build() { diff --git a/gpgme/deps b/gpgme/deps index a9e657e..ef4a4da 100644 --- a/gpgme/deps +++ b/gpgme/deps @@ -8,3 +8,7 @@ python-typing_extensions qt5-base +makedepends=('gnupg' 'libgpg-error' 'python' 'python-setuptools' 'python-build' 'python-installer' 'python-setuptools' 'python-wheel' 'swig' 'qt5-base') + depends=('libgpg-error' 'gnupg>=2') + depends=('gpgme' 'qt5-base') + depends=('gpgme' 'python') diff --git a/libnghttp2/PKGBUILD b/libnghttp2/PKGBUILD index 026da55..4d77c83 100644 --- a/libnghttp2/PKGBUILD +++ b/libnghttp2/PKGBUILD @@ -6,16 +6,15 @@ #-----------------------------------------| DESCRIPTION |--------------------------------------- pkgname=libnghttp2 -pkgver=1.52.0 -pkgrel=02 +pkgver=1.53.0 +pkgrel=01 pkgdesc='Framing layer of HTTP/2 is implemented as a reusable C library' -arch=(x86_64) url='https://nghttp2.org/' depends=(glibc) makedepends=('automake' 'autoconf' 'git') conflicts=('nghttp2<1.20.0-2') #source=(https://github.com/nghttp2/nghttp2/releases/download/v$pkgver/nghttp2-$pkgver.tar.xz) -_tag='6c023db8a758c19b0adff8fa13e175cf3d7b61b4' # git rev-parse v${pkgver} +_tag='00d2715ced9ea24e90a3bcbef1a54d5cecf208c5' # git rev-parse v${pkgver} source=("git+https://github.com/nghttp2/nghttp2.git#tag=${_tag}?signed") prepare() { @@ -60,6 +59,4 @@ validpgpkeys=('F4F3B91474D1EB29889BD0EF7E8403D5D673C366') # Tatsuhiro Tsujikawa #sha256sums=(3ea9f0439e60469ad4d39cb349938684ffb929dd7e8e06a7bffe9f9d21f8ba7d) # nghttp2-1.52.0.tar.xz sha256sums=(SKIP) -## 2f64c059a342840f294a5ef6590675ee26715959527ee0254b6b976e6949417e libnghttp2-1.52.0-02-x86_64.pkg.tar.lz - - +## 445252362b3eac24faae20859408bae030bc0a4f8377a3fe0094de0b340817ad libnghttp2-1.53.0-01-x86_64.pkg.tar.lz diff --git a/libnghttp2/PKGBUILD-arch b/libnghttp2/PKGBUILD-arch index 4d2f14e..3275aea 100644 --- a/libnghttp2/PKGBUILD-arch +++ b/libnghttp2/PKGBUILD-arch @@ -2,9 +2,9 @@ # Contributor: Zhuoyun Wei pkgname=libnghttp2 -_tag='6c023db8a758c19b0adff8fa13e175cf3d7b61b4' # git rev-parse v${pkgver} -pkgver=1.52.0 -pkgrel=2 +_tag='00d2715ced9ea24e90a3bcbef1a54d5cecf208c5' # git rev-parse v${pkgver} +pkgver=1.53.0 +pkgrel=1 pkgdesc='Framing layer of HTTP/2 is implemented as a reusable C library' arch=('x86_64') url='https://nghttp2.org/' diff --git a/pam/PKGBUILD b/pam/PKGBUILD index c7ee3d1..876ac2b 100644 --- a/pam/PKGBUILD +++ b/pam/PKGBUILD @@ -6,15 +6,15 @@ #-----------------------------------------| DESCRIPTION |--------------------------------------- pkgname=pam -pkgver=1.5.2 -pkgrel=02 +pkgver=1.5.3 +pkgrel=01 pkgdesc="PAM (Pluggable Authentication Modules) library - w/o systemd" -arch=('x86_64') url="http://linux-pam.org" depends=('glibc' 'libtirpc' 'pambase' 'audit' 'libaudit.so' 'libxcrypt' 'libcrypt.so') makedepends=('flex' 'w3m' 'docbook-xml>=4.4' 'docbook-xsl') provides=('libpam.so' 'libpamc.so' 