|
 |
566fbd |
From 53ecfcf6d934206e3daef4ed3515a0d6f098e276 Mon Sep 17 00:00:00 2001
|
|
|
566fbd |
From: Sergio Correia <scorreia@redhat.com>
|
|
|
566fbd |
Date: Wed, 16 Oct 2019 11:40:33 -0300
|
|
|
566fbd |
Subject: [PATCH 1/2] Adjust pin-tang test to account for newer tang without
|
|
|
566fbd |
tangd-update
|
|
|
566fbd |
|
|
|
566fbd |
---
|
|
|
566fbd |
src/pins/tang/meson.build | 9 ++-------
|
|
|
566fbd |
src/pins/tang/pin-tang | 11 ++++++++---
|
|
|
566fbd |
2 files changed, 10 insertions(+), 10 deletions(-)
|
|
|
566fbd |
|
|
|
566fbd |
diff --git a/src/pins/tang/meson.build b/src/pins/tang/meson.build
|
|
|
566fbd |
index 110d72d..061a79f 100644
|
|
|
566fbd |
--- a/src/pins/tang/meson.build
|
|
|
566fbd |
+++ b/src/pins/tang/meson.build
|
|
|
566fbd |
@@ -8,11 +8,6 @@ kgen = find_program(
|
|
|
566fbd |
'/usr/libexec/tangd-keygen',
|
|
|
566fbd |
required: false
|
|
|
566fbd |
)
|
|
|
566fbd |
-updt = find_program(
|
|
|
566fbd |
- join_paths(libexecdir, 'tangd-update'),
|
|
|
566fbd |
- '/usr/libexec/tangd-update',
|
|
|
566fbd |
- required: false
|
|
|
566fbd |
-)
|
|
|
566fbd |
tang = find_program(
|
|
|
566fbd |
join_paths(libexecdir, 'tangd'),
|
|
|
566fbd |
'/usr/libexec/tangd',
|
|
|
566fbd |
@@ -25,7 +20,7 @@ if curl.found()
|
|
|
566fbd |
bins += join_paths(meson.current_source_dir(), 'clevis-encrypt-tang')
|
|
|
566fbd |
mans += join_paths(meson.current_source_dir(), 'clevis-encrypt-tang.1')
|
|
|
566fbd |
|
|
|
566fbd |
- if actv.found() and kgen.found() and updt.found() and tang.found()
|
|
|
566fbd |
+ if actv.found() and kgen.found() and tang.found()
|
|
|
566fbd |
env = environment()
|
|
|
566fbd |
env.set('SD_ACTIVATE', actv.path())
|
|
|
566fbd |
env.append('PATH',
|
|
|
566fbd |
@@ -42,4 +37,4 @@ if curl.found()
|
|
|
566fbd |
endif
|
|
|
566fbd |
else
|
|
|
566fbd |
warning('Will not install tang pin due to missing dependencies!')
|
|
|
566fbd |
-endif
|
|
|
566fbd |
\ No newline at end of file
|
|
|
566fbd |
+endif
|
|
|
566fbd |
diff --git a/src/pins/tang/pin-tang b/src/pins/tang/pin-tang
|
|
|
566fbd |
index f420818..9dcc2da 100755
|
|
|
566fbd |
--- a/src/pins/tang/pin-tang
|
|
|
566fbd |
+++ b/src/pins/tang/pin-tang
|
|
|
566fbd |
@@ -31,18 +31,23 @@ mkdir -p $TMP/db
|
|
|
566fbd |
mkdir -p $TMP/cache
|
|
|
566fbd |
|
|
|
566fbd |
# Generate the server keys
|
|
|
566fbd |
+KEYS=$TMP/db
|
|
|
566fbd |
tangd-keygen $TMP/db sig exc
|
|
|
566fbd |
-tangd-update $TMP/db $TMP/cache
|
|
|
566fbd |
+if which tangd-update; then
|
|
|
566fbd |
+ tangd-update $TMP/db $TMP/cache
|
|
|
566fbd |
+ KEYS=$TMP/cache
|
|
|
566fbd |
+fi
|
|
|
566fbd |
|
|
|
566fbd |
# Start the server
|
|
|
566fbd |
port=`shuf -i 1024-65536 -n 1`
|
|
|
566fbd |
-$SD_ACTIVATE --inetd -l 127.0.0.1:$port -a tangd $TMP/cache &
|
|
|
566fbd |
+$SD_ACTIVATE --inetd -l 127.0.0.1:$port -a tangd $KEYS &
|
|
|
566fbd |
export PID=$!
|
|
|
566fbd |
sleep 0.25
|
|
|
566fbd |
|
|
|
566fbd |
thp=`jose jwk thp -i "$TMP/db/sig.jwk"`
|
|
|
566fbd |
-adv="$TMP/cache/default.jws"
|
|
|
566fbd |
url="http://localhost:${port}"
|
|
|
566fbd |
+adv="$TMP/adv"
|
|
|
566fbd |
+curl "$url/adv" -o $adv
|
|
|
566fbd |
|
|
|
566fbd |
cfg=`printf '{"url":"%s","adv":"%s"}' "$url" "$adv"`
|
|
|
566fbd |
enc=`echo -n "hi" | clevis encrypt tang "$cfg"`
|
|
|
566fbd |
--
|
|
|
566fbd |
2.21.0
|
|
|
566fbd |
|