From 53ecfcf6d934206e3daef4ed3515a0d6f098e276 Mon Sep 17 00:00:00 2001
From: Sergio Correia <scorreia@redhat.com>
Date: Wed, 16 Oct 2019 11:40:33 -0300
Subject: [PATCH 1/2] Adjust pin-tang test to account for newer tang without
 tangd-update

---
 src/pins/tang/meson.build |  9 ++-------
 src/pins/tang/pin-tang    | 11 ++++++++---
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/pins/tang/meson.build b/src/pins/tang/meson.build
index 110d72d..061a79f 100644
--- a/src/pins/tang/meson.build
+++ b/src/pins/tang/meson.build
@@ -8,11 +8,6 @@ kgen = find_program(
   '/usr/libexec/tangd-keygen',
   required: false
 )
-updt = find_program(
-  join_paths(libexecdir, 'tangd-update'),
-  '/usr/libexec/tangd-update',
-  required: false
-)
 tang = find_program(
   join_paths(libexecdir, 'tangd'),
   '/usr/libexec/tangd',
@@ -25,7 +20,7 @@ if curl.found()
   bins += join_paths(meson.current_source_dir(), 'clevis-encrypt-tang')
   mans += join_paths(meson.current_source_dir(), 'clevis-encrypt-tang.1')
 
-  if actv.found() and kgen.found() and updt.found() and tang.found()
+  if actv.found() and kgen.found() and tang.found()
     env = environment()
     env.set('SD_ACTIVATE', actv.path())
     env.append('PATH',
@@ -42,4 +37,4 @@ if curl.found()
   endif
 else
   warning('Will not install tang pin due to missing dependencies!')
-endif
\ No newline at end of file
+endif
diff --git a/src/pins/tang/pin-tang b/src/pins/tang/pin-tang
index f420818..9dcc2da 100755
--- a/src/pins/tang/pin-tang
+++ b/src/pins/tang/pin-tang
@@ -31,18 +31,23 @@ mkdir -p $TMP/db
 mkdir -p $TMP/cache
 
 # Generate the server keys
+KEYS=$TMP/db
 tangd-keygen $TMP/db sig exc
-tangd-update $TMP/db $TMP/cache
+if which tangd-update; then
+    tangd-update $TMP/db $TMP/cache
+    KEYS=$TMP/cache
+fi
 
 # Start the server
 port=`shuf -i 1024-65536 -n 1`
-$SD_ACTIVATE --inetd -l 127.0.0.1:$port -a tangd $TMP/cache &
+$SD_ACTIVATE --inetd -l 127.0.0.1:$port -a tangd $KEYS &
 export PID=$!
 sleep 0.25
 
 thp=`jose jwk thp -i "$TMP/db/sig.jwk"`
-adv="$TMP/cache/default.jws"
 url="http://localhost:${port}"
+adv="$TMP/adv"
+curl "$url/adv" -o $adv
 
 cfg=`printf '{"url":"%s","adv":"%s"}' "$url" "$adv"`
 enc=`echo -n "hi" | clevis encrypt tang "$cfg"`
-- 
2.21.0