'libpam_misc.so') -backup=(etc/security/{access.conf,faillock.conf,group.conf,limits.conf,namespace.conf,namespace.init,pam_env.conf,time.conf} etc/environment) +backup=(etc/security/{access.conf,faillock.conf,group.conf,limits.conf,namespace.conf,namespace.pwhistory.conf,init,pam_env.conf,time.conf} etc/environment) + source=(https://github.com/linux-pam/linux-pam/releases/download/v$pkgver/Linux-PAM-$pkgver.tar.xz{,.asc} $pkgname.tmpfiles) @@ -35,6 +35,7 @@ build() { --libdir=/usr/lib \ --sbindir=/usr/bin \ --disable-db \ + --enable-logind \ --disable-systemd make } @@ -51,6 +52,7 @@ package() { # FS #40749 # rm $pkgdir/usr/share/doc/Linux-PAM/sag-pam_userdb.html rm $pkgdir/usr/lib/systemd/system/pam_namespace.service + } post_install() { @@ -58,14 +60,19 @@ post_install() { chmod 4755 ${DESTDIR}/usr/bin/unix_chkpwd } -#---- license gpg-key sha256sums ---- +#---- arch license gpg-key & sha256sums ---- + +arch=(x86_64) license=('GPL2') validpgpkeys=(8C6BFD92EE0F42EDF91A6A736D1A7F052E5924BB # Thorsten Kukuk 296D6F29A020808E8717A8842DB5BD89A340AEB7) #Dimitry V. Levin -sha256sums=(e4ec7131a91da44512574268f493c6d8ca105c87091691b8e9b56ca685d4f94d # Linux-PAM-1.5.2.tar.xz - f388f9ea16a3cf541e71d452f024b83e62bf6391bcdca509d7e5027a62c07fd8 # Linux-PAM-1.5.2.tar.xz.asc +sha256sums=(7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283 # Linux-PAM-1.5.3.tar.xz + ce5690766060d60a8f0fba447f480d8d49988821740698cbdf2ecfd84dc8895c # Linux-PAM-1.5.3.tar.xz.asc 5631f224e90c4f0459361c2a5b250112e3a91ba849754bb6f67d69d683a2e5ac) # pam.tmpfiles +## 8f94f7d4af1fb44973d83c2fdf364d8a97520c62ad7c8fb50b44aea861d52554 pam-1.5.3-01-x86_64.pkg.tar.lz logind-disabled +## f3841a27ea28dfccfe516f12240903c412f8ebd0854ad2d939cdadb7a725b49d pam-1.5.3-01-x86_64.pkg.tar.lz logind enabled + diff --git a/pam/PKGBUILD-arch b/pam/PKGBUILD-arch index 89d1851..9b16037 100644 --- a/pam/PKGBUILD-arch +++ b/pam/PKGBUILD-arch @@ -3,7 +3,7 @@ # Contributor: judd pkgname=pam -pkgver=1.5.2 +pkgver=1.5.3 pkgrel=1 pkgdesc="PAM (Pluggable Authentication Modules) library" arch=('x86_64') @@ -12,7 +12,7 @@ url="http://linux-pam.org" depends=('glibc' 'libtirpc' 'pambase' 'audit' 'libaudit.so' 'libxcrypt' 'libcrypt.so') makedepends=('flex' 'w3m' 'docbook-xml>=4.4' 'docbook-xsl') provides=('libpam.so' 'libpamc.so' 'libpam_misc.so') -backup=(etc/security/{access.conf,faillock.conf,group.conf,limits.conf,namespace.conf,namespace.init,pam_env.conf,time.conf} etc/environment) +backup=(etc/security/{access.conf,faillock.conf,group.conf,limits.conf,namespace.conf,namespace.pwhistory.conf,init,pam_env.conf,time.conf} etc/environment) source=(https://github.com/linux-pam/linux-pam/releases/download/v$pkgver/Linux-PAM-$pkgver.tar.xz{,.asc} $pkgname.tmpfiles) validpgpkeys=( @@ -20,7 +20,7 @@ validpgpkeys=( '296D6F29A020808E8717A8842DB5BD89A340AEB7' #Dimitry V. Levin ) -sha256sums=('e4ec7131a91da44512574268f493c6d8ca105c87091691b8e9b56ca685d4f94d' +sha256sums=('7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283' 