build(deps): update tss-esapi and revert policysigned workaround#29
build(deps): update tss-esapi and revert policysigned workaround#29hyperfinitism merged 2 commits intomainfrom
tss-esapi and revert policysigned workaround#29Conversation
- Update tss-esapi to commit: 2c36f10, which fixes the policy_signed API. - Revert the changes (workaround) to policysigned.rs in commit: 35c3fb2. Signed-off-by: Takuma IMAMURA <209989118+hyperfinitism@users.noreply.github.com>
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request refactors the policysigned command to use high-level tss-esapi abstractions instead of raw FFI, improving safety and removing manual memory management. Feedback highlights opportunities to handle negative expiration values, optimize Nonce allocations, and replace unsafe ticket serialization with the Marshall trait.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2f45b9c5a7
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Pull request overview
This PR updates the tss-esapi dependency to a specific upstream git revision that fixes the policy_signed() wrapper API, and then removes the previously-added raw-ESYS FFI workaround in the policysigned subcommand to return to the safe wrapper.
Changes:
- Pin
tss-esapi/tss-esapi-systo upstream git rev2c36f103…to pick up thepolicy_signed()fix. - Revert
src/cmd/policysigned.rsback to usingtss_esapi::Context::policy_signed()andpolicy_get_digest(), removing raw FFI calls and manual ESYS allocation/free logic.
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
src/cmd/policysigned.rs |
Replaces raw ESYS calls with the fixed tss-esapi wrapper and aligns the command flow with other policy subcommands. |
Cargo.toml |
Switches tss-esapi from crates.io to a pinned git revision containing the upstream fix. |
Cargo.lock |
Updates lock entries to reflect the git-sourced tss-esapi and tss-esapi-sys. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
hyperfinitism
force-pushed
the
fix/revert-policysigned
branch
2 times, most recently
from
cff5dbd to
b1a45d7
Compare
Signed-off-by: Takuma IMAMURA <209989118+hyperfinitism@users.noreply.github.com>
hyperfinitism
force-pushed
the
fix/revert-policysigned
branch
from
b1a45d7 to
e2f4109
Compare
Changes
tss-esapifrom8.0.0-alpha.2to commit:2c36f10. This commit fixes thepolicy_signed()API.policysigned.rsin fix: correct policy test flows and policysigned auth session handling #27.parse_duration()inparse.rsand use it forexpirationCLI argument inpolicysigned.rs