Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Discrepancies between Fedora package and built library #162

Closed
dnoliver opened this issue Feb 27, 2020 · 7 comments
Closed

Discrepancies between Fedora package and built library #162

dnoliver opened this issue Feb 27, 2020 · 7 comments
Labels
third-party bug

Comments

@dnoliver
Copy link

Hello!

As today, there is a tpm2-tss-engine package available for Fedora Rawhide (soon to be 32)
https://src.fedoraproject.org/rpms/tpm2-tss-engine.

I tested the package, and was able to get the basic workflow working, creating keys with tpms_tools and generating a CSR with openssl (https://gist.github.com/dnoliver/04364e72d8b81368f72ad4e6896f688d#file-enrollment-sh-L121)

The problem I found is that, in the installed package, the engine is installed as libtpm2tss, instead of tpm2tss, that is provided when you compile the package.

The information on how this package was created is here https://bugzilla.redhat.com/show_bug.cgi?id=1773855. The impact is that, the documentation provided by this repo is not accurate.

The SPEC file is here https://src.fedoraproject.org/rpms/tpm2-tss-engine/blob/master/f/tpm2-tss-engine.spec

Functionality is not impacted as far as I know.

Is this an rpm package creation error, or the make install command is doing something special?
@diabonas
Copy link
Member

OpenSSL 1.1 changed the file name it looks for for when trying to load the engine name from libname.so to just name.so, see openssl/openssl@9ee0ed3. For this reason, tpm2-tss-engine creates a symlink from libtpm2tss.so to tpm2tss.so during installation so that the given example code works with OpenSSL 1.0 and OpenSSL 1.1. It seems like a packaging error if the Fedora package does not create this symlink as well.

@dnoliver
Copy link
Author

Make sense! and seems like a easy fix.
Will post the request in RedHat Bugzilla

@dnoliver
Copy link
Author

https://bugzilla.redhat.com/show_bug.cgi?id=1808136

@AndreasFuchsTPM
Copy link
Member

@diabonas explained it already. Please notify when fixed downstream.
I'll keep this open until then so people with the same issue find a hint here.

@AndreasFuchsTPM
Copy link
Member

@dnoliver I think I found the issue in the spec file https://copr-be.cloud.fedoraproject.org/results/mzavalavz/tpm2-tss-engine/fedora-31-x86_64/01138511-tpm2-tss-engine/tpm2-tss-engine.spec

tpm2tss.so is listed under %files devel for the devel package instead of the main package.
Hope this helps.

@zavalamathias
Copy link

Hello! I'm the maintainer of the tpm2-tss-engine package for fedora, I've already updated the spec file, so this should be fixed by now

@AndreasFuchsTPM
Copy link
Member

Thanks !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
third-party bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@AndreasFuchsTPM @dnoliver @diabonas @zavalamathias