'SKIP' '5631f224e90c4f0459361c2a5b250112e3a91ba849754bb6f67d69d683a2e5ac') @@ -31,6 +31,7 @@ build() { ./configure \ --libdir=/usr/lib \ --sbindir=/usr/bin \ + --enable-logind \ --disable-db make } @@ -42,10 +43,6 @@ package() { # set unix_chkpwd uid chmod +s "$pkgdir"/usr/bin/unix_chkpwd - - # remove doc which is not used anymore - # FS #40749 - rm "$pkgdir"/usr/share/doc/Linux-PAM/sag-pam_userdb.html } # vim: ts=2 sw=2 et: diff --git a/pam/deps b/pam/deps index 6c1f004..4d38d3f 100644 --- a/pam/deps +++ b/pam/deps @@ -1 +1,6 @@ -w3m docbook-xml docbook-xsl +w3m +docbook-xml +docbook-xsl + + + diff --git a/tpm2-tss/218c0da8.patch b/tpm2-tss/218c0da8.patch new file mode 100644 index 0000000..085aa75 --- /dev/null +++ b/tpm2-tss/218c0da8.patch @@ -0,0 +1,88 @@ +From 218c0da8d9f675766b1de502a52e23a3aa52648e Mon Sep 17 00:00:00 2001 +From: Juergen Repp +Date: Wed, 22 Mar 2023 10:54:59 +0100 +Subject: [PATCH] FAPI: Skip test fapi-fix-provisioning-with template if no + certificate is available. + +If the configure option --enable-self-generated-certificate is not used this +test can't be executed because no certificate will be stored in NV ram. The +test will be skipped if no certificate is available. +Fixes: #2558 + +Signed-off-by: Juergen Repp +--- + .../fapi-provisioning-with-template.int.c | 40 ++++++++++++++++++- + 1 file changed, 39 insertions(+), 1 deletion(-) + +diff --git a/test/integration/fapi-provisioning-with-template.int.c b/test/integration/fapi-provisioning-with-template.int.c +index 54c724f5d..74184cdc8 100644 +--- a/test/integration/fapi-provisioning-with-template.int.c ++++ b/test/integration/fapi-provisioning-with-template.int.c +@@ -4,6 +4,8 @@ + #endif + + #include ++#include ++#include + + #include "tss2_esys.h" + #include "tss2_fapi.h" +@@ -31,6 +33,39 @@ + * @retval EXIT_SKIP + * + */ ++static bool ++fapi_ek_certless() ++{ ++ FILE *stream = NULL; ++ long config_size; ++ char *config = NULL; ++ char *fapi_config_file = getenv("TSS2_FAPICONF"); ++ ++ stream = fopen(fapi_config_file, "r"); ++ if (!stream) { ++ LOG_ERROR("File %s does not exist", fapi_config_file); ++ return NULL; ++ } ++ fseek(stream, 0L, SEEK_END); ++ config_size = ftell(stream); ++ fclose(stream); ++ config = malloc(config_size + 1); ++ stream = fopen(fapi_config_file, "r"); ++ ssize_t ret = read(fileno(stream), config, config_size); ++ if (ret != config_size) { ++ LOG_ERROR("IO error %s.", fapi_config_file); ++ return NULL; ++ } ++ config[config_size] = '\0'; ++ if (strstr(config, "\"ek_cert_less\": \"yes\"") == NULL) { ++ SAFE_FREE(config); ++ return false; ++ } else { ++ SAFE_FREE(config); ++ return true; ++ } ++} ++ + int + test_fapi_provision_template(FAPI_CONTEXT *context) + { +@@ -151,6 +186,9 @@ test_fapi_provision_template(FAPI_CONTEXT *context) + TPM2B_AUTH auth = { .size = 0, .buffer = {} }; + TPM2B_MAX_NV_BUFFER nv_data; + ++ if (fapi_ek_certless()) ++ return EXIT_SKIP; ++ + if (strcmp(FAPI_PROFILE, "P_ECC") == 0) { + nv_template_idx = ecc_nv_template_idx; + nv_nonce_idx = ecc_nv_nonce_idx; +@@ -169,7 +207,7 @@ test_fapi_provision_template(FAPI_CONTEXT *context) + r = Esys_Initialize(&esys_ctx, tcti, NULL); + goto_if_error(r, "Error Esys_Initialize", error); + +- /* ++ /* + * Store template (marshaled TPMT_PUBLIC) in NV ram. + */ + r = Tss2_MU_TPMT_PUBLIC_Marshal(&in_public, &nv_data.buffer[0], diff --git a/tpm2-tss/PKGBUILD b/tpm2-tss/PKGBUILD index a1b5e50..b2db943 100644 --- a/tpm2-tss/PKGBUILD +++ b/tpm2-tss/PKGBUILD @@ -6,10 +6,9 @@ #-----------------------------------------| DESCRIPTION |--------------------------------------- pkgname=tpm2-tss -pkgver=3.2.0 -pkgrel=03 +pkgver=4.0.1 +pkgrel=01 pkgdesc='Implementation of the TCG Trusted Platform Module 2.0 Software Stack (TSS2)' -arch=('x86_64') url='https://github.com/tpm2-software/tpm2-tss' depends=('curl' 'json-c' 'openssl' 'libjson-c.so') makedepends=('cmocka' 'doxygen' 'libtpms') @@ -21,12 +20,14 @@ backup=('etc/tpm2-tss/fapi-config.json' #options=('debug' '!emptydirs' '!lto') # uncomment this to produce debug package and comment the next line options=('!emptydirs' '!lto') source=("$url/releases/download/$pkgver/$pkgname-$pkgver.tar.gz"{,.asc} - 'https://raw.githubusercontent.com/tpm2-software/tpm2-tss/e237e4d33cbf280292a480edd8ad061dcd3a37a2/lib/tss2-tcti-libtpms.map') + 'https://raw.githubusercontent.com/tpm2-software/tpm2-tss/e237e4d33cbf280292a480edd8ad061dcd3a37a2/lib/tss2-tcti-libtpms.map' + 'https://github.com/tpm2-software/tpm2-tss/commit/218c0da8.patch') prepare() { cd "$pkgname-$pkgver" # Add file missing from release tarball (https://github.com/tpm2-software/tpm2-tss/issues/2313) cp "$srcdir/tss2-tcti-libtpms.map" lib + patch -p1 -i ../218c0da8.patch # Fix tests } build() { @@ -37,11 +38,13 @@ build() { --enable-unit $( ((CHECKFUNC)) && echo --enable-integration) make } + # fails some tests and gets stuck in one for long #check() { # cd "$pkgname-$pkgver" # make check #} +# 4.0.1 we have other things to do today than wait hours and hours for tests to finish package() { cd "$pkgname-$pkgver" @@ -49,15 +52,18 @@ package() { install -Dm644 LICENSE -t "$pkgdir/usr/share/licenses/$pkgname" } -#---- license gpg-key sha256sums ---- +#---- arch license gpg-key & sha256sums ---- + +arch=(x86_64) license=('BSD') -validpgpkeys=('D6B4D8BAC7E0CC97DCD4AC7272E88B53F7A95D84' # Andreas Fuchs - '5B482B8E3E19DA7C978E1D016DE2E9078E1F50C1') # William Roberts (Bill Roberts) - -sha256sums=(48305e4144dcf6d10f3b25b7bccf0189fd2d1186feafd8cd68c6b17ecf0d7912 # tpm2-tss-3.2.0.tar.gz - 9579c6ad302ae7073c74f5249a60c797ebed4fcf4459a0016e6f1cc0b63058cb # tpm2-tss-3.2.0.tar.gz.asc - 41c37dc4b10b1e86023619150e5047739aeee93fd8f77315157d3eeb5fe6a981) # tss2-tcti-libtpms.map +validpgpkeys=('D6B4D8BAC7E0CC97DCD4AC7272E88B53F7A95D84' # Andreas Fuchs + '5B482B8E3E19DA7C978E1D016DE2E9078E1F50C1') # William Roberts (Bill Roberts) +sha256sums=(532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a74087c950 # tpm2-tss-4.0.1.tar.gz + d610c1a376196457d0edba0e34746abc705058b018311fa231581e3e5e45732a # tpm2-tss-4.0.1.tar.gz.asc + 41c37dc4b10b1e86023619150e5047739aeee93fd8f77315157d3eeb5fe6a981 # tss2-tcti-libtpms.map + 76797d64092709d9af8b1d93750bc5d1f1e861e5a9fa37c24e0f1473b874be80) # 218c0da8.patch +## 2bf4730a0d4a6ba8be6d2517172aa68776082ad15e887d4418bf68cd4ffd0983 tpm2-tss-4.0.1-01-x86_64.pkg.tar.lz diff --git a/tpm2-tss/PKGBUILD-arch b/tpm2-tss/PKGBUILD-arch index 9202414..364a2a2 100644 --- a/tpm2-tss/PKGBUILD-arch +++ b/tpm2-tss/PKGBUILD-arch @@ -1,8 +1,8 @@ # Maintainer: Jonas Witschel # Contributor: Bruno Pagani pkgname=tpm2-tss -pkgver=3.2.0 -pkgrel=3 +pkgver=4.0.1 +pkgrel=1 pkgdesc='Implementation of the TCG Trusted Platform Module 2.0 Software Stack (TSS2)' arch=('x86_64') url='https://github.com/tpm2-software/tpm2-tss' @@ -14,12 +14,14 @@ provides=('libtss2-esys.so' 'libtss2-fapi.so' 'libtss2-mu.so' 'libtss2-rc.so' 'l backup=('etc/tpm2-tss/fapi-config.json' 'etc/tpm2-tss/fapi-profiles/P_ECCP256SHA256.json' 'etc/tpm2-tss/fapi-profiles/P_RSA2048SHA256.json') -options=('debug' '!emptydirs' '!lto') +options=('!emptydirs' '!lto') source=("$url/releases/download/$pkgver/$pkgname-$pkgver.tar.gz"{,.asc} - 'https://raw.githubusercontent.com/tpm2-software/tpm2-tss/e237e4d33cbf280292a480edd8ad061dcd3a37a2/lib/tss2-tcti-libtpms.map') -sha512sums=('cabb411f074dfa94919ba914849aac77a0ac2f50622e28a1406cf575369148774748e0e2b7a7c566ec83561a96d4b883bac5a3b1763f4cf48668a0c5d68c0a23' + 'https://raw.githubusercontent.com/tpm2-software/tpm2-tss/e237e4d33cbf280292a480edd8ad061dcd3a37a2/lib/tss2-tcti-libtpms.map' + 'https://github.com/tpm2-software/tpm2-tss/commit/218c0da8.patch') +sha512sums=('ed6ddc52cb0e8c1082a4bb001e1225eb9905fd2380da88db5fd69ff5b5d9d43a93eb67b634e49d53eb5d586832da3aef2c4c7e5f18d51bb730481f8913319d7d' 'SKIP' - '55be966eb320c96ca49b3aaa0635815076fe1a21149d1a0f95654778c8359bd16f18a10c0cabe955a366d4a14e2645a8150878b601085d987727de40831e50ab') + '55be966eb320c96ca49b3aaa0635815076fe1a21149d1a0f95654778c8359bd16f18a10c0cabe955a366d4a14e2645a8150878b601085d987727de40831e50ab' + '5c6f57ddf43b0c767578ecbad1df960ef0d77417eb1db0c9c492636a4b07c0b5b29cc031d5352d83aec4a8e1d67276587db24e7e188dfeecff5d7ed7c55cc30c') validpgpkeys=('D6B4D8BAC7E0CC97DCD4AC7272E88B53F7A95D84' # Andreas Fuchs '5B482B8E3E19DA7C978E1D016DE2E9078E1F50C1') # William Roberts (Bill Roberts) @@ -27,6 +29,7 @@ prepare() { cd "$pkgname-$pkgver" # Add file missing from release tarball (https://github.com/tpm2-software/tpm2-tss/issues/2313) cp "$srcdir/tss2-tcti-libtpms.map" lib + patch -p1 -i ../218c0da8.patch # Fix tests } build() { diff --git a/tpm2-tss/key b/tpm2-tss/key index 6f5a42c..1fd09b2 100644 --- a/tpm2-tss/key +++ b/tpm2-tss/key @@ -1 +1 @@ -gpg --recv-keys 72E88B53F7A95D84 +gpg -v --recv-key 6DE2E9078E1F50C1